Diff
Modified: trunk/Source/_javascript_Core/API/JSObjectRef.cpp (223745 => 223746)
--- trunk/Source/_javascript_Core/API/JSObjectRef.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/_javascript_Core/API/JSObjectRef.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -261,7 +261,7 @@
JSLockHolder locker(exec);
JSObject* jsObject = toJS(object);
- return toRef(exec, jsObject->getPrototypeDirect());
+ return toRef(exec, jsObject->getPrototypeDirect(exec->vm()));
}
void JSObjectSetPrototype(JSContextRef ctx, JSObjectRef object, JSValueRef value)
Modified: trunk/Source/_javascript_Core/ChangeLog (223745 => 223746)
--- trunk/Source/_javascript_Core/ChangeLog 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/_javascript_Core/ChangeLog 2017-10-20 07:50:08 UTC (rev 223746)
@@ -1,3 +1,65 @@
+2017-10-20 Saam Barati <sbar...@apple.com>
+
+ Optimize accesses to how we get the direct prototype
+ https://bugs.webkit.org/show_bug.cgi?id=178548
+
+ Reviewed by Yusuke Suzuki.
+
+ This patch makes JSObject::getPrototypeDirect take VM& as a parameter
+ so it can use the faster version of the structure accessor function.
+ The reason for making this change is that JSObjet::getPrototypeDirect
+ is called on the hot path in property lookup.
+
+ * API/JSObjectRef.cpp:
+ (JSObjectGetPrototype):
+ * jsc.cpp:
+ (WTF::DOMJITGetterBaseJSObject::DOMJITAttribute::slowCall):
+ (WTF::DOMJITGetterBaseJSObject::customGetter):
+ (functionCreateProxy):
+ * runtime/ArrayPrototype.cpp:
+ (JSC::speciesWatchpointIsValid):
+ * runtime/ErrorInstance.cpp:
+ (JSC::ErrorInstance::sanitizedToString):
+ * runtime/JSArray.cpp:
+ (JSC::JSArray::isIteratorProtocolFastAndNonObservable):
+ * runtime/JSGlobalObject.cpp:
+ (JSC::JSGlobalObject::init):
+ (JSC::lastInPrototypeChain):
+ (JSC::JSGlobalObject::resetPrototype):
+ (JSC::JSGlobalObject::finishCreation):
+ * runtime/JSGlobalObjectInlines.h:
+ (JSC::JSGlobalObject::objectPrototypeIsSane):
+ (JSC::JSGlobalObject::arrayPrototypeChainIsSane):
+ (JSC::JSGlobalObject::stringPrototypeChainIsSane):
+ * runtime/JSLexicalEnvironment.cpp:
+ (JSC::JSLexicalEnvironment::getOwnPropertySlot):
+ * runtime/JSMap.cpp:
+ (JSC::JSMap::isIteratorProtocolFastAndNonObservable):
+ * runtime/JSObject.cpp:
+ (JSC::JSObject::calculatedClassName):
+ (JSC::JSObject::setPrototypeWithCycleCheck):
+ (JSC::JSObject::getPrototype):
+ (JSC::JSObject::attemptToInterceptPutByIndexOnHoleForPrototype):
+ (JSC::JSObject::attemptToInterceptPutByIndexOnHole):
+ (JSC::JSObject::anyObjectInChainMayInterceptIndexedAccesses const):
+ (JSC::JSObject::prototypeChainMayInterceptStoreTo):
+ * runtime/JSObject.h:
+ (JSC::JSObject::finishCreation):
+ (JSC::JSObject::getPrototypeDirect const):
+ (JSC::JSObject::getPrototype):
+ * runtime/JSObjectInlines.h:
+ (JSC::JSObject::canPerformFastPutInline):
+ (JSC::JSObject::getPropertySlot):
+ (JSC::JSObject::getNonIndexPropertySlot):
+ * runtime/JSProxy.cpp:
+ (JSC::JSProxy::setTarget):
+ * runtime/JSSet.cpp:
+ (JSC::JSSet::isIteratorProtocolFastAndNonObservable):
+ * runtime/ProgramExecutable.cpp:
+ (JSC::ProgramExecutable::initializeGlobalProperties):
+ * runtime/StructureInlines.h:
+ (JSC::Structure::isValid const):
+
2017-10-20 Yusuke Suzuki <utatane....@gmail.com>
[ARM64] static_cast<int32_t>() in BinaryOpNode::emitBytecode() prevents op_unsigned emission
Modified: trunk/Source/_javascript_Core/jsc.cpp (223745 => 223746)
--- trunk/Source/_javascript_Core/jsc.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/_javascript_Core/jsc.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -996,7 +996,7 @@
VM& vm = exec->vm();
NativeCallFrameTracer tracer(&vm, exec);
JSObject* object = static_cast<JSObject*>(pointer);
