2011-01-27 Oliver Hunt <oliver@apple.com>
authoroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 28 Jan 2011 23:39:54 +0000 (23:39 +0000)
committeroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 28 Jan 2011 23:39:54 +0000 (23:39 +0000)
        Reviewed by Geoffrey Garen.

        Convert markstack to a slot visitor API
        https://bugs.webkit.org/show_bug.cgi?id=53219

        Move the MarkStack over to a slot based marking API.

        In order to avoiding aliasing concerns there are two new types
        that need to be used when holding on to JSValues and JSCell that
        need to be marked: WriteBarrier and DeprecatedPtr.  WriteBarrier
        is expected to be used for any JSValue or Cell that's lifetime and
        marking is controlled by another GC object.  DeprecatedPtr is used
        for any value that we need to rework ownership for.

        The change over to this model has produced a large amount of
        code changes, but they are mostly mechanical (forwarding JSGlobalData,
        etc).

        * API/JSCallbackObject.h:
        (JSC::JSCallbackObjectData::setPrivateProperty):
        (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
        (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
        (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
        (JSC::JSCallbackObject::setPrivateProperty):
        * API/JSCallbackObjectFunctions.h:
        (JSC::::put):
        (JSC::::staticFunctionGetter):
        * API/JSObjectRef.cpp:
        (JSObjectMakeConstructor):
        (JSObjectSetPrivateProperty):
        * API/JSWeakObjectMapRefInternal.h:
        * JavaScriptCore.exp:
        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * bytecode/CodeBlock.cpp:
        (JSC::CodeBlock::markAggregate):
        * bytecode/CodeBlock.h:
        (JSC::CodeBlock::globalObject):
        * bytecompiler/BytecodeGenerator.cpp:
        (JSC::BytecodeGenerator::BytecodeGenerator):
        (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
        (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
        (JSC::BytecodeGenerator::findScopedProperty):
        * debugger/DebuggerActivation.cpp:
        (JSC::DebuggerActivation::DebuggerActivation):
        (JSC::DebuggerActivation::markChildren):
        * debugger/DebuggerActivation.h:
        * interpreter/Interpreter.cpp:
        (JSC::Interpreter::resolve):
        (JSC::Interpreter::resolveSkip):
        (JSC::Interpreter::resolveGlobalDynamic):
        (JSC::Interpreter::resolveBaseAndProperty):
        (JSC::Interpreter::unwindCallFrame):
        (JSC::appendSourceToError):
        (JSC::Interpreter::execute):
        (JSC::Interpreter::privateExecute):
        * interpreter/Register.h:
        (JSC::Register::jsValueSlot):
        * jit/JITStubs.cpp:
        (JSC::JITThunks::tryCacheGetByID):
        (JSC::DEFINE_STUB_FUNCTION):
        * jsc.cpp:
        (GlobalObject::GlobalObject):
        * runtime/Arguments.cpp:
        (JSC::Arguments::markChildren):
        (JSC::Arguments::getOwnPropertySlot):
        (JSC::Arguments::getOwnPropertyDescriptor):
        (JSC::Arguments::put):
        * runtime/Arguments.h:
        (JSC::Arguments::setActivation):
        (JSC::Arguments::Arguments):
        * runtime/ArrayConstructor.cpp:
        (JSC::ArrayConstructor::ArrayConstructor):
        (JSC::constructArrayWithSizeQuirk):
        * runtime/ArrayPrototype.cpp:
        (JSC::arrayProtoFuncSplice):
        * runtime/BatchedTransitionOptimizer.h:
        (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
        (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
        * runtime/BooleanConstructor.cpp:
        (JSC::BooleanConstructor::BooleanConstructor):
        (JSC::constructBoolean):
        (JSC::constructBooleanFromImmediateBoolean):
        * runtime/BooleanPrototype.cpp:
        (JSC::BooleanPrototype::BooleanPrototype):
        * runtime/ConservativeSet.h:
        (JSC::ConservativeSet::mark):
        * runtime/DateConstructor.cpp:
        (JSC::DateConstructor::DateConstructor):
        * runtime/DateInstance.cpp:
        (JSC::DateInstance::DateInstance):
        * runtime/DatePrototype.cpp:
        (JSC::dateProtoFuncSetTime):
        (JSC::setNewValueFromTimeArgs):
        (JSC::setNewValueFromDateArgs):
        (JSC::dateProtoFuncSetYear):
        * runtime/ErrorConstructor.cpp:
        (JSC::ErrorConstructor::ErrorConstructor):
        * runtime/ErrorInstance.cpp:
        (JSC::ErrorInstance::ErrorInstance):
        * runtime/ErrorPrototype.cpp:
        (JSC::ErrorPrototype::ErrorPrototype):
        * runtime/FunctionConstructor.cpp:
        (JSC::FunctionConstructor::FunctionConstructor):
        * runtime/FunctionPrototype.cpp:
        (JSC::FunctionPrototype::FunctionPrototype):
        * runtime/GetterSetter.cpp:
        (JSC::GetterSetter::markChildren):
        * runtime/GetterSetter.h:
        (JSC::GetterSetter::GetterSetter):
        (JSC::GetterSetter::getter):
        (JSC::GetterSetter::setGetter):
        (JSC::GetterSetter::setter):
        (JSC::GetterSetter::setSetter):
        * runtime/GlobalEvalFunction.cpp:
        (JSC::GlobalEvalFunction::GlobalEvalFunction):
        (JSC::GlobalEvalFunction::markChildren):
        * runtime/GlobalEvalFunction.h:
        (JSC::GlobalEvalFunction::cachedGlobalObject):
        * runtime/Heap.cpp:
        (JSC::Heap::markProtectedObjects):
        (JSC::Heap::markTempSortVectors):
        (JSC::Heap::markRoots):
        * runtime/InternalFunction.cpp:
        (JSC::InternalFunction::InternalFunction):
        * runtime/JSAPIValueWrapper.h:
        (JSC::JSAPIValueWrapper::value):
        (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
        * runtime/JSActivation.cpp:
        (JSC::JSActivation::put):
        * runtime/JSArray.cpp:
        (JSC::JSArray::JSArray):
        (JSC::JSArray::getOwnPropertySlot):
        (JSC::JSArray::getOwnPropertyDescriptor):
        (JSC::JSArray::put):
        (JSC::JSArray::putSlowCase):
        (JSC::JSArray::deleteProperty):
        (JSC::JSArray::increaseVectorLength):
        (JSC::JSArray::setLength):
        (JSC::JSArray::pop):
        (JSC::JSArray::push):
        (JSC::JSArray::unshiftCount):
        (JSC::JSArray::sort):
        (JSC::JSArray::fillArgList):
        (JSC::JSArray::copyToRegisters):
        (JSC::JSArray::compactForSorting):
        * runtime/JSArray.h:
        (JSC::JSArray::getIndex):
        (JSC::JSArray::setIndex):
        (JSC::JSArray::uncheckedSetIndex):
        (JSC::JSArray::markChildrenDirect):
        * runtime/JSByteArray.cpp:
        (JSC::JSByteArray::JSByteArray):
        * runtime/JSCell.h:
        (JSC::JSCell::MarkStack::append):
        (JSC::JSCell::MarkStack::appendCell):
        * runtime/JSFunction.cpp:
        (JSC::JSFunction::JSFunction):
        (JSC::JSFunction::getOwnPropertySlot):
        * runtime/JSGlobalObject.cpp:
        (JSC::markIfNeeded):
        (JSC::JSGlobalObject::reset):
        (JSC::JSGlobalObject::resetPrototype):
        (JSC::JSGlobalObject::markChildren):
        * runtime/JSGlobalObject.h:
        (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
        (JSC::JSGlobalObject::regExpConstructor):
        (JSC::JSGlobalObject::errorConstructor):
        (JSC::JSGlobalObject::evalErrorConstructor):
        (JSC::JSGlobalObject::rangeErrorConstructor):
        (JSC::JSGlobalObject::referenceErrorConstructor):
        (JSC::JSGlobalObject::syntaxErrorConstructor):
        (JSC::JSGlobalObject::typeErrorConstructor):
        (JSC::JSGlobalObject::URIErrorConstructor):
        (JSC::JSGlobalObject::evalFunction):
        (JSC::JSGlobalObject::objectPrototype):
        (JSC::JSGlobalObject::functionPrototype):
        (JSC::JSGlobalObject::arrayPrototype):
        (JSC::JSGlobalObject::booleanPrototype):
        (JSC::JSGlobalObject::stringPrototype):
        (JSC::JSGlobalObject::numberPrototype):
        (JSC::JSGlobalObject::datePrototype):
        (JSC::JSGlobalObject::regExpPrototype):
        (JSC::JSGlobalObject::methodCallDummy):
        (JSC::constructArray):
        * runtime/JSONObject.cpp:
        (JSC::Stringifier::Holder::object):
        (JSC::Stringifier::Holder::objectSlot):
        (JSC::Stringifier::markAggregate):
        (JSC::Stringifier::stringify):
        (JSC::Stringifier::Holder::appendNextProperty):
        (JSC::Walker::callReviver):
        (JSC::Walker::walk):
        * runtime/JSObject.cpp:
        (JSC::JSObject::defineGetter):
        (JSC::JSObject::defineSetter):
        (JSC::JSObject::removeDirect):
        (JSC::JSObject::putDirectFunction):
        (JSC::JSObject::putDirectFunctionWithoutTransition):
        (JSC::putDescriptor):
        (JSC::JSObject::defineOwnProperty):
        * runtime/JSObject.h:
        (JSC::JSObject::putDirectOffset):
        (JSC::JSObject::putUndefinedAtDirectOffset):
        (JSC::JSObject::flattenDictionaryObject):
        (JSC::JSObject::putDirectInternal):
        (JSC::JSObject::putDirect):
        (JSC::JSObject::putDirectFunction):
        (JSC::JSObject::putDirectWithoutTransition):
        (JSC::JSObject::putDirectFunctionWithoutTransition):
        (JSC::JSValue::putDirect):
        (JSC::JSObject::allocatePropertyStorageInline):
        (JSC::JSObject::markChildrenDirect):
        * runtime/JSStaticScopeObject.cpp:
        (JSC::JSStaticScopeObject::markChildren):
        * runtime/JSString.cpp:
        (JSC::StringObject::create):
        * runtime/JSValue.h:
        * runtime/JSWrapperObject.cpp:
        (JSC::JSWrapperObject::markChildren):
        * runtime/JSWrapperObject.h:
        (JSC::JSWrapperObject::internalValue):
        (JSC::JSWrapperObject::setInternalValue):
        * runtime/LiteralParser.cpp:
        (JSC::LiteralParser::parse):
        * runtime/Lookup.cpp:
        (JSC::setUpStaticFunctionSlot):
        * runtime/Lookup.h:
        (JSC::lookupPut):
        * runtime/MarkStack.h:
        * runtime/MathObject.cpp:
        (JSC::MathObject::MathObject):
        * runtime/NativeErrorConstructor.cpp:
        (JSC::NativeErrorConstructor::NativeErrorConstructor):
        * runtime/NativeErrorPrototype.cpp:
        (JSC::NativeErrorPrototype::NativeErrorPrototype):
        * runtime/NumberConstructor.cpp:
        (JSC::NumberConstructor::NumberConstructor):
        (JSC::constructWithNumberConstructor):
        * runtime/NumberObject.cpp:
        (JSC::constructNumber):
        * runtime/NumberPrototype.cpp:
        (JSC::NumberPrototype::NumberPrototype):
        * runtime/ObjectConstructor.cpp:
        (JSC::ObjectConstructor::ObjectConstructor):
        (JSC::objectConstructorGetOwnPropertyDescriptor):
        * runtime/Operations.h:
        (JSC::normalizePrototypeChain):
        (JSC::resolveBase):
        * runtime/PrototypeFunction.cpp:
        (JSC::PrototypeFunction::PrototypeFunction):
        * runtime/PutPropertySlot.h:
        (JSC::PutPropertySlot::setExistingProperty):
        (JSC::PutPropertySlot::setNewProperty):
        (JSC::PutPropertySlot::base):
        * runtime/RegExpConstructor.cpp:
        (JSC::RegExpConstructor::RegExpConstructor):
        * runtime/ScopeChain.cpp:
        (JSC::ScopeChainNode::print):
        * runtime/ScopeChain.h:
        (JSC::ScopeChainNode::~ScopeChainNode):
        (JSC::ScopeChainIterator::operator*):
        (JSC::ScopeChainIterator::operator->):
        (JSC::ScopeChain::top):
        * runtime/ScopeChainMark.h:
        (JSC::ScopeChain::markAggregate):
        * runtime/SmallStrings.cpp:
        (JSC::isMarked):
        (JSC::SmallStrings::markChildren):
        * runtime/SmallStrings.h:
        (JSC::SmallStrings::emptyString):
        (JSC::SmallStrings::singleCharacterString):
        (JSC::SmallStrings::singleCharacterStrings):
        * runtime/StringConstructor.cpp:
        (JSC::StringConstructor::StringConstructor):
        * runtime/StringObject.cpp:
        (JSC::StringObject::StringObject):
        * runtime/StringObject.h:
        * runtime/StringPrototype.cpp:
        (JSC::StringPrototype::StringPrototype):
        * runtime/Structure.cpp:
        (JSC::Structure::flattenDictionaryStructure):
        * runtime/Structure.h:
        (JSC::Structure::storedPrototypeSlot):
        * runtime/WeakGCMap.h:
        (JSC::WeakGCMap::uncheckedGet):
        (JSC::WeakGCMap::uncheckedGetSlot):
        (JSC::::get):
        (JSC::::take):
        (JSC::::set):
        (JSC::::uncheckedRemove):
        * runtime/WriteBarrier.h: Added.
        (JSC::DeprecatedPtr::DeprecatedPtr):
        (JSC::DeprecatedPtr::get):
        (JSC::DeprecatedPtr::operator*):
        (JSC::DeprecatedPtr::operator->):
        (JSC::DeprecatedPtr::slot):
        (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
        (JSC::DeprecatedPtr::operator!):
        (JSC::WriteBarrierBase::set):
        (JSC::WriteBarrierBase::get):
        (JSC::WriteBarrierBase::operator*):
        (JSC::WriteBarrierBase::operator->):
        (JSC::WriteBarrierBase::slot):
        (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
        (JSC::WriteBarrierBase::operator!):
        (JSC::WriteBarrier::WriteBarrier):
        (JSC::operator==):
2011-01-27  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        Convert markstack to a slot visitor API
        https://bugs.webkit.org/show_bug.cgi?id=53219

        There's no reason to recurse here, the value we
        were marking was protected.

        * JSValueWrapper.cpp:
        (JSValueWrapper::JSObjectMark):
2011-01-27  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        Convert markstack to a slot visitor API
        https://bugs.webkit.org/show_bug.cgi?id=53219

        Update WebCore to the new marking apis, correct bindings
        codegen.

        * ForwardingHeaders/runtime/WriteBarrier.h: Added.
        * WebCore.exp.in:
        * bindings/js/DOMWrapperWorld.h:
        (WebCore::DOMWrapperWorld::globalData):
        * bindings/js/JSAudioConstructor.cpp:
        (WebCore::JSAudioConstructor::JSAudioConstructor):
        * bindings/js/JSDOMBinding.cpp:
        (WebCore::markDOMNodesForDocument):
        (WebCore::markDOMObjectWrapper):
        (WebCore::markDOMNodeWrapper):
        * bindings/js/JSDOMGlobalObject.cpp:
        (WebCore::JSDOMGlobalObject::markChildren):
        (WebCore::JSDOMGlobalObject::setInjectedScript):
        (WebCore::JSDOMGlobalObject::injectedScript):
        * bindings/js/JSDOMGlobalObject.h:
        (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
        (WebCore::getDOMConstructor):
        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::setLocation):
        (WebCore::DialogHandler::dialogCreated):
        * bindings/js/JSDOMWindowShell.cpp:
        (WebCore::JSDOMWindowShell::JSDOMWindowShell):
        (WebCore::JSDOMWindowShell::setWindow):
        (WebCore::JSDOMWindowShell::markChildren):
        (WebCore::JSDOMWindowShell::unwrappedObject):
        * bindings/js/JSDOMWindowShell.h:
        (WebCore::JSDOMWindowShell::window):
        (WebCore::JSDOMWindowShell::setWindow):
        * bindings/js/JSEventListener.cpp:
        (WebCore::JSEventListener::JSEventListener):
        (WebCore::JSEventListener::markJSFunction):
        * bindings/js/JSEventListener.h:
        (WebCore::JSEventListener::jsFunction):
        * bindings/js/JSHTMLDocumentCustom.cpp:
        (WebCore::JSHTMLDocument::setAll):
        * bindings/js/JSImageConstructor.cpp:
        (WebCore::JSImageConstructor::JSImageConstructor):
        * bindings/js/JSImageDataCustom.cpp:
        (WebCore::toJS):
        * bindings/js/JSJavaScriptCallFrameCustom.cpp:
        (WebCore::JSJavaScriptCallFrame::scopeChain):
        (WebCore::JSJavaScriptCallFrame::scopeType):
        * bindings/js/JSNodeFilterCondition.cpp:
        (WebCore::JSNodeFilterCondition::markAggregate):
        (WebCore::JSNodeFilterCondition::acceptNode):
        * bindings/js/JSNodeFilterCondition.h:
        * bindings/js/JSNodeFilterCustom.cpp:
        * bindings/js/JSOptionConstructor.cpp:
        (WebCore::JSOptionConstructor::JSOptionConstructor):
        * bindings/js/JSSQLResultSetRowListCustom.cpp:
        (WebCore::JSSQLResultSetRowList::item):
        * bindings/js/ScriptCachedFrameData.cpp:
        (WebCore::ScriptCachedFrameData::restore):
        * bindings/js/ScriptObject.cpp:
        (WebCore::ScriptGlobalObject::set):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneDeserializer::putProperty):
        * bindings/scripts/CodeGeneratorJS.pm:
        * dom/Document.h:
2011-01-27  Oliver Hunt  <oliver@apple.com>

        Reviewed by Geoffrey Garen.

        Convert markstack to a slot visitor API
        https://bugs.webkit.org/show_bug.cgi?id=53219

        Update to new marking api

        * WebView/WebScriptDebugDelegate.mm:
        (-[WebScriptCallFrame scopeChain]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@77006 268f45cc-cd09-0410-ab3c-d52691b4dbfc

125 files changed:
Source/JavaScriptCore/API/JSCallbackObject.h
Source/JavaScriptCore/API/JSCallbackObjectFunctions.h
Source/JavaScriptCore/API/JSObjectRef.cpp
Source/JavaScriptCore/API/JSWeakObjectMapRefInternal.h
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/JavaScriptCore.exp
Source/JavaScriptCore/JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def
Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
Source/JavaScriptCore/bytecode/CodeBlock.cpp
Source/JavaScriptCore/bytecode/CodeBlock.h
Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp
Source/JavaScriptCore/debugger/Debugger.cpp
Source/JavaScriptCore/debugger/DebuggerActivation.cpp
Source/JavaScriptCore/debugger/DebuggerActivation.h
Source/JavaScriptCore/debugger/DebuggerCallFrame.cpp
Source/JavaScriptCore/interpreter/CallFrame.h
Source/JavaScriptCore/interpreter/Interpreter.cpp
Source/JavaScriptCore/jit/JITStubs.cpp
Source/JavaScriptCore/jsc.cpp
Source/JavaScriptCore/runtime/ArgList.cpp
Source/JavaScriptCore/runtime/Arguments.cpp
Source/JavaScriptCore/runtime/Arguments.h
Source/JavaScriptCore/runtime/ArrayConstructor.cpp
Source/JavaScriptCore/runtime/ArrayPrototype.cpp
Source/JavaScriptCore/runtime/BatchedTransitionOptimizer.h
Source/JavaScriptCore/runtime/BooleanConstructor.cpp
Source/JavaScriptCore/runtime/BooleanPrototype.cpp
Source/JavaScriptCore/runtime/ConservativeSet.cpp
Source/JavaScriptCore/runtime/ConservativeSet.h
Source/JavaScriptCore/runtime/DateConstructor.cpp
Source/JavaScriptCore/runtime/DateInstance.cpp
Source/JavaScriptCore/runtime/DatePrototype.cpp
Source/JavaScriptCore/runtime/ErrorConstructor.cpp
Source/JavaScriptCore/runtime/ErrorInstance.cpp
Source/JavaScriptCore/runtime/ErrorPrototype.cpp
Source/JavaScriptCore/runtime/FunctionConstructor.cpp
Source/JavaScriptCore/runtime/FunctionPrototype.cpp
Source/JavaScriptCore/runtime/GetterSetter.cpp
Source/JavaScriptCore/runtime/GetterSetter.h
Source/JavaScriptCore/runtime/GlobalEvalFunction.cpp
Source/JavaScriptCore/runtime/GlobalEvalFunction.h
Source/JavaScriptCore/runtime/Heap.cpp
Source/JavaScriptCore/runtime/InternalFunction.cpp
Source/JavaScriptCore/runtime/JSAPIValueWrapper.h
Source/JavaScriptCore/runtime/JSActivation.cpp
Source/JavaScriptCore/runtime/JSArray.cpp
Source/JavaScriptCore/runtime/JSArray.h
Source/JavaScriptCore/runtime/JSByteArray.cpp
Source/JavaScriptCore/runtime/JSCell.h
Source/JavaScriptCore/runtime/JSFunction.cpp
Source/JavaScriptCore/runtime/JSGlobalData.h
Source/JavaScriptCore/runtime/JSGlobalObject.cpp
Source/JavaScriptCore/runtime/JSGlobalObject.h
Source/JavaScriptCore/runtime/JSONObject.cpp
Source/JavaScriptCore/runtime/JSObject.cpp
Source/JavaScriptCore/runtime/JSObject.h
Source/JavaScriptCore/runtime/JSPropertyNameIterator.cpp
Source/JavaScriptCore/runtime/JSPropertyNameIterator.h
Source/JavaScriptCore/runtime/JSStaticScopeObject.cpp
Source/JavaScriptCore/runtime/JSString.cpp
Source/JavaScriptCore/runtime/JSValue.h
Source/JavaScriptCore/runtime/JSWrapperObject.cpp
Source/JavaScriptCore/runtime/JSWrapperObject.h
Source/JavaScriptCore/runtime/LiteralParser.cpp
Source/JavaScriptCore/runtime/Lookup.cpp
Source/JavaScriptCore/runtime/Lookup.h
Source/JavaScriptCore/runtime/MarkStack.h
Source/JavaScriptCore/runtime/MathObject.cpp
Source/JavaScriptCore/runtime/NativeErrorConstructor.cpp
Source/JavaScriptCore/runtime/NativeErrorPrototype.cpp
Source/JavaScriptCore/runtime/NumberConstructor.cpp
Source/JavaScriptCore/runtime/NumberObject.cpp
Source/JavaScriptCore/runtime/NumberPrototype.cpp
Source/JavaScriptCore/runtime/ObjectConstructor.cpp
Source/JavaScriptCore/runtime/Operations.h
Source/JavaScriptCore/runtime/PrototypeFunction.cpp
Source/JavaScriptCore/runtime/PutPropertySlot.h
Source/JavaScriptCore/runtime/RegExpConstructor.cpp
Source/JavaScriptCore/runtime/ScopeChain.cpp
Source/JavaScriptCore/runtime/ScopeChain.h
Source/JavaScriptCore/runtime/ScopeChainMark.h
Source/JavaScriptCore/runtime/SmallStrings.cpp
Source/JavaScriptCore/runtime/SmallStrings.h
Source/JavaScriptCore/runtime/StringConstructor.cpp
Source/JavaScriptCore/runtime/StringObject.cpp
Source/JavaScriptCore/runtime/StringObject.h
Source/JavaScriptCore/runtime/StringPrototype.cpp
Source/JavaScriptCore/runtime/Structure.cpp
Source/JavaScriptCore/runtime/Structure.h
Source/JavaScriptCore/runtime/WeakGCMap.h
Source/JavaScriptCore/runtime/WriteBarrier.h [new file with mode: 0644]
Source/JavaScriptGlue/ChangeLog
Source/JavaScriptGlue/JSValueWrapper.cpp
Source/WebCore/ChangeLog
Source/WebCore/ForwardingHeaders/runtime/WriteBarrier.h [new file with mode: 0644]
Source/WebCore/WebCore.exp.in
Source/WebCore/bindings/js/DOMWrapperWorld.h
Source/WebCore/bindings/js/JSAudioConstructor.cpp
Source/WebCore/bindings/js/JSDOMBinding.cpp
Source/WebCore/bindings/js/JSDOMGlobalObject.cpp
Source/WebCore/bindings/js/JSDOMGlobalObject.h
Source/WebCore/bindings/js/JSDOMWindowCustom.cpp
Source/WebCore/bindings/js/JSDOMWindowShell.cpp
Source/WebCore/bindings/js/JSDOMWindowShell.h
Source/WebCore/bindings/js/JSDeviceMotionEventCustom.cpp
Source/WebCore/bindings/js/JSEventListener.cpp
Source/WebCore/bindings/js/JSEventListener.h
Source/WebCore/bindings/js/JSHTMLDocumentCustom.cpp
Source/WebCore/bindings/js/JSImageConstructor.cpp
Source/WebCore/bindings/js/JSImageDataCustom.cpp
Source/WebCore/bindings/js/JSJavaScriptCallFrameCustom.cpp
Source/WebCore/bindings/js/JSNodeFilterCondition.cpp
Source/WebCore/bindings/js/JSNodeFilterCondition.h
Source/WebCore/bindings/js/JSNodeFilterCustom.cpp
Source/WebCore/bindings/js/JSOptionConstructor.cpp
Source/WebCore/bindings/js/JSSQLResultSetRowListCustom.cpp
Source/WebCore/bindings/js/ScriptCachedFrameData.cpp
Source/WebCore/bindings/js/ScriptObject.cpp
Source/WebCore/bindings/js/SerializedScriptValue.cpp
Source/WebCore/bindings/scripts/CodeGeneratorJS.pm
Source/WebCore/bridge/runtime_root.cpp
Source/WebCore/bridge/runtime_root.h
Source/WebCore/dom/Document.h
Source/WebKit/mac/ChangeLog
Source/WebKit/mac/WebView/WebScriptDebugDelegate.mm

index 83442b2..d6c31d8 100644 (file)
@@ -54,11 +54,11 @@ struct JSCallbackObjectData {
         return m_privateProperties->getPrivateProperty(propertyName);
     }
     
-    void setPrivateProperty(const Identifier& propertyName, JSValue value)
+    void setPrivateProperty(JSGlobalData& globalData, JSCell* owner, const Identifier& propertyName, JSValue value)
     {
         if (!m_privateProperties)
             m_privateProperties = adoptPtr(new JSPrivatePropertyMap);
-        m_privateProperties->setPrivateProperty(propertyName, value);
+        m_privateProperties->setPrivateProperty(globalData, owner, propertyName, value);
     }
     
     void deletePrivateProperty(const Identifier& propertyName)
@@ -83,12 +83,13 @@ struct JSCallbackObjectData {
             PrivatePropertyMap::const_iterator location = m_propertyMap.find(propertyName.impl());
             if (location == m_propertyMap.end())
                 return JSValue();
-            return location->second;
+            return location->second.get();
         }
         
-        void setPrivateProperty(const Identifier& propertyName, JSValue value)
+        void setPrivateProperty(JSGlobalData& globalData, JSCell* owner, const Identifier& propertyName, JSValue value)
         {
-            m_propertyMap.set(propertyName.impl(), value);
+            WriteBarrier<Unknown> empty;
+            m_propertyMap.add(propertyName.impl(), empty).first->second.set(globalData, owner, value);
         }
         
         void deletePrivateProperty(const Identifier& propertyName)
@@ -100,12 +101,12 @@ struct JSCallbackObjectData {
         {
             for (PrivatePropertyMap::iterator ptr = m_propertyMap.begin(); ptr != m_propertyMap.end(); ++ptr) {
                 if (ptr->second)
-                    markStack.append(ptr->second);
+                    markStack.append(&ptr->second);
             }
         }
 
     private:
-        typedef HashMap<RefPtr<StringImpl>, JSValue, IdentifierRepHash> PrivatePropertyMap;
+        typedef HashMap<RefPtr<StringImpl>, WriteBarrier<Unknown>, IdentifierRepHash> PrivatePropertyMap;
         PrivatePropertyMap m_propertyMap;
     };
     OwnPtr<JSPrivatePropertyMap> m_privateProperties;
@@ -137,9 +138,9 @@ public:
         return m_callbackObjectData->getPrivateProperty(propertyName);
     }
     
-    void setPrivateProperty(const Identifier& propertyName, JSValue value)
+    void setPrivateProperty(JSGlobalData& globalData, const Identifier& propertyName, JSValue value)
     {
-        m_callbackObjectData->setPrivateProperty(propertyName, value);
+        m_callbackObjectData->setPrivateProperty(globalData, this, propertyName, value);
     }
     
     void deletePrivateProperty(const Identifier& propertyName)
index de5d842..f03443f 100644 (file)
@@ -238,7 +238,7 @@ void JSCallbackObject<Base>::put(ExecState* exec, const Identifier& propertyName
             if (StaticFunctionEntry* entry = staticFunctions->get(propertyName.impl())) {
                 if (entry->attributes & kJSPropertyAttributeReadOnly)
                     return;
-                JSCallbackObject<Base>::putDirect(propertyName, value); // put as override property
+                JSCallbackObject<Base>::putDirect(exec->globalData(), propertyName, value); // put as override property
                 return;
             }
         }
@@ -565,7 +565,7 @@ JSValue JSCallbackObject<Base>::staticFunctionGetter(ExecState* exec, JSValue sl
                 if (JSObjectCallAsFunctionCallback callAsFunction = entry->callAsFunction) {
                     
                     JSObject* o = new (exec) JSCallbackFunction(exec, asGlobalObject(thisObj->getAnonymousValue(0)), callAsFunction, propertyName);
-                    thisObj->putDirect(propertyName, o, entry->attributes);
+                    thisObj->putDirect(exec->globalData(), propertyName, o, entry->attributes);
                     return o;
                 }
             }
index d6de426..d3c1993 100644 (file)
@@ -108,7 +108,7 @@ JSObjectRef JSObjectMakeConstructor(JSContextRef ctx, JSClassRef jsClass, JSObje
         jsPrototype = exec->lexicalGlobalObject()->objectPrototype();
 
     JSCallbackConstructor* constructor = new (exec) JSCallbackConstructor(exec->lexicalGlobalObject(), exec->lexicalGlobalObject()->callbackConstructorStructure(), jsClass, callAsConstructor);
-    constructor->putDirect(exec->propertyNames().prototype, jsPrototype, DontEnum | DontDelete | ReadOnly);
+    constructor->putDirect(exec->globalData(), exec->propertyNames().prototype, jsPrototype, DontEnum | DontDelete | ReadOnly);
     return toRef(constructor);
 }
 
@@ -385,11 +385,11 @@ bool JSObjectSetPrivateProperty(JSContextRef ctx, JSObjectRef object, JSStringRe
     JSValue jsValue = value ? toJS(exec, value) : JSValue();
     Identifier name(propertyName->identifier(&exec->globalData()));
     if (jsObject->inherits(&JSCallbackObject<JSGlobalObject>::info)) {
-        static_cast<JSCallbackObject<JSGlobalObject>*>(jsObject)->setPrivateProperty(name, jsValue);
+        static_cast<JSCallbackObject<JSGlobalObject>*>(jsObject)->setPrivateProperty(exec->globalData(), name, jsValue);
         return true;
     }
     if (jsObject->inherits(&JSCallbackObject<JSObjectWithGlobalObject>::info)) {
-        static_cast<JSCallbackObject<JSObjectWithGlobalObject>*>(jsObject)->setPrivateProperty(name, jsValue);
+        static_cast<JSCallbackObject<JSObjectWithGlobalObject>*>(jsObject)->setPrivateProperty(exec->globalData(), name, jsValue);
         return true;
     }
     return false;
index 64e1f4d..f7b91da 100644 (file)
@@ -37,7 +37,7 @@ class JSObject;
 
 typedef void (*JSWeakMapDestroyedCallback)(struct OpaqueJSWeakObjectMap*, void*);
 
