[JSC] Pass VM& to functions more
authorutatane.tea@gmail.com <utatane.tea@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 27 Jun 2018 05:01:29 +0000 (05:01 +0000)
committerutatane.tea@gmail.com <utatane.tea@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 27 Jun 2018 05:01:29 +0000 (05:01 +0000)
https://bugs.webkit.org/show_bug.cgi?id=186241

Reviewed by Mark Lam.

Source/JavaScriptCore:

This patch threads VM& to functions requiring VM& more.

* API/JSObjectRef.cpp:
(JSObjectIsConstructor):
* bytecode/AdaptiveInferredPropertyValueWatchpointBase.cpp:
(JSC::AdaptiveInferredPropertyValueWatchpointBase::install):
(JSC::AdaptiveInferredPropertyValueWatchpointBase::fire):
(JSC::AdaptiveInferredPropertyValueWatchpointBase::StructureWatchpoint::fireInternal):
(JSC::AdaptiveInferredPropertyValueWatchpointBase::PropertyWatchpoint::fireInternal):
* bytecode/AdaptiveInferredPropertyValueWatchpointBase.h:
* bytecode/CodeBlockJettisoningWatchpoint.cpp:
(JSC::CodeBlockJettisoningWatchpoint::fireInternal):
* bytecode/CodeBlockJettisoningWatchpoint.h:
* bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp:
(JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::install):
(JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal):
* bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h:
* bytecode/StructureStubClearingWatchpoint.cpp:
(JSC::StructureStubClearingWatchpoint::fireInternal):
* bytecode/StructureStubClearingWatchpoint.h:
* bytecode/Watchpoint.cpp:
(JSC::Watchpoint::fire):
(JSC::WatchpointSet::fireAllWatchpoints):
* bytecode/Watchpoint.h:
* dfg/DFGAdaptiveInferredPropertyValueWatchpoint.cpp:
(JSC::DFG::AdaptiveInferredPropertyValueWatchpoint::handleFire):
* dfg/DFGAdaptiveInferredPropertyValueWatchpoint.h:
* dfg/DFGAdaptiveStructureWatchpoint.cpp:
(JSC::DFG::AdaptiveStructureWatchpoint::install):
(JSC::DFG::AdaptiveStructureWatchpoint::fireInternal):
* dfg/DFGAdaptiveStructureWatchpoint.h:
* dfg/DFGDesiredWatchpoints.cpp:
(JSC::DFG::AdaptiveStructureWatchpointAdaptor::add):
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::setupGetByIdPrototypeCache):
* runtime/ArrayPrototype.cpp:
(JSC::ArrayPrototype::tryInitializeSpeciesWatchpoint):
(JSC::ArrayPrototypeAdaptiveInferredPropertyWatchpoint::handleFire):
* runtime/ECMAScriptSpecInternalFunctions.cpp:
(JSC::esSpecIsConstructor):
* runtime/FunctionRareData.cpp:
(JSC::FunctionRareData::AllocationProfileClearingWatchpoint::fireInternal):
* runtime/FunctionRareData.h:
* runtime/InferredStructureWatchpoint.cpp:
(JSC::InferredStructureWatchpoint::fireInternal):
* runtime/InferredStructureWatchpoint.h:
* runtime/InternalFunction.cpp:
(JSC::InternalFunction::createSubclassStructureSlow):
* runtime/InternalFunction.h:
(JSC::InternalFunction::createSubclassStructure):
* runtime/JSCJSValue.h:
* runtime/JSCJSValueInlines.h:
(JSC::JSValue::isConstructor const):
* runtime/JSCell.h:
* runtime/JSCellInlines.h:
(JSC::JSCell::isConstructor):
(JSC::JSCell::methodTable const):
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
* runtime/ObjectPropertyChangeAdaptiveWatchpoint.h:
(JSC::ObjectPropertyChangeAdaptiveWatchpoint::ObjectPropertyChangeAdaptiveWatchpoint):
* runtime/ProxyObject.cpp:
(JSC::ProxyObject::finishCreation):
* runtime/ReflectObject.cpp:
(JSC::reflectObjectConstruct):
* runtime/StructureRareData.cpp:
(JSC::StructureRareData::setObjectToStringValue):
(JSC::ObjectToStringAdaptiveStructureWatchpoint::install):
(JSC::ObjectToStringAdaptiveStructureWatchpoint::fireInternal):
(JSC::ObjectToStringAdaptiveInferredPropertyValueWatchpoint::handleFire):

Source/WebCore:

* bindings/js/JSCustomElementRegistryCustom.cpp:
(WebCore::JSCustomElementRegistry::define):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233245 268f45cc-cd09-0410-ab3c-d52691b4dbfc

37 files changed:
Source/JavaScriptCore/API/JSObjectRef.cpp
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/bytecode/AdaptiveInferredPropertyValueWatchpointBase.cpp
Source/JavaScriptCore/bytecode/AdaptiveInferredPropertyValueWatchpointBase.h
Source/JavaScriptCore/bytecode/CodeBlockJettisoningWatchpoint.cpp
Source/JavaScriptCore/bytecode/CodeBlockJettisoningWatchpoint.h
Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp
Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h
Source/JavaScriptCore/bytecode/StructureStubClearingWatchpoint.cpp
Source/JavaScriptCore/bytecode/StructureStubClearingWatchpoint.h
Source/JavaScriptCore/bytecode/Watchpoint.cpp
Source/JavaScriptCore/bytecode/Watchpoint.h
Source/JavaScriptCore/dfg/DFGAdaptiveInferredPropertyValueWatchpoint.cpp
Source/JavaScriptCore/dfg/DFGAdaptiveInferredPropertyValueWatchpoint.h
Source/JavaScriptCore/dfg/DFGAdaptiveStructureWatchpoint.cpp
Source/JavaScriptCore/dfg/DFGAdaptiveStructureWatchpoint.h
Source/JavaScriptCore/dfg/DFGDesiredWatchpoints.cpp
Source/JavaScriptCore/llint/LLIntSlowPaths.cpp
Source/JavaScriptCore/runtime/ArrayPrototype.cpp
Source/JavaScriptCore/runtime/ECMAScriptSpecInternalFunctions.cpp
Source/JavaScriptCore/runtime/FunctionRareData.cpp
Source/JavaScriptCore/runtime/FunctionRareData.h
Source/JavaScriptCore/runtime/InferredStructureWatchpoint.cpp
Source/JavaScriptCore/runtime/InferredStructureWatchpoint.h
Source/JavaScriptCore/runtime/InternalFunction.cpp
Source/JavaScriptCore/runtime/InternalFunction.h
Source/JavaScriptCore/runtime/JSCJSValue.h
Source/JavaScriptCore/runtime/JSCJSValueInlines.h
Source/JavaScriptCore/runtime/JSCell.h
Source/JavaScriptCore/runtime/JSCellInlines.h
Source/JavaScriptCore/runtime/JSGlobalObject.cpp
Source/JavaScriptCore/runtime/ObjectPropertyChangeAdaptiveWatchpoint.h
Source/JavaScriptCore/runtime/ProxyObject.cpp
Source/JavaScriptCore/runtime/ReflectObject.cpp
Source/JavaScriptCore/runtime/StructureRareData.cpp
Source/WebCore/ChangeLog
Source/WebCore/bindings/js/JSCustomElementRegistryCustom.cpp