- return JSValue::encode(object->getPrototypeDirect());
+ return JSValue::encode(object->getPrototypeDirect(vm));
}
static Ref<DOMJIT::CallDOMGetterSnippet> callDOMGetter()
@@ -1023,7 +1023,7 @@
VM& vm = exec->vm();
JSObject* thisObject = jsDynamicCast<JSObject*>(vm, JSValue::decode(thisValue));
RELEASE_ASSERT(thisObject);
- return JSValue::encode(thisObject->getPrototypeDirect());
+ return JSValue::encode(thisObject->getPrototypeDirect(vm));
}
};
@@ -2211,7 +2211,7 @@
if (!target.isObject())
return JSValue::encode(jsUndefined());
JSObject* jsTarget = asObject(target.asCell());
- Structure* structure = JSProxy::createStructure(vm, exec->lexicalGlobalObject(), jsTarget->getPrototypeDirect(), ImpureProxyType);
+ Structure* structure = JSProxy::createStructure(vm, exec->lexicalGlobalObject(), jsTarget->getPrototypeDirect(vm), ImpureProxyType);
JSProxy* proxy = JSProxy::create(vm, structure, jsTarget);
return JSValue::encode(proxy);
}
Modified: trunk/Source/_javascript_Core/runtime/ArrayPrototype.cpp (223745 => 223746)
--- trunk/Source/_javascript_Core/runtime/ArrayPrototype.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/_javascript_Core/runtime/ArrayPrototype.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -202,7 +202,7 @@
}
return !thisObject->hasCustomProperties()
- && arrayPrototype == thisObject->getPrototypeDirect()
+ && arrayPrototype == thisObject->getPrototypeDirect(globalObject->vm())
&& globalObject->arraySpeciesWatchpoint().stateOnJSThread() == IsWatched;
}
Modified: trunk/Source/_javascript_Core/runtime/ErrorInstance.cpp (223745 => 223746)
--- trunk/Source/_javascript_Core/runtime/ErrorInstance.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/_javascript_Core/runtime/ErrorInstance.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -162,7 +162,7 @@
nameValue = nameSlot.getValue(exec, namePropertName);
break;
}
- currentObj = obj->getPrototypeDirect();
+ currentObj = obj->getPrototypeDirect(vm);
}
scope.assertNoException();
Modified: trunk/Source/_javascript_Core/runtime/JSArray.cpp (223745 => 223746)
--- trunk/Source/_javascript_Core/runtime/JSArray.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/_javascript_Core/runtime/JSArray.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -1292,10 +1292,10 @@
if (structure->mayInterceptIndexedAccesses())
return false;
- if (getPrototypeDirect() != globalObject->arrayPrototype())
+ VM& vm = globalObject->vm();
+ if (getPrototypeDirect(vm) != globalObject->arrayPrototype())
return false;
- VM& vm = globalObject->vm();
if (getDirectOffset(vm, vm.propertyNames->iteratorSymbol) != invalidOffset)
return false;
Modified: trunk/Source/_javascript_Core/runtime/JSGlobalObject.cpp (223745 => 223746)
--- trunk/Source/_javascript_Core/runtime/JSGlobalObject.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/_javascript_Core/runtime/JSGlobalObject.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -1026,7 +1026,7 @@
}
}
- resetPrototype(vm, getPrototypeDirect());
+ resetPrototype(vm, getPrototypeDirect(vm));
}
bool JSGlobalObject::put(JSCell* cell, ExecState* exec, PropertyName propertyName, JSValue value, PutPropertySlot& slot)
@@ -1096,11 +1096,11 @@
m_globalScopeExtension.clear();
}
-static inline JSObject* lastInPrototypeChain(JSObject* object)
+static inline JSObject* lastInPrototypeChain(VM& vm, JSObject* object)
{
JSObject* o = object;
- while (o->getPrototypeDirect().isObject())
- o = asObject(o->getPrototypeDirect());
+ while (o->getPrototypeDirect(vm).isObject())
+ o = asObject(o->getPrototypeDirect(vm));
return o;
}
@@ -1150,6 +1150,7 @@
// VM. But we have to be careful, since there may be objects that claim to belong to
// a different global object that have prototypes from our global object.
