Bug 634542 - Back out diagnostic patches (r=dvander,a=backout)
authorLuke Wagner <lw@mozilla.com>
Sat, 19 Feb 2011 14:37:46 -0800
changeset 62900 2ebeb6e9f036757e63d62707d8e057c57bf89372
parent 62899 a5f70c575b4ae14027324f6f57c7d59cd22dc203
child 62901 3f4187103719cb3265343afdc9d0359cc9075119
push idunknown
push userunknown
push dateunknown
reviewersdvander, backout
bugs634542
milestone2.0b12pre
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 634542 - Back out diagnostic patches (r=dvander,a=backout)
js/src/jsapi.cpp
js/src/jsdbgapi.cpp
js/src/jsfun.cpp
js/src/jsfun.h
js/src/jsinterp.cpp
js/src/jsinterp.h
js/src/jsinterpinlines.h
js/src/jsobj.h
js/src/methodjit/InvokeHelpers.cpp
js/src/methodjit/StubCalls.cpp
--- a/js/src/jsapi.cpp
+++ b/js/src/jsapi.cpp
@@ -4174,17 +4174,17 @@ JS_NewFunctionById(JSContext *cx, JSNati
 
 JS_PUBLIC_API(JSObject *)
 JS_CloneFunctionObject(JSContext *cx, JSObject *funobj, JSObject *parent)
 {
     CHECK_REQUEST(cx);
     assertSameCompartment(cx, parent);  // XXX no funobj for now
     if (!parent) {
         if (cx->hasfp())
-            parent = GetScopeChain(cx, cx->fp(), ORIGIN_CLONE_FUNOBJ);
+            parent = GetScopeChain(cx, cx->fp());
         if (!parent)
             parent = cx->globalObject;
         JS_ASSERT(parent);
     }
 
     if (funobj->getClass() != &js_FunctionClass) {
         /*
          * We cannot clone this object, so fail (we used to return funobj, bad
--- a/js/src/jsdbgapi.cpp
+++ b/js/src/jsdbgapi.cpp
@@ -1390,17 +1390,17 @@ JS_GetFrameScopeChain(JSContext *cx, JSS
     JS_ASSERT(cx->stack().contains(fp));
 
     js::AutoCompartment ac(cx, &fp->scopeChain());
     if (!ac.enter())
         return NULL;
 
     /* Force creation of argument and call objects if not yet created */
     (void) JS_GetFrameCallObject(cx, fp);
-    return GetScopeChain(cx, fp, ORIGIN_GET_FRAME_SCOPE_CHAIN);
+    return GetScopeChain(cx, fp);
 }
 
 JS_PUBLIC_API(JSObject *)
 JS_GetFrameCallObject(JSContext *cx, JSStackFrame *fp)
 {
     JS_ASSERT(cx->stack().contains(fp));
 
     if (!fp->isFunctionFrame())
@@ -1412,17 +1412,17 @@ JS_GetFrameCallObject(JSContext *cx, JSS
 
     /* Force creation of argument object if not yet created */
     (void) js_GetArgsObject(cx, fp);
 
     /*
      * XXX ill-defined: null return here means error was reported, unlike a
      *     null returned above or in the #else
      */
-    return js_GetCallObject(cx, fp, ORIGIN_GET_FRAME_OBJ);
+    return js_GetCallObject(cx, fp);
 }
 
 JS_PUBLIC_API(JSBool)
 JS_GetFrameThis(JSContext *cx, JSStackFrame *fp, jsval *thisv)
 {
     if (fp->isDummyFrame())
         return false;
 
--- a/js/src/jsfun.cpp
+++ b/js/src/jsfun.cpp
@@ -354,17 +354,17 @@ WrapEscapingClosure(JSContext *cx, JSSta
 
     /*
      * We do not attempt to reify Call and Block objects on demand for outer
      * scopes. This could be done (see the "v8" patch in bug 494235) but it is
      * fragile in the face of ongoing compile-time optimization. Instead, the
      * _DBG* opcodes used by wrappers created here must cope with unresolved
      * upvars and throw them as reference errors. Caveat debuggers!
      */
-    JSObject *scopeChain = GetScopeChain(cx, fp, ORIGIN_WESC);
+    JSObject *scopeChain = GetScopeChain(cx, fp);
     if (!scopeChain)
         return NULL;
 
     JSObject *wfunobj = NewFunction(cx, scopeChain);
     if (!wfunobj)
         return NULL;
     AutoObjectRooter tvr(cx, wfunobj);
 