index e2a4e2a..566b736 100644 (file)
@@ -630,9 +630,7 @@ bool JSObjectIsConstructor(JSContextRef ctx, JSObjectRef object)
     JSLockHolder locker(vm);
     if (!object)
         return false;
-    JSObject* jsObject = toJS(object);
-    ConstructData constructData;
-    return jsObject->methodTable(vm)->getConstructData(jsObject, constructData) != ConstructType::None;
+    return toJS(object)->isConstructor(vm);
 }
 
 JSObjectRef JSObjectCallAsConstructor(JSContextRef ctx, JSObjectRef object, size_t argumentCount, const JSValueRef arguments[], JSValueRef* exception)
index e97438d..dc0887b 100644 (file)
@@ -1,3 +1,81 @@
+2018-06-26  Yusuke Suzuki  <utatane.tea@gmail.com>
+
+        [JSC] Pass VM& to functions more
+        https://bugs.webkit.org/show_bug.cgi?id=186241
+
+        Reviewed by Mark Lam.
+
+        This patch threads VM& to functions requiring VM& more.
+
+        * API/JSObjectRef.cpp:
+        (JSObjectIsConstructor):
+        * bytecode/AdaptiveInferredPropertyValueWatchpointBase.cpp:
+        (JSC::AdaptiveInferredPropertyValueWatchpointBase::install):
+        (JSC::AdaptiveInferredPropertyValueWatchpointBase::fire):
+        (JSC::AdaptiveInferredPropertyValueWatchpointBase::StructureWatchpoint::fireInternal):
+        (JSC::AdaptiveInferredPropertyValueWatchpointBase::PropertyWatchpoint::fireInternal):
+        * bytecode/AdaptiveInferredPropertyValueWatchpointBase.h:
+        * bytecode/CodeBlockJettisoningWatchpoint.cpp:
+        (JSC::CodeBlockJettisoningWatchpoint::fireInternal):
+        * bytecode/CodeBlockJettisoningWatchpoint.h:
+        * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp:
+        (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::install):
+        (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal):
+        * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h:
+        * bytecode/StructureStubClearingWatchpoint.cpp:
+        (JSC::StructureStubClearingWatchpoint::fireInternal):
+        * bytecode/StructureStubClearingWatchpoint.h:
+        * bytecode/Watchpoint.cpp:
+        (JSC::Watchpoint::fire):
+        (JSC::WatchpointSet::fireAllWatchpoints):
+        * bytecode/Watchpoint.h:
+        * dfg/DFGAdaptiveInferredPropertyValueWatchpoint.cpp:
+        (JSC::DFG::AdaptiveInferredPropertyValueWatchpoint::handleFire):
+        * dfg/DFGAdaptiveInferredPropertyValueWatchpoint.h:
+        * dfg/DFGAdaptiveStructureWatchpoint.cpp:
+        (JSC::DFG::AdaptiveStructureWatchpoint::install):
+        (JSC::DFG::AdaptiveStructureWatchpoint::fireInternal):
+        * dfg/DFGAdaptiveStructureWatchpoint.h:
+        * dfg/DFGDesiredWatchpoints.cpp:
+        (JSC::DFG::AdaptiveStructureWatchpointAdaptor::add):
+        * llint/LLIntSlowPaths.cpp:
+        (JSC::LLInt::setupGetByIdPrototypeCache):
+        * runtime/ArrayPrototype.cpp:
+        (JSC::ArrayPrototype::tryInitializeSpeciesWatchpoint):
+        (JSC::ArrayPrototypeAdaptiveInferredPropertyWatchpoint::handleFire):
+        * runtime/ECMAScriptSpecInternalFunctions.cpp:
+        (JSC::esSpecIsConstructor):
+        * runtime/FunctionRareData.cpp:
+        (JSC::FunctionRareData::AllocationProfileClearingWatchpoint::fireInternal):
+        * runtime/FunctionRareData.h:
+        * runtime/InferredStructureWatchpoint.cpp:
+        (JSC::InferredStructureWatchpoint::fireInternal):
+        * runtime/InferredStructureWatchpoint.h:
+        * runtime/InternalFunction.cpp:
+        (JSC::InternalFunction::createSubclassStructureSlow):
+        * runtime/InternalFunction.h:
+        (JSC::InternalFunction::createSubclassStructure):
+        * runtime/JSCJSValue.h:
+        * runtime/JSCJSValueInlines.h:
+        (JSC::JSValue::isConstructor const):
+        * runtime/JSCell.h:
+        * runtime/JSCellInlines.h:
+        (JSC::JSCell::isConstructor):
+        (JSC::JSCell::methodTable const):
+        * runtime/JSGlobalObject.cpp:
+        (JSC::JSGlobalObject::init):
+        * runtime/ObjectPropertyChangeAdaptiveWatchpoint.h:
+        (JSC::ObjectPropertyChangeAdaptiveWatchpoint::ObjectPropertyChangeAdaptiveWatchpoint):
+        * runtime/ProxyObject.cpp:
+        (JSC::ProxyObject::finishCreation):
+        * runtime/ReflectObject.cpp:
+        (JSC::reflectObjectConstruct):
+        * runtime/StructureRareData.cpp:
+        (JSC::StructureRareData::setObjectToStringValue):
+        (JSC::ObjectToStringAdaptiveStructureWatchpoint::install):
+        (JSC::ObjectToStringAdaptiveStructureWatchpoint::fireInternal):
+        (JSC::ObjectToStringAdaptiveInferredPropertyValueWatchpoint::handleFire):
+
 2018-06-26  Mark Lam  <mark.lam@apple.com>
 
         eval() is wrong about the LiteralParser never throwing any exceptions.
index 3f02d4f..b26fbf6 100644 (file)
@@ -36,18 +36,20 @@ AdaptiveInferredPropertyValueWatchpointBase::AdaptiveInferredPropertyValueWatchp
     RELEASE_ASSERT(key.kind() == PropertyCondition::Equivalence);
 }
 