bool foundGlobalObject = false;
+ VM& vm = m_globalObject->vm();
for (JSObject* current = object; ;) {
if (current->globalObject() == m_globalObject) {
foundGlobalObject = true;
@@ -1156,7 +1157,7 @@
break;
}
- JSValue prototypeValue = current->getPrototypeDirect();
+ JSValue prototypeValue = current->getPrototypeDirect(vm);
if (prototypeValue.isNull())
break;
current = asObject(prototypeValue);
@@ -1227,7 +1228,7 @@
{
setPrototypeDirect(vm, prototype);
- JSObject* oldLastInPrototypeChain = lastInPrototypeChain(this);
+ JSObject* oldLastInPrototypeChain = lastInPrototypeChain(vm, this);
JSObject* objectPrototype = m_objectPrototype.get();
if (oldLastInPrototypeChain != objectPrototype)
oldLastInPrototypeChain->setPrototypeDirect(vm, objectPrototype);
@@ -1526,7 +1527,7 @@
structure()->setGlobalObject(vm, this);
m_runtimeFlags = m_globalObjectMethodTable->_javascript_RuntimeFlags(this);
init(vm);
- setGlobalThis(vm, JSProxy::create(vm, JSProxy::createStructure(vm, this, getPrototypeDirect(), PureForwardingProxyType), this));
+ setGlobalThis(vm, JSProxy::create(vm, JSProxy::createStructure(vm, this, getPrototypeDirect(vm), PureForwardingProxyType), this));
}
void JSGlobalObject::finishCreation(VM& vm, JSObject* thisValue)
Modified: trunk/Source/_javascript_Core/runtime/JSGlobalObjectInlines.h (223745 => 223746)
--- trunk/Source/_javascript_Core/runtime/JSGlobalObjectInlines.h 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/_javascript_Core/runtime/JSGlobalObjectInlines.h 2017-10-20 07:50:08 UTC (rev 223746)
@@ -35,13 +35,13 @@
ALWAYS_INLINE bool JSGlobalObject::objectPrototypeIsSane()
{
return !hasIndexedProperties(m_objectPrototype->indexingType())
- && m_objectPrototype->getPrototypeDirect().isNull();
+ && m_objectPrototype->getPrototypeDirect(vm()).isNull();
}
ALWAYS_INLINE bool JSGlobalObject::arrayPrototypeChainIsSane()
{
return !hasIndexedProperties(m_arrayPrototype->indexingType())
- && m_arrayPrototype->getPrototypeDirect() == m_objectPrototype.get()
+ && m_arrayPrototype->getPrototypeDirect(vm()) == m_objectPrototype.get()
&& objectPrototypeIsSane();
}
@@ -48,7 +48,7 @@
ALWAYS_INLINE bool JSGlobalObject::stringPrototypeChainIsSane()
{
return !hasIndexedProperties(m_stringPrototype->indexingType())
- && m_stringPrototype->getPrototypeDirect() == m_objectPrototype.get()
+ && m_stringPrototype->getPrototypeDirect(vm()) == m_objectPrototype.get()
&& objectPrototypeIsSane();
}
Modified: trunk/Source/_javascript_Core/runtime/JSLexicalEnvironment.cpp (223745 => 223746)
--- trunk/Source/_javascript_Core/runtime/JSLexicalEnvironment.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/_javascript_Core/runtime/JSLexicalEnvironment.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -105,7 +105,7 @@
// We don't call through to JSObject because there's no way to give a
// lexical environment object getter properties or a prototype.