@@ -943,18 +943,17 @@ CalleeGetter(JSContext *cx, JSObject *ob
 
 namespace js {
 
 /*
  * Construct a call object for the given bindings.  The callee is the function
  * on behalf of which the call object is being created.
  */
 JSObject *
-NewCallObject(JSContext *cx, Bindings *bindings, JSObject &scopeChain, JSObject *callee,
-              Origins origin)
+NewCallObject(JSContext *cx, Bindings *bindings, JSObject &scopeChain, JSObject *callee)
 {
     size_t argsVars = bindings->countArgsAndVars();
     size_t slots = JSObject::CALL_RESERVED_SLOTS + argsVars;
     gc::FinalizeKind kind = gc::GetGCObjectKind(slots);
 
     JSObject *callobj = js_NewGCObject(cx, kind);
     if (!callobj)
         return NULL;
@@ -973,17 +972,16 @@ NewCallObject(JSContext *cx, Bindings *b
         if (s.slot != SHAPE_INVALID_SLOT) {
             JS_ASSERT(s.slot + 1 == callobj->slotSpan());
             break;
         }
     }
 #endif
 
     callobj->setCallObjCallee(callee);
-    callobj->setOrigin(origin);
     return callobj;
 }
 
 } // namespace js
 
 static inline JSObject *
 NewDeclEnvObject(JSContext *cx, JSStackFrame *fp)
 {
@@ -992,17 +990,17 @@ NewDeclEnvObject(JSContext *cx, JSStackF
         return NULL;
 
     envobj->init(cx, &js_DeclEnvClass, NULL, &fp->scopeChain(), fp, false);
     envobj->setMap(cx->compartment->emptyDeclEnvShape);
     return envobj;
 }
 
 JSObject *
-js_GetCallObject(JSContext *cx, JSStackFrame *fp, Origins origin)
+js_GetCallObject(JSContext *cx, JSStackFrame *fp)
 {
     /* Create a call object for fp only if it lacks one. */
     JS_ASSERT(fp->isFunctionFrame());
     if (fp->hasCallObj())
         return &fp->callObj();
 
 #ifdef DEBUG
     /* A call object should be a frame's outermost scope chain element.  */
@@ -1033,17 +1031,17 @@ js_GetCallObject(JSContext *cx, JSStackF
                                      CalleeGetter, NULL,
                                      JSPROP_PERMANENT | JSPROP_READONLY,
                                      0, 0, NULL)) {
             return NULL;
         }
     }
 
     JSObject *callobj =
-        NewCallObject(cx, &fp->fun()->script()->bindings, fp->scopeChain(), &fp->callee(), origin);
+        NewCallObject(cx, &fp->fun()->script()->bindings, fp->scopeChain(), &fp->callee());
     if (!callobj)
         return NULL;
 
     callobj->setPrivate(fp);
     JS_ASSERT(fp->fun() == fp->callee().getFunctionPrivate());
 
     /*
      * Push callobj on the top of the scope chain, and make it the
@@ -1054,17 +1052,17 @@ js_GetCallObject(JSContext *cx, JSStackF
 }
 
 JSObject * JS_FASTCALL
 js_CreateCallObjectOnTrace(JSContext *cx, JSFunction *fun, JSObject *callee, JSObject *scopeChain)
 {
     JS_ASSERT(!js_IsNamedLambda(fun));
     JS_ASSERT(scopeChain);
     JS_ASSERT(callee);
-    return NewCallObject(cx, &fun->script()->bindings, *scopeChain, callee, ORIGIN_ON_TRACE);
+    return NewCallObject(cx, &fun->script()->bindings, *scopeChain, callee);
 }
 
 JS_DEFINE_CALLINFO_4(extern, OBJECT, js_CreateCallObjectOnTrace, CONTEXT, FUNCTION, OBJECT, OBJECT,
                      0, nanojit::ACCSET_STORE_ANY)
 
 inline static void
 CopyValuesToCallObject(JSObject &callobj, uintN nargs, Value *argv, uintN nvars, Value *slots)
 {
@@ -1366,78 +1364,21 @@ call_resolve(JSContext *cx, JSObject *ob
         *objp = obj;
         return true;
     }
 
     /* Control flow reaches here only if id was not resolved. */
     return true;
 }
 