-typedef JSC::WeakGCMap<void*, JSC::JSObject*> WeakMapType;
+typedef JSC::WeakGCMap<void*, JSC::JSObject> WeakMapType;
 
 struct OpaqueJSWeakObjectMap : public RefCounted<OpaqueJSWeakObjectMap> {
 public:
index d170ad9..ce0340a 100644 (file)
@@ -1,3 +1,314 @@
+2011-01-27  Oliver Hunt  <oliver@apple.com>
+
+        Reviewed by Geoffrey Garen.
+
+        Convert markstack to a slot visitor API
+        https://bugs.webkit.org/show_bug.cgi?id=53219
+
+        Move the MarkStack over to a slot based marking API.
+
+        In order to avoiding aliasing concerns there are two new types
+        that need to be used when holding on to JSValues and JSCell that
+        need to be marked: WriteBarrier and DeprecatedPtr.  WriteBarrier
+        is expected to be used for any JSValue or Cell that's lifetime and
+        marking is controlled by another GC object.  DeprecatedPtr is used
+        for any value that we need to rework ownership for.
+
+        The change over to this model has produced a large amount of
+        code changes, but they are mostly mechanical (forwarding JSGlobalData,
+        etc).
+
+        * API/JSCallbackObject.h:
+        (JSC::JSCallbackObjectData::setPrivateProperty):
+        (JSC::JSCallbackObjectData::JSPrivatePropertyMap::getPrivateProperty):
+        (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty):
+        (JSC::JSCallbackObjectData::JSPrivatePropertyMap::markChildren):
+        (JSC::JSCallbackObject::setPrivateProperty):
+        * API/JSCallbackObjectFunctions.h:
+        (JSC::::put):
+        (JSC::::staticFunctionGetter):
+        * API/JSObjectRef.cpp:
+        (JSObjectMakeConstructor):
+        (JSObjectSetPrivateProperty):
+        * API/JSWeakObjectMapRefInternal.h:
+        * JavaScriptCore.exp:
+        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
+        * JavaScriptCore.xcodeproj/project.pbxproj:
+        * bytecode/CodeBlock.cpp:
+        (JSC::CodeBlock::markAggregate):
+        * bytecode/CodeBlock.h:
+        (JSC::CodeBlock::globalObject):
+        * bytecompiler/BytecodeGenerator.cpp:
+        (JSC::BytecodeGenerator::BytecodeGenerator):
+        (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
+        (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
+        (JSC::BytecodeGenerator::findScopedProperty):
+        * debugger/DebuggerActivation.cpp:
+        (JSC::DebuggerActivation::DebuggerActivation):
+        (JSC::DebuggerActivation::markChildren):
+        * debugger/DebuggerActivation.h:
+        * interpreter/Interpreter.cpp:
+        (JSC::Interpreter::resolve):
+        (JSC::Interpreter::resolveSkip):
+        (JSC::Interpreter::resolveGlobalDynamic):
+        (JSC::Interpreter::resolveBaseAndProperty):
+        (JSC::Interpreter::unwindCallFrame):
+        (JSC::appendSourceToError):
+        (JSC::Interpreter::execute):
+        (JSC::Interpreter::privateExecute):
+        * interpreter/Register.h:
+        (JSC::Register::jsValueSlot):
+        * jit/JITStubs.cpp:
+        (JSC::JITThunks::tryCacheGetByID):
+        (JSC::DEFINE_STUB_FUNCTION):
+        * jsc.cpp:
+        (GlobalObject::GlobalObject):
+        * runtime/Arguments.cpp:
+        (JSC::Arguments::markChildren):
+        (JSC::Arguments::getOwnPropertySlot):
+        (JSC::Arguments::getOwnPropertyDescriptor):
+        (JSC::Arguments::put):
+        * runtime/Arguments.h:
+        (JSC::Arguments::setActivation):
+        (JSC::Arguments::Arguments):
+        * runtime/ArrayConstructor.cpp:
+        (JSC::ArrayConstructor::ArrayConstructor):
+        (JSC::constructArrayWithSizeQuirk):
+        * runtime/ArrayPrototype.cpp:
+        (JSC::arrayProtoFuncSplice):
+        * runtime/BatchedTransitionOptimizer.h:
+        (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
+        (JSC::BatchedTransitionOptimizer::~BatchedTransitionOptimizer):
+        * runtime/BooleanConstructor.cpp:
+        (JSC::BooleanConstructor::BooleanConstructor):
+        (JSC::constructBoolean):
+        (JSC::constructBooleanFromImmediateBoolean):
+        * runtime/BooleanPrototype.cpp:
+        (JSC::BooleanPrototype::BooleanPrototype):
+        * runtime/ConservativeSet.h:
+        (JSC::ConservativeSet::mark):
+        * runtime/DateConstructor.cpp:
+        (JSC::DateConstructor::DateConstructor):
+        * runtime/DateInstance.cpp:
+        (JSC::DateInstance::DateInstance):
+        * runtime/DatePrototype.cpp:
+        (JSC::dateProtoFuncSetTime):
+        (JSC::setNewValueFromTimeArgs):
+        (JSC::setNewValueFromDateArgs):
+        (JSC::dateProtoFuncSetYear):
+        * runtime/ErrorConstructor.cpp:
+        (JSC::ErrorConstructor::ErrorConstructor):
+        * runtime/ErrorInstance.cpp:
+        (JSC::ErrorInstance::ErrorInstance):
+        * runtime/ErrorPrototype.cpp:
+        (JSC::ErrorPrototype::ErrorPrototype):
+        * runtime/FunctionConstructor.cpp:
+        (JSC::FunctionConstructor::FunctionConstructor):
+        * runtime/FunctionPrototype.cpp:
+        (JSC::FunctionPrototype::FunctionPrototype):
+        * runtime/GetterSetter.cpp:
+        (JSC::GetterSetter::markChildren):
+        * runtime/GetterSetter.h:
+        (JSC::GetterSetter::GetterSetter):
+        (JSC::GetterSetter::getter):
+        (JSC::GetterSetter::setGetter):
+        (JSC::GetterSetter::setter):
+        (JSC::GetterSetter::setSetter):
+        * runtime/GlobalEvalFunction.cpp:
+        (JSC::GlobalEvalFunction::GlobalEvalFunction):
+        (JSC::GlobalEvalFunction::markChildren):
+        * runtime/GlobalEvalFunction.h:
+        (JSC::GlobalEvalFunction::cachedGlobalObject):
+        * runtime/Heap.cpp:
+        (JSC::Heap::markProtectedObjects):
+        (JSC::Heap::markTempSortVectors):
+        (JSC::Heap::markRoots):
+        * runtime/InternalFunction.cpp:
+        (JSC::InternalFunction::InternalFunction):
+        * runtime/JSAPIValueWrapper.h:
+        (JSC::JSAPIValueWrapper::value):
+        (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
+        * runtime/JSActivation.cpp:
+        (JSC::JSActivation::put):
+        * runtime/JSArray.cpp:
+        (JSC::JSArray::JSArray):
+        (JSC::JSArray::getOwnPropertySlot):
+        (JSC::JSArray::getOwnPropertyDescriptor):
+        (JSC::JSArray::put):
+        (JSC::JSArray::putSlowCase):
+        (JSC::JSArray::deleteProperty):
+        (JSC::JSArray::increaseVectorLength):
+        (JSC::JSArray::setLength):
+        (JSC::JSArray::pop):
+        (JSC::JSArray::push):
+        (JSC::JSArray::unshiftCount):
+        (JSC::JSArray::sort):
+        (JSC::JSArray::fillArgList):
+        (JSC::JSArray::copyToRegisters):
+        (JSC::JSArray::compactForSorting):
+        * runtime/JSArray.h:
+        (JSC::JSArray::getIndex):
+        (JSC::JSArray::setIndex):
+        (JSC::JSArray::uncheckedSetIndex):
+        (JSC::JSArray::markChildrenDirect):
+        * runtime/JSByteArray.cpp:
+        (JSC::JSByteArray::JSByteArray):
+        * runtime/JSCell.h:
+        (JSC::JSCell::MarkStack::append):
+        (JSC::JSCell::MarkStack::appendCell):
+        * runtime/JSFunction.cpp:
+        (JSC::JSFunction::JSFunction):
+        (JSC::JSFunction::getOwnPropertySlot):
+        * runtime/JSGlobalObject.cpp:
+        (JSC::markIfNeeded):
+        (JSC::JSGlobalObject::reset):
+        (JSC::JSGlobalObject::resetPrototype):
+        (JSC::JSGlobalObject::markChildren):
+        * runtime/JSGlobalObject.h:
+        (JSC::JSGlobalObject::JSGlobalObjectData::JSGlobalObjectData):
+        (JSC::JSGlobalObject::regExpConstructor):
+        (JSC::JSGlobalObject::errorConstructor):
+        (JSC::JSGlobalObject::evalErrorConstructor):
+        (JSC::JSGlobalObject::rangeErrorConstructor):
+        (JSC::JSGlobalObject::referenceErrorConstructor):
+        (JSC::JSGlobalObject::syntaxErrorConstructor):
+        (JSC::JSGlobalObject::typeErrorConstructor):
+        (JSC::JSGlobalObject::URIErrorConstructor):
+        (JSC::JSGlobalObject::evalFunction):
+        (JSC::JSGlobalObject::objectPrototype):
+        (JSC::JSGlobalObject::functionPrototype):
+        (JSC::JSGlobalObject::arrayPrototype):
+        (JSC::JSGlobalObject::booleanPrototype):
+        (JSC::JSGlobalObject::stringPrototype):
+        (JSC::JSGlobalObject::numberPrototype):
+        (JSC::JSGlobalObject::datePrototype):
+        (JSC::JSGlobalObject::regExpPrototype):
+        (JSC::JSGlobalObject::methodCallDummy):
+        (JSC::constructArray):
+        * runtime/JSONObject.cpp:
+        (JSC::Stringifier::Holder::object):
+        (JSC::Stringifier::Holder::objectSlot):
+        (JSC::Stringifier::markAggregate):
+        (JSC::Stringifier::stringify):
+        (JSC::Stringifier::Holder::appendNextProperty):
+        (JSC::Walker::callReviver):
+        (JSC::Walker::walk):
+        * runtime/JSObject.cpp:
+        (JSC::JSObject::defineGetter):
+        (JSC::JSObject::defineSetter):
+        (JSC::JSObject::removeDirect):
+        (JSC::JSObject::putDirectFunction):
+        (JSC::JSObject::putDirectFunctionWithoutTransition):
+        (JSC::putDescriptor):
+        (JSC::JSObject::defineOwnProperty):
+        * runtime/JSObject.h:
+        (JSC::JSObject::putDirectOffset):
+        (JSC::JSObject::putUndefinedAtDirectOffset):
+        (JSC::JSObject::flattenDictionaryObject):
+        (JSC::JSObject::putDirectInternal):
+        (JSC::JSObject::putDirect):
+        (JSC::JSObject::putDirectFunction):
+        (JSC::JSObject::putDirectWithoutTransition):
+        (JSC::JSObject::putDirectFunctionWithoutTransition):
+        (JSC::JSValue::putDirect):
+        (JSC::JSObject::allocatePropertyStorageInline):
+        (JSC::JSObject::markChildrenDirect):
+        * runtime/JSStaticScopeObject.cpp:
+        (JSC::JSStaticScopeObject::markChildren):
+        * runtime/JSString.cpp:
+        (JSC::StringObject::create):
+        * runtime/JSValue.h:
+        * runtime/JSWrapperObject.cpp:
+        (JSC::JSWrapperObject::markChildren):
+        * runtime/JSWrapperObject.h:
+        (JSC::JSWrapperObject::internalValue):
+        (JSC::JSWrapperObject::setInternalValue):
+        * runtime/LiteralParser.cpp:
+        (JSC::LiteralParser::parse):
+        * runtime/Lookup.cpp:
+        (JSC::setUpStaticFunctionSlot):
+        * runtime/Lookup.h:
+        (JSC::lookupPut):
+        * runtime/MarkStack.h:
+        * runtime/MathObject.cpp:
+        (JSC::MathObject::MathObject):
+        * runtime/NativeErrorConstructor.cpp:
+        (JSC::NativeErrorConstructor::NativeErrorConstructor):
+        * runtime/NativeErrorPrototype.cpp:
+        (JSC::NativeErrorPrototype::NativeErrorPrototype):
+        * runtime/NumberConstructor.cpp:
+        (JSC::NumberConstructor::NumberConstructor):
+        (JSC::constructWithNumberConstructor):
+        * runtime/NumberObject.cpp:
+        (JSC::constructNumber):
+        * runtime/NumberPrototype.cpp:
+        (JSC::NumberPrototype::NumberPrototype):
+        * runtime/ObjectConstructor.cpp:
+        (JSC::ObjectConstructor::ObjectConstructor):
+        (JSC::objectConstructorGetOwnPropertyDescriptor):
+        * runtime/Operations.h:
+        (JSC::normalizePrototypeChain):
+        (JSC::resolveBase):
+        * runtime/PrototypeFunction.cpp:
+        (JSC::PrototypeFunction::PrototypeFunction):
+        * runtime/PutPropertySlot.h:
+        (JSC::PutPropertySlot::setExistingProperty):
+        (JSC::PutPropertySlot::setNewProperty):
+        (JSC::PutPropertySlot::base):
+        * runtime/RegExpConstructor.cpp:
+        (JSC::RegExpConstructor::RegExpConstructor):
+        * runtime/ScopeChain.cpp:
+        (JSC::ScopeChainNode::print):
+        * runtime/ScopeChain.h:
+        (JSC::ScopeChainNode::~ScopeChainNode):
+        (JSC::ScopeChainIterator::operator*):
+        (JSC::ScopeChainIterator::operator->):
+        (JSC::ScopeChain::top):
+        * runtime/ScopeChainMark.h:
+        (JSC::ScopeChain::markAggregate):
+        * runtime/SmallStrings.cpp:
+        (JSC::isMarked):
+        (JSC::SmallStrings::markChildren):
+        * runtime/SmallStrings.h:
+        (JSC::SmallStrings::emptyString):
+        (JSC::SmallStrings::singleCharacterString):
+        (JSC::SmallStrings::singleCharacterStrings):
+        * runtime/StringConstructor.cpp:
+        (JSC::StringConstructor::StringConstructor):
+        * runtime/StringObject.cpp:
+        (JSC::StringObject::StringObject):
+        * runtime/StringObject.h:
+        * runtime/StringPrototype.cpp:
+        (JSC::StringPrototype::StringPrototype):
+        * runtime/Structure.cpp:
+        (JSC::Structure::flattenDictionaryStructure):
+        * runtime/Structure.h:
+        (JSC::Structure::storedPrototypeSlot):
+        * runtime/WeakGCMap.h:
+        (JSC::WeakGCMap::uncheckedGet):
+        (JSC::WeakGCMap::uncheckedGetSlot):
+        (JSC::::get):
+        (JSC::::take):
+        (JSC::::set):
+        (JSC::::uncheckedRemove):
+        * runtime/WriteBarrier.h: Added.
+        (JSC::DeprecatedPtr::DeprecatedPtr):
+        (JSC::DeprecatedPtr::get):
+        (JSC::DeprecatedPtr::operator*):
+        (JSC::DeprecatedPtr::operator->):
+        (JSC::DeprecatedPtr::slot):
+        (JSC::DeprecatedPtr::operator UnspecifiedBoolType*):
+        (JSC::DeprecatedPtr::operator!):
+        (JSC::WriteBarrierBase::set):
+        (JSC::WriteBarrierBase::get):
+        (JSC::WriteBarrierBase::operator*):
+        (JSC::WriteBarrierBase::operator->):
+        (JSC::WriteBarrierBase::slot):
+        (JSC::WriteBarrierBase::operator UnspecifiedBoolType*):
+        (JSC::WriteBarrierBase::operator!):
+        (JSC::WriteBarrier::WriteBarrier):
+        (JSC::operator==):
+
 2011-01-28  Adam Roben  <aroben@apple.com>
 
         Chromium build fix after r76967
index 199c37f..982ae19 100644 (file)
@@ -183,7 +183,7 @@ __ZN3JSC17BytecodeGenerator21setDumpsGeneratedCodeEb
 __ZN3JSC17PropertyNameArray3addEPN3WTF10StringImplE
 __ZN3JSC17constructFunctionEPNS_9ExecStateERKNS_7ArgListERKNS_10IdentifierERKNS_7UStringEi
 __ZN3JSC17createSyntaxErrorEPNS_9ExecStateERKNS_7UStringE
-__ZN3JSC18DebuggerActivationC1EPNS_8JSObjectE
+__ZN3JSC18DebuggerActivationC1ERNS_12JSGlobalDataEPNS_8JSObjectE
 __ZN3JSC18PropertyDescriptor11setWritableEb
 __ZN3JSC18PropertyDescriptor12setUndefinedEv
 __ZN3JSC18PropertyDescriptor13setDescriptorENS_7JSValueEj
@@ -251,7 +251,7 @@ __ZN3JSC7JSArray18getOwnPropertySlotEPNS_9ExecStateEjRNS_12PropertySlotE
 __ZN3JSC7JSArray4infoE
 __ZN3JSC7JSArray9setLengthEj
 __ZN3JSC7JSArrayC1EN3WTF17NonNullPassRefPtrINS_9StructureEEE
-__ZN3JSC7JSArrayC1EN3WTF17NonNullPassRefPtrINS_9StructureEEERKNS_7ArgListE
+__ZN3JSC7JSArrayC1ERNS_12JSGlobalDataEN3WTF17NonNullPassRefPtrINS_9StructureEEERKNS_7ArgListE
 __ZN3JSC7JSArrayC2EN3WTF17NonNullPassRefPtrINS_9StructureEEE
 __ZN3JSC7JSArrayD2Ev
 __ZN3JSC7JSValue13isValidCalleeEv
index f8786b5..532ccfe 100644 (file)
@@ -10,7 +10,7 @@ EXPORTS
     ??0DynamicGlobalObjectScope@JSC@@QAE@PAVExecState@1@PAVJSGlobalObject@1@@Z
     ??0InternalFunction@JSC@@IAE@PAVJSGlobalData@1@PAVJSGlobalObject@1@V?$NonNullPassRefPtr@VStructure@JSC@@@WTF@@ABVIdentifier@1@@Z
     ??0JSArray@JSC@@QAE@V?$NonNullPassRefPtr@VStructure@JSC@@@WTF@@@Z
-    ??0JSArray@JSC@@QAE@V?$NonNullPassRefPtr@VStructure@JSC@@@WTF@@ABVArgList@1@@Z
+    ??0JSArray@JSC@@QAE@AAVJSGlobalData@1@V?$NonNullPassRefPtr@VStructure@JSC@@@WTF@@ABVArgList@1@@Z  
     ??0JSByteArray@JSC@@QAE@PAVExecState@1@V?$NonNullPassRefPtr@VStructure@JSC@@@WTF@@PAVByteArray@4@PBUClassInfo@1@@Z
     ??0JSFunction@JSC@@QAE@PAVExecState@1@PAVJSGlobalObject@1@V?$NonNullPassRefPtr@VStructure@JSC@@@WTF@@HABVIdentifier@1@P6I_J0@Z@Z
     ??0JSObjectWithGlobalObject@JSC@@IAE@PAVJSGlobalObject@1@V?$NonNullPassRefPtr@VStructure@JSC@@@WTF@@@Z
index ae35f6e..0985e1e 100644 (file)
                A7C1E8E4112E72EF00A37F98 /* JITPropertyAccess32_64.cpp in Sources */ = {isa = PBXBuildFile; fileRef = A7C1E8C8112E701C00A37F98 /* JITPropertyAccess32_64.cpp */; };
                A7C530E4102A3813005BC741 /* MarkStackPosix.cpp in Sources */ = {isa = PBXBuildFile; fileRef = A7C530E3102A3813005BC741 /* MarkStackPosix.cpp */; };
                A7D649AA1015224E009B2E1B /* PossiblyNull.h in Headers */ = {isa = PBXBuildFile; fileRef = A7D649A91015224E009B2E1B /* PossiblyNull.h */; settings = {ATTRIBUTES = (Private, ); }; };
+               A7DCB97312E5193F00911940 /* WriteBarrier.h in Headers */ = {isa = PBXBuildFile; fileRef = A7DCB77912E3D90500911940 /* WriteBarrier.h */; settings = {ATTRIBUTES = (Private, ); }; };
                A7E2EA6B0FB460CF00601F06 /* LiteralParser.h in Headers */ = {isa = PBXBuildFile; fileRef = A7E2EA690FB460CF00601F06 /* LiteralParser.h */; };
                A7E2EA6C0FB460CF00601F06 /* LiteralParser.cpp in Sources */ = {isa = PBXBuildFile; fileRef = A7E2EA6A0FB460CF00601F06 /* LiteralParser.cpp */; };
                A7F19ECE11DD490900931E70 /* FixedArray.h in Headers */ = {isa = PBXBuildFile; fileRef = A7F19ECD11DD490900931E70 /* FixedArray.h */; settings = {ATTRIBUTES = (Private, ); }; };
                A7C1E8C8112E701C00A37F98 /* JITPropertyAccess32_64.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JITPropertyAccess32_64.cpp; sourceTree = "<group>"; };
                A7C530E3102A3813005BC741 /* MarkStackPosix.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = MarkStackPosix.cpp; sourceTree = "<group>"; };
                A7D649A91015224E009B2E1B /* PossiblyNull.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PossiblyNull.h; sourceTree = "<group>"; };
+               A7DCB77912E3D90500911940 /* WriteBarrier.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WriteBarrier.h; sourceTree = "<group>"; };
                A7E2EA690FB460CF00601F06 /* LiteralParser.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = LiteralParser.h; sourceTree = "<group>"; };
                A7E2EA6A0FB460CF00601F06 /* LiteralParser.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = LiteralParser.cpp; sourceTree = "<group>"; };
                A7E42C180E3938830065A544 /* JSStaticScopeObject.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSStaticScopeObject.h; sourceTree = "<group>"; };
                                14BFCE6810CDB1FC00364CCE /* WeakGCMap.h */,
                                14035DB010DBFB2A00FFFFE7 /* WeakGCPtr.h */,
                                1420BE7A10AA6DDB00F455D2 /* WeakRandom.h */,
+                               A7DCB77912E3D90500911940 /* WriteBarrier.h */,
                        );
                        path = runtime;
                        sourceTree = "<group>";
                                86704B4312DB8A8100A9FE7B /* YarrSyntaxChecker.h in Headers */,
                                5DE6E5B30E1728EC00180407 /* create_hash_table in Headers */,
                                451539B912DC994500EF7AC4 /* Yarr.h in Headers */,
+                               A7DCB97312E5193F00911940 /* WriteBarrier.h in Headers */,
                                E49DC16C12EF294E00184A1F /* SourceProviderCache.h in Headers */,
                                E49DC16D12EF295300184A1F /* SourceProviderCacheItem.h in Headers */,
                        );
index f3f5f27..b417382 100644 (file)
@@ -1529,12 +1529,12 @@ void CodeBlock::refStructures(Instruction* vPC) const
 void CodeBlock::markAggregate(MarkStack& markStack)
 {
     for (size_t i = 0; i < m_constantRegisters.size(); ++i)
-        markStack.append(m_constantRegisters[i].jsValue());
+        markStack.deprecatedAppend(&m_constantRegisters[i]);
     for (size_t i = 0; i < m_functionExprs.size(); ++i)
         m_functionExprs[i]->markAggregate(markStack);
     for (size_t i = 0; i < m_functionDecls.size(); ++i)
         m_functionDecls[i]->markAggregate(markStack);
-    markStack.append(m_globalObject);
+    markStack.append(&m_globalObject);
 }
 
 HandlerInfo* CodeBlock::handlerForBytecodeOffset(unsigned bytecodeOffset)
index 1cd0863..ad2efa6 100644 (file)
@@ -248,7 +248,7 @@ namespace JSC {
     protected:
         CodeBlock(ScriptExecutable* ownerExecutable, CodeType, JSGlobalObject*, PassRefPtr<SourceProvider>, unsigned sourceOffset, SymbolTable* symbolTable, bool isConstructor);
 
-        JSGlobalObject* m_globalObject;
+        DeprecatedPtr<JSGlobalObject> m_globalObject;
 
     public:
         virtual ~CodeBlock();
@@ -485,7 +485,7 @@ namespace JSC {
         unsigned addRegExp(RegExp* r) { createRareDataIfNecessary(); unsigned size = m_rareData->m_regexps.size(); m_rareData->m_regexps.append(r); return size; }
         RegExp* regexp(int index) const { ASSERT(m_rareData); return m_rareData->m_regexps[index].get(); }
 
-        JSGlobalObject* globalObject() { return m_globalObject; }
+        JSGlobalObject* globalObject() { return m_globalObject.get(); }
 
         // Jump Tables
 
index 78c373a..0964344 100644 (file)
@@ -251,7 +251,7 @@ BytecodeGenerator::BytecodeGenerator(ProgramNode* programNode, const ScopeChain&
     for (SymbolTable::iterator it = symbolTable->begin(); it != end; ++it)
         registerFor(it->second.getIndex()).setIndex(it->second.getIndex() + m_globalVarStorageOffset);
         
-    BatchedTransitionOptimizer optimizer(globalObject);
+    BatchedTransitionOptimizer optimizer(*m_globalData, globalObject);
 
     const VarStack& varStack = programNode->varStack();
     const FunctionStack& functionStack = programNode->functionStack();
@@ -903,7 +903,7 @@ PassRefPtr<Label> BytecodeGenerator::emitJumpIfNotFunctionCall(RegisterID* cond,
 
     emitOpcode(op_jneq_ptr);
     instructions().append(cond->index());
-    instructions().append(m_scopeChain->globalObject()->d()->callFunction);
+    instructions().append(m_scopeChain->globalObject()->d()->callFunction.get());
     instructions().append(target->bind(begin, instructions().size()));
     return target;
 }
@@ -914,7 +914,7 @@ PassRefPtr<Label> BytecodeGenerator::emitJumpIfNotFunctionApply(RegisterID* cond
 
     emitOpcode(op_jneq_ptr);
     instructions().append(cond->index());
-    instructions().append(m_scopeChain->globalObject()->d()->applyFunction);
+    instructions().append(m_scopeChain->globalObject()->d()->applyFunction.get());
     instructions().append(target->bind(begin, instructions().size()));
     return target;
 }
@@ -1117,7 +1117,7 @@ bool BytecodeGenerator::findScopedProperty(const Identifier& property, int& inde
 
         if (shouldOptimizeLocals() && m_codeType == GlobalCode) {
             ScopeChainIterator iter = m_scopeChain->begin();
-            globalObject = *iter;
+            globalObject = iter->get();
             ASSERT((++iter) == m_scopeChain->end());
         }
         return false;
@@ -1128,7 +1128,7 @@ bool BytecodeGenerator::findScopedProperty(const Identifier& property, int& inde
     ScopeChainIterator iter = m_scopeChain->begin();
     ScopeChainIterator end = m_scopeChain->end();
     for (; iter != end; ++iter, ++depth) {
-        JSObject* currentScope = *iter;
+        JSObject* currentScope = iter->get();
         if (!currentScope->isVariableObject())
             break;
         JSVariableObject* currentVariableObject = static_cast<JSVariableObject*>(currentScope);
@@ -1157,7 +1157,7 @@ bool BytecodeGenerator::findScopedProperty(const Identifier& property, int& inde
     // Can't locate the property but we're able to avoid a few lookups.
     stackDepth = depth + m_codeBlock->needsFullScopeChain();
     index = missingSymbolMarker();
-    JSObject* scope = *iter;
+    JSObject* scope = iter->get();
     if (++iter == end)
         globalObject = scope;
     return true;
index 23b9361..e21d61d 100644 (file)
@@ -109,7 +109,7 @@ JSValue evaluateInGlobalCallFrame(const UString& script, JSValue& exception, JSG
     JSGlobalData& globalData = globalObject->globalData();
     JSValue result = globalData.interpreter->execute(eval.get(), globalCallFrame, globalObject, globalCallFrame->scopeChain());
     if (globalData.exception) {
-        exception = globalData.exception;
+        exception = globalData.exception.get();
         globalData.exception = JSValue();
     }
     ASSERT(result);
index 0444d23..fcd257c 100644 (file)
 
 namespace JSC {
 
-DebuggerActivation::DebuggerActivation(JSObject* activation)
+DebuggerActivation::DebuggerActivation(JSGlobalData& globalData, JSObject* activation)
     : JSObject(DebuggerActivation::createStructure(jsNull()))
 {
     ASSERT(activation);
     ASSERT(activation->isActivationObject());
-    m_activation = static_cast<JSActivation*>(activation);
+    m_activation.set(globalData, this, static_cast<JSActivation*>(activation));
 }
 
 void DebuggerActivation::markChildren(MarkStack& markStack)
@@ -43,7 +43,7 @@ void DebuggerActivation::markChildren(MarkStack& markStack)
     JSObject::markChildren(markStack);
 
     if (m_activation)
-        markStack.append(m_activation);
+        markStack.append(&m_activation);
 }
 
 UString DebuggerActivation::className() const
index 3927017..b64060d 100644 (file)
@@ -34,7 +34,7 @@ namespace JSC {
 
     class DebuggerActivation : public JSObject {
     public:
-        DebuggerActivation(JSObject*);
+        DebuggerActivation(JSGlobalData&, JSObject*);
 
         virtual void markChildren(MarkStack&);
         virtual UString className() const;
@@ -58,7 +58,7 @@ namespace JSC {
         static const unsigned StructureFlags = OverridesGetOwnPropertySlot | OverridesMarkChildren | JSObject::StructureFlags;
 
     private:
-        JSActivation* m_activation;
+        WriteBarrier<JSActivation> m_activation;
     };
 
 } // namespace JSC
index ed673cb..cb4592c 100644 (file)
@@ -96,7 +96,7 @@ JSValue DebuggerCallFrame::evaluate(const UString& script, JSValue& exception) c
     JSGlobalData& globalData = m_callFrame->globalData();
     JSValue result = globalData.interpreter->execute(eval.get(), m_callFrame, thisObject(), m_callFrame->scopeChain());
     if (globalData.exception) {
-        exception = globalData.exception;
+        exception = globalData.exception.get();
         globalData.exception = JSValue();
     }
     ASSERT(result);
index 2797ef3..190a7c1 100644 (file)
@@ -75,7 +75,7 @@ namespace JSC  {
         // But they're used in many places in legacy code, so they're not going away any time soon.
 
         void clearException() { globalData().exception = JSValue(); }
-        JSValue exception() const { return globalData().exception; }
+        JSValue exception() const { return globalData().exception.get(); }
         bool hadException() const { return globalData().exception; }
 
         const CommonIdentifiers& propertyNames() const { return *globalData().propertyNames; }
index 392e8b8..dcad583 100644 (file)
@@ -103,11 +103,11 @@ NEVER_INLINE bool Interpreter::resolve(CallFrame* callFrame, Instruction* vPC, J
     CodeBlock* codeBlock = callFrame->codeBlock();
     Identifier& ident = codeBlock->identifier(property);
     do {
-        JSObject* o = *iter;
+        JSObject* o = iter->get();
         PropertySlot slot(o);
         if (o->getPropertySlot(callFrame, ident, slot)) {
             JSValue result = slot.getValue(callFrame, ident);
-            exceptionValue = callFrame->globalData().exception;
+            exceptionValue = callFrame->globalData().exception.get();
             if (exceptionValue)
                 return false;
             callFrame->uncheckedR(dst) = JSValue(result);
@@ -142,11 +142,11 @@ NEVER_INLINE bool Interpreter::resolveSkip(CallFrame* callFrame, Instruction* vP
     }
     Identifier& ident = codeBlock->identifier(property);
     do {
-        JSObject* o = *iter;
+        JSObject* o = iter->get();
         PropertySlot slot(o);
         if (o->getPropertySlot(callFrame, ident, slot)) {
             JSValue result = slot.getValue(callFrame, ident);
-            exceptionValue = callFrame->globalData().exception;
+            exceptionValue = callFrame->globalData().exception.get();
             if (exceptionValue)
                 return false;
             ASSERT(result);
@@ -187,7 +187,7 @@ NEVER_INLINE bool Interpreter::resolveGlobal(CallFrame* callFrame, Instruction*
             return true;
         }
 
-        exceptionValue = callFrame->globalData().exception;
+        exceptionValue = callFrame->globalData().exception.get();
         if (exceptionValue)
             return false;
         callFrame->uncheckedR(dst) = JSValue(result);
@@ -220,14 +220,14 @@ NEVER_INLINE bool Interpreter::resolveGlobalDynamic(CallFrame* callFrame, Instru
             ++iter;
     }
     while (skip--) {
-        JSObject* o = *iter;
+        JSObject* o = iter->get();
         if (o->hasCustomProperties()) {
             Identifier& ident = codeBlock->identifier(property);
             do {
                 PropertySlot slot(o);
                 if (o->getPropertySlot(callFrame, ident, slot)) {
                     JSValue result = slot.getValue(callFrame, ident);
-                    exceptionValue = callFrame->globalData().exception;
+                    exceptionValue = callFrame->globalData().exception.get();
                     if (exceptionValue)
                         return false;
                     ASSERT(result);
@@ -236,7 +236,7 @@ NEVER_INLINE bool Interpreter::resolveGlobalDynamic(CallFrame* callFrame, Instru
                 }
                 if (iter == end)
                     break;
-                o = *iter;
+                o = iter->get();
                 ++iter;
             } while (true);
             exceptionValue = createUndefinedVariableError(callFrame, ident);
@@ -266,7 +266,7 @@ NEVER_INLINE bool Interpreter::resolveGlobalDynamic(CallFrame* callFrame, Instru
             return true;
         }
         
-        exceptionValue = callFrame->globalData().exception;
+        exceptionValue = callFrame->globalData().exception.get();
         if (exceptionValue)
             return false;
         ASSERT(result);
@@ -310,11 +310,11 @@ NEVER_INLINE bool Interpreter::resolveBaseAndProperty(CallFrame* callFrame, Inst
     Identifier& ident = codeBlock->identifier(property);
     JSObject* base;
     do {
-        base = *iter;
+        base = iter->get();
         PropertySlot slot(base);
         if (base->getPropertySlot(callFrame, ident, slot)) {
             JSValue result = slot.getValue(callFrame, ident);
-            exceptionValue = callFrame->globalData().exception;
+            exceptionValue = callFrame->globalData().exception.get();
             if (exceptionValue)
                 return false;
             callFrame->uncheckedR(propDst) = JSValue(result);
@@ -566,11 +566,11 @@ NEVER_INLINE bool Interpreter::unwindCallFrame(CallFrame*& callFrame, JSValue ex
         }
         while (!scopeChain->object->inherits(&JSActivation::info))
             scopeChain = scopeChain->pop();
-        JSActivation* activation = asActivation(scopeChain->object);
+        JSActivation* activation = asActivation(scopeChain->object.get());
         activation->copyRegisters();
         if (JSValue arguments = callFrame->uncheckedR(unmodifiedArgumentsRegister(oldCodeBlock->argumentsRegister())).jsValue()) {
             if (!oldCodeBlock->isStrictMode())
-                asArguments(arguments)->setActivation(activation);
+                asArguments(arguments)->setActivation(callFrame->globalData(), activation);
         }
     } else if (oldCodeBlock->usesArguments() && !oldCodeBlock->isStrictMode()) {
         if (JSValue arguments = callFrame->uncheckedR(unmodifiedArgumentsRegister(oldCodeBlock->argumentsRegister())).jsValue())
@@ -648,7 +648,7 @@ static void appendSourceToError(CallFrame* callFrame, ErrorInstance* exception,
         message = makeUString(message, " (near '...", codeBlock->source()->getRange(start, stop), "...')");
     }
 
-    exception->putDirect(globalData->propertyNames->message, jsString(globalData, message));
+    exception->putDirect(*globalData, globalData->propertyNames->message, jsString(globalData, message));
 }
 
 NEVER_INLINE HandlerInfo* Interpreter::throwException(CallFrame*& callFrame, JSValue& exceptionValue, unsigned bytecodeOffset)
@@ -1085,7 +1085,7 @@ JSValue Interpreter::execute(EvalExecutable* eval, CallFrame* callFrame, JSObjec
     for (ScopeChainNode* node = scopeChain; ; node = node->next) {
         ASSERT(node);
         if (node->object->isVariableObject()) {
-            variableObject = static_cast<JSVariableObject*>(node->object);
+            variableObject = static_cast<JSVariableObject*>(node->object.get());
             break;
         }
     }
@@ -1100,7 +1100,7 @@ JSValue Interpreter::execute(EvalExecutable* eval, CallFrame* callFrame, JSObjec
             pushedScope = true;
         }
         // Scope for BatchedTransitionOptimizer
-        BatchedTransitionOptimizer optimizer(variableObject);
+        BatchedTransitionOptimizer optimizer(callFrame->globalData(), variableObject);
 
         for (unsigned i = 0; i < numVariables; ++i) {
             const Identifier& ident = codeBlock->variable(i);
@@ -1371,7 +1371,7 @@ NEVER_INLINE void Interpreter::tryCacheGetByID(CallFrame* callFrame, CodeBlock*
         // Since we're accessing a prototype in a loop, it's a good bet that it
         // should not be treated as a dictionary.
         if (baseObject->structure()->isDictionary()) {
-            baseObject->flattenDictionaryObject();
+            baseObject->flattenDictionaryObject(callFrame->globalData());
             offset = baseObject->structure()->get(propertyName);
         }
 
@@ -1475,8 +1475,8 @@ JSValue Interpreter::privateExecute(ExecutionFlag flag, RegisterFile* registerFi
 
 #define CHECK_FOR_EXCEPTION() \
     do { \
-        if (UNLIKELY(globalData->exception != JSValue())) { \
-            exceptionValue = globalData->exception; \
+        if (UNLIKELY(globalData->exception.get() != JSValue())) { \
+            exceptionValue = globalData->exception.get(); \
             goto vm_throw; \
         } \
     } while (0)
@@ -2408,7 +2408,7 @@ JSValue Interpreter::privateExecute(ExecutionFlag flag, RegisterFile* registerFi
             ASSERT(iter != end);
         }
         ASSERT((*iter)->isVariableObject());
-        JSVariableObject* scope = static_cast<JSVariableObject*>(*iter);
+        JSVariableObject* scope = static_cast<JSVariableObject*>(iter->get());
         callFrame->uncheckedR(dst) = scope->registerAt(index);
         ASSERT(callFrame->r(dst).jsValue());
         vPC += OPCODE_LENGTH(op_get_scoped_var);
@@ -2439,7 +2439,7 @@ JSValue Interpreter::privateExecute(ExecutionFlag flag, RegisterFile* registerFi
         }
 
         ASSERT((*iter)->isVariableObject());
-        JSVariableObject* scope = static_cast<JSVariableObject*>(*iter);
+        JSVariableObject* scope = static_cast<JSVariableObject*>(iter->get());
         ASSERT(callFrame->r(value).jsValue());
         scope->registerAt(index) = JSValue(callFrame->r(value).jsValue());
         vPC += OPCODE_LENGTH(op_put_scoped_var);
@@ -3080,7 +3080,7 @@ skip_id_custom_self:
                 int value = vPC[3].u.operand;
                 unsigned offset = vPC[7].u.operand;
                 ASSERT(baseObject->offsetForLocation(baseObject->getDirectLocation(codeBlock->identifier(vPC[2].u.operand))) == offset);
-                baseObject->putDirectOffset(offset, callFrame->r(value).jsValue());
+                baseObject->putDirectOffset(callFrame->globalData(), offset, callFrame->r(value).jsValue());
 
                 vPC += OPCODE_LENGTH(op_put_by_id_transition);
                 NEXT_INSTRUCTION();
@@ -3115,7 +3115,7 @@ skip_id_custom_self:
                 unsigned offset = vPC[5].u.operand;
                 