ASSERT(!thisObject->hasGetterSetterProperties());
- ASSERT(thisObject->getPrototypeDirect().isNull());
+ ASSERT(thisObject->getPrototypeDirect(exec->vm()).isNull());
return false;
}
Modified: trunk/Source/_javascript_Core/runtime/JSMap.cpp (223745 => 223746)
--- trunk/Source/_javascript_Core/runtime/JSMap.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/_javascript_Core/runtime/JSMap.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -56,10 +56,10 @@
if (structure == globalObject->mapStructure())
return true;
- if (getPrototypeDirect() != globalObject->mapPrototype())
+ VM& vm = globalObject->vm();
+ if (getPrototypeDirect(vm) != globalObject->mapPrototype())
return false;
- VM& vm = globalObject->vm();
if (getDirectOffset(vm, vm.propertyNames->iteratorSymbol) != invalidOffset)
return false;
Modified: trunk/Source/_javascript_Core/runtime/JSObject.cpp (223745 => 223746)
--- trunk/Source/_javascript_Core/runtime/JSObject.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/_javascript_Core/runtime/JSObject.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -531,7 +531,7 @@
auto scope = DECLARE_CATCH_SCOPE(vm);
ExecState* exec = globalObject->globalExec();
- PropertySlot slot(object->getPrototypeDirect(), PropertySlot::InternalMethodType::VMInquiry);
+ PropertySlot slot(object->getPrototypeDirect(vm), PropertySlot::InternalMethodType::VMInquiry);
PropertyName constructor(vm.propertyNames->constructor);
if (object->getPropertySlot(exec, constructor, slot)) {
EXCEPTION_ASSERT(!scope.exception());
@@ -1671,7 +1671,7 @@
ASSERT(methodTable(vm)->toThis(this, exec, NotStrictMode) == this);
- if (this->getPrototypeDirect() == prototype)
+ if (this->getPrototypeDirect(vm) == prototype)
return true;
bool isExtensible = this->isExtensible(exec);
@@ -1690,7 +1690,7 @@
// https://bugs.webkit.org/show_bug.cgi?id=161534
if (UNLIKELY(asObject(nextPrototype)->type() == ProxyObjectType))
break; // We're done. Set the prototype.
- nextPrototype = asObject(nextPrototype)->getPrototypeDirect();
+ nextPrototype = asObject(nextPrototype)->getPrototypeDirect(vm);
}
setPrototypeDirect(vm, prototype);
return true;
@@ -1701,9 +1701,9 @@
return object->setPrototypeWithCycleCheck(exec->vm(), exec, prototype, shouldThrowIfCantSet);
}
-JSValue JSObject::getPrototype(JSObject* object, ExecState*)
+JSValue JSObject::getPrototype(JSObject* object, ExecState* exec)
{
- return object->getPrototypeDirect();
+ return object->getPrototypeDirect(exec->vm());
}
bool JSObject::setPrototype(VM& vm, ExecState* exec, JSValue prototype, bool shouldThrowIfCantSet)
@@ -2538,6 +2538,7 @@
bool JSObject::attemptToInterceptPutByIndexOnHoleForPrototype(ExecState* exec, JSValue thisValue, unsigned i, JSValue value, bool shouldThrow, bool& putResult)
{
+ VM& vm = exec->vm();
for (JSObject* current = this; ;) {
// This has the same behavior with respect to prototypes as JSObject::put(). It only
// allows a prototype to intercept a put if (a) the prototype declares the property
@@ -2559,7 +2560,7 @@
return true;
}
- JSValue prototypeValue = current->getPrototypeDirect();
+ JSValue prototypeValue = current->getPrototypeDirect(vm);
if (prototypeValue.isNull())
return false;
@@ -2569,7 +2570,7 @@
bool JSObject::attemptToInterceptPutByIndexOnHole(ExecState* exec, unsigned i, JSValue value, bool shouldThrow, bool& putResult)
{
- JSValue prototypeValue = getPrototypeDirect();
+ JSValue prototypeValue = getPrototypeDirect(exec->vm());
if (prototypeValue.isNull())
return false;
@@ -3680,7 +3681,7 @@
if (current->structure(vm)->mayInterceptIndexedAccesses())
return true;
- JSValue prototype = current->getPrototypeDirect();
+ JSValue prototype = current->getPrototypeDirect(vm);
if (prototype.isNull())
return false;
@@ -3694,7 +3695,7 @@
return anyObjectInChainMayInterceptIndexedAccesses();
for (JSObject* current = this; ;) {
- JSValue prototype = current->getPrototypeDirect();
+ JSValue prototype = current->getPrototypeDirect(vm);
if (prototype.isNull())
return false;
Modified: trunk/Source/_javascript_Core/runtime/JSObject.h (223745 => 223746)
--- trunk/Source/_javascript_Core/runtime/JSObject.h 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/_javascript_Core/runtime/JSObject.h 2017-10-20 07:50:08 UTC (rev 223746)
@@ -132,7 +132,7 @@
// It is valid to use though when you know that you want to directly get it
// without consulting the method table. This is akin to getting the [[Prototype]]
// internal field directly as described in the specification.