-struct Cargo
-{
-    uint32 bef;
-
-    JSObject *callObjCallee;
-    uint32 atomLength;
-    jschar atom[64];
-    uint32 filenameLength;
-    char filename[128];
-    uint32 lineno;
-    uint32 callObjFlags;
-
-    uint32 aft;
-
-    Cargo() : bef(0xaaaaaaaa), aft(0xbbbbbbbb) {}
-};
-
-JS_PUBLIC_DATA(Cargo *) cargoEscape;
-
 static void
 call_trace(JSTracer *trc, JSObject *obj)
 {
     JS_ASSERT(obj->isCall());
-
     if (JSStackFrame *fp = obj->maybeCallObjStackFrame()) {
-
-        // TEMPORARY BUG FINDING CODE
-        Cargo cargo;
-        cargoEscape = &cargo;
-
-        cargo.callObjFlags = obj->flags;
-        cargo.callObjCallee = obj->getCallObjCallee();
-
-        if (cargo.callObjCallee) {
-            JSFunction *fun = cargo.callObjCallee->getFunctionPrivate();
-            if (fun->atom) {
-                cargo.atomLength = fun->atom->length();
-                js_strncpy(cargo.atom, fun->atom->chars(), Min(cargo.atomLength, (uint32)64));
-            } else {
-                strcpy((char *)cargo.atom, "(unnamed)");
-            }
-            if (fun->isInterpreted()) {
-                JSScript *script = fun->script();
-                cargo.lineno = script->lineno;
-                cargo.filenameLength = strlen(script->filename);
-                if (const char *filename = script->filename) {
-                    strncpy(cargo.filename, filename, Min(cargo.filenameLength, (uint32)128));
-                } else {
-                    strcpy(cargo.filename, "(no file)");
-                }
-            } else {
-                *((int *)0xbad1) = 0;
-            }
-        } else {
-            strcpy((char *)cargo.atom, "(eval)");
-        }
-
-        bool bad = obj != &fp->callObj();
-        JS_ASSERT(!bad);
-        if (bad)
-            *((int *)0xbad2) = 0;
-
         /*
          * FIXME: Hide copies of stack values rooted by fp from the Cycle
          * Collector, which currently lacks a non-stub Unlink implementation
          * for JS objects (including Call objects), so is unable to collect
          * cycles involving Call objects whose frames are active without this
          * hiding hack.
          */
         uintN first = JSObject::CALL_RESERVED_SLOTS;
--- a/js/src/jsfun.h
+++ b/js/src/jsfun.h
@@ -323,18 +323,17 @@ namespace js {
 
 /*
  * Construct a call object for the given bindings.  If this is a call object
  * for a function invocation, callee should be the function being called.
  * Otherwise it must be a call object for eval of strict mode code, and callee
  * must be null.
  */
 extern JSObject *
-NewCallObject(JSContext *cx, js::Bindings *bindings, JSObject &scopeChain, JSObject *callee,
-              Origins origin);
+NewCallObject(JSContext *cx, js::Bindings *bindings, JSObject &scopeChain, JSObject *callee);
 
 /*
  * NB: jsapi.h and jsobj.h must be included before any call to this macro.
  */
 #define VALUE_IS_FUNCTION(cx, v)                                              \
     (!JSVAL_IS_PRIMITIVE(v) && JSVAL_TO_OBJECT(v)->isFunction())
 
 static JS_ALWAYS_INLINE bool
@@ -512,17 +511,17 @@ js_ValueToFunctionObject(JSContext *cx, 
 
 extern JSObject *
 js_ValueToCallableObject(JSContext *cx, js::Value *vp, uintN flags);
 
 extern void
 js_ReportIsNotFunction(JSContext *cx, const js::Value *vp, uintN flags);
 
 extern JSObject *
-js_GetCallObject(JSContext *cx, JSStackFrame *fp, Origins origin);
+js_GetCallObject(JSContext *cx, JSStackFrame *fp);
 
 extern JSObject * JS_FASTCALL
 js_CreateCallObjectOnTrace(JSContext *cx, JSFunction *fun, JSObject *callee, JSObject *scopeChain);
 
 extern void
 js_PutCallObject(JSContext *cx, JSStackFrame *fp);
 
 extern JSBool JS_FASTCALL
--- a/js/src/jsinterp.cpp
+++ b/js/src/jsinterp.cpp
@@ -161,17 +161,17 @@ js::GetScopeChain(JSContext *cx)
         if (!obj) {
             JS_ReportErrorNumber(cx, js_GetErrorMessage, NULL, JSMSG_INACTIVE);
             return NULL;
         }
 
         OBJ_TO_INNER_OBJECT(cx, obj);
         return obj;
     }
-    return GetScopeChain(cx, fp, ORIGIN_GET_SCOPE_CHAIN_API);
+    return GetScopeChain(cx, fp);
 }
 