                 ASSERT(baseObject->offsetForLocation(baseObject->getDirectLocation(codeBlock->identifier(vPC[2].u.operand))) == offset);
-                baseObject->putDirectOffset(offset, callFrame->r(value).jsValue());
+                baseObject->putDirectOffset(callFrame->globalData(), offset, callFrame->r(value).jsValue());
 
                 vPC += OPCODE_LENGTH(op_put_by_id_replace);
                 NEXT_INSTRUCTION();
@@ -3309,7 +3309,7 @@ skip_id_custom_self:
             if (isJSArray(globalData, baseValue)) {
                 JSArray* jsArray = asArray(baseValue);
                 if (jsArray->canSetIndex(i))
-                    jsArray->setIndex(i, callFrame->r(value).jsValue());
+                    jsArray->setIndex(*globalData, i, callFrame->r(value).jsValue());
                 else
                     jsArray->JSArray::put(callFrame, i, callFrame->r(value).jsValue());
             } else if (isJSByteArray(globalData, baseValue) && asByteArray(baseValue)->canAccessIndex(i)) {
@@ -3835,7 +3835,7 @@ skip_id_custom_self:
 
         if (thisValue == globalObject && funcVal == globalObject->evalFunction()) {
             JSValue result = callEval(callFrame, registerFile, argv, argCount, registerOffset);
-            if ((exceptionValue = globalData->exception))
+            if ((exceptionValue = globalData->exception.get()))
                 goto vm_throw;
             functionReturnValue = result;
 
@@ -4103,7 +4103,7 @@ skip_id_custom_self:
 
             if (JSValue argumentsValue = callFrame->r(unmodifiedArgumentsRegister(arguments)).jsValue()) {
                 if (!codeBlock->isStrictMode())
-                    asArguments(argumentsValue)->setActivation(asActivation(activationValue));
+                    asArguments(argumentsValue)->setActivation(*globalData, asActivation(activationValue));
             }
         } else if (JSValue argumentsValue = callFrame->r(unmodifiedArgumentsRegister(arguments)).jsValue()) {
             if (!codeBlock->isStrictMode())
index f521aa5..74f505f 100644 (file)
@@ -845,7 +845,7 @@ NEVER_INLINE void JITThunks::tryCacheGetByID(CallFrame* callFrame, CodeBlock* co
         // Since we're accessing a prototype in a loop, it's a good bet that it
         // should not be treated as a dictionary.
         if (slotBaseObject->structure()->isDictionary()) {
-            slotBaseObject->flattenDictionaryObject();
+            slotBaseObject->flattenDictionaryObject(callFrame->globalData());
             offset = slotBaseObject->structure()->get(propertyName);
         }
         
@@ -942,17 +942,17 @@ static NEVER_INLINE void throwStackOverflowError(CallFrame* callFrame, JSGlobalD
 
 #define CHECK_FOR_EXCEPTION() \
     do { \
-        if (UNLIKELY(stackFrame.globalData->exception)) \
+        if (UNLIKELY(stackFrame.globalData->exception.get())) \
             VM_THROW_EXCEPTION(); \
     } while (0)
 #define CHECK_FOR_EXCEPTION_AT_END() \
     do { \
-        if (UNLIKELY(stackFrame.globalData->exception)) \
+        if (UNLIKELY(stackFrame.globalData->exception.get())) \
             VM_THROW_EXCEPTION_AT_END(); \
     } while (0)
 #define CHECK_FOR_EXCEPTION_VOID() \
     do { \
-        if (UNLIKELY(stackFrame.globalData->exception)) { \
+        if (UNLIKELY(stackFrame.globalData->exception.get())) { \
             VM_THROW_EXCEPTION_AT_END(); \
             return; \
         } \
@@ -1466,7 +1466,7 @@ DEFINE_STUB_FUNCTION(EncodedJSValue, op_get_by_id_method_check)
         // Since we're accessing a prototype in a loop, it's a good bet that it
         // should not be treated as a dictionary.
         if (slotBaseObject->structure()->isDictionary())
-            slotBaseObject->flattenDictionaryObject();
+            slotBaseObject->flattenDictionaryObject(callFrame->globalData());
 
         // The result fetched should always be the callee!
         ASSERT(result == JSValue(callee));
@@ -1656,7 +1656,7 @@ DEFINE_STUB_FUNCTION(EncodedJSValue, op_get_by_id_proto_list)
         // Since we're accessing a prototype in a loop, it's a good bet that it
         // should not be treated as a dictionary.
         if (slotBaseObject->structure()->isDictionary()) {
-            slotBaseObject->flattenDictionaryObject();
+            slotBaseObject->flattenDictionaryObject(callFrame->globalData());
             offset = slotBaseObject->structure()->get(propertyName);
         }
 
@@ -2147,7 +2147,7 @@ DEFINE_STUB_FUNCTION(void, op_tear_off_activation)
     activation->copyRegisters();
     if (JSValue v = stackFrame.args[1].jsValue()) {
         if (!stackFrame.callFrame->codeBlock()->isStrictMode())
-            asArguments(v)->setActivation(activation);
+            asArguments(v)->setActivation(*stackFrame.globalData, activation);
     }
 }
 
@@ -2204,7 +2204,7 @@ DEFINE_STUB_FUNCTION(EncodedJSValue, op_resolve)
 
     Identifier& ident = stackFrame.args[0].identifier();
     do {
-        JSObject* o = *iter;
+        JSObject* o = iter->get();
         PropertySlot slot(o);
         if (o->getPropertySlot(callFrame, ident, slot)) {
             JSValue result = slot.getValue(callFrame, ident);
@@ -2397,7 +2397,7 @@ DEFINE_STUB_FUNCTION(void, op_put_by_val)
         if (isJSArray(globalData, baseValue)) {
             JSArray* jsArray = asArray(baseValue);
             if (jsArray->canSetIndex(i))
-                jsArray->setIndex(i, value);
+                jsArray->setIndex(*globalData, i, value);
             else
                 jsArray->JSArray::put(callFrame, i, value);
         } else if (isJSByteArray(globalData, baseValue) && asByteArray(baseValue)->canAccessIndex(i)) {
@@ -2645,7 +2645,7 @@ DEFINE_STUB_FUNCTION(EncodedJSValue, op_resolve_skip)
     }
     Identifier& ident = stackFrame.args[0].identifier();
     do {
-        JSObject* o = *iter;
+        JSObject* o = iter->get();
         PropertySlot slot(o);
         if (o->getPropertySlot(callFrame, ident, slot)) {
             JSValue result = slot.getValue(callFrame, ident);
@@ -2974,7 +2974,7 @@ DEFINE_STUB_FUNCTION(EncodedJSValue, op_resolve_with_base)
     Identifier& ident = stackFrame.args[0].identifier();
     JSObject* base;
     do {
-        base = *iter;
+        base = iter->get();
         PropertySlot slot(base);
         if (base->getPropertySlot(callFrame, ident, slot)) {
             JSValue result = slot.getValue(callFrame, ident);
@@ -3480,7 +3480,7 @@ DEFINE_STUB_FUNCTION(void*, vm_throw)
 {
     STUB_INIT_STACK_FRAME(stackFrame);
     JSGlobalData* globalData = stackFrame.globalData;
-    ExceptionHandler handler = jitThrow(globalData, stackFrame.callFrame, globalData->exception, globalData->exceptionLocation);
+    ExceptionHandler handler = jitThrow(globalData, stackFrame.callFrame, globalData->exception.get(), globalData->exceptionLocation);
     STUB_SET_RETURN_ADDRESS(handler.catchRoutine);
     return handler.callFrame;
 }
index dd4b677..912b51a 100644 (file)
@@ -169,7 +169,7 @@ GlobalObject::GlobalObject(const Vector<UString>& arguments)
     JSObject* array = constructEmptyArray(globalExec());
     for (size_t i = 0; i < arguments.size(); ++i)
         array->put(globalExec(), i, jsString(globalExec(), arguments[i]));
-    putDirect(Identifier(globalExec(), "arguments"), array);
+    putDirect(globalExec()->globalData(), Identifier(globalExec(), "arguments"), array);
 }
 
 EncodedJSValue JSC_HOST_CALL functionPrint(ExecState* exec)
index ab2b5d7..a862ea0 100644 (file)
@@ -42,7 +42,7 @@ void MarkedArgumentBuffer::markLists(MarkStack& markStack, ListSet& markSet)
     ListSet::iterator end = markSet.end();
     for (ListSet::iterator it = markSet.begin(); it != end; ++it) {
         MarkedArgumentBuffer* list = *it;
-        markStack.appendValues(reinterpret_cast<JSValue*>(list->m_buffer), list->m_size);
+        markStack.deprecatedAppendValues(list->m_buffer, list->m_size);
     }
 }
 
index 39886a8..f6afec7 100644 (file)
@@ -48,17 +48,17 @@ void Arguments::markChildren(MarkStack& markStack)
     JSObject::markChildren(markStack);
 
     if (d->registerArray)
-        markStack.appendValues(reinterpret_cast<JSValue*>(d->registerArray.get()), d->numParameters);
+        markStack.deprecatedAppendValues(d->registerArray.get(), d->numParameters);
 
     if (d->extraArguments) {
         unsigned numExtraArguments = d->numArguments - d->numParameters;
-        markStack.appendValues(reinterpret_cast<JSValue*>(d->extraArguments), numExtraArguments);
+        markStack.deprecatedAppendValues(d->extraArguments, numExtraArguments);
     }
 
-    markStack.append(d->callee);
+    markStack.append(&d->callee);
 
     if (d->activation)
-        markStack.append(d->activation);
+        markStack.append(&d->activation);
 }
 
 void Arguments::copyToRegisters(ExecState* exec, Register* buffer, uint32_t maxSize)
@@ -197,7 +197,7 @@ bool Arguments::getOwnPropertySlot(ExecState* exec, const Identifier& propertyNa
 
     if (propertyName == exec->propertyNames().callee && LIKELY(!d->overrodeCallee)) {
         if (!d->isStrictMode) {
-            slot.setValue(d->callee);
+            slot.setValue(d->callee.get());
             return true;
         }
         createStrictModeCalleeIfNecessary(exec);
@@ -228,7 +228,7 @@ bool Arguments::getOwnPropertyDescriptor(ExecState* exec, const Identifier& prop
     
     if (propertyName == exec->propertyNames().callee && LIKELY(!d->overrodeCallee)) {
         if (!d->isStrictMode) {
-            descriptor.setDescriptor(d->callee, DontEnum);
+            descriptor.setDescriptor(d->callee.get(), DontEnum);
             return true;
         }
         createStrictModeCalleeIfNecessary(exec);
@@ -280,14 +280,14 @@ void Arguments::put(ExecState* exec, const Identifier& propertyName, JSValue val
 
     if (propertyName == exec->propertyNames().length && !d->overrodeLength) {
         d->overrodeLength = true;
-        putDirect(propertyName, value, DontEnum);
+        putDirect(exec->globalData(), propertyName, value, DontEnum);
         return;
     }
 
     if (propertyName == exec->propertyNames().callee && !d->overrodeCallee) {
         if (!d->isStrictMode) {
             d->overrodeCallee = true;
-            putDirect(propertyName, value, DontEnum);
+            putDirect(exec->globalData(), propertyName, value, DontEnum);
             return;
         }
         createStrictModeCalleeIfNecessary(exec);
index fe900a2..a3d7fe4 100644 (file)
@@ -37,7 +37,7 @@ namespace JSC {
         WTF_MAKE_NONCOPYABLE(ArgumentsData); WTF_MAKE_FAST_ALLOCATED;
     public:
         ArgumentsData() { }
-        JSActivation* activation;
+        WriteBarrier<JSActivation> activation;
 
         unsigned numParameters;
         ptrdiff_t firstParameterIndex;
@@ -50,7 +50,7 @@ namespace JSC {
         OwnArrayPtr<bool> deletedArguments;
         Register extraArgumentsFixedBuffer[4];
 
-        JSFunction* callee;
+        WriteBarrier<JSFunction> callee;
         bool overrodeLength : 1;
         bool overrodeCallee : 1;
         bool overrodeCaller : 1;
@@ -86,9 +86,9 @@ namespace JSC {
         void copyToRegisters(ExecState* exec, Register* buffer, uint32_t maxSize);
         void copyRegisters();
         bool isTornOff() const { return d->registerArray; }
-        void setActivation(JSActivation* activation)
+        void setActivation(JSGlobalData& globalData, JSActivation* activation)
         {
-            d->activation = activation;
+            d->activation.set(globalData, this, activation);
             d->registers = &activation->registerAt(0);
         }
 
@@ -158,7 +158,6 @@ namespace JSC {
         d->firstParameterIndex = firstParameterIndex;
         d->numArguments = numArguments;
 
-        d->activation = 0;
         d->registers = callFrame->registers();
 
         Register* extraArguments;
@@ -176,7 +175,7 @@ namespace JSC {
 
         d->extraArguments = extraArguments;
 
-        d->callee = callee;
+        d->callee.set(callFrame->globalData(), this, callee);
         d->overrodeLength = false;
         d->overrodeCallee = false;
         d->overrodeCaller = false;
@@ -195,7 +194,6 @@ namespace JSC {
 
         d->numParameters = 0;
         d->numArguments = numArguments;
-        d->activation = 0;
 
         Register* extraArguments;
         if (numArguments > sizeof(d->extraArgumentsFixedBuffer) / sizeof(Register))
@@ -209,7 +207,7 @@ namespace JSC {
 
         d->extraArguments = extraArguments;
 
-        d->callee = asFunction(callFrame->callee());
+        d->callee.set(callFrame->globalData(), this, asFunction(callFrame->callee()));
         d->overrodeLength = false;
         d->overrodeCallee = false;
         d->overrodeCaller = false;
index 632d466..5d0adbd 100644 (file)
@@ -42,10 +42,10 @@ ArrayConstructor::ArrayConstructor(ExecState* exec, JSGlobalObject* globalObject
     : InternalFunction(&exec->globalData(), globalObject, structure, Identifier(exec, arrayPrototype->classInfo()->className))
 {
     // ECMA 15.4.3.1 Array.prototype
-    putDirectWithoutTransition(exec->propertyNames().prototype, arrayPrototype, DontEnum | DontDelete | ReadOnly);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().prototype, arrayPrototype, DontEnum | DontDelete | ReadOnly);
 
     // no. of arguments for constructor
-    putDirectWithoutTransition(exec->propertyNames().length, jsNumber(1), ReadOnly | DontEnum | DontDelete);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().length, jsNumber(1), ReadOnly | DontEnum | DontDelete);
 
     // ES5
     putDirectFunctionWithoutTransition(exec, new (exec) NativeFunctionWrapper(exec, globalObject, prototypeFunctionStructure, 1, exec->propertyNames().isArray, arrayConstructorIsArray), DontEnum);
@@ -62,7 +62,7 @@ static inline JSObject* constructArrayWithSizeQuirk(ExecState* exec, const ArgLi
     }
 
     // otherwise the array is constructed with the arguments in it
-    return new (exec) JSArray(exec->lexicalGlobalObject()->arrayStructure(), args);
+    return new (exec) JSArray(exec->globalData(), exec->lexicalGlobalObject()->arrayStructure(), args);
 }
 
 static EncodedJSValue JSC_HOST_CALL constructWithArrayConstructor(ExecState* exec)
index 7615ffc..273d450 100644 (file)
@@ -545,9 +545,9 @@ EncodedJSValue JSC_HOST_CALL arrayProtoFuncSplice(ExecState* exec)
 
     JSArray* resObj = new (exec) JSArray(exec->lexicalGlobalObject()->arrayStructure(), deleteCount, CreateCompact);
     JSValue result = resObj;
-
+    JSGlobalData& globalData = exec->globalData();
     for (unsigned k = 0; k < deleteCount; k++)
-        resObj->uncheckedSetIndex(k, getProperty(exec, thisObj, k + begin));
+        resObj->uncheckedSetIndex(globalData, k, getProperty(exec, thisObj, k + begin));
 
     resObj->setLength(deleteCount);
 
index db2d1d7..0f6a646 100644 (file)
@@ -34,8 +34,9 @@ namespace JSC {
     class BatchedTransitionOptimizer {
         WTF_MAKE_NONCOPYABLE(BatchedTransitionOptimizer);
     public:
-        BatchedTransitionOptimizer(JSObject* object)
-            : m_object(object)
+        BatchedTransitionOptimizer(JSGlobalData& globalData, JSObject* object)
+            : m_globalData(&globalData)
+            , m_object(object)
         {
             if (!m_object->structure()->isDictionary())
                 m_object->setStructure(Structure::toCacheableDictionaryTransition(m_object->structure()));
@@ -43,10 +44,11 @@ namespace JSC {
 
         ~BatchedTransitionOptimizer()
         {
-            m_object->flattenDictionaryObject();
+            m_object->flattenDictionaryObject(*m_globalData);
         }
 
     private:
+        JSGlobalData* m_globalData;
         JSObject* m_object;
     };
 
index 0167e03..c36be82 100644 (file)
@@ -31,17 +31,17 @@ ASSERT_CLASS_FITS_IN_CELL(BooleanConstructor);
 BooleanConstructor::BooleanConstructor(ExecState* exec, JSGlobalObject* globalObject, NonNullPassRefPtr<Structure> structure, BooleanPrototype* booleanPrototype)
     : InternalFunction(&exec->globalData(), globalObject, structure, Identifier(exec, booleanPrototype->classInfo()->className))
 {
-    putDirectWithoutTransition(exec->propertyNames().prototype, booleanPrototype, DontEnum | DontDelete | ReadOnly);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().prototype, booleanPrototype, DontEnum | DontDelete | ReadOnly);
 
     // no. of arguments for constructor
-    putDirectWithoutTransition(exec->propertyNames().length, jsNumber(1), ReadOnly | DontDelete | DontEnum);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().length, jsNumber(1), ReadOnly | DontDelete | DontEnum);
 }
 
 // ECMA 15.6.2
 JSObject* constructBoolean(ExecState* exec, const ArgList& args)
 {
     BooleanObject* obj = new (exec) BooleanObject(exec->lexicalGlobalObject()->booleanObjectStructure());
-    obj->setInternalValue(jsBoolean(args.at(0).toBoolean(exec)));
+    obj->setInternalValue(exec->globalData(), jsBoolean(args.at(0).toBoolean(exec)));
     return obj;
 }
 
@@ -72,7 +72,7 @@ CallType BooleanConstructor::getCallData(CallData& callData)
 JSObject* constructBooleanFromImmediateBoolean(ExecState* exec, JSValue immediateBooleanValue)
 {
     BooleanObject* obj = new (exec) BooleanObject(exec->lexicalGlobalObject()->booleanObjectStructure());
-    obj->setInternalValue(immediateBooleanValue);
+    obj->setInternalValue(exec->globalData(), immediateBooleanValue);
     return obj;
 }
 
index 7ffd095..731456e 100644 (file)
@@ -41,7 +41,7 @@ static EncodedJSValue JSC_HOST_CALL booleanProtoFuncValueOf(ExecState*);
 BooleanPrototype::BooleanPrototype(ExecState* exec, JSGlobalObject* globalObject, NonNullPassRefPtr<Structure> structure, Structure* prototypeFunctionStructure)
     : BooleanObject(structure)
 {
-    setInternalValue(jsBoolean(false));
+    setInternalValue(exec->globalData(), jsBoolean(false));
 
     putDirectFunctionWithoutTransition(exec, new (exec) NativeFunctionWrapper(exec, globalObject, prototypeFunctionStructure, 0, exec->propertyNames().toString, booleanProtoFuncToString), DontEnum);
     putDirectFunctionWithoutTransition(exec, new (exec) NativeFunctionWrapper(exec, globalObject, prototypeFunctionStructure, 0, exec->propertyNames().valueOf, booleanProtoFuncValueOf), DontEnum);
index 930fe4a..bc8bd6d 100644 (file)
@@ -36,7 +36,7 @@ inline bool isPointerAligned(void* p)
 void ConservativeSet::grow()
 {
     size_t newCapacity = m_capacity == inlineCapacity ? nonInlineCapacity : m_capacity * 2;
-    JSCell** newSet = static_cast<JSCell**>(OSAllocator::reserveAndCommit(newCapacity * sizeof(JSCell*)));
+    DeprecatedPtr<JSCell>* newSet = static_cast<DeprecatedPtr<JSCell>*>(OSAllocator::reserveAndCommit(newCapacity * sizeof(JSCell*)));
     memcpy(newSet, m_set, m_size * sizeof(JSCell*));
     if (m_set != m_inlineSet)
         OSAllocator::decommitAndRelease(m_set, m_capacity * sizeof(JSCell*));
index 276be89..e7c2c4a 100644 (file)
@@ -49,10 +49,10 @@ private:
     void grow();
 
     Heap* m_heap;
-    JSCell** m_set;
+    DeprecatedPtr<JSCell>* m_set;
     size_t m_size;
     size_t m_capacity;
-    JSCell* m_inlineSet[inlineCapacity];
+    DeprecatedPtr<JSCell> m_inlineSet[inlineCapacity];
 };
 
 inline ConservativeSet::ConservativeSet(Heap* heap)
@@ -66,13 +66,13 @@ inline ConservativeSet::ConservativeSet(Heap* heap)
 inline ConservativeSet::~ConservativeSet()
 {
     if (m_set != m_inlineSet)
-        OSAllocator::decommitAndRelease(m_set, m_capacity * sizeof(JSCell*));
+        OSAllocator::decommitAndRelease(m_set, m_capacity * sizeof(DeprecatedPtr<JSCell>*));
 }
 
 inline void ConservativeSet::mark(MarkStack& markStack)
 {
     for (size_t i = 0; i < m_size; ++i)
-        markStack.append(m_set[i]);
+        markStack.append(&m_set[i]);
 }
 
 } // namespace JSC
index dcbe12d..f1f3956 100644 (file)
@@ -61,13 +61,13 @@ static EncodedJSValue JSC_HOST_CALL dateUTC(ExecState*);
 DateConstructor::DateConstructor(ExecState* exec, JSGlobalObject* globalObject, NonNullPassRefPtr<Structure> structure, Structure* prototypeFunctionStructure, DatePrototype* datePrototype)
     : InternalFunction(&exec->globalData(), globalObject, structure, Identifier(exec, datePrototype->classInfo()->className))
 {
-      putDirectWithoutTransition(exec->propertyNames().prototype, datePrototype, DontEnum|DontDelete|ReadOnly);
+      putDirectWithoutTransition(exec->globalData(), exec->propertyNames().prototype, datePrototype, DontEnum | DontDelete | ReadOnly);
 
       putDirectFunctionWithoutTransition(exec, new (exec) NativeFunctionWrapper(exec, globalObject, prototypeFunctionStructure, 1, exec->propertyNames().parse, dateParse), DontEnum);
       putDirectFunctionWithoutTransition(exec, new (exec) NativeFunctionWrapper(exec, globalObject, prototypeFunctionStructure, 7, exec->propertyNames().UTC, dateUTC), DontEnum);
       putDirectFunctionWithoutTransition(exec, new (exec) NativeFunctionWrapper(exec, globalObject, prototypeFunctionStructure, 0, exec->propertyNames().now, dateNow), DontEnum);
 
-      putDirectWithoutTransition(exec->propertyNames().length, jsNumber(7), ReadOnly | DontEnum | DontDelete);
+      putDirectWithoutTransition(exec->globalData(), exec->propertyNames().length, jsNumber(7), ReadOnly | DontEnum | DontDelete);
 }
 
 // ECMA 15.9.3
index 8562e2d..8038af5 100644 (file)
@@ -34,22 +34,22 @@ namespace JSC {
 
 const ClassInfo DateInstance::info = {"Date", 0, 0, 0};
 
-DateInstance::DateInstance(ExecState*, NonNullPassRefPtr<Structure> structure)
+DateInstance::DateInstance(ExecState* exec, NonNullPassRefPtr<Structure> structure)
     : JSWrapperObject(structure)
 {
-    setInternalValue(jsNaN());
+    setInternalValue(exec->globalData(), jsNaN());
 }
 
-DateInstance::DateInstance(ExecState*, NonNullPassRefPtr<Structure> structure, double time)
+DateInstance::DateInstance(ExecState* exec, NonNullPassRefPtr<Structure> structure, double time)
     : JSWrapperObject(structure)
 {
-    setInternalValue(jsNumber(timeClip(time)));
+    setInternalValue(exec->globalData(), jsNumber(timeClip(time)));
 }
 
 DateInstance::DateInstance(ExecState* exec, double time)
     : JSWrapperObject(exec->lexicalGlobalObject()->dateStructure())
 {
-    setInternalValue(jsNumber(timeClip(time)));
+    setInternalValue(exec->globalData(), jsNumber(timeClip(time)));
 }
 
 const GregorianDateTime* DateInstance::calculateGregorianDateTime(ExecState* exec) const
index 085cb33..94b69a8 100644 (file)
@@ -845,7 +845,7 @@ EncodedJSValue JSC_HOST_CALL dateProtoFuncSetTime(ExecState* exec)
 
     double milli = timeClip(exec->argument(0).toNumber(exec));
     JSValue result = jsNumber(milli);
-    thisDateObj->setInternalValue(result);
+    thisDateObj->setInternalValue(exec->globalData(), result);
     return JSValue::encode(result);
 }
 
@@ -860,7 +860,7 @@ static EncodedJSValue setNewValueFromTimeArgs(ExecState* exec, int numArgsToUse,
     
     if (!exec->argumentCount() || isnan(milli)) {
         JSValue result = jsNaN();
-        thisDateObj->setInternalValue(result);
+        thisDateObj->setInternalValue(exec->globalData(), result);
         return JSValue::encode(result);
     }
      
@@ -877,12 +877,12 @@ static EncodedJSValue setNewValueFromTimeArgs(ExecState* exec, int numArgsToUse,
     gregorianDateTime.copyFrom(*other);
     if (!fillStructuresUsingTimeArgs(exec, numArgsToUse, &ms, &gregorianDateTime)) {
         JSValue result = jsNaN();
-        thisDateObj->setInternalValue(result);
+        thisDateObj->setInternalValue(exec->globalData(), result);
         return JSValue::encode(result);
     } 
     
     JSValue result = jsNumber(gregorianDateTimeToMS(exec, gregorianDateTime, ms, inputIsUTC));
-    thisDateObj->setInternalValue(result);
+    thisDateObj->setInternalValue(exec->globalData(), result);
     return JSValue::encode(result);
 }
 
@@ -895,7 +895,7 @@ static EncodedJSValue setNewValueFromDateArgs(ExecState* exec, int numArgsToUse,
     DateInstance* thisDateObj = asDateInstance(thisValue);
     if (!exec->argumentCount()) {
         JSValue result = jsNaN();
-        thisDateObj->setInternalValue(result);
+        thisDateObj->setInternalValue(exec->globalData(), result);
         return JSValue::encode(result);
     }      
     
@@ -917,12 +917,12 @@ static EncodedJSValue setNewValueFromDateArgs(ExecState* exec, int numArgsToUse,
     
     if (!fillStructuresUsingDateArgs(exec, numArgsToUse, &ms, &gregorianDateTime)) {
         JSValue result = jsNaN();
-        thisDateObj->setInternalValue(result);
+        thisDateObj->setInternalValue(exec->globalData(), result);
         return JSValue::encode(result);
     } 
            
     JSValue result = jsNumber(gregorianDateTimeToMS(exec, gregorianDateTime, ms, inputIsUTC));
-    thisDateObj->setInternalValue(result);
+    thisDateObj->setInternalValue(exec->globalData(), result);
     return JSValue::encode(result);
 }
 
@@ -1019,7 +1019,7 @@ EncodedJSValue JSC_HOST_CALL dateProtoFuncSetYear(ExecState* exec)
     DateInstance* thisDateObj = asDateInstance(thisValue);     
     if (!exec->argumentCount()) { 
         JSValue result = jsNaN();
-        thisDateObj->setInternalValue(result);
+        thisDateObj->setInternalValue(exec->globalData(), result);
         return JSValue::encode(result);
     }
     
@@ -1041,13 +1041,13 @@ EncodedJSValue JSC_HOST_CALL dateProtoFuncSetYear(ExecState* exec)
     double year = exec->argument(0).toIntegerPreserveNaN(exec);
     if (!isfinite(year)) {
         JSValue result = jsNaN();
-        thisDateObj->setInternalValue(result);
+        thisDateObj->setInternalValue(exec->globalData(), result);
         return JSValue::encode(result);
     }
             
     gregorianDateTime.year = toInt32((year > 99 || year < 0) ? year - 1900 : year);
     JSValue result = jsNumber(gregorianDateTimeToMS(exec, gregorianDateTime, ms, false));
-    thisDateObj->setInternalValue(result);
+    thisDateObj->setInternalValue(exec->globalData(), result);
     return JSValue::encode(result);
 }
 
index 4326a4d..2e53b95 100644 (file)
@@ -33,8 +33,8 @@ ErrorConstructor::ErrorConstructor(ExecState* exec, JSGlobalObject* globalObject
     : InternalFunction(&exec->globalData(), globalObject, structure, Identifier(exec, errorPrototype->classInfo()->className))
 {
     // ECMA 15.11.3.1 Error.prototype
-    putDirectWithoutTransition(exec->propertyNames().prototype, errorPrototype, DontEnum | DontDelete | ReadOnly);
-    putDirectWithoutTransition(exec->propertyNames().length, jsNumber(1), DontDelete | ReadOnly | DontEnum);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().prototype, errorPrototype, DontEnum | DontDelete | ReadOnly);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().length, jsNumber(1), DontDelete | ReadOnly | DontEnum);
 }
 
 // ECMA 15.9.3
index 0f3153c..a6208d5 100644 (file)
@@ -29,14 +29,14 @@ ErrorInstance::ErrorInstance(JSGlobalData* globalData, NonNullPassRefPtr<Structu
     : JSObject(structure)
     , m_appendSourceToMessage(false)
 {
-    putDirect(globalData->propertyNames->message, jsString(globalData, ""));
+    putDirect(*globalData, globalData->propertyNames->message, jsString(globalData, ""));
 }
 
 ErrorInstance::ErrorInstance(JSGlobalData* globalData, NonNullPassRefPtr<Structure> structure, const UString& message)
     : JSObject(structure)
     , m_appendSourceToMessage(false)
 {
-    putDirect(globalData->propertyNames->message, jsString(globalData, message));
+    putDirect(*globalData, globalData->propertyNames->message, jsString(globalData, message));
 }
 
 ErrorInstance* ErrorInstance::create(JSGlobalData* globalData, NonNullPassRefPtr<Structure> structure, const UString& message)
index d8fc829..b4e0a7c 100644 (file)
@@ -41,7 +41,7 @@ ErrorPrototype::ErrorPrototype(ExecState* exec, JSGlobalObject* globalObject, No
 {
     // The constructor will be added later in ErrorConstructor's constructor
 
-    putDirectWithoutTransition(exec->propertyNames().name, jsNontrivialString(exec, "Error"), DontEnum);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().name, jsNontrivialString(exec, "Error"), DontEnum);
     putDirectFunctionWithoutTransition(exec, new (exec) NativeFunctionWrapper(exec, globalObject, prototypeFunctionStructure, 0, exec->propertyNames().toString, errorProtoFuncToString), DontEnum);
 }
 
index 45b4802..933b11f 100644 (file)
@@ -40,10 +40,10 @@ ASSERT_CLASS_FITS_IN_CELL(FunctionConstructor);
 FunctionConstructor::FunctionConstructor(ExecState* exec, JSGlobalObject* globalObject, NonNullPassRefPtr<Structure> structure, FunctionPrototype* functionPrototype)
     : InternalFunction(&exec->globalData(), globalObject, structure, Identifier(exec, functionPrototype->classInfo()->className))
 {
-    putDirectWithoutTransition(exec->propertyNames().prototype, functionPrototype, DontEnum | DontDelete | ReadOnly);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().prototype, functionPrototype, DontEnum | DontDelete | ReadOnly);
 
     // Number of arguments for constructor
-    putDirectWithoutTransition(exec->propertyNames().length, jsNumber(1), ReadOnly | DontDelete | DontEnum);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().length, jsNumber(1), ReadOnly | DontDelete | DontEnum);
 }
 
 static EncodedJSValue JSC_HOST_CALL constructWithFunctionConstructor(ExecState* exec)
index cd7739d..e651538 100644 (file)
@@ -41,7 +41,7 @@ static EncodedJSValue JSC_HOST_CALL functionProtoFuncCall(ExecState*);
 FunctionPrototype::FunctionPrototype(ExecState* exec, JSGlobalObject* globalObject, NonNullPassRefPtr<Structure> structure)
     : InternalFunction(&exec->globalData(), globalObject, structure, exec->propertyNames().nullIdentifier)
 {
-    putDirectWithoutTransition(exec->propertyNames().length, jsNumber(0), DontDelete | ReadOnly | DontEnum);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().length, jsNumber(0), DontDelete | ReadOnly | DontEnum);
 }
 
 void FunctionPrototype::addFunctionProperties(ExecState* exec, JSGlobalObject* globalObject, Structure* prototypeFunctionStructure, NativeFunctionWrapper** callFunction, NativeFunctionWrapper** applyFunction)
index 7e54053..2b9f444 100644 (file)
@@ -33,9 +33,9 @@ void GetterSetter::markChildren(MarkStack& markStack)
     JSCell::markChildren(markStack);
 
     if (m_getter)
-        markStack.append(m_getter);
+        markStack.append(&m_getter);
     if (m_setter)
-        markStack.append(m_setter);
+        markStack.append(&m_setter);
 }
 
 bool GetterSetter::isGetterSetter() const
index e7b1938..ffab94d 100644 (file)
@@ -38,17 +38,15 @@ namespace JSC {
     public:
         GetterSetter(ExecState* exec)
             : JSCell(exec->globalData().getterSetterStructure.get())
-            , m_getter(0)
-            , m_setter(0)
         {
         }
 
         virtual void markChildren(MarkStack&);
 
-        JSObject* getter() const { return m_getter; }
-        void setGetter(JSObject* getter) { m_getter = getter; }
-        JSObject* setter() const { return m_setter; }
-        void setSetter(JSObject* setter) { m_setter = setter; }
+        JSObject* getter() const { return m_getter.get(); }
+        void setGetter(JSGlobalData& globalData, JSObject* getter) { m_getter.set(globalData, this, getter); }
+        JSObject* setter() const { return m_setter.get(); }
+        void setSetter(JSGlobalData& globalData, JSObject* setter) { m_setter.set(globalData, this, setter); }
         static PassRefPtr<Structure> createStructure(JSValue prototype)
         {
             return Structure::create(prototype, TypeInfo(GetterSetterType, OverridesMarkChildren), AnonymousSlotCount);
@@ -56,8 +54,8 @@ namespace JSC {
     private:
         virtual bool isGetterSetter() const;
 
-        JSObject* m_getter;
-        JSObject* m_setter;  
+        WriteBarrier<JSObject> m_getter;
+        WriteBarrier<JSObject> m_setter;  
     };
 
     GetterSetter* asGetterSetter(JSValue);
index 3ad4644..27207e2 100644 (file)
@@ -34,7 +34,7 @@ ASSERT_CLASS_FITS_IN_CELL(GlobalEvalFunction);
 
 GlobalEvalFunction::GlobalEvalFunction(ExecState* exec, JSGlobalObject* globalObject, NonNullPassRefPtr<Structure> structure, int len, const Identifier& name, NativeFunction function, JSGlobalObject* cachedGlobalObject)
     : PrototypeFunction(exec, globalObject, structure, len, name, function)
-    , m_cachedGlobalObject(cachedGlobalObject)
+    , m_cachedGlobalObject(exec->globalData(), this, cachedGlobalObject)
 {
     ASSERT_ARG(cachedGlobalObject, cachedGlobalObject);
 }
@@ -42,7 +42,7 @@ GlobalEvalFunction::GlobalEvalFunction(ExecState* exec, JSGlobalObject* globalOb
 void GlobalEvalFunction::markChildren(MarkStack& markStack)
 {
     PrototypeFunction::markChildren(markStack);
-    markStack.append(m_cachedGlobalObject);
+    markStack.append(&m_cachedGlobalObject);
 }
 
 } // namespace JSC
index b889ca9..13f0946 100644 (file)
@@ -33,7 +33,7 @@ namespace JSC {
     class GlobalEvalFunction : public PrototypeFunction {
     public:
         GlobalEvalFunction(ExecState*, JSGlobalObject*, NonNullPassRefPtr<Structure>, int len, const Identifier&, NativeFunction, JSGlobalObject* expectedThisObject);
-        JSGlobalObject* cachedGlobalObject() const { return m_cachedGlobalObject; }
+        JSGlobalObject* cachedGlobalObject() const { return m_cachedGlobalObject.get(); }
 
         static PassRefPtr<Structure> createStructure(JSValue prototype) 
         { 
@@ -46,7 +46,7 @@ namespace JSC {
     private:
         virtual void markChildren(MarkStack&);
 