- JSValue getPrototypeDirect() const;
+ JSValue getPrototypeDirect(VM&) const;
// This sets the prototype without checking for cycles and without
// doing dynamic dispatch on [[SetPrototypeOf]] operation in the specification.
@@ -873,7 +873,7 @@
{
Base::finishCreation(vm);
ASSERT(inherits(vm, info()));
- ASSERT(structure()->hasPolyProto() || getPrototypeDirect().isNull() || Heap::heap(this) == Heap::heap(getPrototypeDirect()));
+ ASSERT(structure()->hasPolyProto() || getPrototypeDirect(vm).isNull() || Heap::heap(this) == Heap::heap(getPrototypeDirect(vm)));
ASSERT(structure()->isObject());
ASSERT(classInfo(vm));
}
@@ -1303,9 +1303,9 @@
{
}
-inline JSValue JSObject::getPrototypeDirect() const
+inline JSValue JSObject::getPrototypeDirect(VM& vm) const
{
- return structure()->storedPrototype(this);
+ return structure(vm)->storedPrototype(this);
}
inline JSValue JSObject::getPrototype(VM& vm, ExecState* exec)
@@ -1313,7 +1313,7 @@
auto getPrototypeMethod = methodTable(vm)->getPrototype;
MethodTable::GetPrototypeFunctionPtr defaultGetPrototype = JSObject::getPrototype;
if (LIKELY(getPrototypeMethod == defaultGetPrototype))
- return getPrototypeDirect();
+ return getPrototypeDirect(vm);
return getPrototypeMethod(this, exec);
}
Modified: trunk/Source/_javascript_Core/runtime/JSObjectInlines.h (223745 => 223746)
--- trunk/Source/_javascript_Core/runtime/JSObjectInlines.h 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/_javascript_Core/runtime/JSObjectInlines.h 2017-10-20 07:50:08 UTC (rev 223746)
@@ -73,7 +73,7 @@
if (obj->structure(vm)->hasReadOnlyOrGetterSetterPropertiesExcludingProto() || obj->methodTable(vm)->getPrototype != defaultGetPrototype)
return false;
- prototype = obj->getPrototypeDirect();
+ prototype = obj->getPrototypeDirect(vm);
if (prototype.isNull())
return true;
@@ -116,7 +116,7 @@
return true;
JSValue prototype;
if (LIKELY(structure->classInfo()->methodTable.getPrototype == defaultGetPrototype || slot.internalMethodType() == PropertySlot::InternalMethodType::VMInquiry))
- prototype = object->getPrototypeDirect();
+ prototype = object->getPrototypeDirect(vm);
else {
prototype = object->getPrototype(vm, exec);
RETURN_IF_EXCEPTION(scope, false);
@@ -150,7 +150,7 @@
}
JSValue prototype;
if (LIKELY(structure->classInfo()->methodTable.getPrototype == defaultGetPrototype || slot.internalMethodType() == PropertySlot::InternalMethodType::VMInquiry))
- prototype = object->getPrototypeDirect();
+ prototype = object->getPrototypeDirect(vm);
else {
prototype = object->getPrototype(vm, exec);
RETURN_IF_EXCEPTION(scope, false);
Modified: trunk/Source/_javascript_Core/runtime/JSProxy.cpp (223745 => 223746)
--- trunk/Source/_javascript_Core/runtime/JSProxy.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/_javascript_Core/runtime/JSProxy.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -46,7 +46,7 @@
void JSProxy::setTarget(VM& vm, JSGlobalObject* globalObject)
{
m_target.set(vm, this, globalObject);
- setPrototypeDirect(vm, globalObject->getPrototypeDirect());
+ setPrototypeDirect(vm, globalObject->getPrototypeDirect(vm));
}
String JSProxy::className(const JSObject* object)
Modified: trunk/Source/_javascript_Core/runtime/JSSet.cpp (223745 => 223746)
--- trunk/Source/_javascript_Core/runtime/JSSet.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/_javascript_Core/runtime/JSSet.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -56,10 +56,10 @@
if (structure == globalObject->setStructure())
return true;
- if (getPrototypeDirect() != globalObject->jsSetPrototype())
+ VM& vm = globalObject->vm();
+ if (getPrototypeDirect(vm) != globalObject->jsSetPrototype())
return false;
- VM& vm = globalObject->vm();
if (getDirectOffset(vm, vm.propertyNames->iteratorSymbol) != invalidOffset)
return false;
Modified: trunk/Source/_javascript_Core/runtime/ProgramExecutable.cpp (223745 => 223746)
--- trunk/Source/_javascript_Core/runtime/ProgramExecutable.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/_javascript_Core/runtime/ProgramExecutable.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -104,13 +104,13 @@
if (error.isValid())
return error.toErrorObject(globalObject, source());
- JSValue nextPrototype = globalObject->getPrototypeDirect();
+ JSValue nextPrototype = globalObject->getPrototypeDirect(vm);
while (nextPrototype && nextPrototype.isObject()) {
if (UNLIKELY(asObject(nextPrototype)->type() == ProxyObjectType)) {
ExecState* exec = globalObject->globalExec();
return createTypeError(exec, ASCIILiteral("Proxy is not allowed in the global prototype chain."));