 /*
  * This computes the blockChain by iterating through the bytecode
  * of the current script until it reaches the PC. Each time it sees
  * an ENTERBLOCK or LEAVEBLOCK instruction, it records the new
  * blockChain. A faster variant of this function that doesn't
  * require bytecode scanning appears below.
@@ -271,17 +271,17 @@ js::GetBlockChainFast(JSContext *cx, JSS
  * current), place them at the head of scopeChain, and use that for the
  * closure's scope chain.  If we never close over a lexical block, we never
  * place a mutable clone of it on scopeChain.
  *
  * This lazy cloning is implemented in GetScopeChain, which is also used in
  * some other cases --- entering 'with' blocks, for example.
  */
 static JSObject *
-GetScopeChainFull(JSContext *cx, JSStackFrame *fp, JSObject *blockChain, Origins origin)
+GetScopeChainFull(JSContext *cx, JSStackFrame *fp, JSObject *blockChain)
 {
     JSObject *sharedBlock = blockChain;
 
     if (!sharedBlock) {
         /*
          * Don't force a call object for a lightweight function call, but do
          * insist that there is a call object for a heavyweight function call.
          */
@@ -299,17 +299,17 @@ GetScopeChainFull(JSContext *cx, JSStack
      * if this frame is a call frame.
      *
      * Also, identify the innermost compiler-allocated block we needn't clone.
      */
     JSObject *limitBlock, *limitClone;
     if (fp->isFunctionFrame() && !fp->hasCallObj()) {
         JS_ASSERT_IF(fp->scopeChain().isClonedBlock(),
                      fp->scopeChain().getPrivate() != js_FloatingFrameIfGenerator(cx, fp));
-        if (!js_GetCallObject(cx, fp, origin))
+        if (!js_GetCallObject(cx, fp))
             return NULL;
 
         /* We know we must clone everything on blockChain. */
         limitBlock = limitClone = NULL;
     } else {
         /*
          * scopeChain includes all blocks whose static scope we're within that
          * have already been cloned.  Find the innermost such block.  Its
@@ -392,25 +392,25 @@ GetScopeChainFull(JSContext *cx, JSStack
                  sharedBlock);
 
     /* Place our newly cloned blocks at the head of the scope chain.  */
     fp->setScopeChainNoCallObj(*innermostNewChild);
     return innermostNewChild;
 }
 
 JSObject *
-js::GetScopeChain(JSContext *cx, JSStackFrame *fp, Origins origin)
-{
-    return GetScopeChainFull(cx, fp, GetBlockChain(cx, fp), origin);
+js::GetScopeChain(JSContext *cx, JSStackFrame *fp)
+{
+    return GetScopeChainFull(cx, fp, GetBlockChain(cx, fp));
 }
 
 JSObject *
-js::GetScopeChainFast(JSContext *cx, JSStackFrame *fp, JSOp op, size_t oplen, Origins origin)
-{
-    return GetScopeChainFull(cx, fp, GetBlockChainFast(cx, fp, op, oplen), origin);
+js::GetScopeChainFast(JSContext *cx, JSStackFrame *fp, JSOp op, size_t oplen)
+{
+    return GetScopeChainFull(cx, fp, GetBlockChainFast(cx, fp, op, oplen));
 }
 
 /* Some objects (e.g., With) delegate 'this' to another object. */
 static inline JSObject *
 CallThisObjectHook(JSContext *cx, JSObject *obj, Value *argv)
 {
     JSObject *thisp = obj->thisObject(cx);
     if (!thisp)
@@ -715,17 +715,17 @@ Invoke(JSContext *cx, const CallArgs &ar
     JSStackFrame *fp = frame.fp();
     fp->initCallFrame(cx, callee, fun, args.argc(), flags);
     SetValueRangeToUndefined(fp->slots(), script->nfixed);
 
     /* Officially push fp. frame's destructor pops. */
     cx->stack().pushInvokeFrame(cx, args, &frame);
 
     /* Now that the new frame is rooted, maybe create a call object. */
-    if (fun->isHeavyweight() && !js_GetCallObject(cx, fp, ORIGIN_INVOKE))
+    if (fun->isHeavyweight() && !js_GetCallObject(cx, fp))
         return false;
 
     /* Run function until JSOP_STOP, JSOP_RETURN or error. */
     JSBool ok;
     {
         AutoPreserveEnumerators preserve(cx);
         ok = RunScript(cx, script, fp);
     }
@@ -955,17 +955,17 @@ Execute(JSContext *cx, JSObject *chain, 
     }
 