-        JSGlobalObject* m_cachedGlobalObject;
+        WriteBarrier<JSGlobalObject> m_cachedGlobalObject;
     };
 
 } // namespace JSC
index 9ec3799..2374448 100644 (file)
@@ -204,7 +204,7 @@ void Heap::markProtectedObjects(MarkStack& markStack)
 {
     ProtectCountSet::iterator end = m_protectedValues.end();
     for (ProtectCountSet::iterator it = m_protectedValues.begin(); it != end; ++it)
-        markStack.append(it->first);
+        markStack.deprecatedAppend(&it->first);
 }
 
 void Heap::pushTempSortVector(Vector<ValueStringPair>* tempVector)
@@ -229,7 +229,7 @@ void Heap::markTempSortVectors(MarkStack& markStack)
         Vector<ValueStringPair>::iterator vectorEnd = tempSortingVector->end();
         for (Vector<ValueStringPair>::iterator vectorIt = tempSortingVector->begin(); vectorIt != vectorEnd; ++vectorIt) {
             if (vectorIt->first)
-                markStack.append(vectorIt->first);
+                markStack.deprecatedAppend(&vectorIt->first);
         }
     }
 }
@@ -280,7 +280,7 @@ void Heap::markRoots()
     if (m_markListSet && m_markListSet->size())
         MarkedArgumentBuffer::markLists(markStack, *m_markListSet);
     if (m_globalData->exception)
-        markStack.append(m_globalData->exception);
+        markStack.append(&m_globalData->exception);
     if (m_globalData->firstStringifierToMark)
         JSONObject::markStringifiers(markStack, m_globalData->firstStringifierToMark);
     markStack.drain();
index 0a8d9de..f19ae0d 100644 (file)
@@ -46,7 +46,7 @@ InternalFunction::InternalFunction(NonNullPassRefPtr<Structure> structure)
 InternalFunction::InternalFunction(JSGlobalData* globalData, JSGlobalObject* globalObject, NonNullPassRefPtr<Structure> structure, const Identifier& name)
     : JSObjectWithGlobalObject(globalObject, structure)
 {
-    putDirect(globalData->propertyNames->name, jsString(globalData, name.isNull() ? "" : name.ustring()), DontDelete | ReadOnly | DontEnum);
+    putDirect(*globalData, globalData->propertyNames->name, jsString(globalData, name.isNull() ? "" : name.ustring()), DontDelete | ReadOnly | DontEnum);
 }
 
 const UString& InternalFunction::name(ExecState* exec)
index 10ded4c..a113e91 100644 (file)
@@ -31,7 +31,7 @@ namespace JSC {
     class JSAPIValueWrapper : public JSCell {
         friend JSValue jsAPIValueWrapper(ExecState*, JSValue);
     public:
-        JSValue value() const { return m_value; }
+        JSValue value() const { return m_value.get(); }
 
         virtual bool isAPIValueWrapper() const { return true; }
 
@@ -44,12 +44,12 @@ namespace JSC {
     private:
         JSAPIValueWrapper(ExecState* exec, JSValue value)
             : JSCell(exec->globalData().apiWrapperStructure.get())
-            , m_value(value)
         {
+            m_value.set(exec->globalData(), this, value);
             ASSERT(!value.isCell());
         }
 
-        JSValue m_value;
+        WriteBarrier<Unknown> m_value;
     };
 
     inline JSValue jsAPIValueWrapper(ExecState* exec, JSValue value)
index 428403d..2f794f9 100644 (file)
@@ -61,12 +61,12 @@ void JSActivation::markChildren(MarkStack& markStack)
     size_t numParametersMinusThis = d()->functionExecutable->parameterCount();
 
     size_t count = numParametersMinusThis;
-    markStack.appendValues(registerArray, count);
+    markStack.deprecatedAppendValues(registerArray, count);
 
     size_t numVars = d()->functionExecutable->capturedVariableCount();
 
     // Skip the call frame, which sits between the parameters and vars.
-    markStack.appendValues(registerArray + count + RegisterFile::CallFrameHeaderSize, numVars, MayContainNullValues);
+    markStack.deprecatedAppendValues(registerArray + count + RegisterFile::CallFrameHeaderSize, numVars, MayContainNullValues);
 }
 
 inline bool JSActivation::symbolTableGet(const Identifier& propertyName, PropertySlot& slot)
@@ -144,7 +144,7 @@ bool JSActivation::getOwnPropertySlot(ExecState* exec, const Identifier& propert
     return false;
 }
 
-void JSActivation::put(ExecState*, const Identifier& propertyName, JSValue value, PutPropertySlot& slot)
+void JSActivation::put(ExecState* exec, const Identifier& propertyName, JSValue value, PutPropertySlot& slot)
 {
     ASSERT(!Heap::heap(value) || Heap::heap(value) == Heap::heap(this));
 
@@ -155,7 +155,7 @@ void JSActivation::put(ExecState*, const Identifier& propertyName, JSValue value
     // properties are non-standard extensions that other implementations do not
     // expose in the activation object.
     ASSERT(!hasGetterSetterProperties());
-    putDirect(propertyName, value, 0, true, slot);
+    putDirect(exec->globalData(), propertyName, value, 0, true, slot);
 }
 
 // FIXME: Make this function honor ReadOnly (const) and DontEnum
index 556603b..ce25f7b 100644 (file)
@@ -188,9 +188,9 @@ JSArray::JSArray(NonNullPassRefPtr<Structure> structure, unsigned initialLength,
 #endif
         m_storage->m_length = initialLength;
         m_storage->m_numValuesInVector = 0;
-        JSValue* vector = m_storage->m_vector;
+        WriteBarrier<Unknown>* vector = m_storage->m_vector;
         for (size_t i = 0; i < initialCapacity; ++i)
-            vector[i] = JSValue();
+            vector[i].clear();
     }
 
     checkConsistency();
@@ -198,7 +198,7 @@ JSArray::JSArray(NonNullPassRefPtr<Structure> structure, unsigned initialLength,
     Heap::heap(this)->reportExtraMemoryCost(storageSize(initialCapacity));
 }
 
-JSArray::JSArray(NonNullPassRefPtr<Structure> structure, const ArgList& list)
+JSArray::JSArray(JSGlobalData& globalData, NonNullPassRefPtr<Structure> structure, const ArgList& list)
     : JSObject(structure)
 {
     unsigned initialCapacity = list.size();
@@ -225,12 +225,12 @@ JSArray::JSArray(NonNullPassRefPtr<Structure> structure, const ArgList& list)
 #endif
 
     size_t i = 0;
-    JSValue* vector = m_storage->m_vector;
+    WriteBarrier<Unknown>* vector = m_storage->m_vector;
     ArgList::const_iterator end = list.end();
     for (ArgList::const_iterator it = list.begin(); it != end; ++it, ++i)
-        vector[i] = *it;
+        vector[i].set(globalData, this, *it);
     for (; i < initialStorage; i++)
-        vector[i] = JSValue();
+        vector[i].clear();
 
     checkConsistency();
 
@@ -257,16 +257,16 @@ bool JSArray::getOwnPropertySlot(ExecState* exec, unsigned i, PropertySlot& slot
     }
 
     if (i < m_vectorLength) {
-        JSValue& valueSlot = storage->m_vector[i];
+        WriteBarrier<Unknown>& valueSlot = storage->m_vector[i];
         if (valueSlot) {
-            slot.setValueSlot(&valueSlot);
+            slot.setValueSlot(valueSlot.slot());
             return true;
         }
     } else if (SparseArrayValueMap* map = storage->m_sparseValueMap) {
         if (i >= MIN_SPARSE_ARRAY_INDEX) {
             SparseArrayValueMap::iterator it = map->find(i);
             if (it != map->end()) {
-                slot.setValueSlot(&it->second);
+                slot.setValueSlot(it->second.slot());
                 return true;
             }
         }
@@ -305,16 +305,16 @@ bool JSArray::getOwnPropertyDescriptor(ExecState* exec, const Identifier& proper
         if (i >= storage->m_length)
             return false;
         if (i < m_vectorLength) {
-            JSValue& value = storage->m_vector[i];
+            WriteBarrier<Unknown>& value = storage->m_vector[i];
             if (value) {
-                descriptor.setDescriptor(value, 0);
+                descriptor.setDescriptor(value.get(), 0);
                 return true;
             }
         } else if (SparseArrayValueMap* map = storage->m_sparseValueMap) {
             if (i >= MIN_SPARSE_ARRAY_INDEX) {
                 SparseArrayValueMap::iterator it = map->find(i);
                 if (it != map->end()) {
-                    descriptor.setDescriptor(it->second, 0);
+                    descriptor.setDescriptor(it->second.get(), 0);
                     return true;
                 }
             }
@@ -359,13 +359,13 @@ void JSArray::put(ExecState* exec, unsigned i, JSValue value)
     }
 
     if (i < m_vectorLength) {
-        JSValue& valueSlot = storage->m_vector[i];
+        WriteBarrier<Unknown>& valueSlot = storage->m_vector[i];
         if (valueSlot) {
-            valueSlot = value;
+            valueSlot.set(exec->globalData(), this, value);
             checkConsistency();
             return;
         }
-        valueSlot = value;
+        valueSlot.set(exec->globalData(), this, value);
         ++storage->m_numValuesInVector;
         checkConsistency();
         return;
@@ -395,11 +395,11 @@ NEVER_INLINE void JSArray::putSlowCase(ExecState* exec, unsigned i, JSValue valu
                 storage->m_sparseValueMap = map;
             }
 
-            pair<SparseArrayValueMap::iterator, bool> result = map->add(i, value);
-            if (!result.second) { // pre-existing entry
-                result.first->second = value;
+            WriteBarrier<Unknown> temp;
+            pair<SparseArrayValueMap::iterator, bool> result = map->add(i, temp);
+            result.first->second.set(exec->globalData(), this, value);
+            if (!result.second) // pre-existing entry
                 return;
-            }
 
             size_t capacity = map->capacity();
             if (capacity != storage->reportedMapCapacity) {
@@ -415,7 +415,7 @@ NEVER_INLINE void JSArray::putSlowCase(ExecState* exec, unsigned i, JSValue valu
     if (!map || map->isEmpty()) {
         if (increaseVectorLength(i + 1)) {
             storage = m_storage;
-            storage->m_vector[i] = value;
+            storage->m_vector[i].set(exec->globalData(), this, value);
             ++storage->m_numValuesInVector;
             checkConsistency();
         } else
@@ -457,18 +457,19 @@ NEVER_INLINE void JSArray::putSlowCase(ExecState* exec, unsigned i, JSValue valu
     storage = m_storage;
     
     unsigned vectorLength = m_vectorLength;
-    JSValue* vector = storage->m_vector;
+    WriteBarrier<Unknown>* vector = storage->m_vector;
 
     if (newNumValuesInVector == storage->m_numValuesInVector + 1) {
         for (unsigned j = vectorLength; j < newVectorLength; ++j)
-            vector[j] = JSValue();
+            vector[j].clear();
         if (i > MIN_SPARSE_ARRAY_INDEX)
             map->remove(i);
     } else {
         for (unsigned j = vectorLength; j < max(vectorLength, MIN_SPARSE_ARRAY_INDEX); ++j)
-            vector[j] = JSValue();
+            vector[j].clear();
+        JSGlobalData& globalData = exec->globalData();
         for (unsigned j = max(vectorLength, MIN_SPARSE_ARRAY_INDEX); j < newVectorLength; ++j)
-            vector[j] = map->take(j);
+            vector[j].set(globalData, this, map->take(j).get());
     }
 
     ASSERT(i < newVectorLength);
@@ -476,7 +477,7 @@ NEVER_INLINE void JSArray::putSlowCase(ExecState* exec, unsigned i, JSValue valu
     m_vectorLength = newVectorLength;
     storage->m_numValuesInVector = newNumValuesInVector;
 
-    storage->m_vector[i] = value;
+    storage->m_vector[i].set(exec->globalData(), this, value);
 
     checkConsistency();
 
@@ -503,12 +504,12 @@ bool JSArray::deleteProperty(ExecState* exec, unsigned i)
     ArrayStorage* storage = m_storage;
     
     if (i < m_vectorLength) {
-        JSValue& valueSlot = storage->m_vector[i];
+        WriteBarrier<Unknown>& valueSlot = storage->m_vector[i];
         if (!valueSlot) {
             checkConsistency();
             return false;
         }
-        valueSlot = JSValue();
+        valueSlot.clear();
         --storage->m_numValuesInVector;
         checkConsistency();
         return true;
@@ -605,9 +606,9 @@ bool JSArray::increaseVectorLength(unsigned newLength)
     storage = m_storage = reinterpret_cast_ptr<ArrayStorage*>(static_cast<char*>(baseStorage) + m_indexBias * sizeof(JSValue));
     m_storage->m_allocBase = baseStorage;
 
-    JSValue* vector = storage->m_vector;
+    WriteBarrier<Unknown>* vector = storage->m_vector;
     for (unsigned i = vectorLength; i < newVectorLength; ++i)
-        vector[i] = JSValue();
+        vector[i].clear();
 
     m_vectorLength = newVectorLength;
     
@@ -666,9 +667,9 @@ void JSArray::setLength(unsigned newLength)
     if (newLength < length) {
         unsigned usedVectorLength = min(length, m_vectorLength);
         for (unsigned i = newLength; i < usedVectorLength; ++i) {
-            JSValue& valueSlot = storage->m_vector[i];
+            WriteBarrier<Unknown>& valueSlot = storage->m_vector[i];
             bool hadValue = valueSlot;
-            valueSlot = JSValue();
+            valueSlot.clear();
             storage->m_numValuesInVector -= hadValue;
         }
 
@@ -706,11 +707,11 @@ JSValue JSArray::pop()
     JSValue result;
 
     if (length < m_vectorLength) {
-        JSValue& valueSlot = storage->m_vector[length];
+        WriteBarrier<Unknown>& valueSlot = storage->m_vector[length];
         if (valueSlot) {
             --storage->m_numValuesInVector;
-            result = valueSlot;
-            valueSlot = JSValue();
+            result = valueSlot.get();
+            valueSlot.clear();
         } else
             result = jsUndefined();
     } else {
@@ -718,7 +719,7 @@ JSValue JSArray::pop()
         if (SparseArrayValueMap* map = storage->m_sparseValueMap) {
             SparseArrayValueMap::iterator it = map->find(length);
             if (it != map->end()) {
-                result = it->second;
+                result = it->second.get();
                 map->remove(it);
                 if (map->isEmpty()) {
                     delete map;
@@ -742,7 +743,7 @@ void JSArray::push(ExecState* exec, JSValue value)
     ArrayStorage* storage = m_storage;
 
     if (storage->m_length < m_vectorLength) {
-        storage->m_vector[storage->m_length] = value;
+        storage->m_vector[storage->m_length].set(exec->globalData(), this, value);
         ++storage->m_numValuesInVector;
         ++storage->m_length;
         checkConsistency();
@@ -754,7 +755,7 @@ void JSArray::push(ExecState* exec, JSValue value)
         if (!map || map->isEmpty()) {
             if (increaseVectorLength(storage->m_length + 1)) {
                 storage = m_storage;
-                storage->m_vector[storage->m_length] = value;
+                storage->m_vector[storage->m_length].set(exec->globalData(), this, value);
                 ++storage->m_numValuesInVector;
                 ++storage->m_length;
                 checkConsistency();
@@ -857,9 +858,9 @@ void JSArray::unshiftCount(ExecState* exec, int count)
         return;
     }
 
-    JSValue* vector = m_storage->m_vector;
+    WriteBarrier<Unknown>* vector = m_storage->m_vector;
     for (int i = 0; i < count; i++)
-        vector[i] = JSValue();
+        vector[i].clear();
 }
 
 void JSArray::markChildren(MarkStack& markStack)
@@ -941,7 +942,7 @@ void JSArray::sort(ExecState* exec)
     Heap::heap(this)->pushTempSortVector(&values);
 
     for (size_t i = 0; i < lengthNotIncludingUndefined; i++) {
-        JSValue value = storage->m_vector[i];
+        JSValue value = storage->m_vector[i].get();
         ASSERT(!value.isUndefined());
         values[i].first = value;
     }
@@ -974,9 +975,10 @@ void JSArray::sort(ExecState* exec)
         increaseVectorLength(lengthNotIncludingUndefined);
     if (storage->m_length < lengthNotIncludingUndefined)
         storage->m_length = lengthNotIncludingUndefined;
-        
+
+    JSGlobalData& globalData = exec->globalData();
     for (size_t i = 0; i < lengthNotIncludingUndefined; i++)
-        storage->m_vector[i] = values[i].first;
+        storage->m_vector[i].set(globalData, this, values[i].first);
 
     Heap::heap(this)->popTempSortVector(&values);
     
@@ -1105,14 +1107,14 @@ void JSArray::sort(ExecState* exec, JSValue compareFunction, CallType callType,
 
     // Iterate over the array, ignoring missing values, counting undefined ones, and inserting all other ones into the tree.
     for (; numDefined < usedVectorLength; ++numDefined) {
-        JSValue v = storage->m_vector[numDefined];
+        JSValue v = storage->m_vector[numDefined].get();
         if (!v || v.isUndefined())
             break;
         tree.abstractor().m_nodes[numDefined].value = v;
         tree.insert(numDefined);
     }
     for (unsigned i = numDefined; i < usedVectorLength; ++i) {
-        JSValue v = storage->m_vector[i];
+        JSValue v = storage->m_vector[i].get();
         if (v) {
             if (v.isUndefined())
                 ++numUndefined;
@@ -1140,7 +1142,7 @@ void JSArray::sort(ExecState* exec, JSValue compareFunction, CallType callType,
 
         SparseArrayValueMap::iterator end = map->end();
         for (SparseArrayValueMap::iterator it = map->begin(); it != end; ++it) {
-            tree.abstractor().m_nodes[numDefined].value = it->second;
+            tree.abstractor().m_nodes[numDefined].value = it->second.get();
             tree.insert(numDefined);
             ++numDefined;
         }
@@ -1157,18 +1159,19 @@ void JSArray::sort(ExecState* exec, JSValue compareFunction, CallType callType,
     // Copy the values back into m_storage.
     AVLTree<AVLTreeAbstractorForArrayCompare, 44>::Iterator iter;
     iter.start_iter_least(tree);
+    JSGlobalData& globalData = exec->globalData();
     for (unsigned i = 0; i < numDefined; ++i) {
-        storage->m_vector[i] = tree.abstractor().m_nodes[*iter].value;
+        storage->m_vector[i].set(globalData, this, tree.abstractor().m_nodes[*iter].value);
         ++iter;
     }
 
     // Put undefined values back in.
     for (unsigned i = numDefined; i < newUsedVectorLength; ++i)
-        storage->m_vector[i] = jsUndefined();
+        storage->m_vector[i].setUndefined();
 
     // Ensure that unused values in the vector are zeroed out.
     for (unsigned i = newUsedVectorLength; i < usedVectorLength; ++i)
-        storage->m_vector[i] = JSValue();
+        storage->m_vector[i].clear();
 
     storage->m_numValuesInVector = newUsedVectorLength;
 
@@ -1179,14 +1182,14 @@ void JSArray::fillArgList(ExecState* exec, MarkedArgumentBuffer& args)
 {
     ArrayStorage* storage = m_storage;
 
-    JSValue* vector = storage->m_vector;
+    WriteBarrier<Unknown>* vector = storage->m_vector;
     unsigned vectorEnd = min(storage->m_length, m_vectorLength);
     unsigned i = 0;
     for (; i < vectorEnd; ++i) {
-        JSValue& v = vector[i];
+        WriteBarrier<Unknown>& v = vector[i];
         if (!v)
             break;
-        args.append(v);
+        args.append(v.get());
     }
 
     for (; i < storage->m_length; ++i)
@@ -1197,14 +1200,14 @@ void JSArray::copyToRegisters(ExecState* exec, Register* buffer, uint32_t maxSiz
 {
     ASSERT(m_storage->m_length >= maxSize);
     UNUSED_PARAM(maxSize);
-    JSValue* vector = m_storage->m_vector;
+    WriteBarrier<Unknown>* vector = m_storage->m_vector;
     unsigned vectorEnd = min(maxSize, m_vectorLength);
     unsigned i = 0;
     for (; i < vectorEnd; ++i) {
-        JSValue& v = vector[i];
+        WriteBarrier<Unknown>& v = vector[i];
         if (!v)
             break;
-        buffer[i] = v;
+        buffer[i] = v.get();
     }
 
     for (; i < maxSize; ++i)
@@ -1223,17 +1226,18 @@ unsigned JSArray::compactForSorting()
     unsigned numUndefined = 0;
 
     for (; numDefined < usedVectorLength; ++numDefined) {
-        JSValue v = storage->m_vector[numDefined];
+        JSValue v = storage->m_vector[numDefined].get();
         if (!v || v.isUndefined())
             break;
     }
+
     for (unsigned i = numDefined; i < usedVectorLength; ++i) {
-        JSValue v = storage->m_vector[i];
+        JSValue v = storage->m_vector[i].get();
         if (v) {
             if (v.isUndefined())
                 ++numUndefined;
             else
-                storage->m_vector[numDefined++] = v;
+                storage->m_vector[numDefined++].setWithoutWriteBarrier(v);
         }
     }
 
@@ -1252,16 +1256,16 @@ unsigned JSArray::compactForSorting()
 
         SparseArrayValueMap::iterator end = map->end();
         for (SparseArrayValueMap::iterator it = map->begin(); it != end; ++it)
-            storage->m_vector[numDefined++] = it->second;
+            storage->m_vector[numDefined++].setWithoutWriteBarrier(it->second.get());
 
         delete map;
         storage->m_sparseValueMap = 0;
     }
 
     for (unsigned i = numDefined; i < newUsedVectorLength; ++i)
-        storage->m_vector[i] = jsUndefined();
+        storage->m_vector[i].setUndefined();
     for (unsigned i = newUsedVectorLength; i < usedVectorLength; ++i)
-        storage->m_vector[i] = JSValue();
+        storage->m_vector[i].clear();
 
     storage->m_numValuesInVector = newUsedVectorLength;
 
index de28b65..aa5edf0 100644 (file)
@@ -27,7 +27,7 @@
 
 namespace JSC {
 
-    typedef HashMap<unsigned, JSValue> SparseArrayValueMap;
+    typedef HashMap<unsigned, WriteBarrier<Unknown> > SparseArrayValueMap;
 
     // This struct holds the actual data values of an array.  A JSArray object points to it's contained ArrayStorage
     // struct by pointing to m_vector.  To access the contained ArrayStorage struct, use the getStorage() and 
@@ -44,7 +44,7 @@ namespace JSC {
 #if CHECK_ARRAY_CONSISTENCY
         bool m_inCompactInitialization;
 #endif
-        JSValue m_vector[1];
+        WriteBarrier<Unknown> m_vector[1];
     };
 
     // The CreateCompact creation mode is used for fast construction of arrays
@@ -67,7 +67,7 @@ namespace JSC {
 
         explicit JSArray(NonNullPassRefPtr<Structure>);
         JSArray(NonNullPassRefPtr<Structure>, unsigned initialLength, ArrayCreationMode);
-        JSArray(NonNullPassRefPtr<Structure>, const ArgList& initialValues);
+        JSArray(JSGlobalData&, NonNullPassRefPtr<Structure>, const ArgList& initialValues);
         virtual ~JSArray();
 
         virtual bool getOwnPropertySlot(ExecState*, const Identifier& propertyName, PropertySlot&);
@@ -94,32 +94,32 @@ namespace JSC {
         JSValue getIndex(unsigned i)
         {
             ASSERT(canGetIndex(i));
-            return m_storage->m_vector[i];
+            return m_storage->m_vector[i].get();
         }
 
         bool canSetIndex(unsigned i) { return i < m_vectorLength; }
-        void setIndex(unsigned i, JSValue v)
+        void setIndex(JSGlobalData& globalData, unsigned i, JSValue v)
         {
             ASSERT(canSetIndex(i));
             
-            JSValue& x = m_storage->m_vector[i];
+            WriteBarrier<Unknown>& x = m_storage->m_vector[i];
             if (!x) {
                 ArrayStorage *storage = m_storage;
                 ++storage->m_numValuesInVector;
                 if (i >= storage->m_length)
                     storage->m_length = i + 1;
             }
-            x = v;
+            x.set(globalData, this, v);
         }
         
-        void uncheckedSetIndex(unsigned i, JSValue v)
+        void uncheckedSetIndex(JSGlobalData& globalData, unsigned i, JSValue v)
         {
             ASSERT(canSetIndex(i));
             ArrayStorage *storage = m_storage;
 #if CHECK_ARRAY_CONSISTENCY
             ASSERT(storage->m_inCompactInitialization);
 #endif
-            storage->m_vector[i] = v;
+            storage->m_vector[i].set(globalData, this, v);
         }
 
         void fillArgList(ExecState*, MarkedArgumentBuffer&);
@@ -194,7 +194,7 @@ namespace JSC {
         if (SparseArrayValueMap* map = storage->m_sparseValueMap) {
             SparseArrayValueMap::iterator end = map->end();
             for (SparseArrayValueMap::iterator it = map->begin(); it != end; ++it)
-                markStack.append(it->second);
+                markStack.append(&it->second);
         }
     }
 
index 6af9d75..3f7d806 100644 (file)
@@ -40,7 +40,7 @@ JSByteArray::JSByteArray(ExecState* exec, NonNullPassRefPtr<Structure> structure
     , m_storage(storage)
     , m_classInfo(classInfo)
 {
-    putDirect(exec->globalData().propertyNames->length, jsNumber(m_storage->length()), ReadOnly | DontDelete);
+    putDirect(exec->globalData(), exec->globalData().propertyNames->length, jsNumber(m_storage->length()), ReadOnly | DontDelete);
 }
 
 #if !ASSERT_DISABLED
index f7e8810..f23b48a 100644 (file)
@@ -336,8 +336,18 @@ namespace JSC {
     {
         return isCell() ? asCell()->toThisObject(exec) : toThisObjectSlowCase(exec);
     }
+    
+    template <typename T> void MarkStack::append(DeprecatedPtr<T>* slot)
+    {
+        internalAppend(slot->get());
+    }
+    
+    template <typename T> void MarkStack::append(WriteBarrierBase<T>* slot)
+    {
+        internalAppend(slot->get());
+    }
 
-    ALWAYS_INLINE void MarkStack::append(JSCell* cell)
+    ALWAYS_INLINE void MarkStack::internalAppend(JSCell* cell)
     {
         ASSERT(!m_isCheckingForDefaultMarkViolation);
         ASSERT(cell);
@@ -347,11 +357,29 @@ namespace JSC {
             m_values.append(cell);
     }
 
-    ALWAYS_INLINE void MarkStack::append(JSValue value)
+    ALWAYS_INLINE void MarkStack::deprecatedAppend(JSCell** value)
+    {
+        ASSERT(value);
+        internalAppend(*value);
+    }
+
+    ALWAYS_INLINE void MarkStack::deprecatedAppend(JSValue* value)
+    {
+        ASSERT(value);
+        internalAppend(*value);
+    }
+    
+    ALWAYS_INLINE void MarkStack::deprecatedAppend(Register* value)
+    {
+        ASSERT(value);
+        internalAppend(value->jsValue());
+    }
+
+    ALWAYS_INLINE void MarkStack::internalAppend(JSValue value)
     {
         ASSERT(value);
         if (value.isCell())
-            append(value.asCell());
+            internalAppend(value.asCell());
     }
 
     inline Heap* Heap::heap(JSValue v)
index 99f8e6f..4ff59e3 100644 (file)
@@ -71,8 +71,8 @@ JSFunction::JSFunction(ExecState* exec, JSGlobalObject* globalObject, NonNullPas
     , m_executable(thunk)
     , m_scopeChain(globalObject->globalScopeChain())
 {
-    putDirect(exec->globalData().propertyNames->name, jsString(exec, name.isNull() ? "" : name.ustring()), DontDelete | ReadOnly | DontEnum);
-    putDirect(exec->propertyNames().length, jsNumber(length), DontDelete | ReadOnly | DontEnum);
+    putDirect(exec->globalData(), exec->globalData().propertyNames->name, jsString(exec, name.isNull() ? "" : name.ustring()), DontDelete | ReadOnly | DontEnum);
+    putDirect(exec->globalData(), exec->propertyNames().length, jsNumber(length), DontDelete | ReadOnly | DontEnum);
 }
 #endif
 
@@ -83,9 +83,9 @@ JSFunction::JSFunction(ExecState* exec, JSGlobalObject* globalObject, NonNullPas
 #endif
     , m_scopeChain(globalObject->globalScopeChain())
 {
-    putDirect(exec->globalData().propertyNames->name, jsString(exec, name.isNull() ? "" : name.ustring()), DontDelete | ReadOnly | DontEnum);
+    putDirect(exec->globalData(), exec->globalData().propertyNames->name, jsString(exec, name.isNull() ? "" : name.ustring()), DontDelete | ReadOnly | DontEnum);
 #if ENABLE(JIT)
-    putDirect(exec->propertyNames().length, jsNumber(length), DontDelete | ReadOnly | DontEnum);
+    putDirect(exec->globalData(), exec->propertyNames().length, jsNumber(length), DontDelete | ReadOnly | DontEnum);
 #else
     UNUSED_PARAM(length);
     UNUSED_PARAM(func);
@@ -99,7 +99,7 @@ JSFunction::JSFunction(ExecState* exec, NonNullPassRefPtr<FunctionExecutable> ex
     , m_scopeChain(scopeChainNode)
 {
     const Identifier& name = static_cast<FunctionExecutable*>(m_executable.get())->name();
-    putDirect(exec->globalData().propertyNames->name, jsString(exec, name.isNull() ? "" : name.ustring()), DontDelete | ReadOnly | DontEnum);
+    putDirect(exec->globalData(), exec->globalData().propertyNames->name, jsString(exec, name.isNull() ? "" : name.ustring()), DontDelete | ReadOnly | DontEnum);
 }
 
 JSFunction::~JSFunction()
@@ -207,8 +207,8 @@ bool JSFunction::getOwnPropertySlot(ExecState* exec, const Identifier& propertyN
 
         if (!location) {
             JSObject* prototype = new (exec) JSObject(scope().globalObject()->emptyObjectStructure());
-            prototype->putDirect(exec->propertyNames().constructor, this, DontEnum);
-            putDirect(exec->propertyNames().prototype, prototype, DontDelete | DontEnum);
+            prototype->putDirect(exec->globalData(), exec->propertyNames().constructor, this, DontEnum);
+            putDirect(exec->globalData(), exec->propertyNames().prototype, prototype, DontDelete | DontEnum);
             location = getDirectLocation(propertyName);
         }
 
index 31f41e9..e8469dd 100644 (file)
@@ -203,7 +203,7 @@ namespace JSC {
         Terminator terminator;
         Heap heap;
 
-        JSValue exception;
+        DeprecatedPtr<Unknown> exception;
 #if ENABLE(JIT)
         ReturnAddressPtr exceptionLocation;
 #endif
index 9b67dbb..715ff0d 100644 (file)
@@ -80,16 +80,16 @@ static const int initialTickCountThreshold = 255;
 // Preferred number of milliseconds between each timeout check
 static const int preferredScriptCheckTimeInterval = 1000;
 
-static inline void markIfNeeded(MarkStack& markStack, JSValue v)
+template <typename T> static inline void markIfNeeded(MarkStack& markStack, WriteBarrier<T>* v)
 {
-    if (v)
+    if (*v)
         markStack.append(v);
 }
 
 static inline void markIfNeeded(MarkStack& markStack, const RefPtr<Structure>& s)
 {
-    if (s)
-        markIfNeeded(markStack, s->storedPrototype());
+    if (s && s->storedPrototype())
+        markStack.append(s->storedPrototypeSlot());
 }
 
 JSGlobalObject::~JSGlobalObject()
@@ -202,117 +202,117 @@ void JSGlobalObject::reset(JSValue prototype)
 
     // Prototypes
 
-    d()->functionPrototype = new (exec) FunctionPrototype(exec, this, FunctionPrototype::createStructure(jsNull())); // The real prototype will be set once ObjectPrototype is created.
-    d()->prototypeFunctionStructure = PrototypeFunction::createStructure(d()->functionPrototype);
-    d()->internalFunctionStructure = InternalFunction::createStructure(d()->functionPrototype);
+    d()->functionPrototype.set(exec->globalData(), this, new (exec) FunctionPrototype(exec, this, FunctionPrototype::createStructure(jsNull()))); // The real prototype will be set once ObjectPrototype is created.
+    d()->prototypeFunctionStructure = PrototypeFunction::createStructure(d()->functionPrototype.get());
+    d()->internalFunctionStructure = InternalFunction::createStructure(d()->functionPrototype.get());
     NativeFunctionWrapper* callFunction = 0;
     NativeFunctionWrapper* applyFunction = 0;
     d()->functionPrototype->addFunctionProperties(exec, this, d()->prototypeFunctionStructure.get(), &callFunction, &applyFunction);
-    d()->callFunction = callFunction;
-    d()->applyFunction = applyFunction;
-    d()->objectPrototype = new (exec) ObjectPrototype(exec, this, ObjectPrototype::createStructure(jsNull()), d()->prototypeFunctionStructure.get());
-    d()->functionPrototype->structure()->setPrototypeWithoutTransition(d()->objectPrototype);
+    d()->callFunction.set(exec->globalData(), this, callFunction);
+    d()->applyFunction.set(exec->globalData(), this, applyFunction);
+    d()->objectPrototype.set(exec->globalData(), this, new (exec) ObjectPrototype(exec, this, ObjectPrototype::createStructure(jsNull()), d()->prototypeFunctionStructure.get()));
+    d()->functionPrototype->structure()->setPrototypeWithoutTransition(d()->objectPrototype.get());
 
     d()->emptyObjectStructure = d()->objectPrototype->inheritorID();
 
-    d()->functionStructure = JSFunction::createStructure(d()->functionPrototype);
-    d()->callbackFunctionStructure = JSCallbackFunction::createStructure(d()->functionPrototype);
-    d()->argumentsStructure = Arguments::createStructure(d()->objectPrototype);
-    d()->callbackConstructorStructure = JSCallbackConstructor::createStructure(d()->objectPrototype);
-    d()->callbackObjectStructure = JSCallbackObject<JSObjectWithGlobalObject>::createStructure(d()->objectPrototype);
+    d()->functionStructure = JSFunction::createStructure(d()->functionPrototype.get());
+    d()->callbackFunctionStructure = JSCallbackFunction::createStructure(d()->functionPrototype.get());
+    d()->argumentsStructure = Arguments::createStructure(d()->objectPrototype.get());
+    d()->callbackConstructorStructure = JSCallbackConstructor::createStructure(d()->objectPrototype.get());
+    d()->callbackObjectStructure = JSCallbackObject<JSObjectWithGlobalObject>::createStructure(d()->objectPrototype.get());
 
-    d()->arrayPrototype = new (exec) ArrayPrototype(this, ArrayPrototype::createStructure(d()->objectPrototype));
-    d()->arrayStructure = JSArray::createStructure(d()->arrayPrototype);
-    d()->regExpMatchesArrayStructure = RegExpMatchesArray::createStructure(d()->arrayPrototype);
+    d()->arrayPrototype.set(exec->globalData(), this, new (exec) ArrayPrototype(this, ArrayPrototype::createStructure(d()->objectPrototype.get())));
+    d()->arrayStructure = JSArray::createStructure(d()->arrayPrototype.get());
+    d()->regExpMatchesArrayStructure = RegExpMatchesArray::createStructure(d()->arrayPrototype.get());
 
-    d()->stringPrototype = new (exec) StringPrototype(exec, this, StringPrototype::createStructure(d()->objectPrototype));
-    d()->stringObjectStructure = StringObject::createStructure(d()->stringPrototype);
+    d()->stringPrototype.set(exec->globalData(), this, new (exec) StringPrototype(exec, this, StringPrototype::createStructure(d()->objectPrototype.get())));
+    d()->stringObjectStructure = StringObject::createStructure(d()->stringPrototype.get());
 