-void AdaptiveInferredPropertyValueWatchpointBase::install()
+void AdaptiveInferredPropertyValueWatchpointBase::install(VM& vm)
 {
     RELEASE_ASSERT(m_key.isWatchable());
 
-    m_key.object()->structure()->addTransitionWatchpoint(&m_structureWatchpoint);
+    Structure* structure = m_key.object()->structure(vm);
 
-    PropertyOffset offset = m_key.object()->structure()->getConcurrently(m_key.uid());
-    WatchpointSet* set = m_key.object()->structure()->propertyReplacementWatchpointSet(offset);
+    structure->addTransitionWatchpoint(&m_structureWatchpoint);
+
+    PropertyOffset offset = structure->getConcurrently(m_key.uid());
+    WatchpointSet* set = structure->propertyReplacementWatchpointSet(offset);
     set->add(&m_propertyWatchpoint);
 }
 
-void AdaptiveInferredPropertyValueWatchpointBase::fire(const FireDetail& detail)
+void AdaptiveInferredPropertyValueWatchpointBase::fire(VM& vm, const FireDetail& detail)
 {
     // One of the watchpoints fired, but the other one didn't. Make sure that neither of them are
     // in any set anymore. This simplifies things by allowing us to reinstall the watchpoints
@@ -61,11 +63,11 @@ void AdaptiveInferredPropertyValueWatchpointBase::fire(const FireDetail& detail)
         return;
 
     if (m_key.isWatchable(PropertyCondition::EnsureWatchability)) {
-        install();
+        install(vm);
         return;
     }
 
-    handleFire(detail);
+    handleFire(vm, detail);
 }
 
 bool AdaptiveInferredPropertyValueWatchpointBase::isValid() const
@@ -73,22 +75,22 @@ bool AdaptiveInferredPropertyValueWatchpointBase::isValid() const
     return true;
 }
 
-void AdaptiveInferredPropertyValueWatchpointBase::StructureWatchpoint::fireInternal(const FireDetail& detail)
+void AdaptiveInferredPropertyValueWatchpointBase::StructureWatchpoint::fireInternal(VM& vm, const FireDetail& detail)
 {
     ptrdiff_t myOffset = OBJECT_OFFSETOF(AdaptiveInferredPropertyValueWatchpointBase, m_structureWatchpoint);
 
     AdaptiveInferredPropertyValueWatchpointBase* parent = bitwise_cast<AdaptiveInferredPropertyValueWatchpointBase*>(bitwise_cast<char*>(this) - myOffset);
 
-    parent->fire(detail);
+    parent->fire(vm, detail);
 }
 
-void AdaptiveInferredPropertyValueWatchpointBase::PropertyWatchpoint::fireInternal(const FireDetail& detail)
+void AdaptiveInferredPropertyValueWatchpointBase::PropertyWatchpoint::fireInternal(VM& vm, const FireDetail& detail)
 {
     ptrdiff_t myOffset = OBJECT_OFFSETOF(AdaptiveInferredPropertyValueWatchpointBase, m_propertyWatchpoint);
 
     AdaptiveInferredPropertyValueWatchpointBase* parent = bitwise_cast<AdaptiveInferredPropertyValueWatchpointBase*>(bitwise_cast<char*>(this) - myOffset);
     
-    parent->fire(detail);
+    parent->fire(vm, detail);
 }
     
 } // namespace JSC
index 98e3381..50d84ba 100644 (file)
@@ -41,29 +41,29 @@ public:
 
     const ObjectPropertyCondition& key() const { return m_key; }
 
-    void install();
+    void install(VM&);
 
     virtual ~AdaptiveInferredPropertyValueWatchpointBase() = default;
 
 protected:
     virtual bool isValid() const;
-    virtual void handleFire(const FireDetail&) = 0;
+    virtual void handleFire(VM&, const FireDetail&) = 0;
 
 private:
     class StructureWatchpoint : public Watchpoint {
     public:
         StructureWatchpoint() { }
     protected:
-        void fireInternal(const FireDetail&) override;
+        void fireInternal(VM&, const FireDetail&) override;
     };
     class PropertyWatchpoint : public Watchpoint {
     public:
         PropertyWatchpoint() { }
     protected:
-        void fireInternal(const FireDetail&) override;
+        void fireInternal(VM&, const FireDetail&) override;
     };
 
-    void fire(const FireDetail&);
+    void fire(VM&, const FireDetail&);
 
     ObjectPropertyCondition m_key;
     StructureWatchpoint m_structureWatchpoint;
index 50cf737..c96d5a4 100644 (file)
@@ -32,7 +32,7 @@
 
 namespace JSC {
 
-void CodeBlockJettisoningWatchpoint::fireInternal(const FireDetail& detail)
+void CodeBlockJettisoningWatchpoint::fireInternal(VM&, const FireDetail& detail)
 {
     if (DFG::shouldDumpDisassembly())
         dataLog("Firing watchpoint ", RawPointer(this), " on ", *m_codeBlock, "\n");
index 635cd78..610261f 100644 (file)
@@ -39,7 +39,7 @@ public:
     }
     
 protected:
-    void fireInternal(const FireDetail&) override;
+    void fireInternal(VM&, const FireDetail&) override;
 
 private:
     CodeBlock* m_codeBlock;
index d6cc22d..eecd8fb 100644 (file)
@@ -40,17 +40,17 @@ LLIntPrototypeLoadAdaptiveStructureWatchpoint::LLIntPrototypeLoadAdaptiveStructu
     RELEASE_ASSERT(!key.watchingRequiresReplacementWatchpoint());
 }
 