}
- nextPrototype = asObject(nextPrototype)->getPrototypeDirect();
+ nextPrototype = asObject(nextPrototype)->getPrototypeDirect(vm);
}
JSGlobalLexicalEnvironment* globalLexicalEnvironment = globalObject->globalLexicalEnvironment();
Modified: trunk/Source/_javascript_Core/runtime/StructureInlines.h (223745 => 223746)
--- trunk/Source/_javascript_Core/runtime/StructureInlines.h 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/_javascript_Core/runtime/StructureInlines.h 2017-10-20 07:50:08 UTC (rev 223746)
@@ -243,13 +243,14 @@
if (!cachedPrototypeChain)
return false;
+ VM& vm = globalObject->vm();
JSValue prototype = prototypeForLookup(globalObject, base);
WriteBarrier<Structure>* cachedStructure = cachedPrototypeChain->head();
while (*cachedStructure && !prototype.isNull()) {
- if (asObject(prototype)->structure() != cachedStructure->get())
+ if (asObject(prototype)->structure(vm) != cachedStructure->get())
return false;
++cachedStructure;
- prototype = asObject(prototype)->getPrototypeDirect();
+ prototype = asObject(prototype)->getPrototypeDirect(vm);
}
return prototype.isNull() && !*cachedStructure;
}
Modified: trunk/Source/WebCore/ChangeLog (223745 => 223746)
--- trunk/Source/WebCore/ChangeLog 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/WebCore/ChangeLog 2017-10-20 07:50:08 UTC (rev 223746)
@@ -1,3 +1,57 @@
+2017-10-20 Saam Barati <sbar...@apple.com>
+
+ Optimize accesses to how we get the direct prototype
+ https://bugs.webkit.org/show_bug.cgi?id=178548
+
+ Reviewed by Yusuke Suzuki.
+
+ No new tests: no functionality change.
+
+ * bindings/js/JSDOMAbstractOperations.h:
+ (WebCore::isVisibleNamedProperty):
+ (WebCore::accessVisibleNamedProperty):
+ * bindings/js/JSDOMWindowBase.cpp:
+ (WebCore::toJSDOMWindow):
+ * bindings/js/JSDOMWindowProperties.cpp:
+ (WebCore::JSDOMWindowProperties::getOwnPropertySlot):
+ * bindings/js/JSPluginElementFunctions.cpp:
+ (WebCore::pluginElementCustomGetOwnPropertySlot):
+ * bindings/js/WorkerScriptController.cpp:
+ (WebCore::WorkerScriptController::initScript):
+ * bindings/scripts/CodeGeneratorJS.pm:
+ (GeneratePut):
+ (GeneratePutByIndex):
+ (GenerateConstructorHelperMethods):
+ * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
+ (WebCore::JSTestGlobalObjectConstructor::initializeProperties):
+ * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:
+ (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::put):
+ (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::putByIndex):
+ * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:
+ (WebCore::JSTestNamedAndIndexedSetterThrowingException::put):
+ (WebCore::JSTestNamedAndIndexedSetterThrowingException::putByIndex):
+ * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:
+ (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::put):
+ (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::putByIndex):
+ * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:
+ (WebCore::JSTestNamedSetterNoIdentifier::put):
+ (WebCore::JSTestNamedSetterNoIdentifier::putByIndex):
+ * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:
+ (WebCore::JSTestNamedSetterThrowingException::put):
+ (WebCore::JSTestNamedSetterThrowingException::putByIndex):
+ * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:
+ (WebCore::JSTestNamedSetterWithIdentifier::put):
+ (WebCore::JSTestNamedSetterWithIdentifier::putByIndex):
+ * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:
+ (WebCore::JSTestNamedSetterWithIndexedGetter::put):
+ (WebCore::JSTestNamedSetterWithIndexedGetter::putByIndex):
+ * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:
+ (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::put):
+ (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::putByIndex):
+ * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:
+ (WebCore::JSTestNamedSetterWithUnforgableProperties::put):
+ (WebCore::JSTestNamedSetterWithUnforgableProperties::putByIndex):
+
2017-10-20 Yusuke Suzuki <utatane....@gmail.com>
[JSC] ScriptFetcher should be notified directly from module pipeline
Modified: trunk/Source/WebCore/bindings/js/JSDOMAbstractOperations.h (223745 => 223746)
--- trunk/Source/WebCore/bindings/js/JSDOMAbstractOperations.h 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/WebCore/bindings/js/JSDOMAbstractOperations.h 2017-10-20 07:50:08 UTC (rev 223746)
@@ -72,7 +72,7 @@
// 1. If prototype is not a named properties object, and prototype has an own property named P, then return false.