-    d()->booleanPrototype = new (exec) BooleanPrototype(exec, this, BooleanPrototype::createStructure(d()->objectPrototype), d()->prototypeFunctionStructure.get());
-    d()->booleanObjectStructure = BooleanObject::createStructure(d()->booleanPrototype);
+    d()->booleanPrototype.set(exec->globalData(), this, new (exec) BooleanPrototype(exec, this, BooleanPrototype::createStructure(d()->objectPrototype.get()), d()->prototypeFunctionStructure.get()));
+    d()->booleanObjectStructure = BooleanObject::createStructure(d()->booleanPrototype.get());
 
-    d()->numberPrototype = new (exec) NumberPrototype(exec, this, NumberPrototype::createStructure(d()->objectPrototype), d()->prototypeFunctionStructure.get());
-    d()->numberObjectStructure = NumberObject::createStructure(d()->numberPrototype);
+    d()->numberPrototype.set(exec->globalData(), this, new (exec) NumberPrototype(exec, this, NumberPrototype::createStructure(d()->objectPrototype.get()), d()->prototypeFunctionStructure.get()));
+    d()->numberObjectStructure = NumberObject::createStructure(d()->numberPrototype.get());
 
-    d()->datePrototype = new (exec) DatePrototype(exec, this, DatePrototype::createStructure(d()->objectPrototype));
-    d()->dateStructure = DateInstance::createStructure(d()->datePrototype);
+    d()->datePrototype.set(exec->globalData(), this, new (exec) DatePrototype(exec, this, DatePrototype::createStructure(d()->objectPrototype.get())));
+    d()->dateStructure = DateInstance::createStructure(d()->datePrototype.get());
 
-    d()->regExpPrototype = new (exec) RegExpPrototype(exec, this, RegExpPrototype::createStructure(d()->objectPrototype), d()->prototypeFunctionStructure.get());
-    d()->regExpStructure = RegExpObject::createStructure(d()->regExpPrototype);
+    d()->regExpPrototype.set(exec->globalData(), this, new (exec) RegExpPrototype(exec, this, RegExpPrototype::createStructure(d()->objectPrototype.get()), d()->prototypeFunctionStructure.get()));
+    d()->regExpStructure = RegExpObject::createStructure(d()->regExpPrototype.get());
 
-    d()->methodCallDummy = constructEmptyObject(exec);
+    d()->methodCallDummy.set(exec->globalData(), this, constructEmptyObject(exec));
 
-    ErrorPrototype* errorPrototype = new (exec) ErrorPrototype(exec, this, ErrorPrototype::createStructure(d()->objectPrototype), d()->prototypeFunctionStructure.get());
+    ErrorPrototype* errorPrototype = new (exec) ErrorPrototype(exec, this, ErrorPrototype::createStructure(d()->objectPrototype.get()), d()->prototypeFunctionStructure.get());
     d()->errorStructure = ErrorInstance::createStructure(errorPrototype);
 
     // Constructors
 
-    JSCell* objectConstructor = new (exec) ObjectConstructor(exec, this, ObjectConstructor::createStructure(d()->functionPrototype), d()->objectPrototype, d()->prototypeFunctionStructure.get());
-    JSCell* functionConstructor = new (exec) FunctionConstructor(exec, this, FunctionConstructor::createStructure(d()->functionPrototype), d()->functionPrototype);
-    JSCell* arrayConstructor = new (exec) ArrayConstructor(exec, this, ArrayConstructor::createStructure(d()->functionPrototype), d()->arrayPrototype, d()->prototypeFunctionStructure.get());
-    JSCell* stringConstructor = new (exec) StringConstructor(exec, this, StringConstructor::createStructure(d()->functionPrototype), d()->prototypeFunctionStructure.get(), d()->stringPrototype);
-    JSCell* booleanConstructor = new (exec) BooleanConstructor(exec, this, BooleanConstructor::createStructure(d()->functionPrototype), d()->booleanPrototype);
-    JSCell* numberConstructor = new (exec) NumberConstructor(exec, this, NumberConstructor::createStructure(d()->functionPrototype), d()->numberPrototype);
-    JSCell* dateConstructor = new (exec) DateConstructor(exec, this, DateConstructor::createStructure(d()->functionPrototype), d()->prototypeFunctionStructure.get(), d()->datePrototype);
+    JSCell* objectConstructor = new (exec) ObjectConstructor(exec, this, ObjectConstructor::createStructure(d()->functionPrototype.get()), d()->objectPrototype.get(), d()->prototypeFunctionStructure.get());
+    JSCell* functionConstructor = new (exec) FunctionConstructor(exec, this, FunctionConstructor::createStructure(d()->functionPrototype.get()), d()->functionPrototype.get());
+    JSCell* arrayConstructor = new (exec) ArrayConstructor(exec, this, ArrayConstructor::createStructure(d()->functionPrototype.get()), d()->arrayPrototype.get(), d()->prototypeFunctionStructure.get());
+    JSCell* stringConstructor = new (exec) StringConstructor(exec, this, StringConstructor::createStructure(d()->functionPrototype.get()), d()->prototypeFunctionStructure.get(), d()->stringPrototype.get());
+    JSCell* booleanConstructor = new (exec) BooleanConstructor(exec, this, BooleanConstructor::createStructure(d()->functionPrototype.get()), d()->booleanPrototype.get());
+    JSCell* numberConstructor = new (exec) NumberConstructor(exec, this, NumberConstructor::createStructure(d()->functionPrototype.get()), d()->numberPrototype.get());
+    JSCell* dateConstructor = new (exec) DateConstructor(exec, this, DateConstructor::createStructure(d()->functionPrototype.get()), d()->prototypeFunctionStructure.get(), d()->datePrototype.get());
 
-    d()->regExpConstructor = new (exec) RegExpConstructor(exec, this, RegExpConstructor::createStructure(d()->functionPrototype), d()->regExpPrototype);
+    d()->regExpConstructor.set(exec->globalData(), this, new (exec) RegExpConstructor(exec, this, RegExpConstructor::createStructure(d()->functionPrototype.get()), d()->regExpPrototype.get()));
 
-    d()->errorConstructor = new (exec) ErrorConstructor(exec, this, ErrorConstructor::createStructure(d()->functionPrototype), errorPrototype);
+    d()->errorConstructor.set(exec->globalData(), this, new (exec) ErrorConstructor(exec, this, ErrorConstructor::createStructure(d()->functionPrototype.get()), errorPrototype));
 
     RefPtr<Structure> nativeErrorPrototypeStructure = NativeErrorPrototype::createStructure(errorPrototype);
-    RefPtr<Structure> nativeErrorStructure = NativeErrorConstructor::createStructure(d()->functionPrototype);
-    d()->evalErrorConstructor = new (exec) NativeErrorConstructor(exec, this, nativeErrorStructure, nativeErrorPrototypeStructure, "EvalError");
-    d()->rangeErrorConstructor = new (exec) NativeErrorConstructor(exec, this, nativeErrorStructure, nativeErrorPrototypeStructure, "RangeError");
-    d()->referenceErrorConstructor = new (exec) NativeErrorConstructor(exec, this, nativeErrorStructure, nativeErrorPrototypeStructure, "ReferenceError");
-    d()->syntaxErrorConstructor = new (exec) NativeErrorConstructor(exec, this, nativeErrorStructure, nativeErrorPrototypeStructure, "SyntaxError");
-    d()->typeErrorConstructor = new (exec) NativeErrorConstructor(exec, this, nativeErrorStructure, nativeErrorPrototypeStructure, "TypeError");
-    d()->URIErrorConstructor = new (exec) NativeErrorConstructor(exec, this, nativeErrorStructure, nativeErrorPrototypeStructure, "URIError");
-
-    d()->objectPrototype->putDirectFunctionWithoutTransition(exec->propertyNames().constructor, objectConstructor, DontEnum);
-    d()->functionPrototype->putDirectFunctionWithoutTransition(exec->propertyNames().constructor, functionConstructor, DontEnum);
-    d()->arrayPrototype->putDirectFunctionWithoutTransition(exec->propertyNames().constructor, arrayConstructor, DontEnum);
-    d()->booleanPrototype->putDirectFunctionWithoutTransition(exec->propertyNames().constructor, booleanConstructor, DontEnum);
-    d()->stringPrototype->putDirectFunctionWithoutTransition(exec->propertyNames().constructor, stringConstructor, DontEnum);
-    d()->numberPrototype->putDirectFunctionWithoutTransition(exec->propertyNames().constructor, numberConstructor, DontEnum);
-    d()->datePrototype->putDirectFunctionWithoutTransition(exec->propertyNames().constructor, dateConstructor, DontEnum);
-    d()->regExpPrototype->putDirectFunctionWithoutTransition(exec->propertyNames().constructor, d()->regExpConstructor, DontEnum);
-    errorPrototype->putDirectFunctionWithoutTransition(exec->propertyNames().constructor, d()->errorConstructor, DontEnum);
+    RefPtr<Structure> nativeErrorStructure = NativeErrorConstructor::createStructure(d()->functionPrototype.get());
+    d()->evalErrorConstructor.set(exec->globalData(), this, new (exec) NativeErrorConstructor(exec, this, nativeErrorStructure, nativeErrorPrototypeStructure, "EvalError"));
+    d()->rangeErrorConstructor.set(exec->globalData(), this, new (exec) NativeErrorConstructor(exec, this, nativeErrorStructure, nativeErrorPrototypeStructure, "RangeError"));
+    d()->referenceErrorConstructor.set(exec->globalData(), this, new (exec) NativeErrorConstructor(exec, this, nativeErrorStructure, nativeErrorPrototypeStructure, "ReferenceError"));
+    d()->syntaxErrorConstructor.set(exec->globalData(), this, new (exec) NativeErrorConstructor(exec, this, nativeErrorStructure, nativeErrorPrototypeStructure, "SyntaxError"));
+    d()->typeErrorConstructor.set(exec->globalData(), this, new (exec) NativeErrorConstructor(exec, this, nativeErrorStructure, nativeErrorPrototypeStructure, "TypeError"));
+    d()->URIErrorConstructor.set(exec->globalData(), this, new (exec) NativeErrorConstructor(exec, this, nativeErrorStructure, nativeErrorPrototypeStructure, "URIError"));
+
+    d()->objectPrototype->putDirectFunctionWithoutTransition(exec->globalData(), exec->propertyNames().constructor, objectConstructor, DontEnum);
+    d()->functionPrototype->putDirectFunctionWithoutTransition(exec->globalData(), exec->propertyNames().constructor, functionConstructor, DontEnum);
+    d()->arrayPrototype->putDirectFunctionWithoutTransition(exec->globalData(), exec->propertyNames().constructor, arrayConstructor, DontEnum);
+    d()->booleanPrototype->putDirectFunctionWithoutTransition(exec->globalData(), exec->propertyNames().constructor, booleanConstructor, DontEnum);
+    d()->stringPrototype->putDirectFunctionWithoutTransition(exec->globalData(), exec->propertyNames().constructor, stringConstructor, DontEnum);
+    d()->numberPrototype->putDirectFunctionWithoutTransition(exec->globalData(), exec->propertyNames().constructor, numberConstructor, DontEnum);
+    d()->datePrototype->putDirectFunctionWithoutTransition(exec->globalData(), exec->propertyNames().constructor, dateConstructor, DontEnum);
+    d()->regExpPrototype->putDirectFunctionWithoutTransition(exec->globalData(), exec->propertyNames().constructor, d()->regExpConstructor.get(), DontEnum);
+    errorPrototype->putDirectFunctionWithoutTransition(exec->globalData(), exec->propertyNames().constructor, d()->errorConstructor.get(), DontEnum);
 
     // Set global constructors
 
     // FIXME: These properties could be handled by a static hash table.
 
-    putDirectFunctionWithoutTransition(Identifier(exec, "Object"), objectConstructor, DontEnum);
-    putDirectFunctionWithoutTransition(Identifier(exec, "Function"), functionConstructor, DontEnum);
-    putDirectFunctionWithoutTransition(Identifier(exec, "Array"), arrayConstructor, DontEnum);
-    putDirectFunctionWithoutTransition(Identifier(exec, "Boolean"), booleanConstructor, DontEnum);
-    putDirectFunctionWithoutTransition(Identifier(exec, "String"), stringConstructor, DontEnum);
-    putDirectFunctionWithoutTransition(Identifier(exec, "Number"), numberConstructor, DontEnum);
-    putDirectFunctionWithoutTransition(Identifier(exec, "Date"), dateConstructor, DontEnum);
-    putDirectFunctionWithoutTransition(Identifier(exec, "RegExp"), d()->regExpConstructor, DontEnum);
-    putDirectFunctionWithoutTransition(Identifier(exec, "Error"), d()->errorConstructor, DontEnum);
-    putDirectFunctionWithoutTransition(Identifier(exec, "EvalError"), d()->evalErrorConstructor, DontEnum);
-    putDirectFunctionWithoutTransition(Identifier(exec, "RangeError"), d()->rangeErrorConstructor, DontEnum);
-    putDirectFunctionWithoutTransition(Identifier(exec, "ReferenceError"), d()->referenceErrorConstructor, DontEnum);
-    putDirectFunctionWithoutTransition(Identifier(exec, "SyntaxError"), d()->syntaxErrorConstructor, DontEnum);
-    putDirectFunctionWithoutTransition(Identifier(exec, "TypeError"), d()->typeErrorConstructor, DontEnum);
-    putDirectFunctionWithoutTransition(Identifier(exec, "URIError"), d()->URIErrorConstructor, DontEnum);
+    putDirectFunctionWithoutTransition(exec->globalData(), Identifier(exec, "Object"), objectConstructor, DontEnum);
+    putDirectFunctionWithoutTransition(exec->globalData(), Identifier(exec, "Function"), functionConstructor, DontEnum);
+    putDirectFunctionWithoutTransition(exec->globalData(), Identifier(exec, "Array"), arrayConstructor, DontEnum);
+    putDirectFunctionWithoutTransition(exec->globalData(), Identifier(exec, "Boolean"), booleanConstructor, DontEnum);
+    putDirectFunctionWithoutTransition(exec->globalData(), Identifier(exec, "String"), stringConstructor, DontEnum);
+    putDirectFunctionWithoutTransition(exec->globalData(), Identifier(exec, "Number"), numberConstructor, DontEnum);
+    putDirectFunctionWithoutTransition(exec->globalData(), Identifier(exec, "Date"), dateConstructor, DontEnum);
+    putDirectFunctionWithoutTransition(exec->globalData(), Identifier(exec, "RegExp"), d()->regExpConstructor.get(), DontEnum);
+    putDirectFunctionWithoutTransition(exec->globalData(), Identifier(exec, "Error"), d()->errorConstructor.get(), DontEnum);
+    putDirectFunctionWithoutTransition(exec->globalData(), Identifier(exec, "EvalError"), d()->evalErrorConstructor.get(), DontEnum);
+    putDirectFunctionWithoutTransition(exec->globalData(), Identifier(exec, "RangeError"), d()->rangeErrorConstructor.get(), DontEnum);
+    putDirectFunctionWithoutTransition(exec->globalData(), Identifier(exec, "ReferenceError"), d()->referenceErrorConstructor.get(), DontEnum);
+    putDirectFunctionWithoutTransition(exec->globalData(), Identifier(exec, "SyntaxError"), d()->syntaxErrorConstructor.get(), DontEnum);
+    putDirectFunctionWithoutTransition(exec->globalData(), Identifier(exec, "TypeError"), d()->typeErrorConstructor.get(), DontEnum);
+    putDirectFunctionWithoutTransition(exec->globalData(), Identifier(exec, "URIError"), d()->URIErrorConstructor.get(), DontEnum);
 
     // Set global values.
     GlobalPropertyInfo staticGlobals[] = {
-        GlobalPropertyInfo(Identifier(exec, "Math"), new (exec) MathObject(exec, this, MathObject::createStructure(d()->objectPrototype)), DontEnum | DontDelete),
+        GlobalPropertyInfo(Identifier(exec, "Math"), new (exec) MathObject(exec, this, MathObject::createStructure(d()->objectPrototype.get())), DontEnum | DontDelete),
         GlobalPropertyInfo(Identifier(exec, "NaN"), jsNaN(), DontEnum | DontDelete | ReadOnly),
         GlobalPropertyInfo(Identifier(exec, "Infinity"), jsNumber(Inf), DontEnum | DontDelete | ReadOnly),
         GlobalPropertyInfo(Identifier(exec, "undefined"), jsUndefined(), DontEnum | DontDelete | ReadOnly),
-        GlobalPropertyInfo(Identifier(exec, "JSON"), new (exec) JSONObject(this, JSONObject::createStructure(d()->objectPrototype)), DontEnum | DontDelete)
+        GlobalPropertyInfo(Identifier(exec, "JSON"), new (exec) JSONObject(this, JSONObject::createStructure(d()->objectPrototype.get())), DontEnum | DontDelete)
     };
 
     addStaticGlobals(staticGlobals, WTF_ARRAY_LENGTH(staticGlobals));
 
     // Set global functions.
 
-    d()->evalFunction = new (exec) GlobalEvalFunction(exec, this, GlobalEvalFunction::createStructure(d()->functionPrototype), 1, exec->propertyNames().eval, globalFuncEval, this);
-    putDirectFunctionWithoutTransition(exec, d()->evalFunction, DontEnum);
+    d()->evalFunction.set(exec->globalData(), this, new (exec) GlobalEvalFunction(exec, this, GlobalEvalFunction::createStructure(d()->functionPrototype.get()), 1, exec->propertyNames().eval, globalFuncEval, this));
+    putDirectFunctionWithoutTransition(exec, d()->evalFunction.get(), DontEnum);
     putDirectFunctionWithoutTransition(exec, new (exec) NativeFunctionWrapper(exec, this, d()->prototypeFunctionStructure.get(), 2, Identifier(exec, "parseInt"), globalFuncParseInt), DontEnum);
     putDirectFunctionWithoutTransition(exec, new (exec) NativeFunctionWrapper(exec, this, d()->prototypeFunctionStructure.get(), 1, Identifier(exec, "parseFloat"), globalFuncParseFloat), DontEnum);
     putDirectFunctionWithoutTransition(exec, new (exec) NativeFunctionWrapper(exec, this, d()->prototypeFunctionStructure.get(), 1, Identifier(exec, "isNaN"), globalFuncIsNaN), DontEnum);
@@ -336,7 +336,7 @@ void JSGlobalObject::resetPrototype(JSValue prototype)
     setPrototype(prototype);
 
     JSObject* oldLastInPrototypeChain = lastInPrototypeChain(this);
-    JSObject* objectPrototype = d()->objectPrototype;
+    JSObject* objectPrototype = d()->objectPrototype.get();
     if (oldLastInPrototypeChain != objectPrototype)
         oldLastInPrototypeChain->setPrototype(objectPrototype);
 }
@@ -349,29 +349,29 @@ void JSGlobalObject::markChildren(MarkStack& markStack)
     for (HashSet<GlobalCodeBlock*>::const_iterator it = codeBlocks().begin(); it != end; ++it)
         (*it)->markAggregate(markStack);
 
-    markIfNeeded(markStack, d()->regExpConstructor);
-    markIfNeeded(markStack, d()->errorConstructor);
-    markIfNeeded(markStack, d()->evalErrorConstructor);
-    markIfNeeded(markStack, d()->rangeErrorConstructor);
-    markIfNeeded(markStack, d()->referenceErrorConstructor);
-    markIfNeeded(markStack, d()->syntaxErrorConstructor);
-    markIfNeeded(markStack, d()->typeErrorConstructor);
-    markIfNeeded(markStack, d()->URIErrorConstructor);
-
-    markIfNeeded(markStack, d()->evalFunction);
-    markIfNeeded(markStack, d()->callFunction);
-    markIfNeeded(markStack, d()->applyFunction);
-
-    markIfNeeded(markStack, d()->objectPrototype);
-    markIfNeeded(markStack, d()->functionPrototype);
-    markIfNeeded(markStack, d()->arrayPrototype);
-    markIfNeeded(markStack, d()->booleanPrototype);
-    markIfNeeded(markStack, d()->stringPrototype);
-    markIfNeeded(markStack, d()->numberPrototype);
-    markIfNeeded(markStack, d()->datePrototype);
-    markIfNeeded(markStack, d()->regExpPrototype);
-
-    markIfNeeded(markStack, d()->methodCallDummy);
+    markIfNeeded(markStack, &d()->regExpConstructor);
+    markIfNeeded(markStack, &d()->errorConstructor);
+    markIfNeeded(markStack, &d()->evalErrorConstructor);
+    markIfNeeded(markStack, &d()->rangeErrorConstructor);
+    markIfNeeded(markStack, &d()->referenceErrorConstructor);
+    markIfNeeded(markStack, &d()->syntaxErrorConstructor);
+    markIfNeeded(markStack, &d()->typeErrorConstructor);
+    markIfNeeded(markStack, &d()->URIErrorConstructor);
+
+    markIfNeeded(markStack, &d()->evalFunction);
+    markIfNeeded(markStack, &d()->callFunction);
+    markIfNeeded(markStack, &d()->applyFunction);
+
+    markIfNeeded(markStack, &d()->objectPrototype);
+    markIfNeeded(markStack, &d()->functionPrototype);
+    markIfNeeded(markStack, &d()->arrayPrototype);
+    markIfNeeded(markStack, &d()->booleanPrototype);
+    markIfNeeded(markStack, &d()->stringPrototype);
+    markIfNeeded(markStack, &d()->numberPrototype);
+    markIfNeeded(markStack, &d()->datePrototype);
+    markIfNeeded(markStack, &d()->regExpPrototype);
+
+    markIfNeeded(markStack, &d()->methodCallDummy);
 
     markIfNeeded(markStack, d()->errorStructure);
     markIfNeeded(markStack, d()->argumentsStructure);
@@ -396,12 +396,12 @@ void JSGlobalObject::markChildren(MarkStack& markStack)
     if (d()->registerArray) {
         // Outside the execution of global code, when our variables are torn off,
         // we can mark the torn-off array.
-        markStack.appendValues(d()->registerArray.get(), d()->registerArraySize);
+        markStack.deprecatedAppendValues(d()->registerArray.get(), d()->registerArraySize);
     } else if (d()->registers) {
         // During execution of global code, when our variables are in the register file,
         // the symbol table tells us how many variables there are, and registers
         // points to where they end, and the registers used for execution begin.
-        markStack.appendValues(d()->registers - symbolTable().size(), symbolTable().size());
+        markStack.deprecatedAppendValues(d()->registers - symbolTable().size(), symbolTable().size());
     }
 }
 
index 24bc2f8..2b50651 100644 (file)
@@ -73,26 +73,6 @@ namespace JSC {
                 , destructor(destructor)
                 , registerArraySize(0)
                 , globalScopeChain(NoScopeChain())
-                , regExpConstructor(0)
-                , errorConstructor(0)
-                , evalErrorConstructor(0)
-                , rangeErrorConstructor(0)
-                , referenceErrorConstructor(0)
-                , syntaxErrorConstructor(0)
-                , typeErrorConstructor(0)
-                , URIErrorConstructor(0)
-                , evalFunction(0)
-                , callFunction(0)
-                , applyFunction(0)
-                , objectPrototype(0)
-                , functionPrototype(0)
-                , arrayPrototype(0)
-                , booleanPrototype(0)
-                , stringPrototype(0)
-                , numberPrototype(0)
-                , datePrototype(0)
-                , regExpPrototype(0)
-                , methodCallDummy(0)
                 , weakRandom(static_cast<unsigned>(randomNumber() * (std::numeric_limits<unsigned>::max() + 1.0)))
             {
             }
@@ -109,29 +89,29 @@ namespace JSC {
             ScopeChain globalScopeChain;
             Register globalCallFrame[RegisterFile::CallFrameHeaderSize];
 
-            RegExpConstructor* regExpConstructor;
-            ErrorConstructor* errorConstructor;
-            NativeErrorConstructor* evalErrorConstructor;
-            NativeErrorConstructor* rangeErrorConstructor;
-            NativeErrorConstructor* referenceErrorConstructor;
-            NativeErrorConstructor* syntaxErrorConstructor;
-            NativeErrorConstructor* typeErrorConstructor;
-            NativeErrorConstructor* URIErrorConstructor;
-
-            GlobalEvalFunction* evalFunction;
-            NativeFunctionWrapper* callFunction;
-            NativeFunctionWrapper* applyFunction;
-
-            ObjectPrototype* objectPrototype;
-            FunctionPrototype* functionPrototype;
-            ArrayPrototype* arrayPrototype;
-            BooleanPrototype* booleanPrototype;
-            StringPrototype* stringPrototype;
-            NumberPrototype* numberPrototype;
-            DatePrototype* datePrototype;
-            RegExpPrototype* regExpPrototype;
-
-            JSObject* methodCallDummy;
+            WriteBarrier<RegExpConstructor> regExpConstructor;
+            WriteBarrier<ErrorConstructor> errorConstructor;
+            WriteBarrier<NativeErrorConstructor> evalErrorConstructor;
+            WriteBarrier<NativeErrorConstructor> rangeErrorConstructor;
+            WriteBarrier<NativeErrorConstructor> referenceErrorConstructor;
+            WriteBarrier<NativeErrorConstructor> syntaxErrorConstructor;
+            WriteBarrier<NativeErrorConstructor> typeErrorConstructor;
+            WriteBarrier<NativeErrorConstructor> URIErrorConstructor;
+
+            WriteBarrier<GlobalEvalFunction> evalFunction;
+            WriteBarrier<NativeFunctionWrapper> callFunction;
+            WriteBarrier<NativeFunctionWrapper> applyFunction;
+
+            WriteBarrier<ObjectPrototype> objectPrototype;
+            WriteBarrier<FunctionPrototype> functionPrototype;
+            WriteBarrier<ArrayPrototype> arrayPrototype;
+            WriteBarrier<BooleanPrototype> booleanPrototype;
+            WriteBarrier<StringPrototype> stringPrototype;
+            WriteBarrier<NumberPrototype> numberPrototype;
+            WriteBarrier<DatePrototype> datePrototype;
+            WriteBarrier<RegExpPrototype> regExpPrototype;
+
+            WriteBarrier<JSObject> methodCallDummy;
 
             RefPtr<Structure> argumentsStructure;
             RefPtr<Structure> arrayStructure;
@@ -209,28 +189,28 @@ namespace JSC {
         // The following accessors return pristine values, even if a script 
         // replaces the global object's associated property.
 
-        RegExpConstructor* regExpConstructor() const { return d()->regExpConstructor; }
+        RegExpConstructor* regExpConstructor() const { return d()->regExpConstructor.get(); }
 
-        ErrorConstructor* errorConstructor() const { return d()->errorConstructor; }
-        NativeErrorConstructor* evalErrorConstructor() const { return d()->evalErrorConstructor; }
-        NativeErrorConstructor* rangeErrorConstructor() const { return d()->rangeErrorConstructor; }
-        NativeErrorConstructor* referenceErrorConstructor() const { return d()->referenceErrorConstructor; }
-        NativeErrorConstructor* syntaxErrorConstructor() const { return d()->syntaxErrorConstructor; }
-        NativeErrorConstructor* typeErrorConstructor() const { return d()->typeErrorConstructor; }
-        NativeErrorConstructor* URIErrorConstructor() const { return d()->URIErrorConstructor; }
+        ErrorConstructor* errorConstructor() const { return d()->errorConstructor.get(); }
+        NativeErrorConstructor* evalErrorConstructor() const { return d()->evalErrorConstructor.get(); }
+        NativeErrorConstructor* rangeErrorConstructor() const { return d()->rangeErrorConstructor.get(); }
+        NativeErrorConstructor* referenceErrorConstructor() const { return d()->referenceErrorConstructor.get(); }
+        NativeErrorConstructor* syntaxErrorConstructor() const { return d()->syntaxErrorConstructor.get(); }
+        NativeErrorConstructor* typeErrorConstructor() const { return d()->typeErrorConstructor.get(); }
+        NativeErrorConstructor* URIErrorConstructor() const { return d()->URIErrorConstructor.get(); }
 
-        GlobalEvalFunction* evalFunction() const { return d()->evalFunction; }
+        GlobalEvalFunction* evalFunction() const { return d()->evalFunction.get(); }
 
-        ObjectPrototype* objectPrototype() const { return d()->objectPrototype; }
-        FunctionPrototype* functionPrototype() const { return d()->functionPrototype; }
-        ArrayPrototype* arrayPrototype() const { return d()->arrayPrototype; }
-        BooleanPrototype* booleanPrototype() const { return d()->booleanPrototype; }
-        StringPrototype* stringPrototype() const { return d()->stringPrototype; }
-        NumberPrototype* numberPrototype() const { return d()->numberPrototype; }
-        DatePrototype* datePrototype() const { return d()->datePrototype; }
-        RegExpPrototype* regExpPrototype() const { return d()->regExpPrototype; }
+        ObjectPrototype* objectPrototype() const { return d()->objectPrototype.get(); }
+        FunctionPrototype* functionPrototype() const { return d()->functionPrototype.get(); }
+        ArrayPrototype* arrayPrototype() const { return d()->arrayPrototype.get(); }
+        BooleanPrototype* booleanPrototype() const { return d()->booleanPrototype.get(); }
+        StringPrototype* stringPrototype() const { return d()->stringPrototype.get(); }
+        NumberPrototype* numberPrototype() const { return d()->numberPrototype.get(); }
+        DatePrototype* datePrototype() const { return d()->datePrototype.get(); }
+        RegExpPrototype* regExpPrototype() const { return d()->regExpPrototype.get(); }
 
-        JSObject* methodCallDummy() const { return d()->methodCallDummy; }
+        JSObject* methodCallDummy() const { return d()->methodCallDummy.get(); }
 
         Structure* argumentsStructure() const { return d()->argumentsStructure.get(); }
         Structure* arrayStructure() const { return d()->arrayStructure.get(); }
@@ -385,7 +365,7 @@ namespace JSC {
     inline JSValue Structure::prototypeForLookup(ExecState* exec) const
     {
         if (typeInfo().type() == ObjectType)
-            return m_prototype;
+            return m_prototype.get();
 
         ASSERT(typeInfo().type() == StringType);
         return exec->lexicalGlobalObject()->stringPrototype();
@@ -457,12 +437,12 @@ namespace JSC {
     {
         MarkedArgumentBuffer values;
         values.append(singleItemValue);
-        return new (exec) JSArray(exec->lexicalGlobalObject()->arrayStructure(), values);
+        return new (exec) JSArray(exec->globalData(), exec->lexicalGlobalObject()->arrayStructure(), values);
     }
 
     inline JSArray* constructArray(ExecState* exec, const ArgList& values)
     {
-        return new (exec) JSArray(exec->lexicalGlobalObject()->arrayStructure(), values);
+        return new (exec) JSArray(exec->globalData(), exec->lexicalGlobalObject()->arrayStructure(), values);
     }
 
     class DynamicGlobalObjectScope {
index 5a8250f..0f7a576 100644 (file)
@@ -84,12 +84,13 @@ private:
     public:
         Holder(JSObject*);
 
-        JSObject* object() const { return m_object; }
+        JSObject* object() const { return m_object.get(); }
+        DeprecatedPtr<JSObject>* objectSlot() { return &m_object; }
 
         bool appendNextProperty(Stringifier&, UStringBuilder&);
 
     private:
-        JSObject* const m_object;
+        DeprecatedPtr<JSObject> m_object;
         const bool m_isArray;
         bool m_isJSArray;
         unsigned m_index;
@@ -258,7 +259,7 @@ void Stringifier::markAggregate(MarkStack& markStack)
     for (Stringifier* stringifier = this; stringifier; stringifier = stringifier->m_nextStringifierToMark) {
         size_t size = m_holderStack.size();
         for (size_t i = 0; i < size; ++i)
-            markStack.append(m_holderStack[i].object());
+            markStack.append(m_holderStack[i].objectSlot());
     }
 }
 
@@ -269,7 +270,7 @@ JSValue Stringifier::stringify(JSValue value)
         return jsNull();
 
     PropertyNameForFunctionCall emptyPropertyName(m_exec->globalData().propertyNames->emptyIdentifier);
-    object->putDirect(m_exec->globalData().propertyNames->emptyIdentifier, value);
+    object->putDirect(m_exec->globalData(), m_exec->globalData().propertyNames->emptyIdentifier, value);
 
     UStringBuilder result;
     if (appendStringifiedValue(result, value, object, emptyPropertyName) != StringifySucceeded)
@@ -499,7 +500,7 @@ bool Stringifier::Holder::appendNextProperty(Stringifier& stringifier, UStringBu
     // First time through, initialize.
     if (!m_index) {
         if (m_isArray) {
-            m_isJSArray = isJSArray(&exec->globalData(), m_object);
+            m_isJSArray = isJSArray(&exec->globalData(), m_object.get());
             m_size = m_object->get(exec, exec->globalData().propertyNames->length).toUInt32(exec);
             builder.append('[');
         } else {
@@ -532,10 +533,10 @@ bool Stringifier::Holder::appendNextProperty(Stringifier& stringifier, UStringBu
     if (m_isArray) {
         // Get the value.
         JSValue value;
-        if (m_isJSArray && asArray(m_object)->canGetIndex(index))
-            value = asArray(m_object)->getIndex(index);
+        if (m_isJSArray && asArray(m_object.get())->canGetIndex(index))
+            value = asArray(m_object.get())->getIndex(index);
         else {
-            PropertySlot slot(m_object);
+            PropertySlot slot(m_object.get());
             if (!m_object->getOwnPropertySlot(exec, index, slot))
                 slot.setUndefined();
             if (exec->hadException())
@@ -549,10 +550,10 @@ bool Stringifier::Holder::appendNextProperty(Stringifier& stringifier, UStringBu
         stringifier.startNewLine(builder);
 
         // Append the stringified value.
-        stringifyResult = stringifier.appendStringifiedValue(builder, value, m_object, index);
+        stringifyResult = stringifier.appendStringifiedValue(builder, value, m_object.get(), index);
     } else {
         // Get the value.
-        PropertySlot slot(m_object);
+        PropertySlot slot(m_object.get());
         Identifier& propertyName = m_propertyNames->propertyNameVector()[index];
         if (!m_object->getOwnPropertySlot(exec, propertyName, slot))
             return true;
@@ -574,7 +575,7 @@ bool Stringifier::Holder::appendNextProperty(Stringifier& stringifier, UStringBu
             builder.append(' ');
 
         // Append the stringified value.
-        stringifyResult = stringifier.appendStringifiedValue(builder, value, m_object, propertyName);
+        stringifyResult = stringifier.appendStringifiedValue(builder, value, m_object.get(), propertyName);
     }
 
     // From this point on, no access to the this pointer or to any members, because the
@@ -641,13 +642,13 @@ private:
     {
         JSValue args[] = { property, unfiltered };
         ArgList argList(args, 2);
-        return call(m_exec, m_function, m_callType, m_callData, thisObj, argList);
+        return call(m_exec, m_function.get(), m_callType, m_callData, thisObj, argList);
     }
 
     friend class Holder;
 
     ExecState* m_exec;
-    JSObject* m_function;
+    DeprecatedPtr<JSObject> m_function;
     CallType m_callType;
     CallData m_callData;
 };
@@ -726,7 +727,7 @@ NEVER_INLINE JSValue Walker::walk(JSValue unfiltered)
                     array->deleteProperty(m_exec, indexStack.last());
                 else {
                     if (isJSArray(&m_exec->globalData(), array) && array->canSetIndex(indexStack.last()))
-                        array->setIndex(indexStack.last(), filteredValue);
+                        array->setIndex(m_exec->globalData(), indexStack.last(), filteredValue);
                     else
                         array->put(m_exec, indexStack.last(), filteredValue);
                 }
index 6ecc73f..7a1e7e1 100644 (file)
@@ -312,7 +312,7 @@ void JSObject::defineGetter(ExecState* exec, const Identifier& propertyName, JSO
     JSValue object = getDirect(propertyName);
     if (object && object.isGetterSetter()) {
         ASSERT(m_structure->hasGetterSetterProperties());
-        asGetterSetter(object)->setGetter(getterFunction);
+        asGetterSetter(object)->setGetter(exec->globalData(), getterFunction);
         return;
     }
 