-void LLIntPrototypeLoadAdaptiveStructureWatchpoint::install()
+void LLIntPrototypeLoadAdaptiveStructureWatchpoint::install(VM& vm)
 {
     RELEASE_ASSERT(m_key.isWatchable());
 
-    m_key.object()->structure()->addTransitionWatchpoint(this);
+    m_key.object()->structure(vm)->addTransitionWatchpoint(this);
 }
 
-void LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal(const FireDetail&)
+void LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal(VM& vm, const FireDetail&)
 {
     if (m_key.isWatchable(PropertyCondition::EnsureWatchability)) {
-        install();
+        install(vm);
         return;
     }
 
index 66468f0..e0e1be8 100644 (file)
@@ -36,12 +36,12 @@ public:
     LLIntPrototypeLoadAdaptiveStructureWatchpoint() = default;
     LLIntPrototypeLoadAdaptiveStructureWatchpoint(const ObjectPropertyCondition&, Instruction*);
 
-    void install();
+    void install(VM&);
 
     const ObjectPropertyCondition& key() const { return m_key; }
 
 protected:
-    void fireInternal(const FireDetail&) override;
+    void fireInternal(VM&, const FireDetail&) override;
 
 private:
     ObjectPropertyCondition m_key;
index 3bd4453..7816357 100644 (file)
@@ -48,7 +48,7 @@ StructureStubClearingWatchpoint* StructureStubClearingWatchpoint::push(
     return head.get();
 }
 
-void StructureStubClearingWatchpoint::fireInternal(const FireDetail&)
+void StructureStubClearingWatchpoint::fireInternal(VM& vm, const FireDetail&)
 {
     if (!m_key || !m_key.isWatchable(PropertyCondition::EnsureWatchability)) {
         // This will implicitly cause my own demise: stub reset removes all watchpoints.
@@ -59,7 +59,6 @@ void StructureStubClearingWatchpoint::fireInternal(const FireDetail&)
         return;
     }
 
-    VM& vm = *m_key.object()->vm();
     if (m_key.kind() == PropertyCondition::Presence) {
         // If this was a presence condition, let's watch the property for replacements. This is profitable
         // for the DFG, which will want the replacement set to be valid in order to do constant folding.
index 665c56a..3c0a7fb 100644 (file)
@@ -61,7 +61,7 @@ public:
         std::unique_ptr<StructureStubClearingWatchpoint>& head);
 
 protected:
-    void fireInternal(const FireDetail&) override;
+    void fireInternal(VM&, const FireDetail&) override;
 
 private:
     ObjectPropertyCondition m_key;
index 7ab385f..b19adb4 100644 (file)
@@ -49,10 +49,10 @@ Watchpoint::~Watchpoint()
     }
 }
 
-void Watchpoint::fire(const FireDetail& detail)
+void Watchpoint::fire(VM& vm, const FireDetail& detail)
 {
     RELEASE_ASSERT(!isOnList());
-    fireInternal(detail);
+    fireInternal(vm, detail);
 }
 
 WatchpointSet::WatchpointSet(WatchpointState state)
@@ -137,7 +137,7 @@ void WatchpointSet::fireAllWatchpoints(VM& vm, const FireDetail& detail)
         ASSERT(m_set.begin() != watchpoint);
         ASSERT(!watchpoint->isOnList());
         
-        watchpoint->fire(detail);
+        watchpoint->fire(vm, detail);
         // After we fire the watchpoint, the watchpoint pointer may be a dangling pointer. That's
         // fine, because we have no use for the pointer anymore.
     }
index 778fe16..caff418 100644 (file)
@@ -35,6 +35,8 @@
 
 namespace JSC {
 
+class VM;
+
 class FireDetail {
     void* operator new(size_t) = delete;
     
@@ -96,11 +98,11 @@ public:
     virtual ~Watchpoint();
 
 protected:
-    virtual void fireInternal(const FireDetail&) = 0;
+    virtual void fireInternal(VM&, const FireDetail&) = 0;
 
 private:
     friend class WatchpointSet;
-    void fire(const FireDetail&);
+    void fire(VM&, const FireDetail&);
 };
 
 enum WatchpointState {
index f7b91c8..5b4a237 100644 (file)
@@ -40,7 +40,7 @@ AdaptiveInferredPropertyValueWatchpoint::AdaptiveInferredPropertyValueWatchpoint
 {
 }
 
-void AdaptiveInferredPropertyValueWatchpoint::handleFire(const FireDetail& detail)
+void AdaptiveInferredPropertyValueWatchpoint::handleFire(VM&, const FireDetail& detail)
 {
     if (DFG::shouldDumpDisassembly())
         dataLog("Firing watchpoint ", RawPointer(this), " (", key(), ") on ", *m_codeBlock, "\n");
index 089cca6..6199a70 100644 (file)
@@ -37,7 +37,7 @@ public:
     AdaptiveInferredPropertyValueWatchpoint(const ObjectPropertyCondition&, CodeBlock*);
 
 private:
-    void handleFire(const FireDetail&) override;
+    void handleFire(VM&, const FireDetail&) override;
 
     CodeBlock* m_codeBlock;
 };
index d882071..d4a8b9a 100644 (file)
@@ -43,17 +43,17 @@ AdaptiveStructureWatchpoint::AdaptiveStructureWatchpoint(
     RELEASE_ASSERT(!key.watchingRequiresReplacementWatchpoint());
 }
 
-void AdaptiveStructureWatchpoint::install()
+void AdaptiveStructureWatchpoint::install(VM& vm)
 {
     RELEASE_ASSERT(m_key.isWatchable());
     
-    m_key.object()->structure()->addTransitionWatchpoint(this);
+    m_key.object()->structure(vm)->addTransitionWatchpoint(this);
 }
 