// FIXME: Implement checking for 'named properties object'.
// 2. Set prototype to be the value of the internal [[Prototype]] property of prototype.
- auto prototype = thisObject.getPrototypeDirect();
+ auto prototype = thisObject.getPrototypeDirect(state.vm());
if (prototype.isObject() && JSC::asObject(prototype)->getPropertySlot(&state, propertyName, slot))
return false;
@@ -112,7 +112,7 @@
// 1. If prototype is not a named properties object, and prototype has an own property named P, then return false.
// FIXME: Implement checking for 'named properties object'.
// 2. Set prototype to be the value of the internal [[Prototype]] property of prototype.
- auto prototype = thisObject.getPrototypeDirect();
+ auto prototype = thisObject.getPrototypeDirect(state.vm());
if (prototype.isObject() && JSC::asObject(prototype)->getPropertySlot(&state, propertyName, slot))
return std::nullopt;
Modified: trunk/Source/WebCore/bindings/js/JSDOMWindowBase.cpp (223745 => 223746)
--- trunk/Source/WebCore/bindings/js/JSDOMWindowBase.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/WebCore/bindings/js/JSDOMWindowBase.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -282,7 +282,7 @@
return jsCast<JSDOMWindow*>(object);
if (classInfo == JSDOMWindowProxy::info())
return jsCast<JSDOMWindowProxy*>(object)->window();
- value = object->getPrototypeDirect();
+ value = object->getPrototypeDirect(vm);
}
return nullptr;
}
Modified: trunk/Source/WebCore/bindings/js/JSDOMWindowProperties.cpp (223745 => 223746)
--- trunk/Source/WebCore/bindings/js/JSDOMWindowProperties.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/WebCore/bindings/js/JSDOMWindowProperties.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -85,7 +85,7 @@
ASSERT_GC_OBJECT_INHERITS(thisObject, info());
if (Base::getOwnPropertySlot(thisObject, state, propertyName, slot))
return true;
- JSValue proto = thisObject->getPrototypeDirect();
+ JSValue proto = thisObject->getPrototypeDirect(state->vm());
if (proto.isObject() && jsCast<JSObject*>(proto)->hasProperty(state, propertyName))
return false;
Modified: trunk/Source/WebCore/bindings/js/JSPluginElementFunctions.cpp (223745 => 223746)
--- trunk/Source/WebCore/bindings/js/JSPluginElementFunctions.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/WebCore/bindings/js/JSPluginElementFunctions.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -112,7 +112,7 @@
bool pluginElementCustomGetOwnPropertySlot(JSHTMLElement* element, ExecState* exec, PropertyName propertyName, PropertySlot& slot)
{
if (!element->globalObject()->world().isNormal()) {
- JSC::JSValue proto = element->getPrototypeDirect();
+ JSC::JSValue proto = element->getPrototypeDirect(exec->vm());
if (proto.isObject() && JSC::jsCast<JSC::JSObject*>(asObject(proto))->hasProperty(exec, propertyName))
return false;
}
Modified: trunk/Source/WebCore/bindings/js/WorkerScriptController.cpp (223745 => 223746)
--- trunk/Source/WebCore/bindings/js/WorkerScriptController.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/WebCore/bindings/js/WorkerScriptController.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -114,7 +114,7 @@
}
ASSERT(m_workerGlobalScopeWrapper->globalObject() == m_workerGlobalScopeWrapper);
- ASSERT(asObject(m_workerGlobalScopeWrapper->getPrototypeDirect())->globalObject() == m_workerGlobalScopeWrapper);
+ ASSERT(asObject(m_workerGlobalScopeWrapper->getPrototypeDirect(*m_vm))->globalObject() == m_workerGlobalScopeWrapper);
m_consoleClient = std::make_unique<WorkerConsoleClient>(*m_workerGlobalScope);
m_workerGlobalScopeWrapper->setConsoleClient(m_consoleClient.get());
Modified: trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm (223745 => 223746)
--- trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm 2017-10-20 07:50:08 UTC (rev 223746)
@@ -954,7 +954,7 @@
my $overrideBuiltins = $codeGenerator->InheritsExtendedAttribute($interface, "OverrideBuiltins");
if (!$overrideBuiltins) {