@@ -331,7 +331,7 @@ void JSObject::defineGetter(ExecState* exec, const Identifier& propertyName, JSO
     }
 
     m_structure->setHasGetterSetterProperties(true);
-    getterSetter->setGetter(getterFunction);
+    getterSetter->setGetter(exec->globalData(), getterFunction);
 }
 
 void JSObject::defineSetter(ExecState* exec, const Identifier& propertyName, JSObject* setterFunction, unsigned attributes)
@@ -339,7 +339,7 @@ void JSObject::defineSetter(ExecState* exec, const Identifier& propertyName, JSO
     JSValue object = getDirect(propertyName);
     if (object && object.isGetterSetter()) {
         ASSERT(m_structure->hasGetterSetterProperties());
-        asGetterSetter(object)->setSetter(setterFunction);
+        asGetterSetter(object)->setSetter(exec->globalData(), setterFunction);
         return;
     }
 
@@ -358,7 +358,7 @@ void JSObject::defineSetter(ExecState* exec, const Identifier& propertyName, JSO
     }
 
     m_structure->setHasGetterSetterProperties(true);
-    getterSetter->setSetter(setterFunction);
+    getterSetter->setSetter(exec->globalData(), setterFunction);
 }
 
 JSValue JSObject::lookupGetter(ExecState*, const Identifier& propertyName)
@@ -512,34 +512,34 @@ void JSObject::removeDirect(const Identifier& propertyName)
     if (m_structure->isUncacheableDictionary()) {
         offset = m_structure->removePropertyWithoutTransition(propertyName);
         if (offset != WTF::notFound)
-            putDirectOffset(offset, jsUndefined());
+            putUndefinedAtDirectOffset(offset);
         return;
     }
 
     RefPtr<Structure> structure = Structure::removePropertyTransition(m_structure, propertyName, offset);
     setStructure(structure.release());
     if (offset != WTF::notFound)
-        putDirectOffset(offset, jsUndefined());
+        putUndefinedAtDirectOffset(offset);
 }
 
 void JSObject::putDirectFunction(ExecState* exec, InternalFunction* function, unsigned attr)
 {
-    putDirectFunction(Identifier(exec, function->name(exec)), function, attr);
+    putDirectFunction(exec->globalData(), Identifier(exec, function->name(exec)), function, attr);
 }
 
 void JSObject::putDirectFunction(ExecState* exec, JSFunction* function, unsigned attr)
 {
-    putDirectFunction(Identifier(exec, function->name(exec)), function, attr);
+    putDirectFunction(exec->globalData(), Identifier(exec, function->name(exec)), function, attr);
 }
 
 void JSObject::putDirectFunctionWithoutTransition(ExecState* exec, InternalFunction* function, unsigned attr)
 {
-    putDirectFunctionWithoutTransition(Identifier(exec, function->name(exec)), function, attr);
+    putDirectFunctionWithoutTransition(exec->globalData(), Identifier(exec, function->name(exec)), function, attr);
 }
 
 void JSObject::putDirectFunctionWithoutTransition(ExecState* exec, JSFunction* function, unsigned attr)
 {
-    putDirectFunctionWithoutTransition(Identifier(exec, function->name(exec)), function, attr);
+    putDirectFunctionWithoutTransition(exec->globalData(), Identifier(exec, function->name(exec)), function, attr);
 }
 
 NEVER_INLINE void JSObject::fillGetterPropertySlot(PropertySlot& slot, JSValue* location)
@@ -595,11 +595,11 @@ static bool putDescriptor(ExecState* exec, JSObject* target, const Identifier& p
             GetterSetter* accessor = new (exec) GetterSetter(exec);
             if (oldDescriptor.getter()) {
                 attributes |= Getter;
-                accessor->setGetter(asObject(oldDescriptor.getter()));
+                accessor->setGetter(exec->globalData(), asObject(oldDescriptor.getter()));
             }
             if (oldDescriptor.setter()) {
                 attributes |= Setter;
-                accessor->setSetter(asObject(oldDescriptor.setter()));
+                accessor->setSetter(exec->globalData(), asObject(oldDescriptor.setter()));
             }
             target->putWithAttributes(exec, propertyName, accessor, attributes);
             return true;
@@ -720,9 +720,9 @@ bool JSObject::defineOwnProperty(ExecState* exec, const Identifier& propertyName
     GetterSetter* getterSetter = asGetterSetter(accessor);
     if (current.attributesEqual(descriptor)) {
         if (descriptor.setter())
-            getterSetter->setSetter(asObject(descriptor.setter()));
+            getterSetter->setSetter(exec->globalData(), asObject(descriptor.setter()));
         if (descriptor.getter())
-            getterSetter->setGetter(asObject(descriptor.getter()));
+            getterSetter->setGetter(exec->globalData(), asObject(descriptor.getter()));
         return true;
     }
     deleteProperty(exec, propertyName);
@@ -731,7 +731,7 @@ bool JSObject::defineOwnProperty(ExecState* exec, const Identifier& propertyName
         attrs |= Setter;
     if (descriptor.getter())
         attrs |= Getter;
-    putDirect(propertyName, getterSetter, attrs);
+    putDirect(exec->globalData(), propertyName, getterSetter, attrs);
     return true;
 }
 
index 803abfd..dcdc93f 100644 (file)
@@ -70,8 +70,8 @@ namespace JSC {
         Setter       = 1 << 6   // property is a setter
     };
 
-    typedef EncodedJSValue* PropertyStorage;
-    typedef const EncodedJSValue* ConstPropertyStorage;
+    typedef WriteBarrierBase<Unknown>* PropertyStorage;
+    typedef const WriteBarrierBase<Unknown>* ConstPropertyStorage;
 
     class JSObject : public JSCell {
         friend class BatchedTransitionOptimizer;
@@ -179,23 +179,24 @@ namespace JSC {
         bool hasCustomProperties() { return !m_structure->isEmpty(); }
         bool hasGetterSetterProperties() { return m_structure->hasGetterSetterProperties(); }
 
-        bool putDirect(const Identifier& propertyName, JSValue value, unsigned attr, bool checkReadOnly, PutPropertySlot& slot);
-        void putDirect(const Identifier& propertyName, JSValue value, unsigned attr = 0);
-        bool putDirect(const Identifier& propertyName, JSValue value, PutPropertySlot&);
+        bool putDirect(JSGlobalData&, const Identifier& propertyName, JSValue, unsigned attr, bool checkReadOnly, PutPropertySlot&);
+        void putDirect(JSGlobalData&, const Identifier& propertyName, JSValue, unsigned attr = 0);
+        bool putDirect(JSGlobalData&, const Identifier& propertyName, JSValue, PutPropertySlot&);
 
-        void putDirectFunction(const Identifier& propertyName, JSCell* value, unsigned attr = 0);
-        void putDirectFunction(const Identifier& propertyName, JSCell* value, unsigned attr, bool checkReadOnly, PutPropertySlot& slot);
+        void putDirectFunction(JSGlobalData&, const Identifier& propertyName, JSCell*, unsigned attr = 0);
+        void putDirectFunction(JSGlobalData&, const Identifier& propertyName, JSCell*, unsigned attr, bool checkReadOnly, PutPropertySlot&);
         void putDirectFunction(ExecState* exec, InternalFunction* function, unsigned attr = 0);
         void putDirectFunction(ExecState* exec, JSFunction* function, unsigned attr = 0);
 
-        void putDirectWithoutTransition(const Identifier& propertyName, JSValue value, unsigned attr = 0);
-        void putDirectFunctionWithoutTransition(const Identifier& propertyName, JSCell* value, unsigned attr = 0);
+        void putDirectWithoutTransition(JSGlobalData&, const Identifier& propertyName, JSValue, unsigned attr = 0);
+        void putDirectFunctionWithoutTransition(JSGlobalData&, const Identifier& propertyName, JSCell* value, unsigned attr = 0);
         void putDirectFunctionWithoutTransition(ExecState* exec, InternalFunction* function, unsigned attr = 0);
         void putDirectFunctionWithoutTransition(ExecState* exec, JSFunction* function, unsigned attr = 0);
 
         // Fast access to known property offsets.
-        JSValue getDirectOffset(size_t offset) const { return JSValue::decode(propertyStorage()[offset]); }
-        void putDirectOffset(size_t offset, JSValue value) { propertyStorage()[offset] = JSValue::encode(value); }
+        JSValue getDirectOffset(size_t offset) const { return propertyStorage()[offset].get(); }
+        void putDirectOffset(JSGlobalData& globalData, size_t offset, JSValue value) { propertyStorage()[offset].set(globalData, this, value); }
+        void putUndefinedAtDirectOffset(size_t offset) { propertyStorage()[offset].setUndefined(); }
 
         void fillGetterPropertySlot(PropertySlot&, JSValue* location);
 
@@ -225,9 +226,9 @@ namespace JSC {
             return Structure::create(prototype, TypeInfo(ObjectType, StructureFlags), AnonymousSlotCount);
         }
 
-        void flattenDictionaryObject()
+        void flattenDictionaryObject(JSGlobalData& globalData)
         {
-            m_structure->flattenDictionaryStructure(this);
+            m_structure->flattenDictionaryStructure(globalData, this);
         }
 
         void putAnonymousValue(unsigned index, JSValue value)
@@ -267,8 +268,8 @@ namespace JSC {
             return reinterpret_cast<JSValue*>(&propertyStorage()[offset]);
         }
 
-        bool putDirectInternal(const Identifier& propertyName, JSValue value, unsigned attr, bool checkReadOnly, PutPropertySlot& slot, JSCell*);
-        bool putDirectInternal(JSGlobalData&, const Identifier& propertyName, JSValue value, unsigned attr, bool checkReadOnly, PutPropertySlot& slot);
+        bool putDirectInternal(JSGlobalData&, const Identifier& propertyName, JSValue, unsigned attr, bool checkReadOnly, PutPropertySlot&, JSCell*);
+        bool putDirectInternal(JSGlobalData&, const Identifier& propertyName, JSValue, unsigned attr, bool checkReadOnly, PutPropertySlot&);
         void putDirectInternal(JSGlobalData&, const Identifier& propertyName, JSValue value, unsigned attr = 0);
 
         bool inlineGetOwnPropertySlot(ExecState*, const Identifier& propertyName, PropertySlot&);
@@ -278,7 +279,7 @@ namespace JSC {
 
         union {
             PropertyStorage m_externalStorage;
-            EncodedJSValue m_inlineStorage[inlineStorageCapacity];
+            WriteBarrierBase<Unknown> m_inlineStorage[inlineStorageCapacity];
         };
 
         RefPtr<Structure> m_inheritorID;
@@ -450,7 +451,7 @@ inline JSValue JSObject::get(ExecState* exec, unsigned propertyName) const
     return jsUndefined();
 }
 
-inline bool JSObject::putDirectInternal(const Identifier& propertyName, JSValue value, unsigned attributes, bool checkReadOnly, PutPropertySlot& slot, JSCell* specificFunction)
+inline bool JSObject::putDirectInternal(JSGlobalData& globalData, const Identifier& propertyName, JSValue value, unsigned attributes, bool checkReadOnly, PutPropertySlot& slot, JSCell* specificFunction)
 {
     ASSERT(value);
     ASSERT(!Heap::heap(value) || Heap::heap(value) == Heap::heap(this));
@@ -467,7 +468,7 @@ inline bool JSObject::putDirectInternal(const Identifier& propertyName, JSValue
             if (checkReadOnly && currentAttributes & ReadOnly)
                 return false;
 
-            putDirectOffset(offset, value);
+            putDirectOffset(globalData, offset, value);
             // At this point, the objects structure only has a specific value set if previously there
             // had been one set, and if the new value being specified is the same (otherwise we would
             // have despecified, above).  So, if currentSpecificFunction is not set, or if the new
@@ -485,7 +486,7 @@ inline bool JSObject::putDirectInternal(const Identifier& propertyName, JSValue
             allocatePropertyStorage(currentCapacity, m_structure->propertyStorageCapacity());
 
         ASSERT(offset < m_structure->propertyStorageCapacity());
-        putDirectOffset(offset, value);
+        putDirectOffset(globalData, offset, value);
         // See comment on setNewProperty call below.
         if (!specificFunction)
             slot.setNewProperty(this, offset);
@@ -500,7 +501,7 @@ inline bool JSObject::putDirectInternal(const Identifier& propertyName, JSValue
 
         ASSERT(offset < structure->propertyStorageCapacity());
         setStructure(structure.release());
-        putDirectOffset(offset, value);
+        putDirectOffset(globalData, offset, value);
         // This is a new property; transitions with specific values are not currently cachable,
         // so leave the slot in an uncachable state.
         if (!specificFunction)
@@ -527,7 +528,7 @@ inline bool JSObject::putDirectInternal(const Identifier& propertyName, JSValue
         if (currentSpecificFunction) {
             // case (1) Do the put, then return leaving the slot uncachable.
             if (specificFunction == currentSpecificFunction) {
-                putDirectOffset(offset, value);
+                putDirectOffset(globalData, offset, value);
                 return true;
             }
             // case (2) Despecify, fall through to (3).
@@ -536,7 +537,7 @@ inline bool JSObject::putDirectInternal(const Identifier& propertyName, JSValue
 
         // case (3) set the slot, do the put, return.
         slot.setExistingProperty(this, offset);
-        putDirectOffset(offset, value);
+        putDirectOffset(globalData, offset, value);
         return true;
     }
 
@@ -557,7 +558,7 @@ inline bool JSObject::putDirectInternal(const Identifier& propertyName, JSValue
 
     ASSERT(offset < structure->propertyStorageCapacity());
     setStructure(structure.release());
-    putDirectOffset(offset, value);
+    putDirectOffset(globalData, offset, value);
     // This is a new property; transitions with specific values are not currently cachable,
     // so leave the slot in an uncachable state.
     if (!specificFunction)
@@ -570,61 +571,61 @@ inline bool JSObject::putDirectInternal(JSGlobalData& globalData, const Identifi
     ASSERT(value);
     ASSERT(!Heap::heap(value) || Heap::heap(value) == Heap::heap(this));
 
-    return putDirectInternal(propertyName, value, attributes, checkReadOnly, slot, getJSFunction(globalData, value));
+    return putDirectInternal(globalData, propertyName, value, attributes, checkReadOnly, slot, getJSFunction(globalData, value));
 }
 
 inline void JSObject::putDirectInternal(JSGlobalData& globalData, const Identifier& propertyName, JSValue value, unsigned attributes)
 {
     PutPropertySlot slot;
-    putDirectInternal(propertyName, value, attributes, false, slot, getJSFunction(globalData, value));
+    putDirectInternal(globalData, propertyName, value, attributes, false, slot, getJSFunction(globalData, value));
 }
 
-inline bool JSObject::putDirect(const Identifier& propertyName, JSValue value, unsigned attributes, bool checkReadOnly, PutPropertySlot& slot)
+inline bool JSObject::putDirect(JSGlobalData& globalData, const Identifier& propertyName, JSValue value, unsigned attributes, bool checkReadOnly, PutPropertySlot& slot)
 {
     ASSERT(value);
     ASSERT(!Heap::heap(value) || Heap::heap(value) == Heap::heap(this));
 
-    return putDirectInternal(propertyName, value, attributes, checkReadOnly, slot, 0);
+    return putDirectInternal(globalData, propertyName, value, attributes, checkReadOnly, slot, 0);
 }
 
-inline void JSObject::putDirect(const Identifier& propertyName, JSValue value, unsigned attributes)
+inline void JSObject::putDirect(JSGlobalData& globalData, const Identifier& propertyName, JSValue value, unsigned attributes)
 {
     PutPropertySlot slot;
-    putDirectInternal(propertyName, value, attributes, false, slot, 0);
+    putDirectInternal(globalData, propertyName, value, attributes, false, slot, 0);
 }
 
-inline bool JSObject::putDirect(const Identifier& propertyName, JSValue value, PutPropertySlot& slot)
+inline bool JSObject::putDirect(JSGlobalData& globalData, const Identifier& propertyName, JSValue value, PutPropertySlot& slot)
 {
-    return putDirectInternal(propertyName, value, 0, false, slot, 0);
+    return putDirectInternal(globalData, propertyName, value, 0, false, slot, 0);
 }
 
-inline void JSObject::putDirectFunction(const Identifier& propertyName, JSCell* value, unsigned attributes, bool checkReadOnly, PutPropertySlot& slot)
+inline void JSObject::putDirectFunction(JSGlobalData& globalData, const Identifier& propertyName, JSCell* value, unsigned attributes, bool checkReadOnly, PutPropertySlot& slot)
 {
-    putDirectInternal(propertyName, value, attributes, checkReadOnly, slot, value);
+    putDirectInternal(globalData, propertyName, value, attributes, checkReadOnly, slot, value);
 }
 
-inline void JSObject::putDirectFunction(const Identifier& propertyName, JSCell* value, unsigned attr)
+inline void JSObject::putDirectFunction(JSGlobalData& globalData, const Identifier& propertyName, JSCell* value, unsigned attr)
 {
     PutPropertySlot slot;
-    putDirectInternal(propertyName, value, attr, false, slot, value);
+    putDirectInternal(globalData, propertyName, value, attr, false, slot, value);
 }
 
-inline void JSObject::putDirectWithoutTransition(const Identifier& propertyName, JSValue value, unsigned attributes)
+inline void JSObject::putDirectWithoutTransition(JSGlobalData& globalData, const Identifier& propertyName, JSValue value, unsigned attributes)
 {
     size_t currentCapacity = m_structure->propertyStorageCapacity();
     size_t offset = m_structure->addPropertyWithoutTransition(propertyName, attributes, 0);
     if (currentCapacity != m_structure->propertyStorageCapacity())
         allocatePropertyStorage(currentCapacity, m_structure->propertyStorageCapacity());
-    putDirectOffset(offset, value);
+    putDirectOffset(globalData, offset, value);
 }
 
-inline void JSObject::putDirectFunctionWithoutTransition(const Identifier& propertyName, JSCell* value, unsigned attributes)
+inline void JSObject::putDirectFunctionWithoutTransition(JSGlobalData& globalData, const Identifier& propertyName, JSCell* value, unsigned attributes)
 {
     size_t currentCapacity = m_structure->propertyStorageCapacity();
     size_t offset = m_structure->addPropertyWithoutTransition(propertyName, attributes, value);
     if (currentCapacity != m_structure->propertyStorageCapacity())
         allocatePropertyStorage(currentCapacity, m_structure->propertyStorageCapacity());
-    putDirectOffset(offset, value);
+    putDirectOffset(globalData, offset, value);
 }
 
 inline void JSObject::transitionTo(Structure* newStructure)
@@ -703,7 +704,7 @@ inline void JSValue::put(ExecState* exec, const Identifier& propertyName, JSValu
 inline void JSValue::putDirect(ExecState* exec, const Identifier& propertyName, JSValue value, PutPropertySlot& slot)
 {
     ASSERT(isCell() && isObject());
-    if (!asObject(asCell())->putDirect(propertyName, value, slot) && slot.isStrictMode())
+    if (!asObject(asCell())->putDirect(exec->globalData(), propertyName, value, slot) && slot.isStrictMode())
         throwTypeError(exec, StrictModeReadonlyPropertyWriteError);
 }
 
@@ -725,7 +726,7 @@ ALWAYS_INLINE void JSObject::allocatePropertyStorageInline(size_t oldSize, size_
     bool wasInline = (oldSize == JSObject::inlineStorageCapacity);
 
     PropertyStorage oldPropertyStorage = (wasInline ? m_inlineStorage : m_externalStorage);
-    PropertyStorage newPropertyStorage = new EncodedJSValue[newSize];
+    PropertyStorage newPropertyStorage = new WriteBarrierBase<Unknown>[newSize];
 
     for (unsigned i = 0; i < oldSize; ++i)
        newPropertyStorage[i] = oldPropertyStorage[i];
@@ -740,11 +741,10 @@ ALWAYS_INLINE void JSObject::markChildrenDirect(MarkStack& markStack)
 {
     JSCell::markChildren(markStack);
 
-    markStack.append(prototype());
-    
+    markStack.append(m_structure->storedPrototypeSlot());
     PropertyStorage storage = propertyStorage();
     size_t storageSize = m_structure->propertyStorageSize();
-    markStack.appendValues(reinterpret_cast<JSValue*>(storage), storageSize);
+    markStack.appendValues(storage, storageSize);
 }
 
 // --- JSValue inlines ----------------------------
index a5d4da0..d08d8fe 100644 (file)
@@ -40,11 +40,11 @@ inline JSPropertyNameIterator::JSPropertyNameIterator(ExecState* exec, PropertyN
     , m_cachedStructure(0)
     , m_numCacheableSlots(numCacheableSlots)
     , m_jsStringsSize(propertyNameArrayData->propertyNameVector().size())
-    , m_jsStrings(new JSValue[m_jsStringsSize])
+    , m_jsStrings(new WriteBarrier<Unknown>[m_jsStringsSize])
 {
     PropertyNameArrayData::PropertyNameVector& propertyNameVector = propertyNameArrayData->propertyNameVector();
     for (size_t i = 0; i < m_jsStringsSize; ++i)
-        m_jsStrings[i] = jsOwnedString(exec, propertyNameVector[i].ustring());
+        m_jsStrings[i].set(exec->globalData(), this, jsOwnedString(exec, propertyNameVector[i].ustring()));
 }
 
 JSPropertyNameIterator::~JSPropertyNameIterator()
@@ -91,7 +91,7 @@ JSPropertyNameIterator* JSPropertyNameIterator::create(ExecState* exec, JSObject
 
 JSValue JSPropertyNameIterator::get(ExecState* exec, JSObject* base, size_t i)
 {
-    JSValue& identifier = m_jsStrings[i];
+    JSValue identifier = m_jsStrings[i].get();
     if (m_cachedStructure == base->structure() && m_cachedPrototypeChain == base->structure()->prototypeChain(exec))
         return identifier;
 
index 01700ac..cd46243 100644 (file)
@@ -85,7 +85,7 @@ namespace JSC {
         RefPtr<StructureChain> m_cachedPrototypeChain;
         uint32_t m_numCacheableSlots;
         uint32_t m_jsStringsSize;
-        OwnArrayPtr<JSValue> m_jsStrings;
+        OwnArrayPtr<WriteBarrier<Unknown> > m_jsStrings;
     };
 
     inline void Structure::setEnumerationCache(JSPropertyNameIterator* enumerationCache)
index 7ab1d1c..80b048e 100644 (file)
@@ -34,7 +34,7 @@ ASSERT_CLASS_FITS_IN_CELL(JSStaticScopeObject);
 void JSStaticScopeObject::markChildren(MarkStack& markStack)
 {
     JSVariableObject::markChildren(markStack);
-    markStack.append(d()->registerStore.jsValue());
+    markStack.deprecatedAppend(&d()->registerStore);
 }
 
 JSObject* JSStaticScopeObject::toThisObject(ExecState* exec) const
index ba28139..848c431 100644 (file)
@@ -255,7 +255,7 @@ UString JSString::toString(ExecState* exec) const
 
 inline StringObject* StringObject::create(ExecState* exec, JSString* string)
 {
-    return new (exec) StringObject(exec->lexicalGlobalObject()->stringObjectStructure(), string);
+    return new (exec) StringObject(exec->globalData(), exec->lexicalGlobalObject()->stringObjectStructure(), string);
 }
 
 JSObject* JSString::toObject(ExecState* exec) const
index cad9662..b2e7a51 100644 (file)
@@ -47,6 +47,9 @@ namespace JSC {
     struct ClassInfo;
     struct Instruction;
 
+    template <class T> class DeprecatedPtr;
+    template <class T> class WriteBarrierBase;
+
     enum PreferredPrimitiveType { NoPreference, PreferNumber, PreferString };
 
 #if USE(JSVALUE32_64)
@@ -212,6 +215,9 @@ namespace JSC {
 #endif
 
     private:
+        template <class T> JSValue(DeprecatedPtr<T>);
+        template <class T> JSValue(WriteBarrierBase<T>);
+
         enum HashTableDeletedValueTag { HashTableDeletedValue };
         JSValue(HashTableDeletedValueTag);
 
index 2c39f5c..6c73b2f 100644 (file)
@@ -30,7 +30,7 @@ void JSWrapperObject::markChildren(MarkStack& markStack)
 {
     JSObject::markChildren(markStack);
     if (m_internalValue)
-        markStack.append(m_internalValue);
+        markStack.append(&m_internalValue);
 }
 
 } // namespace JSC
index f19cd30..4eaf2c0 100644 (file)
@@ -33,8 +33,8 @@ namespace JSC {
         explicit JSWrapperObject(NonNullPassRefPtr<Structure>);
 
     public:
-        JSValue internalValue() const { return m_internalValue; }
-        void setInternalValue(JSValue);
+        JSValue internalValue() const { return m_internalValue.get(); }
+        void setInternalValue(JSGlobalData&, JSValue);
 
         static PassRefPtr<Structure> createStructure(JSValue prototype) 
         { 
@@ -47,7 +47,7 @@ namespace JSC {
     private:
         virtual void markChildren(MarkStack&);
         
-        JSValue m_internalValue;
+        WriteBarrier<Unknown> m_internalValue;
     };
 
     inline JSWrapperObject::JSWrapperObject(NonNullPassRefPtr<Structure> structure)
@@ -56,11 +56,11 @@ namespace JSC {
         putAnonymousValue(0, jsNull());
     }
 
-    inline void JSWrapperObject::setInternalValue(JSValue value)
+    inline void JSWrapperObject::setInternalValue(JSGlobalData& globalData, JSValue value)
     {
         ASSERT(value);
         ASSERT(!value.isObject());
-        m_internalValue = value;
+        m_internalValue.set(globalData, this, value);
         putAnonymousValue(0, value);
     }
 
index df87e7f..bc2e736 100644 (file)
@@ -373,7 +373,7 @@ JSValue LiteralParser::parse(ParserState initialState)
             }
             case DoParseObjectEndExpression:
             {
-                asObject(objectStack.last())->putDirect(identifierStack.last(), lastValue);
+                asObject(objectStack.last())->putDirect(m_exec->globalData(), identifierStack.last(), lastValue);
                 identifierStack.removeLast();
                 if (m_lexer.currentToken().type == TokComma)
                     goto doParseObjectStartExpression;
index dac1c94..13ea923 100644 (file)
@@ -86,7 +86,7 @@ void setUpStaticFunctionSlot(ExecState* exec, const HashEntry* entry, JSObject*
 #endif
             function = new (exec) NativeFunctionWrapper(exec, globalObject, globalObject->prototypeFunctionStructure(), entry->functionLength(), propertyName, entry->function());
 
-        thisObj->putDirectFunction(propertyName, function, entry->attributes());
+        thisObj->putDirectFunction(exec->globalData(), propertyName, function, entry->attributes());
         location = thisObj->getDirectLocation(propertyName);
     }
 
index 0d6d98f..43184e5 100644 (file)
@@ -312,9 +312,9 @@ namespace JSC {
 
         if (entry->attributes() & Function) { // function: put as override property
             if (LIKELY(value.isCell()))
-                thisObj->putDirectFunction(propertyName, value.asCell());
+                thisObj->putDirectFunction(exec->globalData(), propertyName, value.asCell());
             else
-                thisObj->putDirect(propertyName, value);
+                thisObj->putDirect(exec->globalData(), propertyName, value);
         } else if (!(entry->attributes() & ReadOnly))
             entry->propertyPutter()(exec, thisObj, value);
 
index c3cb4f2..0b7941e 100644 (file)
@@ -27,6 +27,7 @@
 #define MarkStack_h
 
 #include "JSValue.h"
+#include "WriteBarrier.h"
 #include <wtf/Vector.h>
 #include <wtf/Noncopyable.h>
 #include <wtf/OSAllocator.h>
@@ -49,17 +50,23 @@ namespace JSC {
 #endif
         {
         }
-
-        ALWAYS_INLINE void append(JSValue);
-        void append(JSCell*);
         
-        ALWAYS_INLINE void appendValues(Register* values, size_t count, MarkSetProperties properties = NoNullValues)
+        void deprecatedAppend(JSValue*);
+        void deprecatedAppend(JSCell**);
+        void deprecatedAppend(Register*);
+        template <typename T> void append(WriteBarrierBase<T>*);
+        template <typename T> void append(DeprecatedPtr<T>*);
+        
+        ALWAYS_INLINE void deprecatedAppendValues(Register* registers, size_t count, MarkSetProperties properties = NoNullValues)
         {
-            appendValues(reinterpret_cast<JSValue*>(values), count, properties);
+            JSValue* values = reinterpret_cast<JSValue*>(registers);
+            if (count)
+                m_markSets.append(MarkSet(values, values + count, properties));
         }
 
-        ALWAYS_INLINE void appendValues(JSValue* values, size_t count, MarkSetProperties properties = NoNullValues)
+        void appendValues(WriteBarrierBase<Unknown>* barriers, size_t count, MarkSetProperties properties = NoNullValues)
         {
+            JSValue* values = barriers->slot();
             if (count)
                 m_markSets.append(MarkSet(values, values + count, properties));
         }
@@ -74,6 +81,8 @@ namespace JSC {
         }
 
     private:
+        void internalAppend(JSCell*);
+        void internalAppend(JSValue);
         void markChildren(JSCell*);
 
         struct MarkSet {
index 080d7d2..c79316b 100644 (file)
@@ -89,14 +89,14 @@ const ClassInfo MathObject::info = { "Math", 0, 0, ExecState::mathTable };
 MathObject::MathObject(ExecState* exec, JSGlobalObject* globalObject, NonNullPassRefPtr<Structure> structure)
     : JSObjectWithGlobalObject(globalObject, structure)
 {
-    putDirectWithoutTransition(Identifier(exec, "E"), jsNumber(exp(1.0)), DontDelete | DontEnum | ReadOnly);
-    putDirectWithoutTransition(Identifier(exec, "LN2"), jsNumber(log(2.0)), DontDelete | DontEnum | ReadOnly);
-    putDirectWithoutTransition(Identifier(exec, "LN10"), jsNumber(log(10.0)), DontDelete | DontEnum | ReadOnly);
-    putDirectWithoutTransition(Identifier(exec, "LOG2E"), jsNumber(1.0 / log(2.0)), DontDelete | DontEnum | ReadOnly);
-    putDirectWithoutTransition(Identifier(exec, "LOG10E"), jsNumber(1.0 / log(10.0)), DontDelete | DontEnum | ReadOnly);
-    putDirectWithoutTransition(Identifier(exec, "PI"), jsNumber(piDouble), DontDelete | DontEnum | ReadOnly);
-    putDirectWithoutTransition(Identifier(exec, "SQRT1_2"), jsNumber(sqrt(0.5)), DontDelete | DontEnum | ReadOnly);
-    putDirectWithoutTransition(Identifier(exec, "SQRT2"), jsNumber(sqrt(2.0)), DontDelete | DontEnum | ReadOnly);
+    putDirectWithoutTransition(exec->globalData(), Identifier(exec, "E"), jsNumber(exp(1.0)), DontDelete | DontEnum | ReadOnly);
+    putDirectWithoutTransition(exec->globalData(), Identifier(exec, "LN2"), jsNumber(log(2.0)), DontDelete | DontEnum | ReadOnly);
+    putDirectWithoutTransition(exec->globalData(), Identifier(exec, "LN10"), jsNumber(log(10.0)), DontDelete | DontEnum | ReadOnly);
+    putDirectWithoutTransition(exec->globalData(), Identifier(exec, "LOG2E"), jsNumber(1.0 / log(2.0)), DontDelete | DontEnum | ReadOnly);
+    putDirectWithoutTransition(exec->globalData(), Identifier(exec, "LOG10E"), jsNumber(1.0 / log(10.0)), DontDelete | DontEnum | ReadOnly);
+    putDirectWithoutTransition(exec->globalData(), Identifier(exec, "PI"), jsNumber(piDouble), DontDelete | DontEnum | ReadOnly);
+    putDirectWithoutTransition(exec->globalData(), Identifier(exec, "SQRT1_2"), jsNumber(sqrt(0.5)), DontDelete | DontEnum | ReadOnly);
+    putDirectWithoutTransition(exec->globalData(), Identifier(exec, "SQRT2"), jsNumber(sqrt(2.0)), DontDelete | DontEnum | ReadOnly);
 }
 
 // ECMA 15.8
index eb508eb..421eecf 100644 (file)
@@ -37,8 +37,8 @@ NativeErrorConstructor::NativeErrorConstructor(ExecState* exec, JSGlobalObject*
 {
     NativeErrorPrototype* prototype = new (exec) NativeErrorPrototype(exec, globalObject, prototypeStructure, nameAndMessage, this);
 
-    putDirect(exec->propertyNames().length, jsNumber(1), DontDelete | ReadOnly | DontEnum); // ECMA 15.11.7.5
-    putDirect(exec->propertyNames().prototype, prototype, DontDelete | ReadOnly | DontEnum);
+    putDirect(exec->globalData(), exec->propertyNames().length, jsNumber(1), DontDelete | ReadOnly | DontEnum); // ECMA 15.11.7.5
+    putDirect(exec->globalData(), exec->propertyNames().prototype, prototype, DontDelete | ReadOnly | DontEnum);
     m_errorStructure = ErrorInstance::createStructure(prototype);
 }
 
index 540220a..4e10268 100644 (file)
@@ -34,9 +34,9 @@ ASSERT_CLASS_FITS_IN_CELL(NativeErrorPrototype);
 NativeErrorPrototype::NativeErrorPrototype(ExecState* exec, JSGlobalObject* globalObject, NonNullPassRefPtr<Structure> structure, const UString& nameAndMessage, NativeErrorConstructor* constructor)
     : JSObjectWithGlobalObject(globalObject, structure)
 {
-    putDirect(exec->propertyNames().name, jsString(exec, nameAndMessage), 0);
-    putDirect(exec->propertyNames().message, jsString(exec, nameAndMessage), 0);
-    putDirect(exec->propertyNames().constructor, constructor, DontEnum);
+    putDirect(exec->globalData(), exec->propertyNames().name, jsString(exec, nameAndMessage), 0);
+    putDirect(exec->globalData(), exec->propertyNames().message, jsString(exec, nameAndMessage), 0);
+    putDirect(exec->globalData(), exec->propertyNames().constructor, constructor, DontEnum);
 }
 
 } // namespace JSC
index 5369ca0..238dc93 100644 (file)
@@ -58,10 +58,10 @@ NumberConstructor::NumberConstructor(ExecState* exec, JSGlobalObject* globalObje
     : InternalFunction(&exec->globalData(), globalObject, structure, Identifier(exec, numberPrototype->info.className))
 {
     // Number.Prototype
-    putDirectWithoutTransition(exec->propertyNames().prototype, numberPrototype, DontEnum | DontDelete | ReadOnly);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().prototype, numberPrototype, DontEnum | DontDelete | ReadOnly);
 
     // no. of arguments for constructor
-    putDirectWithoutTransition(exec->propertyNames().length, jsNumber(1), ReadOnly | DontEnum | DontDelete);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().length, jsNumber(1), ReadOnly | DontEnum | DontDelete);
 }
 
 bool NumberConstructor::getOwnPropertySlot(ExecState* exec, const Identifier& propertyName, PropertySlot& slot)
@@ -104,7 +104,7 @@ static EncodedJSValue JSC_HOST_CALL constructWithNumberConstructor(ExecState* ex
 {
     NumberObject* object = new (exec) NumberObject(exec->lexicalGlobalObject()->numberObjectStructure());
     double n = exec->argumentCount() ? exec->argument(0).toNumber(exec) : 0;
-    object->setInternalValue(jsNumber(n));
+    object->setInternalValue(exec->globalData(), jsNumber(n));
     return JSValue::encode(object);
 }
 
index 1a7e44c..569dbed 100644 (file)
@@ -44,7 +44,7 @@ JSValue NumberObject::getJSNumber()
 NumberObject* constructNumber(ExecState* exec, JSValue number)
 {
     NumberObject* object = new (exec) NumberObject(exec->lexicalGlobalObject()->numberObjectStructure());
-    object->setInternalValue(number);
+    object->setInternalValue(exec->globalData(), number);
     return object;
 }
 
index 0b86c00..3550894 100644 (file)
@@ -49,7 +49,7 @@ static EncodedJSValue JSC_HOST_CALL numberProtoFuncToPrecision(ExecState*);
 NumberPrototype::NumberPrototype(ExecState* exec, JSGlobalObject* globalObject, NonNullPassRefPtr<Structure> structure, Structure* prototypeFunctionStructure)
     : NumberObject(structure)
 {
-    setInternalValue(jsNumber(0));
+    setInternalValue(exec->globalData(), jsNumber(0));
 