-void AdaptiveStructureWatchpoint::fireInternal(const FireDetail& detail)
+void AdaptiveStructureWatchpoint::fireInternal(VM& vm, const FireDetail& detail)
 {
     if (m_key.isWatchable(PropertyCondition::EnsureWatchability)) {
-        install();
+        install(vm);
         return;
     }
     
index 40fcc10..c1f574f 100644 (file)
@@ -38,10 +38,10 @@ public:
     
     const ObjectPropertyCondition& key() const { return m_key; }
     
-    void install();
+    void install(VM&);
 
 protected:
-    void fireInternal(const FireDetail&) override;
+    void fireInternal(VM&, const FireDetail&) override;
 
 private:
     ObjectPropertyCondition m_key;
index 84ba2df..173d03e 100644 (file)
@@ -58,12 +58,13 @@ void InferredValueAdaptor::add(
 void AdaptiveStructureWatchpointAdaptor::add(
     CodeBlock* codeBlock, const ObjectPropertyCondition& key, CommonData& common)
 {
+    VM& vm = *codeBlock->vm();
     switch (key.kind()) {
     case PropertyCondition::Equivalence:
-        common.adaptiveInferredPropertyValueWatchpoints.add(key, codeBlock)->install();
+        common.adaptiveInferredPropertyValueWatchpoints.add(key, codeBlock)->install(vm);
         break;
     default:
-        common.adaptiveStructureWatchpoints.add(key, codeBlock)->install();
+        common.adaptiveStructureWatchpoints.add(key, codeBlock)->install(vm);
         break;
     }
 }
index c8d3e47..b10f007 100644 (file)
@@ -676,7 +676,7 @@ static void setupGetByIdPrototypeCache(ExecState* exec, VM& vm, Instruction* pc,
             return;
         if (condition.condition().kind() == PropertyCondition::Presence)
             offset = condition.condition().offset();
-        watchpoints.add(condition, pc)->install();
+        watchpoints.add(condition, pc)->install(vm);
     }
 
     ASSERT((offset == invalidOffset) == slot.isUnset());
index cc69f8b..4774750 100644 (file)
@@ -238,7 +238,7 @@ static ALWAYS_INLINE std::pair<SpeciesConstructResult, JSObject*> speciesConstru
 
         constructor = thisObject->get(exec, vm.propertyNames->constructor);
         RETURN_IF_EXCEPTION(scope, exceptionResult());
-        if (constructor.isConstructor()) {
+        if (constructor.isConstructor(vm)) {
             JSObject* constructorObject = jsCast<JSObject*>(constructor);
             if (exec->lexicalGlobalObject() != constructorObject->globalObject(vm))
                 return std::make_pair(SpeciesConstructResult::FastPath, nullptr);;
@@ -1427,7 +1427,7 @@ public:
     ArrayPrototypeAdaptiveInferredPropertyWatchpoint(const ObjectPropertyCondition&, ArrayPrototype*);
 
 private:
-    void handleFire(const FireDetail&) override;
+    void handleFire(VM&, const FireDetail&) override;
 
     ArrayPrototype* m_arrayPrototype;
 };
@@ -1496,10 +1496,10 @@ void ArrayPrototype::tryInitializeSpeciesWatchpoint(ExecState* exec)
     }
 
     m_constructorWatchpoint = std::make_unique<ArrayPrototypeAdaptiveInferredPropertyWatchpoint>(constructorCondition, this);
-    m_constructorWatchpoint->install();
+    m_constructorWatchpoint->install(vm);
 
     m_constructorSpeciesWatchpoint = std::make_unique<ArrayPrototypeAdaptiveInferredPropertyWatchpoint>(speciesCondition, this);
-    m_constructorSpeciesWatchpoint->install();
+    m_constructorSpeciesWatchpoint->install(vm);
 
     // We only watch this from the DFG, and the DFG makes sure to only start watching if the watchpoint is in the IsWatched state.
     RELEASE_ASSERT(!globalObject->arraySpeciesWatchpoint().isBeingWatched()); 
@@ -1512,15 +1512,15 @@ ArrayPrototypeAdaptiveInferredPropertyWatchpoint::ArrayPrototypeAdaptiveInferred
 {
 }
 
-void ArrayPrototypeAdaptiveInferredPropertyWatchpoint::handleFire(const FireDetail& detail)
+void ArrayPrototypeAdaptiveInferredPropertyWatchpoint::handleFire(VM& vm, const FireDetail& detail)
 {
     auto lazyDetail = createLazyFireDetail("ArrayPrototype adaption of ", key(), " failed: ", detail);
 
     if (ArrayPrototypeInternal::verbose)
         WTF::dataLog(lazyDetail, "\n");
 
-    JSGlobalObject* globalObject = m_arrayPrototype->globalObject();
-    globalObject->arraySpeciesWatchpoint().fireAll(globalObject->vm(), lazyDetail);
+    JSGlobalObject* globalObject = m_arrayPrototype->globalObject(vm);
+    globalObject->arraySpeciesWatchpoint().fireAll(vm, lazyDetail);
 }
 
 } // namespace JSC
index 011e08f..b304660 100644 (file)
@@ -35,7 +35,7 @@ namespace JSC {
 
 EncodedJSValue JSC_HOST_CALL esSpecIsConstructor(ExecState* exec)
 {
-    bool isConstructor = exec->uncheckedArgument(0).isConstructor();
+    bool isConstructor = exec->uncheckedArgument(0).isConstructor(exec->vm());
     return JSValue::encode(jsBoolean(isConstructor));
 }
 
index dc3cb7d..3acb222 100644 (file)
@@ -90,7 +90,7 @@ void FunctionRareData::clear(const char* reason)
     m_objectAllocationProfileWatchpoint.fireAll(*vm(), reason);
 }
 
-void FunctionRareData::AllocationProfileClearingWatchpoint::fireInternal(const FireDetail&)
+void FunctionRareData::AllocationProfileClearingWatchpoint::fireInternal(VM&, const FireDetail&)
 {
     m_rareData->clear("AllocationProfileClearingWatchpoint fired.");
 }
index 2c54eed..f4f0275 100644 (file)
@@ -122,7 +122,7 @@ private:
             : m_rareData(rareData)
         { }
     protected:
-        void fireInternal(const FireDetail&) override;
+        void fireInternal(VM&, const FireDetail&) override;
     private:
         FunctionRareData* m_rareData;
     };
index d39e86c..3a8a1ba 100644 (file)
@@ -30,7 +30,7 @@
 
 namespace JSC {
 
-void InferredStructureWatchpoint::fireInternal(const FireDetail&)
+void InferredStructureWatchpoint::fireInternal(VM& vm, const FireDetail&)
 {
     InferredStructure* inferredStructure =
         bitwise_cast<InferredStructure*>(
@@ -41,7 +41,7 @@ void InferredStructureWatchpoint::fireInternal(const FireDetail&)
     if (!inferredType->isLive())
         return;
     