     /*
      * Strict mode eval code receives its own, fresh lexical environment; thus
      * strict mode eval can't mutate its calling frame's binding set.
      */
     if ((flags & JSFRAME_EVAL) && script->strictModeCode) {
         AutoScriptRooter root(cx, script);
-        initialVarObj = NewCallObject(cx, &script->bindings, *initialVarObj, NULL, ORIGIN_EXEC);
+        initialVarObj = NewCallObject(cx, &script->bindings, *initialVarObj, NULL);
         if (!initialVarObj)
             return false;
         initialVarObj->setPrivate(frame.fp());
 
         /* Clear the Call object propagated from the previous frame, if any. */
         if (frame.fp()->hasCallObj())
             frame.fp()->clearCallObj();
         frame.fp()->setScopeChainAndCallObj(*initialVarObj);
@@ -1306,17 +1306,17 @@ DirectEval(JSContext *cx, JSFunction *ev
     JS_ASSERT(vp[0].toObject().getFunctionPrivate() == evalfun);
     JS_ASSERT(IsBuiltinEvalFunction(evalfun));
 
     JSStackFrame *caller = cx->fp();
     JS_ASSERT(caller->isScriptFrame());
     AutoFunctionCallProbe callProbe(cx, evalfun, caller->script());
 
     JSObject *scopeChain =
-        GetScopeChainFast(cx, caller, JSOP_EVAL, JSOP_EVAL_LENGTH + JSOP_LINENO_LENGTH, ORIGIN_DEVAL);
+        GetScopeChainFast(cx, caller, JSOP_EVAL, JSOP_EVAL_LENGTH + JSOP_LINENO_LENGTH);
     if (!scopeChain || !EvalKernel(cx, argc, vp, DIRECT_EVAL, caller, scopeChain))
         return false;
     cx->regs->sp = vp + 1;
     return true;
 }
 
 bool
 ValueToId(JSContext *cx, const Value &v, jsid *idp)
@@ -1359,17 +1359,17 @@ js_EnterWith(JSContext *cx, jsint stackI
         obj = &sp[-1].toObject();
     } else {
         obj = js_ValueToNonNullObject(cx, sp[-1]);
         if (!obj)
             return JS_FALSE;
         sp[-1].setObject(*obj);
     }
 
-    JSObject *parent = GetScopeChainFast(cx, fp, op, oplen, ORIGIN_WITH);
+    JSObject *parent = GetScopeChainFast(cx, fp, op, oplen);
     if (!parent)
         return JS_FALSE;
 
     OBJ_TO_INNER_OBJECT(cx, obj);
     if (!obj)
         return JS_FALSE;
 
     JSObject *withobj = js_NewWithObject(cx, obj, parent,
@@ -4719,17 +4719,17 @@ BEGIN_CASE(JSOP_FUNCALL)
 
             /* Refresh interpreter locals. */
             JS_ASSERT(newfp == regs.fp);
             script = newscript;
             argv = regs.fp->formalArgsEnd() - newfun->nargs;
             atoms = script->atomMap.vector;
 
             /* Now that the new frame is rooted, maybe create a call object. */
-            if (newfun->isHeavyweight() && !js_GetCallObject(cx, regs.fp, ORIGIN_INTERP))
+            if (newfun->isHeavyweight() && !js_GetCallObject(cx, regs.fp))
                 goto error;
 
             inlineCallCount++;
             JS_RUNTIME_METER(rt, inlineCalls);
 
             TRACE_0(EnterFrame);
 
             CHECK_INTERRUPT_HANDLER();
@@ -5383,17 +5383,17 @@ BEGIN_CASE(JSOP_DEFFUN)
          * Even a null closure needs a parent for principals finding.
          * FIXME: bug 476950, although debugger users may also demand some kind
          * of scope link for debugger-assisted eval-in-frame.
          */
         obj2 = &regs.fp->scopeChain();
     } else {
         JS_ASSERT(!fun->isFlatClosure());
 
-        obj2 = GetScopeChainFast(cx, regs.fp, JSOP_DEFFUN, JSOP_DEFFUN_LENGTH, ORIGIN_DEFFUN);
+        obj2 = GetScopeChainFast(cx, regs.fp, JSOP_DEFFUN, JSOP_DEFFUN_LENGTH);
         if (!obj2)
             goto error;
     }
 