     // The constructor will be added later, after NumberConstructor has been constructed
 
index ca3dcd7..f31da67 100644 (file)
@@ -47,10 +47,10 @@ ObjectConstructor::ObjectConstructor(ExecState* exec, JSGlobalObject* globalObje
 : InternalFunction(&exec->globalData(), globalObject, structure, Identifier(exec, "Object"))
 {
     // ECMA 15.2.3.1
-    putDirectWithoutTransition(exec->propertyNames().prototype, objectPrototype, DontEnum | DontDelete | ReadOnly);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().prototype, objectPrototype, DontEnum | DontDelete | ReadOnly);
     
     // no. of arguments for constructor
-    putDirectWithoutTransition(exec->propertyNames().length, jsNumber(1), ReadOnly | DontEnum | DontDelete);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().length, jsNumber(1), ReadOnly | DontEnum | DontDelete);
     
     putDirectFunctionWithoutTransition(exec, new (exec) NativeFunctionWrapper(exec, globalObject, prototypeFunctionStructure, 1, exec->propertyNames().getPrototypeOf, objectConstructorGetPrototypeOf), DontEnum);
     putDirectFunctionWithoutTransition(exec, new (exec) NativeFunctionWrapper(exec, globalObject, prototypeFunctionStructure, 2, exec->propertyNames().getOwnPropertyDescriptor, objectConstructorGetOwnPropertyDescriptor), DontEnum);
@@ -117,15 +117,15 @@ EncodedJSValue JSC_HOST_CALL objectConstructorGetOwnPropertyDescriptor(ExecState
 
     JSObject* description = constructEmptyObject(exec);
     if (!descriptor.isAccessorDescriptor()) {
-        description->putDirect(exec->propertyNames().value, descriptor.value() ? descriptor.value() : jsUndefined(), 0);
-        description->putDirect(exec->propertyNames().writable, jsBoolean(descriptor.writable()), 0);
+        description->putDirect(exec->globalData(), exec->propertyNames().value, descriptor.value() ? descriptor.value() : jsUndefined(), 0);
+        description->putDirect(exec->globalData(), exec->propertyNames().writable, jsBoolean(descriptor.writable()), 0);
     } else {
-        description->putDirect(exec->propertyNames().get, descriptor.getter() ? descriptor.getter() : jsUndefined(), 0);
-        description->putDirect(exec->propertyNames().set, descriptor.setter() ? descriptor.setter() : jsUndefined(), 0);
+        description->putDirect(exec->globalData(), exec->propertyNames().get, descriptor.getter() ? descriptor.getter() : jsUndefined(), 0);
+        description->putDirect(exec->globalData(), exec->propertyNames().set, descriptor.setter() ? descriptor.setter() : jsUndefined(), 0);
     }
     
-    description->putDirect(exec->propertyNames().enumerable, jsBoolean(descriptor.enumerable()), 0);
-    description->putDirect(exec->propertyNames().configurable, jsBoolean(descriptor.configurable()), 0);
+    description->putDirect(exec->globalData(), exec->propertyNames().enumerable, jsBoolean(descriptor.enumerable()), 0);
+    description->putDirect(exec->globalData(), exec->propertyNames().configurable, jsBoolean(descriptor.configurable()), 0);
 
     return JSValue::encode(description);
 }
index 1252345..6e84123 100644 (file)
@@ -429,7 +429,7 @@ namespace JSC {
             // Since we're accessing a prototype in a loop, it's a good bet that it
             // should not be treated as a dictionary.
             if (cell->structure()->isDictionary()) {
-                asObject(cell)->flattenDictionaryObject();
+                asObject(cell)->flattenDictionaryObject(callFrame->globalData());
                 if (slotBase == cell)
                     slotOffset = cell->structure()->get(propertyName); 
             }
@@ -454,7 +454,7 @@ namespace JSC {
             // Since we're accessing a prototype in a loop, it's a good bet that it
             // should not be treated as a dictionary.
             if (base->structure()->isDictionary())
-                asObject(base)->flattenDictionaryObject();
+                asObject(base)->flattenDictionaryObject(callFrame->globalData());
 
             ++count;
         }
@@ -471,7 +471,7 @@ namespace JSC {
         PropertySlot slot;
         JSObject* base;
         while (true) {
-            base = *iter;
+            base = iter->get();
             if (next == end)
                 return isStrictPut ? JSValue() : base;
             if (base->getPropertySlot(callFrame, property, slot))
index 3529080..95e1033 100644 (file)
@@ -37,7 +37,7 @@ PrototypeFunction::PrototypeFunction(ExecState* exec, JSGlobalObject* globalObje
     , m_function(function)
 {
     ASSERT_ARG(function, function);
-    putDirect(exec->propertyNames().length, jsNumber(length), DontDelete | ReadOnly | DontEnum);
+    putDirect(exec->globalData(), exec->propertyNames().length, jsNumber(length), DontDelete | ReadOnly | DontEnum);
 }
 
 PrototypeFunction::PrototypeFunction(ExecState* exec, JSGlobalObject* globalObject, NonNullPassRefPtr<Structure> prototypeFunctionStructure, int length, const Identifier& name, NativeFunction function)
@@ -45,7 +45,7 @@ PrototypeFunction::PrototypeFunction(ExecState* exec, JSGlobalObject* globalObje
     , m_function(function)
 {
     ASSERT_ARG(function, function);
-    putDirect(exec->propertyNames().length, jsNumber(length), DontDelete | ReadOnly | DontEnum);
+    putDirect(exec->globalData(), exec->propertyNames().length, jsNumber(length), DontDelete | ReadOnly | DontEnum);
 }
     
 CallType PrototypeFunction::getCallData(CallData& callData)
index 4b0b394..4c9e0e6 100644 (file)
@@ -45,14 +45,14 @@ namespace JSC {
         {
         }
 
-        void setExistingProperty(JSObject* base, size_t offset)
+        void setExistingProperty(DeprecatedPtr<JSObject> base, size_t offset)
         {
             m_type = ExistingProperty;
             m_base = base;
             m_offset = offset;
         }
 
-        void setNewProperty(JSObject* base, size_t offset)
+        void setNewProperty(DeprecatedPtr<JSObject> base, size_t offset)
         {
             m_type = NewProperty;
             m_base = base;
@@ -60,7 +60,7 @@ namespace JSC {
         }
 
         Type type() const { return m_type; }
-        JSObject* base() const { return m_base; }
+        JSObject* base() const { return m_base.get(); }
 
         bool isStrictMode() const { return m_isStrictMode; }
         bool isCacheable() const { return m_type != Uncachable; }
@@ -70,7 +70,7 @@ namespace JSC {
         }
     private:
         Type m_type;
-        JSObject* m_base;
+        DeprecatedPtr<JSObject> m_base;
         size_t m_offset;
         bool m_isStrictMode;
     };
index 30d3eab..1b30514 100644 (file)
@@ -100,10 +100,10 @@ RegExpConstructor::RegExpConstructor(ExecState* exec, JSGlobalObject* globalObje
     , d(adoptPtr(new RegExpConstructorPrivate))
 {
     // ECMA 15.10.5.1 RegExp.prototype
-    putDirectWithoutTransition(exec->propertyNames().prototype, regExpPrototype, DontEnum | DontDelete | ReadOnly);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().prototype, regExpPrototype, DontEnum | DontDelete | ReadOnly);
 
     // no. of arguments for constructor
-    putDirectWithoutTransition(exec->propertyNames().length, jsNumber(2), ReadOnly | DontDelete | DontEnum);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().length, jsNumber(2), ReadOnly | DontDelete | DontEnum);
 }
 
 RegExpMatchesArray::RegExpMatchesArray(ExecState* exec, RegExpConstructorPrivate* data)
index 54c5082..976cff6 100644 (file)
@@ -35,12 +35,12 @@ void ScopeChainNode::print() const
 {
     ScopeChainIterator scopeEnd = end();
     for (ScopeChainIterator scopeIter = begin(); scopeIter != scopeEnd; ++scopeIter) {
-        JSObject* o = *scopeIter;
+        DeprecatedPtr<JSObject> o = *scopeIter;
         PropertyNameArray propertyNames(globalObject->globalExec());
         o->getPropertyNames(globalObject->globalExec(), propertyNames);
         PropertyNameArray::const_iterator propEnd = propertyNames.end();
 
-        fprintf(stderr, "----- [scope %p] -----\n", o);
+        fprintf(stderr, "----- [scope %p] -----\n", o.get());
         for (PropertyNameArray::const_iterator propIter = propertyNames.begin(); propIter != propEnd; propIter++) {
             Identifier name = *propIter;
             fprintf(stderr, "%s, ", name.ustring().utf8().data());
index b104e75..11f3692 100644 (file)
@@ -21,6 +21,7 @@
 #ifndef ScopeChain_h
 #define ScopeChain_h
 
+#include "WriteBarrier.h"
 #include <wtf/FastAllocBase.h>
 
 namespace JSC {
@@ -52,7 +53,6 @@ namespace JSC {
         ~ScopeChainNode()
         {
             next = 0;
-            object = 0;
             globalData = 0;
             globalObject = 0;
             globalThis = 0;
@@ -60,7 +60,7 @@ namespace JSC {
 #endif
 
         ScopeChainNode* next;
-        JSObject* object;
+        DeprecatedPtr<JSObject> object;
         JSGlobalData* globalData;
         JSGlobalObject* globalObject;
         JSObject* globalThis;
@@ -131,8 +131,8 @@ namespace JSC {
         {
         }
 
-        JSObject* const & operator*() const { return m_node->object; }
-        JSObject* const * operator->() const { return &(operator*()); }
+        DeprecatedPtr<JSObject> const & operator*() const { return m_node->object; }
+        DeprecatedPtr<JSObject> const * operator->() const { return &(operator*()); }
     
         ScopeChainIterator& operator++() { m_node = m_node->next; return *this; }
 
@@ -195,7 +195,7 @@ namespace JSC {
 
         ScopeChainNode* node() const { return m_node; }
 
-        JSObject* top() const { return m_node->object; }
+        JSObject* top() const { return m_node->object.get(); }
 
         ScopeChainIterator begin() const { return m_node->begin(); }
         ScopeChainIterator end() const { return m_node->end(); }
index 984d101..faa4824 100644 (file)
@@ -28,7 +28,7 @@ namespace JSC {
     inline void ScopeChain::markAggregate(MarkStack& markStack) const
     {
         for (ScopeChainNode* n = m_node; n; n = n->next)
-            markStack.append(n->object);
+            markStack.append(&n->object);
     }
 
 } // namespace JSC
index 5614932..c63a20d 100644 (file)
@@ -35,7 +35,7 @@ namespace JSC {
 
 static const unsigned numCharactersToStore = 0x100;
 
-static inline bool isMarked(JSString* string)
+static inline bool isMarked(JSCell* string)
 {
     return string && Heap::isCellMarked(string);
 }
@@ -83,9 +83,9 @@ void SmallStrings::markChildren(MarkStack& markStack)
        so, it's probably reasonable to mark the rest. If not, we clear the cache.
      */
 
-    bool isAnyStringMarked = isMarked(m_emptyString);
+    bool isAnyStringMarked = isMarked(m_emptyString.get());
     for (unsigned i = 0; i < numCharactersToStore && !isAnyStringMarked; ++i)
-        isAnyStringMarked = isMarked(m_singleCharacterStrings[i]);
+        isAnyStringMarked = isMarked(m_singleCharacterStrings[i].get());
     
     if (!isAnyStringMarked) {
         clear();
@@ -93,10 +93,10 @@ void SmallStrings::markChildren(MarkStack& markStack)
     }
     
     if (m_emptyString)
-        markStack.append(m_emptyString);
+        markStack.append(&m_emptyString);
     for (unsigned i = 0; i < numCharactersToStore; ++i) {
         if (m_singleCharacterStrings[i])
-            markStack.append(m_singleCharacterStrings[i]);
+            markStack.append(&m_singleCharacterStrings[i]);
     }
 }
 
index ac84fe8..ee795b6 100644 (file)
@@ -27,6 +27,7 @@
 #define SmallStrings_h
 
 #include "UString.h"
+#include "WriteBarrier.h"
 #include <wtf/FixedArray.h>
 #include <wtf/OwnPtr.h>
 
@@ -47,13 +48,13 @@ namespace JSC {
         {
             if (!m_emptyString)
                 createEmptyString(globalData);
-            return m_emptyString;
+            return m_emptyString.get();
         }
         JSString* singleCharacterString(JSGlobalData* globalData, unsigned char character)
         {
             if (!m_singleCharacterStrings[character])
                 createSingleCharacterString(globalData, character);
-            return m_singleCharacterStrings[character];
+            return m_singleCharacterStrings[character].get();
         }
 
         StringImpl* singleCharacterStringRep(unsigned char character);
@@ -63,14 +64,14 @@ namespace JSC {
 
         unsigned count() const;
 #if ENABLE(JIT)
-        JSString** singleCharacterStrings() { return m_singleCharacterStrings.data(); }
+        JSCell** singleCharacterStrings() { return m_singleCharacterStrings[0].slot(); }
 #endif
     private:
         void createEmptyString(JSGlobalData*);
         void createSingleCharacterString(JSGlobalData*, unsigned char);
 
-        JSString* m_emptyString;
-        FixedArray<JSString*, 0x100> m_singleCharacterStrings;
+        DeprecatedPtr<JSString> m_emptyString;
+        FixedArray<DeprecatedPtr<JSString>, 0x100> m_singleCharacterStrings;
         OwnPtr<SmallStringsStorage> m_storage;
     };
 
index 101650c..604473b 100644 (file)
@@ -53,7 +53,7 @@ StringConstructor::StringConstructor(ExecState* exec, JSGlobalObject* globalObje
     : InternalFunction(&exec->globalData(), globalObject, structure, Identifier(exec, stringPrototype->classInfo()->className))
 {
     // ECMA 15.5.3.1 String.prototype
-    putDirectWithoutTransition(exec->propertyNames().prototype, stringPrototype, ReadOnly | DontEnum | DontDelete);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().prototype, stringPrototype, ReadOnly | DontEnum | DontDelete);
 
     // ECMA 15.5.3.2 fromCharCode()
 #if ENABLE(JIT) && ENABLE(JIT_OPTIMIZE_NATIVE_CALL)
@@ -62,7 +62,7 @@ StringConstructor::StringConstructor(ExecState* exec, JSGlobalObject* globalObje
     putDirectFunctionWithoutTransition(exec, new (exec) NativeFunctionWrapper(exec, globalObject, prototypeFunctionStructure, 1, exec->propertyNames().fromCharCode, stringFromCharCode), DontEnum);
 #endif
     // no. of arguments for constructor
-    putDirectWithoutTransition(exec->propertyNames().length, jsNumber(1), ReadOnly | DontEnum | DontDelete);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().length, jsNumber(1), ReadOnly | DontEnum | DontDelete);
 }
 
 // ECMA 15.5.2
index dc27618..63e4144 100644 (file)
@@ -32,19 +32,19 @@ const ClassInfo StringObject::info = { "String", 0, 0, 0 };
 StringObject::StringObject(ExecState* exec, NonNullPassRefPtr<Structure> structure)
     : JSWrapperObject(structure)
 {
-    setInternalValue(jsEmptyString(exec));
+    setInternalValue(exec->globalData(), jsEmptyString(exec));
 }
 
-StringObject::StringObject(NonNullPassRefPtr<Structure> structure, JSString* string)
+StringObject::StringObject(JSGlobalData& globalData, NonNullPassRefPtr<Structure> structure, JSString* string)
     : JSWrapperObject(structure)
 {
-    setInternalValue(string);
+    setInternalValue(globalData, string);
 }
 
 StringObject::StringObject(ExecState* exec, NonNullPassRefPtr<Structure> structure, const UString& string)
     : JSWrapperObject(structure)
 {
-    setInternalValue(jsString(exec, string));
+    setInternalValue(exec->globalData(), jsString(exec, string));
 }
 
 bool StringObject::getOwnPropertySlot(ExecState* exec, const Identifier& propertyName, PropertySlot& slot)
index e3add77..03488f5 100644 (file)
@@ -53,7 +53,7 @@ namespace JSC {
 
     protected:
         static const unsigned StructureFlags = OverridesGetOwnPropertySlot | OverridesMarkChildren | OverridesGetPropertyNames | JSWrapperObject::StructureFlags;
-        StringObject(NonNullPassRefPtr<Structure>, JSString*);
+        StringObject(JSGlobalData&, NonNullPassRefPtr<Structure>, JSString*);
   };
 
     StringObject* asStringObject(JSValue);
index 8b3d056..6cf0792 100644 (file)
@@ -136,7 +136,7 @@ StringPrototype::StringPrototype(ExecState* exec, JSGlobalObject* globalObject,
 {
     putAnonymousValue(0, globalObject);
     // The constructor will be added later, after StringConstructor has been built
-    putDirectWithoutTransition(exec->propertyNames().length, jsNumber(0), DontDelete | ReadOnly | DontEnum);
+    putDirectWithoutTransition(exec->globalData(), exec->propertyNames().length, jsNumber(0), DontDelete | ReadOnly | DontEnum);
 }
 
 bool StringPrototype::getOwnPropertySlot(ExecState* exec, const Identifier& propertyName, PropertySlot &slot)
index 0179eed..e8f5d7a 100644 (file)
@@ -242,7 +242,7 @@ Structure::Structure(JSValue prototype, const TypeInfo& typeInfo, unsigned anony
     m_transitions.m_singleTransition = 0;
 
     ASSERT(m_prototype);
-    ASSERT(m_prototype.isObject() || m_prototype.isNull());
+    ASSERT(m_prototype->isObject() || m_prototype->isNull());
 
 #ifndef NDEBUG
 #if ENABLE(JSC_MULTIPLE_THREADS)
@@ -476,7 +476,7 @@ PassRefPtr<Structure> Structure::addPropertyTransition(Structure* structure, con
         return transition.release();
     }
 
-    RefPtr<Structure> transition = create(structure->m_prototype, structure->typeInfo(), structure->anonymousSlotCount());
+    RefPtr<Structure> transition = create(structure->m_prototype.get(), structure->typeInfo(), structure->anonymousSlotCount());
 
     transition->m_cachedPrototypeChain = structure->m_cachedPrototypeChain;
     transition->m_previous = structure;
@@ -595,7 +595,7 @@ PassRefPtr<Structure> Structure::toDictionaryTransition(Structure* structure, Di
 {
     ASSERT(!structure->isUncacheableDictionary());
     
-    RefPtr<Structure> transition = create(structure->m_prototype, structure->typeInfo(), structure->anonymousSlotCount());
+    RefPtr<Structure> transition = create(structure->m_prototype.get(), structure->typeInfo(), structure->anonymousSlotCount());
     transition->m_dictionaryKind = kind;
     transition->m_propertyStorageCapacity = structure->m_propertyStorageCapacity;
     transition->m_hasGetterSetterProperties = structure->m_hasGetterSetterProperties;
@@ -620,7 +620,7 @@ PassRefPtr<Structure> Structure::toUncacheableDictionaryTransition(Structure* st
     return toDictionaryTransition(structure, UncachedDictionaryKind);
 }
 
-PassRefPtr<Structure> Structure::flattenDictionaryStructure(JSObject* object)
+PassRefPtr<Structure> Structure::flattenDictionaryStructure(JSGlobalData& globalData, JSObject* object)
 {
     ASSERT(isDictionary());
     if (isUncacheableDictionary()) {
@@ -651,7 +651,7 @@ PassRefPtr<Structure> Structure::flattenDictionaryStructure(JSObject* object)
         
         // Copy the original property values into their final locations
         for (unsigned i = 0; i < propertyCount; i++)
-            object->putDirectOffset(anonymousSlotCount + i, values[i]);
+            object->putDirectOffset(globalData, anonymousSlotCount + i, values[i]);
 
         if (m_propertyTable->deletedOffsets) {
             delete m_propertyTable->deletedOffsets;
index f480051..77724ac 100644 (file)
@@ -80,7 +80,7 @@ namespace JSC {
         static PassRefPtr<Structure> toCacheableDictionaryTransition(Structure*);
         static PassRefPtr<Structure> toUncacheableDictionaryTransition(Structure*);
 
-        PassRefPtr<Structure> flattenDictionaryStructure(JSObject*);
+        PassRefPtr<Structure> flattenDictionaryStructure(JSGlobalData&, JSObject*);
 
         ~Structure();
 
@@ -94,7 +94,8 @@ namespace JSC {
 
         const TypeInfo& typeInfo() const { return m_typeInfo; }
 
-        JSValue storedPrototype() const { return m_prototype; }
+        JSValue storedPrototype() const { return m_prototype.get(); }
+        DeprecatedPtr<Unknown>* storedPrototypeSlot() { return &m_prototype; }
         JSValue prototypeForLookup(ExecState*) const;
         StructureChain* prototypeChain(ExecState*) const;
 
@@ -206,7 +207,7 @@ namespace JSC {
 
         TypeInfo m_typeInfo;
 
-        JSValue m_prototype;
+        DeprecatedPtr<Unknown> m_prototype;
         mutable RefPtr<StructureChain> m_cachedPrototypeChain;
 
         RefPtr<Structure> m_previous;
index c063dd2..915ad0f 100644 (file)
@@ -46,22 +46,29 @@ class WeakGCMap {
     */
 
 public:
-    typedef typename HashMap<KeyType, MappedType>::iterator iterator;
-    typedef typename HashMap<KeyType, MappedType>::const_iterator const_iterator;
+    typedef typename HashMap<KeyType, DeprecatedPtr<MappedType> >::iterator iterator;
+    typedef typename HashMap<KeyType, DeprecatedPtr<MappedType> >::const_iterator const_iterator;
     
     bool isEmpty() { return m_map.isEmpty(); }
     void clear() { m_map.clear(); }
 
-    MappedType get(const KeyType& key) const;
-    pair<iterator, bool> set(const KeyType&, const MappedType&); 
-    MappedType take(const KeyType& key);
+    MappedType* get(const KeyType&) const;
+    pair<iterator, bool> set(const KeyType&, MappedType*); 
+    MappedType* take(const KeyType&);
 
     // These unchecked functions provide access to a value even if the value's
     // mark bit is not set. This is used, among other things, to retrieve values
     // during the GC mark phase, which begins by clearing all mark bits.
 
-    MappedType uncheckedGet(const KeyType& key) const { return m_map.get(key); }
-    bool uncheckedRemove(const KeyType&, const MappedType&);
+    MappedType* uncheckedGet(const KeyType& key) const { return m_map.get(key).get(); }
+    DeprecatedPtr<MappedType>* uncheckedGetSlot(const KeyType& key)
+    {
+        iterator iter = m_map.find(key);
+        if (iter == m_map.end())
+            return 0;
+        return &iter->second;
+    }
+    bool uncheckedRemove(const KeyType&, MappedType*);
 
     iterator uncheckedBegin() { return m_map.begin(); }
     iterator uncheckedEnd() { return m_map.end(); }
@@ -69,54 +76,54 @@ public:
     const_iterator uncheckedBegin() const { return m_map.begin(); }
     const_iterator uncheckedEnd() const { return m_map.end(); }
 
-    bool isValid(iterator it) const { return Heap::isCellMarked(it->second); }
-    bool isValid(const_iterator it) const { return Heap::isCellMarked(it->second); }
+    bool isValid(iterator it) const { return Heap::isCellMarked(it->second.get()); }
+    bool isValid(const_iterator it) const { return Heap::isCellMarked(it->second.get()); }
 
 private:
-    HashMap<KeyType, MappedType> m_map;
+    HashMap<KeyType, DeprecatedPtr<MappedType> > m_map;
 };
 
 template<typename KeyType, typename MappedType>
-inline MappedType WeakGCMap<KeyType, MappedType>::get(const KeyType& key) const
+inline MappedType* WeakGCMap<KeyType, MappedType>::get(const KeyType& key) const
 {
-    MappedType result = m_map.get(key);
-    if (result == HashTraits<MappedType>::emptyValue())
+    MappedType* result = m_map.get(key).get();
+    if (result == HashTraits<MappedType*>::emptyValue())
         return result;
     if (!Heap::isCellMarked(result))
-        return HashTraits<MappedType>::emptyValue();
+        return HashTraits<MappedType*>::emptyValue();
     return result;
 }
 
 template<typename KeyType, typename MappedType>
-MappedType WeakGCMap<KeyType, MappedType>::take(const KeyType& key)
+MappedType* WeakGCMap<KeyType, MappedType>::take(const KeyType& key)
 {
-    MappedType result = m_map.take(key);
-    if (result == HashTraits<MappedType>::emptyValue())
+    MappedType* result = m_map.take(key).get();
+    if (result == HashTraits<MappedType*>::emptyValue())
         return result;
     if (!Heap::isCellMarked(result))
-        return HashTraits<MappedType>::emptyValue();
+        return HashTraits<MappedType*>::emptyValue();
     return result;
 }
 
 template<typename KeyType, typename MappedType>
-pair<typename HashMap<KeyType, MappedType>::iterator, bool> WeakGCMap<KeyType, MappedType>::set(const KeyType& key, const MappedType& value)
+pair<typename WeakGCMap<KeyType, MappedType>::iterator, bool> WeakGCMap<KeyType, MappedType>::set(const KeyType& key, MappedType* value)
 {
     Heap::markCell(value); // If value is newly allocated, it's not marked, so mark it now.
     pair<iterator, bool> result = m_map.add(key, value);
     if (!result.second) { // pre-existing entry
-        result.second = !Heap::isCellMarked(result.first->second);
+        result.second = !Heap::isCellMarked(result.first->second.get());
         result.first->second = value;
     }
     return result;
 }
 
 template<typename KeyType, typename MappedType>
-bool WeakGCMap<KeyType, MappedType>::uncheckedRemove(const KeyType& key, const MappedType& value)
+bool WeakGCMap<KeyType, MappedType>::uncheckedRemove(const KeyType& key, MappedType* value)
 {
     iterator it = m_map.find(key);
     if (it == m_map.end())
         return false;
-    if (it->second != value)
+    if (it->second.get() != value)
         return false;
     m_map.remove(it);
     return true;
diff --git a/Source/JavaScriptCore/runtime/WriteBarrier.h b/Source/JavaScriptCore/runtime/WriteBarrier.h
new file mode 100644 (file)
index 0000000..6558614
--- /dev/null
@@ -0,0 +1,160 @@
+/*
+ * Copyright (C) 2011 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef WriteBarrier_h
+#define WriteBarrier_h
+
+#include "JSValue.h"
+
+namespace JSC {
+class JSCell;
+class JSGlobalData;
+
+typedef enum { } Unknown;
+
+template <class T> class DeprecatedPtr {
+public:
+    DeprecatedPtr() : m_cell(0) { }
+    DeprecatedPtr(T* cell) : m_cell(reinterpret_cast<JSCell*>(cell)) { }
+    T* get() const { return reinterpret_cast<T*>(m_cell); }
+    T* operator*() const { return static_cast<T*>(m_cell); }
+    T* operator->() const { return static_cast<T*>(m_cell); }
+    
+    JSCell** slot() { return &m_cell; }
+    
+    typedef T* (DeprecatedPtr::*UnspecifiedBoolType);
+    operator UnspecifiedBoolType*() const { return m_cell ? reinterpret_cast<UnspecifiedBoolType*>(1) : 0; }
+
+    bool operator!() const { return !m_cell; }
+
+protected:
+    JSCell* m_cell;
+};
+
+template <> class DeprecatedPtr<Unknown> {
+public:
+    DeprecatedPtr() { }
+    DeprecatedPtr(JSValue value) : m_value(value) { }
+    DeprecatedPtr(JSCell* value) : m_value(value) { }
+    const JSValue& get() const { return m_value; }
+    const JSValue* operator*() const { return &m_value; }
+    const JSValue* operator->() const { return &m_value; }
+    
+    JSValue* slot() { return &m_value; }
+    
+    typedef JSValue (DeprecatedPtr::*UnspecifiedBoolType);
+    operator UnspecifiedBoolType*() const { return m_value ? reinterpret_cast<UnspecifiedBoolType*>(1) : 0; }
+    bool operator!() const { return !m_value; }
+    
+private:
+    JSValue m_value;
+};
+
+template <typename T> struct WriteBarrierCheck {
+    static const bool IsJSValue = false;
+};
+
+template <> struct WriteBarrierCheck<JSValue> {
+    static const bool IsJSValue = true;
+};
+
+template <typename T> class WriteBarrierBase {
+public:
+    COMPILE_ASSERT(!WriteBarrierCheck<T>::IsJSValue, WriteBarrier_JSValue_is_invalid__use_unknown);
+    void set(JSGlobalData&, const JSCell*, T* value) { this->m_cell = reinterpret_cast<JSCell*>(value); }
+    
+    T* get() const { return reinterpret_cast<T*>(m_cell); }
+    T* operator*() const { return static_cast<T*>(m_cell); }
+    T* operator->() const { return static_cast<T*>(m_cell); }
+    
+    JSCell** slot() { return &m_cell; }
+    
+    typedef T* (WriteBarrierBase::*UnspecifiedBoolType);
+    operator UnspecifiedBoolType*() const { return m_cell ? reinterpret_cast<UnspecifiedBoolType*>(1) : 0; }
+    
+    bool operator!() const { return !m_cell; }
+
+protected:
+    JSCell* m_cell;
+};
+
+template <typename T> class WriteBarrier : public WriteBarrierBase<T> {
+public:
+    WriteBarrier() { this->m_cell = 0; }
+    WriteBarrier(JSGlobalData& globalData, const JSCell* owner, T* value)
+    {
+        set(globalData, owner, value);
+    }
+
+};
+
+template <> class WriteBarrierBase<Unknown> {
+public:
+    void set(JSGlobalData&, const JSCell*, JSValue value) { m_value = JSValue::encode(value); }
+    void setWithoutWriteBarrier(JSValue value) { m_value = JSValue::encode(value); }
+    JSValue get() const { return JSValue::decode(m_value); }
+    void clear() { m_value = JSValue::encode(JSValue()); }
+    void setUndefined() { m_value = JSValue::encode(jsUndefined()); }
+    bool isNumber() const { return get().isNumber(); }
+    JSValue* slot()
+    { 
+        union {
+            EncodedJSValue* v;
+            JSValue* slot;
+        } u;
+        u.v = &m_value;
+        return u.slot;
+    }
+    
+    typedef JSValue (WriteBarrierBase::*UnspecifiedBoolType);
+    operator UnspecifiedBoolType*() const { return m_value ? reinterpret_cast<UnspecifiedBoolType*>(1) : 0; }
+    bool operator!() const { return !m_value; } 
+    
+protected:
+    EncodedJSValue m_value;
+};
+
+template <> class WriteBarrier<Unknown> : public WriteBarrierBase<Unknown> {
+public:
+    WriteBarrier() { m_value = JSValue::encode(JSValue()); }
+    WriteBarrier(JSGlobalData& globalData, const JSCell* owner, JSValue value)
+    {
+        set(globalData, owner, value);
+    }
+};
+
+template <typename U, typename V> inline bool operator==(const DeprecatedPtr<U>& lhs, const DeprecatedPtr<V>& rhs)
+{
+    return lhs.get() == rhs.get();
+}
+
+template <typename U, typename V> inline bool operator==(const WriteBarrierBase<U>& lhs, const WriteBarrierBase<V>& rhs)
+{
+    return lhs.get() == rhs.get();
+}
+
+}
+
+#endif // WriteBarrier_h
index 2be4ceb..0fcc68c 100644 (file)
@@ -1,3 +1,16 @@
+2011-01-27  Oliver Hunt  <oliver@apple.com>
+
+        Reviewed by Geoffrey Garen.
+
+        Convert markstack to a slot visitor API
+        https://bugs.webkit.org/show_bug.cgi?id=53219
+
+        There's no reason to recurse here, the value we
+        were marking was protected.
+
+        * JSValueWrapper.cpp:
+        (JSValueWrapper::JSObjectMark):
+
 2011-01-23  Mark Rowe  <mrowe@apple.com>
 
         Follow-up to r76477.
index e0879a0..d9ac497 100644 (file)
@@ -194,15 +194,4 @@ CFTypeRef JSValueWrapper::JSObjectCopyCFValue(void *data)
 
 void JSValueWrapper::JSObjectMark(void *data)
 {
-    JSValueWrapper* ptr = (JSValueWrapper*)data;
-    if (ptr)
-    {
-        // This results in recursive marking but will be otherwise safe and correct.
-        // We claim the array vptr is 0 because we don't have access to it here, and
-        // claiming 0 is functionally harmless -- it merely means that we can't
-        // devirtualise marking of arrays when recursing from this point.
-        MarkStack markStack(0);
-        markStack.append(ptr->fValue.get());
-        markStack.drain();
-    }
 }
index c191c39..a35c813 100644 (file)
@@ -1,3 +1,73 @@
+2011-01-27  Oliver Hunt  <oliver@apple.com>
+
+        Reviewed by Geoffrey Garen.
+
+        Convert markstack to a slot visitor API
+        https://bugs.webkit.org/show_bug.cgi?id=53219
+
+        Update WebCore to the new marking apis, correct bindings
+        codegen. 
+
+        * ForwardingHeaders/runtime/WriteBarrier.h: Added.
+        * WebCore.exp.in:
+        * bindings/js/DOMWrapperWorld.h:
+        (WebCore::DOMWrapperWorld::globalData):
+        * bindings/js/JSAudioConstructor.cpp:
+        (WebCore::JSAudioConstructor::JSAudioConstructor):
+        * bindings/js/JSDOMBinding.cpp:
+        (WebCore::markDOMNodesForDocument):
+        (WebCore::markDOMObjectWrapper):
+        (WebCore::markDOMNodeWrapper):
+        * bindings/js/JSDOMGlobalObject.cpp:
+        (WebCore::JSDOMGlobalObject::markChildren):
+        (WebCore::JSDOMGlobalObject::setInjectedScript):
+        (WebCore::JSDOMGlobalObject::injectedScript):
+        * bindings/js/JSDOMGlobalObject.h:
+        (WebCore::JSDOMGlobalObject::JSDOMGlobalObjectData::JSDOMGlobalObjectData):
+        (WebCore::getDOMConstructor):
+        * bindings/js/JSDOMWindowCustom.cpp:
+        (WebCore::JSDOMWindow::setLocation):
+        (WebCore::DialogHandler::dialogCreated):
+        * bindings/js/JSDOMWindowShell.cpp:
+        (WebCore::JSDOMWindowShell::JSDOMWindowShell):
+        (WebCore::JSDOMWindowShell::setWindow):
+        (WebCore::JSDOMWindowShell::markChildren):
+        (WebCore::JSDOMWindowShell::unwrappedObject):
+        * bindings/js/JSDOMWindowShell.h:
+        (WebCore::JSDOMWindowShell::window):
+        (WebCore::JSDOMWindowShell::setWindow):
+        * bindings/js/JSEventListener.cpp:
+        (WebCore::JSEventListener::JSEventListener):
+        (WebCore::JSEventListener::markJSFunction):
+        * bindings/js/JSEventListener.h:
+        (WebCore::JSEventListener::jsFunction):
+        * bindings/js/JSHTMLDocumentCustom.cpp:
+        (WebCore::JSHTMLDocument::setAll):
+        * bindings/js/JSImageConstructor.cpp:
+        (WebCore::JSImageConstructor::JSImageConstructor):
+        * bindings/js/JSImageDataCustom.cpp:
+        (WebCore::toJS):
+        * bindings/js/JSJavaScriptCallFrameCustom.cpp:
+        (WebCore::JSJavaScriptCallFrame::scopeChain):
+        (WebCore::JSJavaScriptCallFrame::scopeType):
+        * bindings/js/JSNodeFilterCondition.cpp:
+        (WebCore::JSNodeFilterCondition::markAggregate):
+        (WebCore::JSNodeFilterCondition::acceptNode):
+        * bindings/js/JSNodeFilterCondition.h:
+        * bindings/js/JSNodeFilterCustom.cpp:
+        * bindings/js/JSOptionConstructor.cpp:
+        (WebCore::JSOptionConstructor::JSOptionConstructor):
+        * bindings/js/JSSQLResultSetRowListCustom.cpp:
+        (WebCore::JSSQLResultSetRowList::item):
+        * bindings/js/ScriptCachedFrameData.cpp:
+        (WebCore::ScriptCachedFrameData::restore):
+        * bindings/js/ScriptObject.cpp:
+        (WebCore::ScriptGlobalObject::set):
+        * bindings/js/SerializedScriptValue.cpp:
+        (WebCore::CloneDeserializer::putProperty):
+        * bindings/scripts/CodeGeneratorJS.pm:
+        * dom/Document.h:
+
 2011-01-28  Sam Weinig  <sam@webkit.org>
 