-    inferredType->removeStructure(*inferredType->vm());
+    inferredType->removeStructure(vm);
 }
 
 } // namespace JSC
index c19523c..629d089 100644 (file)
@@ -31,7 +31,7 @@ namespace JSC {
 
 class InferredStructureWatchpoint : public Watchpoint {
 protected:
-    void fireInternal(const FireDetail&) override;
+    void fireInternal(VM&, const FireDetail&) override;
 };
 
 } // namespace JSC
index 73b5313..54dceba 100644 (file)
@@ -115,7 +115,7 @@ Structure* InternalFunction::createSubclassStructureSlow(ExecState* exec, JSValu
 {
     VM& vm = exec->vm();
     auto scope = DECLARE_THROW_SCOPE(vm);
-    ASSERT(!newTarget || newTarget.isConstructor());
+    ASSERT(!newTarget || newTarget.isConstructor(vm));
     ASSERT(newTarget && newTarget != exec->jsCallee());
 
     ASSERT(baseClass->hasMonoProto());
index 2dc5f25..244c4f7 100644 (file)
@@ -98,7 +98,7 @@ ALWAYS_INLINE Structure* InternalFunction::createSubclassStructure(ExecState* ex
 {
     // We allow newTarget == JSValue() because the API needs to be able to create classes without having a real JS frame.
     // Since we don't allow subclassing in the API we just treat newTarget == JSValue() as newTarget == exec->jsCallee()
-    ASSERT(!newTarget || newTarget.isConstructor());
+    ASSERT(!newTarget || newTarget.isConstructor(exec->vm()));
 
     if (newTarget && newTarget != exec->jsCallee())
         return createSubclassStructureSlow(exec, newTarget, baseClass);
index 94d5a51..351b78a 100644 (file)
@@ -220,8 +220,8 @@ public:
     bool isEmpty() const;
     bool isFunction(VM&) const;
     bool isCallable(VM&, CallType&, CallData&) const;
-    bool isConstructor() const;
-    bool isConstructor(ConstructType&, ConstructData&) const;
+    bool isConstructor(VM&) const;
+    bool isConstructor(VM&, ConstructType&, ConstructData&) const;
     bool isUndefined() const;
     bool isNull() const;
     bool isUndefinedOrNull() const;
index 4ab21bb..f7af868 100644 (file)
@@ -772,22 +772,18 @@ inline bool JSValue::isCallable(VM& vm, CallType& callType, CallData& callData)
     return asCell()->isCallable(vm, callType, callData);
 }
 
-inline bool JSValue::isConstructor() const
+inline bool JSValue::isConstructor(VM& vm) const
 {
     if (!isCell())
         return false;
-    JSCell* cell = asCell();
-    ConstructData ignored;
-    return cell->methodTable()->getConstructData(cell, ignored) != ConstructType::None;
+    return asCell()->isConstructor(vm);
 }
 
-inline bool JSValue::isConstructor(ConstructType& constructType, ConstructData& constructData) const
+inline bool JSValue::isConstructor(VM& vm, ConstructType& constructType, ConstructData& constructData) const
 {
     if (!isCell())
         return false;
-    JSCell* cell = asCell();
-    constructType = cell->methodTable()->getConstructData(cell, constructData);
-    return constructType != ConstructType::None;
+    return asCell()->isConstructor(vm, constructType, constructData);
 }
 
 // this method is here to be after the inline declaration of JSCell::inherits
index 7c1f019..ae6ef6c 100644 (file)
@@ -111,6 +111,8 @@ public:
     bool isProxy() const;
     bool isFunction(VM&);
     bool isCallable(VM&, CallType&, CallData&);
+    bool isConstructor(VM&);
+    bool isConstructor(VM&, ConstructType&, ConstructData&);
     bool inherits(VM&, const ClassInfo*) const;
     template<typename Target> bool inherits(VM&) const;
     bool isAPIValueWrapper() const;
index 234736e..cda6a1e 100644 (file)
@@ -247,6 +247,19 @@ inline bool JSCell::isCallable(VM& vm, CallType& callType, CallData& callData)
     return callType != CallType::None;
 }
 
+inline bool JSCell::isConstructor(VM& vm)
+{
+    ConstructType constructType;
+    ConstructData constructData;
+    return isConstructor(vm, constructType, constructData);
+}
+
+inline bool JSCell::isConstructor(VM& vm, ConstructType& constructType, ConstructData& constructData)
+{
+    constructType = methodTable(vm)->getConstructData(this, constructData);
+    return constructType != ConstructType::None;
+}
+
 inline bool JSCell::isAPIValueWrapper() const
 {
     return m_type == APIValueWrapperType;
@@ -282,9 +295,10 @@ inline const MethodTable* JSCell::methodTable() const
 inline const MethodTable* JSCell::methodTable(VM& vm) const
 {
     Structure* structure = this->structure(vm);
+#if !ASSERT_DISABLED
     if (Structure* rootStructure = structure->structure(vm))
-        ASSERT_UNUSED(rootStructure, rootStructure == rootStructure->structure(vm));
-
+        ASSERT(rootStructure == rootStructure->structure(vm));
+#endif
     return &structure->classInfo()->methodTable;
 }
 
index 6a9b78d..f46c85e 100644 (file)
@@ -1015,64 +1015,64 @@ putDirectWithoutTransition(vm, vm.propertyNames-> jsName, lowerName ## Construct
 