     /*
      * If static link is not current scope, clone fun's object to link to the
      * current scope via parent. We do this to enable sharing of compiled
      * functions among multiple equivalent scopes, amortizing the cost of
@@ -5522,17 +5522,17 @@ BEGIN_CASE(JSOP_DEFLOCALFUN)
     JSObject *obj = FUN_OBJECT(fun);
 
     if (FUN_NULL_CLOSURE(fun)) {
         obj = CloneFunctionObject(cx, fun, &regs.fp->scopeChain());
         if (!obj)
             goto error;
     } else {
         JSObject *parent = GetScopeChainFast(cx, regs.fp, JSOP_DEFLOCALFUN,
-                                             JSOP_DEFLOCALFUN_LENGTH, ORIGIN_DEFLOCALFUN);
+                                             JSOP_DEFLOCALFUN_LENGTH);
         if (!parent)
             goto error;
 
         if (obj->getParent() != parent) {
 #ifdef JS_TRACER
             if (TRACE_RECORDER(cx))
                 AbortRecording(cx, "DEFLOCALFUN for closure");
 #endif
@@ -5685,17 +5685,17 @@ BEGIN_CASE(JSOP_LAMBDA)
                     h.add(p, fun, 1);
                 } else {
                     JS_ASSERT(p->key == fun);
                     ++p->value;
                 }
             }
 #endif
         } else {
-            parent = GetScopeChainFast(cx, regs.fp, JSOP_LAMBDA, JSOP_LAMBDA_LENGTH, ORIGIN_LAMBDA);
+            parent = GetScopeChainFast(cx, regs.fp, JSOP_LAMBDA, JSOP_LAMBDA_LENGTH);
             if (!parent)
                 goto error;
         }
 
         obj = CloneFunctionObject(cx, fun, parent);
         if (!obj)
             goto error;
     } while (0);
--- a/js/src/jsinterp.h
+++ b/js/src/jsinterp.h
@@ -809,20 +809,20 @@ GetScopeChain(JSContext *cx);
 /*
  * Refresh and return fp->scopeChain.  It may be stale if block scopes are
  * active but not yet reflected by objects in the scope chain.  If a block
  * scope contains a with, eval, XML filtering predicate, or similar such
  * dynamically scoped construct, then compile-time block scope at fp->blocks
  * must reflect at runtime.
  */
 extern JSObject *
-GetScopeChain(JSContext *cx, JSStackFrame *fp, Origins);
+GetScopeChain(JSContext *cx, JSStackFrame *fp);
 
 extern JSObject *
-GetScopeChainFast(JSContext *cx, JSStackFrame *fp, JSOp op, size_t oplen, Origins);
+GetScopeChainFast(JSContext *cx, JSStackFrame *fp, JSOp op, size_t oplen);
 
 /*
  * Report an error that the this value passed as |this| in the given arguments
  * vector is not compatible with the specified class.
  */
 void
 ReportIncompatibleMethod(JSContext *cx, Value *vp, Class *clasp);
 
@@ -832,17 +832,17 @@ ReportIncompatibleMethod(JSContext *cx, 
  * of |this|. If |this| is an object, insist that it be an instance of the
  * appropriate wrapper class for T, and set |*v| to its private slot value.
  * If |this| is a primitive, unbox it into |*v| if it's of the required
  * type, and throw an error otherwise.
  */
 template <typename T>
 bool GetPrimitiveThis(JSContext *cx, Value *vp, T *v);
 
-inline void
+void
 PutActivationObjects(JSContext *cx, JSStackFrame *fp);
 
 /*
  * For a call's vp (which necessarily includes callee at vp[0] and the original
  * specified |this| at vp[1]), convert null/undefined |this| into the global
  * object for the callee and replace other primitives with boxed versions. The
  * callee must not be strict mode code.
  */
--- a/js/src/jsinterpinlines.h
+++ b/js/src/jsinterpinlines.h
@@ -730,30 +730,26 @@ ScriptEpilogue(JSContext *cx, JSStackFra
          * parent frame has it).
          */
         if (fp->script()->strictModeCode) {
             JS_ASSERT(!fp->isYielding());
             JS_ASSERT(!fp->hasArgsObj());
             JS_ASSERT(fp->hasCallObj());
             JS_ASSERT(fp->callObj().callIsForEval());
             js_PutCallObject(cx, fp);
-        } else if (fp->hasCallObj()) {
-            fp->callObj().setSkipped();
         }
     } else {
         /*
          * Otherwise only function frames have activation objects. A yielding
          * frame's activation objects are transferred to the floating frame,
          * stored in the generator, and thus need not be synced.
          */
         if (fp->isFunctionFrame() && !fp->isYielding()) {
             JS_ASSERT_IF(fp->hasCallObj(), !fp->callObj().callIsForEval());
             PutActivationObjects(cx, fp);
-        } else if (fp->hasCallObj()) {
-            fp->callObj().setSkipped();
         }
     }
 