         Reviewed by Anders Carlsson.
diff --git a/Source/WebCore/ForwardingHeaders/runtime/WriteBarrier.h b/Source/WebCore/ForwardingHeaders/runtime/WriteBarrier.h
new file mode 100644 (file)
index 0000000..0857d2f
--- /dev/null
@@ -0,0 +1,4 @@
+#ifndef WebCore_FWD_WriteBarrier_h
+#define WebCore_FWD_WriteBarrier_h
+#include <JavaScriptCore/WriteBarrier.h>
+#endif
index 936dc09..03544a6 100644 (file)
@@ -446,7 +446,6 @@ __ZN7WebCore16createFullMarkupEPKNS_5RangeE
 __ZN7WebCore16enclosingIntRectERK7_NSRect
 __ZN7WebCore16enclosingIntRectERKNS_9FloatRectE
 __ZN7WebCore16isEndOfParagraphERKNS_15VisiblePositionENS_27EditingBoundaryCrossingRuleE
-__ZN7WebCore16jsStringSlowCaseEPN3JSC9ExecStateERNS0_9WeakGCMapIPN3WTF10StringImplEPNS0_8JSStringEEES6_
 __ZN7WebCore17CredentialStorage3getERKNS_15ProtectionSpaceE
 __ZN7WebCore17DOMImplementation13isXMLMIMETypeERKN3WTF6StringE
 __ZN7WebCore17DOMImplementation14isTextMIMETypeERKN3WTF6StringE
@@ -1434,6 +1433,7 @@ __NPN_SetProperty
 __NPN_UTF8FromIdentifier
 __ZN7WebCore16ScriptController20windowScriptNPObjectEv
 __ZN7WebCore16ScriptController29cleanupScriptObjectsForPluginEPv
+__ZN7WebCore16jsStringSlowCaseEPN3JSC9ExecStateERNS0_9WeakGCMapIPN3WTF10StringImplENS0_8JSStringEEES6_
 __ZN7WebCore17HTMLPlugInElement11getNPObjectEv
 __ZNK7WebCore12RenderObject4viewEv
 __ZNK7WebCore14SecurityOrigin9canAccessEPKS0_
index 5e7b551..9825a08 100644 (file)
@@ -32,8 +32,8 @@ namespace WebCore {
 
 class ScriptController;
 
-typedef JSC::WeakGCMap<void*, DOMObject*> DOMObjectWrapperMap;
-typedef JSC::WeakGCMap<StringImpl*, JSC::JSString*> JSStringCache; 
+typedef JSC::WeakGCMap<void*, DOMObject> DOMObjectWrapperMap;
+typedef JSC::WeakGCMap<StringImpl*, JSC::JSString> JSStringCache; 
 
 class DOMWrapperWorld : public RefCounted<DOMWrapperWorld> {
 public:
@@ -58,6 +58,8 @@ public:
 
     bool isNormal() const { return m_isNormal; }
 
+    JSC::JSGlobalData* globalData() const { return m_globalData; }
+
 protected:
     DOMWrapperWorld(JSC::JSGlobalData*, bool isNormal);
 
index 1ea5ae4..c19d795 100644 (file)
@@ -42,8 +42,8 @@ const ClassInfo JSAudioConstructor::s_info = { "AudioConstructor", 0, 0, 0 };
 JSAudioConstructor::JSAudioConstructor(ExecState* exec, JSDOMGlobalObject* globalObject)
     : DOMConstructorWithDocument(JSAudioConstructor::createStructure(globalObject->objectPrototype()), globalObject)
 {
-    putDirect(exec->propertyNames().prototype, JSHTMLAudioElementPrototype::self(exec, globalObject), None);
-    putDirect(exec->propertyNames().length, jsNumber(1), ReadOnly | DontDelete | DontEnum);
+    putDirect(exec->globalData(), exec->propertyNames().prototype, JSHTMLAudioElementPrototype::self(exec, globalObject), None);
+    putDirect(exec->globalData(), exec->propertyNames().length, jsNumber(1), ReadOnly | DontDelete | DontEnum);
 }
 
 static EncodedJSValue JSC_HOST_CALL constructAudio(ExecState* exec)
index e53dcfb..7de2719 100644 (file)
@@ -335,9 +335,9 @@ void markDOMNodesForDocument(MarkStack& markStack, Document* document)
 
         JSWrapperCache::iterator nodeEnd = nodeDict->uncheckedEnd();
         for (JSWrapperCache::iterator nodeIt = nodeDict->uncheckedBegin(); nodeIt != nodeEnd; ++nodeIt) {
-            JSNode* jsNode = nodeIt->second;
-            if (isObservableThroughDOM(jsNode, world))
-                markStack.append(jsNode);
+            DeprecatedPtr<JSNode>& jsNode = nodeIt->second;
+            if (isObservableThroughDOM(jsNode.get(), world))
+                markStack.append(&jsNode);
         }
     }
 }
@@ -416,8 +416,8 @@ void markDOMObjectWrapper(MarkStack& markStack, JSGlobalData& globalData, void*
         return;
 
     for (JSGlobalDataWorldIterator worldIter(&globalData); worldIter; ++worldIter) {
-        if (DOMObject* wrapper = worldIter->m_wrappers.uncheckedGet(object))
-            markStack.append(wrapper);
+        if (DeprecatedPtr<DOMObject>* wrapperSlot = worldIter->m_wrappers.uncheckedGetSlot(object))
+            markStack.append(wrapperSlot);
     }
 }
 
@@ -426,15 +426,15 @@ void markDOMNodeWrapper(MarkStack& markStack, Document* document, Node* node)
     if (document) {
         JSWrapperCacheMap& wrapperCacheMap = document->wrapperCacheMap();
         for (JSWrapperCacheMap::iterator iter = wrapperCacheMap.begin(); iter != wrapperCacheMap.end(); ++iter) {
-            if (JSNode* wrapper = iter->second->uncheckedGet(node))
-                markStack.append(wrapper);
+            if (DeprecatedPtr<JSNode>* wrapperSlot = iter->second->uncheckedGetSlot(node))
+                markStack.append(wrapperSlot);
         }
         return;
     }
 
     for (JSGlobalDataWorldIterator worldIter(JSDOMWindow::commonJSGlobalData()); worldIter; ++worldIter) {
-        if (DOMObject* wrapper = worldIter->m_wrappers.uncheckedGet(node))
-            markStack.append(wrapper);
+        if (DeprecatedPtr<DOMObject>* wrapperSlot = worldIter->m_wrappers.uncheckedGetSlot(node))
+            markStack.append(wrapperSlot);
     }
 }
 
index e0b5b89..a328ee9 100644 (file)
@@ -53,14 +53,14 @@ void JSDOMGlobalObject::markChildren(MarkStack& markStack)
 
     JSDOMStructureMap::iterator end = structures().end();
     for (JSDOMStructureMap::iterator it = structures().begin(); it != end; ++it)
-        markStack.append(it->second->storedPrototype());
+        markStack.append(it->second->storedPrototypeSlot());
 
     JSDOMConstructorMap::iterator end2 = constructors().end();
     for (JSDOMConstructorMap::iterator it2 = constructors().begin(); it2 != end2; ++it2)
-        markStack.append(it2->second);
+        markStack.append(&it2->second);
 
     if (d()->m_injectedScript)
-        markStack.append(d()->m_injectedScript);
+        markStack.append(&d()->m_injectedScript);
 }
 
 void JSDOMGlobalObject::setCurrentEvent(Event* evt)
@@ -75,12 +75,12 @@ Event* JSDOMGlobalObject::currentEvent() const
 
 void JSDOMGlobalObject::setInjectedScript(JSObject* injectedScript)
 {
-    d()->m_injectedScript = injectedScript;
+    d()->m_injectedScript.set(globalData(), this, injectedScript);
 }
 
 JSObject* JSDOMGlobalObject::injectedScript() const
 {
-    return d()->m_injectedScript;
+    return d()->m_injectedScript.get();
 }
 
 void JSDOMGlobalObject::destroyJSDOMGlobalObjectData(void* jsDOMGlobalObjectData)
index 8eb55c1..4dce7a5 100644 (file)
@@ -39,7 +39,7 @@ namespace WebCore {
     class ScriptExecutionContext;
 
     typedef HashMap<const JSC::ClassInfo*, RefPtr<JSC::Structure> > JSDOMStructureMap;
-    typedef HashMap<const JSC::ClassInfo*, JSC::JSObject*> JSDOMConstructorMap;
+    typedef HashMap<const JSC::ClassInfo*, JSC::WriteBarrier<JSC::JSObject> > JSDOMConstructorMap;
 
     class JSDOMGlobalObject : public JSC::JSGlobalObject {
         typedef JSC::JSGlobalObject Base;
@@ -76,7 +76,6 @@ namespace WebCore {
                 : JSGlobalObjectData(destructor)
                 , evt(0)
                 , m_world(world)
-                , m_injectedScript(0)
             {
             }
 
@@ -85,7 +84,7 @@ namespace WebCore {
 
             Event* evt;
             RefPtr<DOMWrapperWorld> m_world;
-            JSObject* m_injectedScript;
+            JSC::WriteBarrier<JSObject> m_injectedScript;
         };
 
     private:
@@ -97,11 +96,12 @@ namespace WebCore {
     template<class ConstructorClass>
     inline JSC::JSObject* getDOMConstructor(JSC::ExecState* exec, const JSDOMGlobalObject* globalObject)
     {
-        if (JSC::JSObject* constructor = globalObject->constructors().get(&ConstructorClass::s_info))
+        if (JSC::JSObject* constructor = globalObject->constructors().get(&ConstructorClass::s_info).get())
             return constructor;
         JSC::JSObject* constructor = new (exec) ConstructorClass(exec, const_cast<JSDOMGlobalObject*>(globalObject));
         ASSERT(!globalObject->constructors().contains(&ConstructorClass::s_info));
-        globalObject->constructors().set(&ConstructorClass::s_info, constructor);
+        JSC::WriteBarrier<JSC::JSObject> temp;
+        globalObject->constructors().add(&ConstructorClass::s_info, temp).first->second.set(exec->globalData(), globalObject, constructor);
         return constructor;
     }
 
index 6afbdbe..25f95fa 100644 (file)
@@ -475,7 +475,7 @@ void JSDOMWindow::setLocation(ExecState* exec, JSValue value)
         if (Settings* settings = activeFrame->settings()) {
             if (settings->usesDashboardBackwardCompatibilityMode() && !activeFrame->tree()->parent()) {
                 if (allowsAccessFrom(exec))
-                    putDirect(Identifier(exec, "location"), value);
+                    putDirect(exec->globalData(), Identifier(exec, "location"), value);
                 return;
             }
         }
@@ -682,7 +682,7 @@ inline void DialogHandler::dialogCreated(DOMWindow* dialog)
     //        world if dialogArguments comes from an isolated world.
     m_globalObject = toJSDOMWindow(dialog->frame(), normalWorld(m_exec->globalData()));
     if (JSValue dialogArguments = m_exec->argument(1))
-        m_globalObject->putDirect(Identifier(m_exec, "dialogArguments"), dialogArguments);
+        m_globalObject->putDirect(m_exec->globalData(), Identifier(m_exec, "dialogArguments"), dialogArguments);
 }
 
 inline JSValue DialogHandler::returnValue() const
index 65096b9..b3e0b88 100644 (file)
@@ -45,7 +45,6 @@ const ClassInfo JSDOMWindowShell::s_info = { "JSDOMWindowShell", 0, 0, 0 };
 
 JSDOMWindowShell::JSDOMWindowShell(PassRefPtr<DOMWindow> window, DOMWrapperWorld* world)
     : Base(JSDOMWindowShell::createStructure(jsNull()))
-    , m_window(0)
     , m_world(world)
 {
     setWindow(window);
@@ -66,7 +65,7 @@ void JSDOMWindowShell::setWindow(PassRefPtr<DOMWindow> domWindow)
     RefPtr<Structure> structure = JSDOMWindow::createStructure(prototype);
     JSDOMWindow* jsDOMWindow = new (JSDOMWindow::commonJSGlobalData()) JSDOMWindow(structure.release(), domWindow, this);
     prototype->putAnonymousValue(0, jsDOMWindow);
-    setWindow(jsDOMWindow);
+    setWindow(*JSDOMWindow::commonJSGlobalData(), jsDOMWindow);
 }
 
 // ----
@@ -77,7 +76,7 @@ void JSDOMWindowShell::markChildren(MarkStack& markStack)
 {
     Base::markChildren(markStack);
     if (m_window)
-        markStack.append(m_window);
+        markStack.append(&m_window);
 }
 
 UString JSDOMWindowShell::className() const
@@ -147,7 +146,7 @@ JSValue JSDOMWindowShell::lookupSetter(ExecState* exec, const Identifier& proper
 
 JSObject* JSDOMWindowShell::unwrappedObject()
 {
-    return m_window;
+    return m_window.get();
 }
 
 // ----
index 888325d..d585fd4 100644 (file)
@@ -43,11 +43,11 @@ namespace WebCore {
         JSDOMWindowShell(PassRefPtr<DOMWindow>, DOMWrapperWorld* world);
         virtual ~JSDOMWindowShell();
 
-        JSDOMWindow* window() const { return m_window; }
-        void setWindow(JSDOMWindow* window)
+        JSDOMWindow* window() const { return m_window.get(); }
+        void setWindow(JSC::JSGlobalData& globalData, JSDOMWindow* window)
         {
             ASSERT_ARG(window, window);
-            m_window = window;
+            m_window.set(globalData, this, window);
             setPrototype(window->prototype());
         }
         void setWindow(PassRefPtr<DOMWindow>);
@@ -85,7 +85,7 @@ namespace WebCore {
         virtual JSC::JSObject* unwrappedObject();
         virtual const JSC::ClassInfo* classInfo() const { return &s_info; }
 
-        JSDOMWindow* m_window;
+        JSC::WriteBarrier<JSDOMWindow> m_window;
         RefPtr<DOMWrapperWorld> m_world;
     };
 
index 503d64f..9142aa2 100644 (file)
@@ -114,18 +114,18 @@ static PassRefPtr<DeviceMotionData::RotationRate> readRotationRateArgument(JSVal
 static JSObject* createAccelerationObject(const DeviceMotionData::Acceleration* acceleration, ExecState* exec)
 {
     JSObject* object = constructEmptyObject(exec);
-    object->putDirect(Identifier(exec, "x"), acceleration->canProvideX() ? jsNumber(acceleration->x()) : jsNull());
-    object->putDirect(Identifier(exec, "y"), acceleration->canProvideY() ? jsNumber(acceleration->y()) : jsNull());
-    object->putDirect(Identifier(exec, "z"), acceleration->canProvideZ() ? jsNumber(acceleration->z()) : jsNull());
+    object->putDirect(exec->globalData(), Identifier(exec, "x"), acceleration->canProvideX() ? jsNumber(acceleration->x()) : jsNull());
+    object->putDirect(exec->globalData(), Identifier(exec, "y"), acceleration->canProvideY() ? jsNumber(acceleration->y()) : jsNull());
+    object->putDirect(exec->globalData(), Identifier(exec, "z"), acceleration->canProvideZ() ? jsNumber(acceleration->z()) : jsNull());
     return object;
 }
 
 static JSObject* createRotationRateObject(const DeviceMotionData::RotationRate* rotationRate, ExecState* exec)
 {
     JSObject* object = constructEmptyObject(exec);
-    object->putDirect(Identifier(exec, "alpha"), rotationRate->canProvideAlpha() ? jsNumber(rotationRate->alpha()) : jsNull());
-    object->putDirect(Identifier(exec, "beta"),  rotationRate->canProvideBeta()  ? jsNumber(rotationRate->beta())  : jsNull());
-    object->putDirect(Identifier(exec, "gamma"), rotationRate->canProvideGamma() ? jsNumber(rotationRate->gamma()) : jsNull());
+    object->putDirect(exec->globalData(), Identifier(exec, "alpha"), rotationRate->canProvideAlpha() ? jsNumber(rotationRate->alpha()) : jsNull());
+    object->putDirect(exec->globalData(), Identifier(exec, "beta"),  rotationRate->canProvideBeta()  ? jsNumber(rotationRate->beta())  : jsNull());
+    object->putDirect(exec->globalData(), Identifier(exec, "gamma"), rotationRate->canProvideGamma() ? jsNumber(rotationRate->gamma()) : jsNull());
     return object;
 }
 
index 5604374..6427683 100644 (file)
@@ -34,12 +34,12 @@ namespace WebCore {
 
 JSEventListener::JSEventListener(JSObject* function, JSObject* wrapper, bool isAttribute, DOMWrapperWorld* isolatedWorld)
     : EventListener(JSEventListenerType)
-    , m_jsFunction(function)
     , m_isAttribute(isAttribute)
     , m_isolatedWorld(isolatedWorld)
 {
     if (wrapper)
         m_wrapper = wrapper;
+    m_jsFunction.set(*m_isolatedWorld->globalData(), wrapper, function);
 }
 
 JSEventListener::~JSEventListener()
@@ -55,7 +55,7 @@ JSObject* JSEventListener::initializeJSFunction(ScriptExecutionContext*) const
 void JSEventListener::markJSFunction(MarkStack& markStack)
 {
     if (m_jsFunction)
-        markStack.append(m_jsFunction);
+        markStack.append(&m_jsFunction);
 }
 
 void JSEventListener::handleEvent(ScriptExecutionContext* scriptExecutionContext, Event* event)
index 83d0d2e..47ff44e 100644 (file)
@@ -66,7 +66,7 @@ namespace WebCore {
         virtual void handleEvent(ScriptExecutionContext*, Event*);
 
     private:
-        mutable JSC::JSObject* m_jsFunction;
+        mutable JSC::WriteBarrier<JSC::JSObject> m_jsFunction;
         mutable JSC::WeakGCPtr<JSC::JSObject> m_wrapper;
 
         bool m_isAttribute;
@@ -76,7 +76,7 @@ namespace WebCore {
     inline JSC::JSObject* JSEventListener::jsFunction(ScriptExecutionContext* scriptExecutionContext) const
     {
         if (!m_jsFunction)
-            m_jsFunction = initializeJSFunction(scriptExecutionContext);
+            m_jsFunction.set(*scriptExecutionContext->globalData(), m_wrapper.get(), initializeJSFunction(scriptExecutionContext));
 
         // Verify that we have a valid wrapper protecting our function from
         // garbage collection.
@@ -86,9 +86,9 @@ namespace WebCore {
 
         // Try to verify that m_jsFunction wasn't recycled. (Not exact, since an
         // event listener can be almost anything, but this makes test-writing easier).
-        ASSERT(!m_jsFunction || static_cast<JSC::JSCell*>(m_jsFunction)->isObject());
+        ASSERT(!m_jsFunction || static_cast<JSC::JSCell*>(m_jsFunction.get())->isObject());
 
-        return m_jsFunction;
+        return m_jsFunction.get();
     }
 
     inline void JSEventListener::invalidateJSFunction(JSC::JSObject* wrapper)
index 0b40ef0..2817ae6 100644 (file)
@@ -96,7 +96,7 @@ JSValue JSHTMLDocument::all(ExecState* exec) const
 void JSHTMLDocument::setAll(ExecState* exec, JSValue value)
 {
     // Add "all" to the property map.
-    putDirect(Identifier(exec, "all"), value);
+    putDirect(exec->globalData(), Identifier(exec, "all"), value);
 }
 
 // Custom functions
index f2ad803..5192e12 100644 (file)
@@ -37,7 +37,7 @@ const ClassInfo JSImageConstructor::s_info = { "ImageConstructor", 0, 0, 0 };
 JSImageConstructor::JSImageConstructor(ExecState* exec, JSDOMGlobalObject* globalObject)
     : DOMConstructorWithDocument(JSImageConstructor::createStructure(globalObject->objectPrototype()), globalObject)
 {
-    putDirect(exec->propertyNames().prototype, JSHTMLImageElementPrototype::self(exec, globalObject), None);
+    putDirect(exec->globalData(), exec->propertyNames().prototype, JSHTMLImageElementPrototype::self(exec, globalObject), None);
 }
 
 static EncodedJSValue JSC_HOST_CALL constructImage(ExecState* exec)
index 61c5112..878e1de 100644 (file)
@@ -49,7 +49,7 @@ JSValue toJS(ExecState* exec, JSDOMGlobalObject* globalObject, ImageData* imageD
     Identifier dataName(exec, "data");
     DEFINE_STATIC_LOCAL(RefPtr<Structure>, cpaStructure, (JSByteArray::createStructure(jsNull())));
     static const ClassInfo cpaClassInfo = { "CanvasPixelArray", 0, 0, 0 };
-    wrapper->putDirect(dataName, new (exec) JSByteArray(exec, cpaStructure, imageData->data()->data(), &cpaClassInfo), DontDelete | ReadOnly);
+    wrapper->putDirect(exec->globalData(), dataName, new (exec) JSByteArray(exec, cpaStructure, imageData->data()->data(), &cpaClassInfo), DontDelete | ReadOnly);
     exec->heap()->reportExtraMemoryCost(imageData->data()->length());
     
     return wrapper;
index 0f47b7b..7c00bd4 100644 (file)
@@ -79,7 +79,7 @@ JSValue JSJavaScriptCallFrame::scopeChain(ExecState* exec) const
 
     MarkedArgumentBuffer list;
     do {
-        list.append(*iter);
+        list.append(iter->get());
         ++iter;
     } while (iter != end);
 
@@ -100,7 +100,7 @@ JSValue JSJavaScriptCallFrame::scopeType(ExecState* exec)
 
     bool foundLocalScope = false;
     for (ScopeChainIterator iter = scopeChain->begin(); iter != end; ++iter) {
-        JSObject* scope = *iter;
+        JSC::DeprecatedPtr<JSObject> scope = *iter;
         if (scope->isActivationObject()) {
             if (!foundLocalScope) {
                 // First activation object is local scope, each successive activation object is closure.
index b269e5f..1cf72a5 100644 (file)
@@ -39,14 +39,14 @@ JSNodeFilterCondition::JSNodeFilterCondition(JSValue filter)
 
 void JSNodeFilterCondition::markAggregate(MarkStack& markStack)
 {
-    markStack.append(m_filter);
+    markStack.append(&m_filter);
 }
 
 short JSNodeFilterCondition::acceptNode(JSC::ExecState* exec, Node* filterNode) const
 {
     JSLock lock(SilenceAssertionsOnly);
 
-    if (!m_filter.isObject())
+    if (!m_filter->isObject())
         return NodeFilter::FILTER_ACCEPT;
 
    // The exec argument here should only be null if this was called from a
@@ -58,11 +58,11 @@ short JSNodeFilterCondition::acceptNode(JSC::ExecState* exec, Node* filterNode)
     if (!exec)
         return NodeFilter::FILTER_REJECT;
 
-    JSValue function = m_filter;
+    JSValue function = m_filter.get();
     CallData callData;
     CallType callType = getCallData(function, callData);
     if (callType == CallTypeNone) {
-        function = m_filter.get(exec, Identifier(exec, "acceptNode"));
+        function = m_filter->get(exec, Identifier(exec, "acceptNode"));
         callType = getCallData(function, callData);
         if (callType == CallTypeNone) {
             throwError(exec, createTypeError(exec, "NodeFilter object does not have an acceptNode function"));
@@ -77,7 +77,7 @@ short JSNodeFilterCondition::acceptNode(JSC::ExecState* exec, Node* filterNode)
     if (exec->hadException())
         return NodeFilter::FILTER_REJECT;
 
-    JSValue result = JSC::call(exec, function, callType, callData, m_filter, args);
+    JSValue result = JSC::call(exec, function, callType, callData, m_filter.get(), args);
     if (exec->hadException())
         return NodeFilter::FILTER_REJECT;
 
index b96534a..14b0c1d 100644 (file)
@@ -41,7 +41,7 @@ namespace WebCore {
         virtual short acceptNode(ScriptState*, Node*) const;
         virtual void markAggregate(JSC::MarkStack&);
 
-        mutable JSC::JSValue m_filter;
+        mutable JSC::DeprecatedPtr<JSC::Unknown> m_filter;
     };
 
 } // namespace WebCore
index bb90c4f..bc79e99 100644 (file)
@@ -26,6 +26,7 @@
 #include "config.h"
 #include "JSNodeFilter.h"
 
+#include "JSDOMWindowBase.h"
 #include "JSNode.h"
 #include "JSNodeFilterCondition.h"
 #include "NodeFilter.h"
index 4ecfe58..e14fb6d 100644 (file)
@@ -38,8 +38,8 @@ const ClassInfo JSOptionConstructor::s_info = { "OptionConstructor", 0, 0, 0 };
 JSOptionConstructor::JSOptionConstructor(ExecState* exec, JSDOMGlobalObject* globalObject)
     : DOMConstructorWithDocument(JSOptionConstructor::createStructure(globalObject->objectPrototype()), globalObject)
 {
-    putDirect(exec->propertyNames().prototype, JSHTMLOptionElementPrototype::self(exec, globalObject), None);
-    putDirect(exec->propertyNames().length, jsNumber(4), ReadOnly | DontDelete | DontEnum);
+    putDirect(exec->globalData(), exec->propertyNames().prototype, JSHTMLOptionElementPrototype::self(exec, globalObject), None);
+    putDirect(exec->globalData(), exec->propertyNames().length, jsNumber(4), ReadOnly | DontDelete | DontEnum);
 }
 
 static EncodedJSValue JSC_HOST_CALL constructHTMLOptionElement(ExecState* exec)
index 7274cd0..0fcd1ea 100644 (file)
@@ -74,7 +74,7 @@ JSValue JSSQLResultSetRowList::item(ExecState* exec)
               ASSERT_NOT_REACHED();
         }
 
-        object->putDirect(Identifier(exec, stringToUString(m_impl->columnNames()[i])), jsValue, DontDelete | ReadOnly);
+        object->putDirect(exec->globalData(), Identifier(exec, stringToUString(m_impl->columnNames()[i])), jsValue, DontDelete | ReadOnly);
     }
 
     return object;
index 16f18d3..d65bce2 100644 (file)
@@ -84,7 +84,7 @@ void ScriptCachedFrameData::restore(Frame* frame)
         JSDOMWindowShell* windowShell = iter->second.get();
 
         if (JSDOMWindow* window = m_windows.get(world))
-            windowShell->setWindow(window);
+            windowShell->setWindow(window->globalData(), window);
         else {
             windowShell->setWindow(frame->domWindow());
 
index e06eccb..b5c1f01 100644 (file)
@@ -62,7 +62,7 @@ static bool handleException(ScriptState* scriptState)
 bool ScriptGlobalObject::set(ScriptState* scriptState, const char* name, const ScriptObject& value)
 {
     JSLock lock(SilenceAssertionsOnly);
-    scriptState->lexicalGlobalObject()->putDirect(Identifier(scriptState, name), value.jsObject());
+    scriptState->lexicalGlobalObject()->putDirect(scriptState->globalData(), Identifier(scriptState, name), value.jsObject());
     return handleException(scriptState);
 }
 
@@ -71,7 +71,7 @@ bool ScriptGlobalObject::set(ScriptState* scriptState, const char* name, Inspect
 {
     JSLock lock(SilenceAssertionsOnly);
     JSDOMGlobalObject* globalObject = static_cast<JSDOMGlobalObject*>(scriptState->lexicalGlobalObject());
-    globalObject->putDirect(Identifier(scriptState, name), toJS(scriptState, globalObject, value));
+    globalObject->putDirect(scriptState->globalData(), Identifier(scriptState, name), toJS(scriptState, globalObject, value));
     return handleException(scriptState);
 }
 
@@ -79,7 +79,7 @@ bool ScriptGlobalObject::set(ScriptState* scriptState, const char* name, Injecte
 {
     JSLock lock(SilenceAssertionsOnly);
     JSDOMGlobalObject* globalObject = static_cast<JSDOMGlobalObject*>(scriptState->lexicalGlobalObject());
-    globalObject->putDirect(Identifier(scriptState, name), toJS(scriptState, globalObject, value));
+    globalObject->putDirect(scriptState->globalData(), Identifier(scriptState, name), toJS(scriptState, globalObject, value));
     return handleException(scriptState);
 }
 #endif // ENABLE(INSPECTOR)
index b02a4bb..f721334 100644 (file)
@@ -1040,14 +1040,14 @@ private:
     void putProperty(JSArray* array, unsigned index, JSValue value)
     {
         if (array->canSetIndex(index))
-            array->setIndex(index, value);
+            array->setIndex(m_exec->globalData(), index, value);
         else
             array->put(m_exec, index, value);
     }
 
     void putProperty(JSObject* object, const Identifier& property, JSValue value)
     {
-        object->putDirect(property, value);
+        object->putDirect(m_exec->globalData(), property, value);
     }
 
     bool readFile(RefPtr<File>& file)
index abef04e..46a44d1 100644 (file)
@@ -1735,13 +1735,13 @@ sub GenerateImplementation
                             }
                             push(@implContent, "    // Shadowing a built-in constructor\n");
                             if ($interfaceName eq "DOMWindow" && $className eq "JSblah") {
-                                push(@implContent, "    static_cast<$className*>(thisObject)->putDirect(exec->propertyNames().constructor, value);\n");
+                                push(@implContent, "    static_cast<$className*>(thisObject)->putDirect(exec->globalData(), exec->propertyNames().constructor, value);\n");
                             } else {
-                                push(@implContent, "    static_cast<$className*>(thisObject)->putDirect(Identifier(exec, \"$name\"), value);\n");
+                                push(@implContent, "    static_cast<$className*>(thisObject)->putDirect(exec->globalData(), Identifier(exec, \"$name\"), value);\n");
                             }
                         } elsif ($attribute->signature->extendedAttributes->{"Replaceable"}) {
                             push(@implContent, "    // Shadowing a built-in object\n");
-                            push(@implContent, "    static_cast<$className*>(thisObject)->putDirect(Identifier(exec, \"$name\"), value);\n");
+                            push(@implContent, "    static_cast<$className*>(thisObject)->putDirect(exec->globalData(), Identifier(exec, \"$name\"), value);\n");
                         } else {
                             push(@implContent, "    $className* castedThis = static_cast<$className*>(thisObject);\n");
                             push(@implContent, "    $implType* imp = static_cast<$implType*>(castedThis->impl());\n");
@@ -1824,9 +1824,9 @@ sub GenerateImplementation
                 push(@implContent, "    // Shadowing a built-in constructor\n");
 
                 if ($interfaceName eq "DOMWindow") {
-                    push(@implContent, "    static_cast<$className*>(thisObject)->putDirect(exec->propertyNames().constructor, value);\n");
+                    push(@implContent, "    static_cast<$className*>(thisObject)->putDirect(exec->globalData(), exec->propertyNames().constructor, value);\n");
                 } else {
-                    push(@implContent, "    static_cast<$className*>(thisObject)->putDirect(Identifier(exec, \"$name\"), value);\n");
+                    push(@implContent, "    static_cast<$className*>(thisObject)->putDirect(exec->globalData(), Identifier(exec, \"$name\"), value);\n");
                 }
                 push(@implContent, "}\n");
                 push(@implContent, "\n");
@@ -2942,11 +2942,11 @@ sub GenerateConstructorDefinition
     push(@$outputArray, "    : DOMConstructorObject(${constructorClassName}::createStructure(globalObject->objectPrototype()), globalObject)\n");
     push(@$outputArray, "{\n");
     if ($interfaceName eq "DOMWindow") {
-        push(@$outputArray, "    putDirect(exec->propertyNames().prototype, globalObject->prototype(), DontDelete | ReadOnly);\n");
+        push(@$outputArray, "    putDirect(exec->globalData(), exec->propertyNames().prototype, globalObject->prototype(), DontDelete | ReadOnly);\n");
     } else {
-        push(@$outputArray, "    putDirect(exec->propertyNames().prototype, ${protoClassName}::self(exec, globalObject), DontDelete | ReadOnly);\n");
+        push(@$outputArray, "    putDirect(exec->globalData(), exec->propertyNames().prototype, ${protoClassName}::self(exec, globalObject), DontDelete | ReadOnly);\n");
     }
-    push(@$outputArray, "    putDirect(exec->propertyNames().length, jsNumber(${numberOfconstructParameters}), ReadOnly | DontDelete | DontEnum);\n") if $numberOfconstructParameters;
+    push(@$outputArray, "    putDirect(exec->globalData(), exec->propertyNames().length, jsNumber(${numberOfconstructParameters}), ReadOnly | DontDelete | DontEnum);\n") if $numberOfconstructParameters;
     push(@$outputArray, "}\n\n");
 
     push(@$outputArray, "bool ${constructorClassName}::getOwnPropertySlot(ExecState* exec, const Identifier& propertyName, PropertySlot& slot)\n");
index 3c8b313..10f77b4 100644 (file)
@@ -101,8 +101,8 @@ void RootObject::invalidate()
         return;
 
     {
-        WeakGCMap<RuntimeObject*, RuntimeObject*>::iterator end = m_runtimeObjects.uncheckedEnd();
-        for (WeakGCMap<RuntimeObject*, RuntimeObject*>::iterator it = m_runtimeObjects.uncheckedBegin(); it != end; ++it) {
+        WeakGCMap<RuntimeObject*, RuntimeObject>::iterator end = m_runtimeObjects.uncheckedEnd();
+        for (WeakGCMap<RuntimeObject*, RuntimeObject>::iterator it = m_runtimeObjects.uncheckedBegin(); it != end; ++it) {
             if (m_runtimeObjects.isValid(it))
                 it->second->invalidate();
         }
index 8290e7c..dde8a48 100644 (file)
@@ -89,7 +89,7 @@ private:
     ProtectedPtr<JSGlobalObject> m_globalObject;
 
     ProtectCountSet m_protectCountSet;
-    WeakGCMap<RuntimeObject*, RuntimeObject*> m_runtimeObjects; // Really need a WeakGCSet, but this will do.
+    WeakGCMap<RuntimeObject*, RuntimeObject> m_runtimeObjects; // Really need a WeakGCSet, but this will do.
 
     HashSet<InvalidationCallback*> m_invalidationCallbacks;
 };
index f3d8e77..be7e00a 100644 (file)
@@ -940,7 +940,7 @@ public:
     virtual void postTask(PassOwnPtr<Task>); // Executes the task on context's thread asynchronously.
 
 #if USE(JSC)
-    typedef JSC::WeakGCMap<WebCore::Node*, JSNode*> JSWrapperCache;
+    typedef JSC::WeakGCMap<WebCore::Node*, JSNode> JSWrapperCache;
     typedef HashMap<DOMWrapperWorld*, JSWrapperCache*> JSWrapperCacheMap;
     JSWrapperCacheMap& wrapperCacheMap() { return m_wrapperCacheMap; }
     JSWrapperCache* getWrapperCache(DOMWrapperWorld* world);
index 375959e..730e85a 100644 (file)
@@ -1,3 +1,15 @@
+2011-01-27  Oliver Hunt  <oliver@apple.com>
+
+        Reviewed by Geoffrey Garen.
+
+        Convert markstack to a slot visitor API
+        https://bugs.webkit.org/show_bug.cgi?id=53219
+
+        Update to new marking api
+
+        * WebView/WebScriptDebugDelegate.mm:
+        (-[WebScriptCallFrame scopeChain]):
+
 2011-01-28  Dan Bernstein  <mitz@apple.com>
 
         Reviewed by Sam Weinig.