         {
             ObjectPropertyCondition condition = setupAdaptiveWatchpoint(arrayIteratorPrototype, m_vm.propertyNames->next);
-            m_arrayIteratorPrototypeNext = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(vm, condition, m_arrayIteratorProtocolWatchpoint);
-            m_arrayIteratorPrototypeNext->install();
+            m_arrayIteratorPrototypeNext = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(condition, m_arrayIteratorProtocolWatchpoint);
+            m_arrayIteratorPrototypeNext->install(vm);
         }
         {
             ObjectPropertyCondition condition = setupAdaptiveWatchpoint(this->arrayPrototype(), m_vm.propertyNames->iteratorSymbol);
-            m_arrayPrototypeSymbolIteratorWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(vm, condition, m_arrayIteratorProtocolWatchpoint);
-            m_arrayPrototypeSymbolIteratorWatchpoint->install();
+            m_arrayPrototypeSymbolIteratorWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(condition, m_arrayIteratorProtocolWatchpoint);
+            m_arrayPrototypeSymbolIteratorWatchpoint->install(vm);
         }
 
         {
             ObjectPropertyCondition condition = setupAdaptiveWatchpoint(mapIteratorPrototype, m_vm.propertyNames->next);
-            m_mapIteratorPrototypeNextWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(vm, condition, m_mapIteratorProtocolWatchpoint);
-            m_mapIteratorPrototypeNextWatchpoint->install();
+            m_mapIteratorPrototypeNextWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(condition, m_mapIteratorProtocolWatchpoint);
+            m_mapIteratorPrototypeNextWatchpoint->install(vm);
         }
         {
             ObjectPropertyCondition condition = setupAdaptiveWatchpoint(m_mapPrototype.get(), m_vm.propertyNames->iteratorSymbol);
-            m_mapPrototypeSymbolIteratorWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(vm, condition, m_mapIteratorProtocolWatchpoint);
-            m_mapPrototypeSymbolIteratorWatchpoint->install();
+            m_mapPrototypeSymbolIteratorWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(condition, m_mapIteratorProtocolWatchpoint);
+            m_mapPrototypeSymbolIteratorWatchpoint->install(vm);
         }
 
         {
             ObjectPropertyCondition condition = setupAdaptiveWatchpoint(setIteratorPrototype, m_vm.propertyNames->next);
-            m_setIteratorPrototypeNextWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(vm, condition, m_setIteratorProtocolWatchpoint);
-            m_setIteratorPrototypeNextWatchpoint->install();
+            m_setIteratorPrototypeNextWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(condition, m_setIteratorProtocolWatchpoint);
+            m_setIteratorPrototypeNextWatchpoint->install(vm);
         }
         {
             ObjectPropertyCondition condition = setupAdaptiveWatchpoint(m_setPrototype.get(), m_vm.propertyNames->iteratorSymbol);
-            m_setPrototypeSymbolIteratorWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(vm, condition, m_setIteratorProtocolWatchpoint);
-            m_setPrototypeSymbolIteratorWatchpoint->install();
+            m_setPrototypeSymbolIteratorWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(condition, m_setIteratorProtocolWatchpoint);
+            m_setPrototypeSymbolIteratorWatchpoint->install(vm);
         }
 
         {
             ObjectPropertyCondition condition = setupAdaptiveWatchpoint(m_stringIteratorPrototype.get(), m_vm.propertyNames->next);
-            m_stringIteratorPrototypeNextWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(vm, condition, m_stringIteratorProtocolWatchpoint);
-            m_stringIteratorPrototypeNextWatchpoint->install();
+            m_stringIteratorPrototypeNextWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(condition, m_stringIteratorProtocolWatchpoint);
+            m_stringIteratorPrototypeNextWatchpoint->install(vm);
         }
         {
             ObjectPropertyCondition condition = setupAdaptiveWatchpoint(m_stringPrototype.get(), m_vm.propertyNames->iteratorSymbol);
-            m_stringPrototypeSymbolIteratorWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(vm, condition, m_stringIteratorProtocolWatchpoint);
-            m_stringPrototypeSymbolIteratorWatchpoint->install();
+            m_stringPrototypeSymbolIteratorWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(condition, m_stringIteratorProtocolWatchpoint);
+            m_stringPrototypeSymbolIteratorWatchpoint->install(vm);
         }
 
         {
             ObjectPropertyCondition condition = setupAdaptiveWatchpoint(m_mapPrototype.get(), m_vm.propertyNames->set);
-            m_mapPrototypeSetWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(vm, condition, m_mapSetWatchpoint);
-            m_mapPrototypeSetWatchpoint->install();
+            m_mapPrototypeSetWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(condition, m_mapSetWatchpoint);
+            m_mapPrototypeSetWatchpoint->install(vm);
         }
 
         {
             ObjectPropertyCondition condition = setupAdaptiveWatchpoint(m_setPrototype.get(), m_vm.propertyNames->add);
-            m_setPrototypeAddWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(vm, condition, m_setAddWatchpoint);
-            m_setPrototypeAddWatchpoint->install();
+            m_setPrototypeAddWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(condition, m_setAddWatchpoint);
+            m_setPrototypeAddWatchpoint->install(vm);
         }
 
         {
             ObjectPropertyCondition condition = setupAdaptiveWatchpoint(numberPrototype(), m_vm.propertyNames->toString);
-            m_numberPrototypeToStringWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(vm, condition, m_numberToStringWatchpoint);
-            m_numberPrototypeToStringWatchpoint->install();
+            m_numberPrototypeToStringWatchpoint = std::make_unique<ObjectPropertyChangeAdaptiveWatchpoint<InlineWatchpointSet>>(condition, m_numberToStringWatchpoint);
+            m_numberPrototypeToStringWatchpoint->install(vm);
             m_numberProtoToStringFunction.set(vm, this, jsCast<JSFunction*>(numberPrototype()->getDirect(vm, vm.propertyNames->toString)));
         }
     }
index bf1a7db..4e0c209 100644 (file)
@@ -33,21 +33,19 @@ template<typename Watchpoint>
 class ObjectPropertyChangeAdaptiveWatchpoint : public AdaptiveInferredPropertyValueWatchpointBase {
 public:
     using Base = AdaptiveInferredPropertyValueWatchpointBase;
-    ObjectPropertyChangeAdaptiveWatchpoint(VM& vm, const ObjectPropertyCondition& condition, Watchpoint& watchpoint)
+    ObjectPropertyChangeAdaptiveWatchpoint(const ObjectPropertyCondition& condition, Watchpoint& watchpoint)
         : Base(condition)
-        , m_vm(vm)
         , m_watchpoint(watchpoint)
     {
         RELEASE_ASSERT(watchpoint.stateOnJSThread() == IsWatched);
     }
 
 private:
-    void handleFire(const FireDetail&) override
+    void handleFire(VM& vm, const FireDetail&) override
     {
-        m_watchpoint.fireAll(m_vm, StringFireDetail("Object Property is changed."));
+        m_watchpoint.fireAll(vm, StringFireDetail("Object Property is changed."));
     }
 