     /*
      * If inline-constructing, replace primitive rval with the new object
      * passed in via |this|, and instrument this constructor invocation.
      */
     if (fp->isConstructing() && ok) {
--- a/js/src/jsobj.h
+++ b/js/src/jsobj.h
@@ -282,41 +282,16 @@ struct NativeIterator;
 }
 
 struct JSFunction;
 
 namespace nanojit {
 class ValidateWriter;
 }
 
-// TEMPORARY CRASH-FINDING
-enum Origins {
-    ORIGIN_ON_TRACE              = 1,
-    ORIGIN_EXEC                  = 2,
-    ORIGIN_GET_FRAME_OBJ         = 3,
-    ORIGIN_INVOKE                = 4,
-    ORIGIN_INTERP                = 5,
-    ORIGIN_GET_SCOPE_CHAIN_API   = 6,
-    ORIGIN_CLONE_FUNOBJ          = 7,
-    ORIGIN_GET_FRAME_SCOPE_CHAIN = 8,
-    ORIGIN_WESC                  = 9,
-    ORIGIN_DEVAL                 = 10,
-    ORIGIN_WITH                  = 11,
-    ORIGIN_DEFFUN                = 12,
-    ORIGIN_DEFLOCALFUN           = 13,
-    ORIGIN_LAMBDA                = 14,
-    ORIGIN_LAME                  = 15,
-    ORIGIN_MJIT_DEFFUN           = 16,
-    ORIGIN_MJIT_DEFLOCALFUN      = 17,
-    ORIGIN_MJIT_LAMBDA           = 18,
-    ORIGIN_COMPILE_FUNCTION      = 19,
-    ORIGIN_UIC                   = 20,
-    ORIGIN_MJIT_GCO              = 21
-};
-
 /*
  * JSObject struct, with members sized to fit in 32 bytes on 32-bit targets,
  * 64 bytes on 64-bit systems. The JSFunction struct is an extension of this
  * struct allocated from a larger GC size-class.
  *
  * The clasp member stores the js::Class pointer for this object. We do *not*
  * synchronize updates of clasp or flags -- API clients must take care.
  *
@@ -406,33 +381,19 @@ struct JSObject : js::gc::Cell {
         GENERIC                   =  0x10,
         METHOD_BARRIER            =  0x20,
         INDEXED                   =  0x40,
         OWN_SHAPE                 =  0x80,
         BOUND_FUNCTION            = 0x100,
         HAS_EQUALITY              = 0x200,
         METHOD_THRASH_COUNT_MASK  = 0xc00,
         METHOD_THRASH_COUNT_SHIFT =    10,
-        METHOD_THRASH_COUNT_MAX   = METHOD_THRASH_COUNT_MASK >> METHOD_THRASH_COUNT_SHIFT,
-
-        ORIGIN_MASK          = 0xff000000,
-        ORIGIN_SHIFT         = 24,
-        SKIPPED_BIT          = 0x00100000
-
+        METHOD_THRASH_COUNT_MAX   = METHOD_THRASH_COUNT_MASK >> METHOD_THRASH_COUNT_SHIFT
     };
 
-    // TMP CRASH-FINDING
-    void setOrigin(Origins origin) {
-        flags = (flags & ~(uint32)ORIGIN_MASK) | (origin << ORIGIN_SHIFT);
-    }
-
-    void setSkipped() {
-        flags |= SKIPPED_BIT;
-    }
-
     /*
      * Impose a sane upper bound, originally checked only for dense arrays, on
      * number of slots in an object.
      */
     enum {
         NSLOTS_BITS     = 29,
         NSLOTS_LIMIT    = JS_BIT(NSLOTS_BITS)
     };
--- a/js/src/methodjit/InvokeHelpers.cpp
+++ b/js/src/methodjit/InvokeHelpers.cpp
@@ -320,17 +320,17 @@ stubs::CompileFunction(VMFrame &f, uint3
     /* Finish frame initialization. */
     fp->initCallFrameLatePrologue();
 
     /* These would have been initialized by the prologue. */
     f.regs.fp = fp;
     f.regs.sp = fp->base();
     f.regs.pc = script->code;
 
-    if (fun->isHeavyweight() && !js_GetCallObject(cx, fp, ORIGIN_COMPILE_FUNCTION))
+    if (fun->isHeavyweight() && !js_GetCallObject(cx, fp))
         THROWV(NULL);
 
     CompileStatus status = CanMethodJIT(cx, script, fp, CompileRequest_JIT);
     if (status == Compile_Okay)
         return script->getJIT(fp->isConstructing())->invokeEntry;
 
     /* Function did not compile... interpret it. */
     JSBool ok = Interpret(cx, fp);
@@ -363,17 +363,17 @@ UncachedInlineCall(VMFrame &f, uint32 fl
     newfp->initCallFrame(cx, callee, newfun, argc, flags);
     SetValueRangeToUndefined(newfp->slots(), newscript->nfixed);
 
     /* Officially push the frame. */
     stack.pushInlineFrame(cx, newscript, newfp, &f.regs);
     JS_ASSERT(newfp == f.regs.fp);
 
     /* Scope with a call object parented by callee's parent. */
-    if (newfun->isHeavyweight() && !js_GetCallObject(cx, newfp, ORIGIN_UIC))
+    if (newfun->isHeavyweight() && !js_GetCallObject(cx, newfp))
         return false;
 
     /* Try to compile if not already compiled. */
     if (newscript->getJITStatus(newfp->isConstructing()) == JITScript_None) {
         CompileStatus status = CanMethodJIT(cx, newscript, newfp, CompileRequest_Interpreter);
         if (status == Compile_Error) {
             /* A runtime exception was thrown, get out. */
             InlineReturn(f);
@@ -583,17 +583,17 @@ js_InternalThrow(VMFrame &f)
     JSScript *script = fp->script();
     return script->nativeCodeForPC(fp->isConstructing(), pc);
 }
 
 void JS_FASTCALL
 stubs::GetCallObject(VMFrame &f)
 {
     JS_ASSERT(f.fp()->fun()->isHeavyweight());
-    if (!js_GetCallObject(f.cx, f.fp(), ORIGIN_MJIT_GCO))
+    if (!js_GetCallObject(f.cx, f.fp()))
         THROW();
 }
 
 void JS_FASTCALL
 stubs::CreateThis(VMFrame &f, JSObject *proto)
 {
     JSContext *cx = f.cx;
     JSStackFrame *fp = f.fp();
--- a/js/src/methodjit/StubCalls.cpp
+++ b/js/src/methodjit/StubCalls.cpp
@@ -720,17 +720,17 @@ stubs::DefFun(VMFrame &f, JSFunction *fu
          * Even a null closure needs a parent for principals finding.
          * FIXME: bug 476950, although debugger users may also demand some kind
          * of scope link for debugger-assisted eval-in-frame.
          */
         obj2 = &fp->scopeChain();
     } else {
         JS_ASSERT(!fun->isFlatClosure());
 
-        obj2 = GetScopeChainFast(cx, fp, JSOP_DEFFUN, JSOP_DEFFUN_LENGTH, ORIGIN_MJIT_DEFFUN);
+        obj2 = GetScopeChainFast(cx, fp, JSOP_DEFFUN, JSOP_DEFFUN_LENGTH);
         if (!obj2)
             THROW();
     }
 
     /*
      * If static link is not current scope, clone fun's object to link to the
      * current scope via parent. We do this to enable sharing of compiled
      * functions among multiple equivalent scopes, amortizing the cost of
@@ -1381,17 +1381,17 @@ stubs::DefLocalFun(VMFrame &f, JSFunctio
     JSObject *obj = FUN_OBJECT(fun);
 
     if (FUN_NULL_CLOSURE(fun)) {
         obj = CloneFunctionObject(f.cx, fun, &f.fp()->scopeChain());
         if (!obj)
             THROWV(NULL);
     } else {
         JSObject *parent = GetScopeChainFast(f.cx, f.fp(), JSOP_DEFLOCALFUN,
-                                             JSOP_DEFLOCALFUN_LENGTH, ORIGIN_MJIT_DEFLOCALFUN);
+                                             JSOP_DEFLOCALFUN_LENGTH);
         if (!parent)
             THROWV(NULL);
 
         if (obj->getParent() != parent) {
             obj = CloneFunctionObject(f.cx, fun, parent);
             if (!obj)
                 THROWV(NULL);
         }
@@ -1510,17 +1510,17 @@ JSObject * JS_FASTCALL
 stubs::Lambda(VMFrame &f, JSFunction *fun)
 {
     JSObject *obj = FUN_OBJECT(fun);
 
     JSObject *parent;
     if (FUN_NULL_CLOSURE(fun)) {
         parent = &f.fp()->scopeChain();
     } else {
-        parent = GetScopeChainFast(f.cx, f.fp(), JSOP_LAMBDA, JSOP_LAMBDA_LENGTH, ORIGIN_MJIT_LAMBDA);
+        parent = GetScopeChainFast(f.cx, f.fp(), JSOP_LAMBDA, JSOP_LAMBDA_LENGTH);
         if (!parent)
             THROWV(NULL);
     }
 
     obj = CloneFunctionObject(f.cx, fun, parent);
     if (!obj)
         THROWV(NULL);