-    VM& m_vm;
     Watchpoint& m_watchpoint;
 };
 
index f569ca5..7521dc9 100644 (file)
@@ -112,8 +112,7 @@ void ProxyObject::finishCreation(VM& vm, ExecState* exec, JSValue target, JSValu
         RELEASE_ASSERT(info.implementsHasInstance() && info.implementsDefaultHasInstance());
     }
 
-    ConstructData ignoredConstructData;
-    m_isConstructible = jsCast<JSObject*>(target)->methodTable(vm)->getConstructData(jsCast<JSObject*>(target), ignoredConstructData) != ConstructType::None;
+    m_isConstructible = jsCast<JSObject*>(target)->isConstructor(vm);
 
     m_target.set(vm, this, targetAsObject);
     m_handler.set(vm, this, handler);
index a433f6d..7999e34 100644 (file)
@@ -101,13 +101,13 @@ EncodedJSValue JSC_HOST_CALL reflectObjectConstruct(ExecState* exec)
 
     ConstructData constructData;
     ConstructType constructType;
-    if (!target.isConstructor(constructType, constructData))
+    if (!target.isConstructor(vm, constructType, constructData))
         return JSValue::encode(throwTypeError(exec, scope, "Reflect.construct requires the first argument be a constructor"_s));
 
     JSValue newTarget = target;
     if (exec->argumentCount() >= 3) {
         newTarget = exec->argument(2);
-        if (!newTarget.isConstructor())
+        if (!newTarget.isConstructor(vm))
             return JSValue::encode(throwTypeError(exec, scope, "Reflect.construct requires the third argument be a constructor if present"_s));
     }
 
index a0375fb..8984ce9 100644 (file)
@@ -91,7 +91,7 @@ public:
 
 private:
     bool isValid() const override;
-    void handleFire(const FireDetail&) override;
+    void handleFire(VM&, const FireDetail&) override;
 
     StructureRareData* m_structureRareData;
 };
@@ -100,10 +100,10 @@ class ObjectToStringAdaptiveStructureWatchpoint : public Watchpoint {
 public:
     ObjectToStringAdaptiveStructureWatchpoint(const ObjectPropertyCondition&, StructureRareData*);
 
-    void install();
+    void install(VM&);
 
 protected:
-    void fireInternal(const FireDetail&) override;
+    void fireInternal(VM&, const FireDetail&) override;
     
 private:
     ObjectPropertyCondition m_key;
@@ -160,9 +160,9 @@ void StructureRareData::setObjectToStringValue(ExecState* exec, VM& vm, Structur
     for (ObjectPropertyCondition condition : conditionSet) {
         if (condition.condition().kind() == PropertyCondition::Presence) {
             m_objectToStringAdaptiveInferredValueWatchpoint = std::make_unique<ObjectToStringAdaptiveInferredPropertyValueWatchpoint>(equivCondition, this);
-            m_objectToStringAdaptiveInferredValueWatchpoint->install();
+            m_objectToStringAdaptiveInferredValueWatchpoint->install(vm);
         } else
-            m_objectToStringAdaptiveWatchpointSet.add(condition, this)->install();
+            m_objectToStringAdaptiveWatchpointSet.add(condition, this)->install(vm);
     }
 
     m_objectToStringValue.set(vm, this, value);
@@ -185,20 +185,20 @@ ObjectToStringAdaptiveStructureWatchpoint::ObjectToStringAdaptiveStructureWatchp
     RELEASE_ASSERT(!key.watchingRequiresReplacementWatchpoint());
 }
 
-void ObjectToStringAdaptiveStructureWatchpoint::install()
+void ObjectToStringAdaptiveStructureWatchpoint::install(VM& vm)
 {
     RELEASE_ASSERT(m_key.isWatchable());
 
-    m_key.object()->structure()->addTransitionWatchpoint(this);
+    m_key.object()->structure(vm)->addTransitionWatchpoint(this);
 }
 
-void ObjectToStringAdaptiveStructureWatchpoint::fireInternal(const FireDetail&)
+void ObjectToStringAdaptiveStructureWatchpoint::fireInternal(VM& vm, const FireDetail&)
 {
     if (!m_structureRareData->isLive())
         return;
 
     if (m_key.isWatchable(PropertyCondition::EnsureWatchability)) {
-        install();
+        install(vm);
         return;
     }
 
@@ -216,7 +216,7 @@ bool ObjectToStringAdaptiveInferredPropertyValueWatchpoint::isValid() const
     return m_structureRareData->isLive();
 }
 
-void ObjectToStringAdaptiveInferredPropertyValueWatchpoint::handleFire(const FireDetail&)
+void ObjectToStringAdaptiveInferredPropertyValueWatchpoint::handleFire(VM&, const FireDetail&)
 {
     m_structureRareData->clearObjectToStringValue();
 }
index 5f87a5e..d14476f 100644 (file)
@@ -1,3 +1,13 @@
+2018-06-26  Yusuke Suzuki  <utatane.tea@gmail.com>
+
+        [JSC] Pass VM& to functions more
+        https://bugs.webkit.org/show_bug.cgi?id=186241
+
+        Reviewed by Mark Lam.
+
+        * bindings/js/JSCustomElementRegistryCustom.cpp:
+        (WebCore::JSCustomElementRegistry::define):
+
 2018-06-26  Simon Fraser  <simon.fraser@apple.com>
 
         CSSGradientValue's color stops vector wastes 12KB on theverge.com
index 00ae0da..b7181dd 100644 (file)
@@ -95,7 +95,7 @@ JSValue JSCustomElementRegistry::define(ExecState& state)
     RETURN_IF_EXCEPTION(scope, JSValue());
 
     JSValue constructorValue = state.uncheckedArgument(1);
-    if (!constructorValue.isConstructor())
+    if (!constructorValue.isConstructor(vm))
         return throwTypeError(&state, scope, "The second argument must be a constructor"_s);
     JSObject* constructor = constructorValue.getObject();