push(@$outputArray, " PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };\n");
- push(@$outputArray, " JSValue prototype = thisObject->getPrototypeDirect();\n");
+ push(@$outputArray, " JSValue prototype = thisObject->getPrototypeDirect(state->vm());\n");
push(@$outputArray, " if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {\n");
$additionalIndent .= " ";
}
@@ -1023,7 +1023,7 @@
my $additionalIndent = "";
if (!$overrideBuiltins) {
push(@$outputArray, " PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };\n");
- push(@$outputArray, " JSValue prototype = thisObject->getPrototypeDirect();\n");
+ push(@$outputArray, " JSValue prototype = thisObject->getPrototypeDirect(state->vm());\n");
push(@$outputArray, " if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {\n");
$additionalIndent .= " ";
}
@@ -7114,7 +7114,7 @@
# of whether the interface was declared with the [NoInterfaceObject] extended attribute.
# https://heycam.github.io/webidl/#interface-prototype-object
if (ShouldUseGlobalObjectPrototype($interface)) {
- push(@$outputArray, " putDirect(vm, vm.propertyNames->prototype, globalObject.getPrototypeDirect(), JSC::PropertyAttribute::DontDelete | JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontEnum);\n");
+ push(@$outputArray, " putDirect(vm, vm.propertyNames->prototype, globalObject.getPrototypeDirect(vm), JSC::PropertyAttribute::DontDelete | JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontEnum);\n");
} elsif ($interface->isCallback) {
push(@$outputArray, " UNUSED_PARAM(globalObject);\n");
} else {
Modified: trunk/Source/WebCore/bindings/scripts/test/JS/JSTestGlobalObject.cpp (223745 => 223746)
--- trunk/Source/WebCore/bindings/scripts/test/JS/JSTestGlobalObject.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/WebCore/bindings/scripts/test/JS/JSTestGlobalObject.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -127,7 +127,7 @@
template<> void JSTestGlobalObjectConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject)
{
- putDirect(vm, vm.propertyNames->prototype, globalObject.getPrototypeDirect(), JSC::PropertyAttribute::DontDelete | JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontEnum);
+ putDirect(vm, vm.propertyNames->prototype, globalObject.getPrototypeDirect(vm), JSC::PropertyAttribute::DontDelete | JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontEnum);
putDirect(vm, vm.propertyNames->name, jsNontrivialString(&vm, String(ASCIILiteral("TestGlobalObject"))), JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontEnum);
putDirect(vm, vm.propertyNames->length, jsNumber(0), JSC::PropertyAttribute::ReadOnly | JSC::PropertyAttribute::DontEnum);
}
Modified: trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp (223745 => 223746)
--- trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -215,7 +215,7 @@
if (!propertyName.isSymbol()) {
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
@@ -243,7 +243,7 @@
auto propertyName = Identifier::from(state, index);
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
Modified: trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp (223745 => 223746)
--- trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -215,7 +215,7 @@
if (!propertyName.isSymbol()) {
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
@@ -243,7 +243,7 @@
auto propertyName = Identifier::from(state, index);
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
Modified: trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp (223745 => 223746)
--- trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -224,7 +224,7 @@
if (!propertyName.isSymbol()) {
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
@@ -252,7 +252,7 @@
auto propertyName = Identifier::from(state, index);
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
Modified: trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp (223745 => 223746)
--- trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -187,7 +187,7 @@
if (!propertyName.isSymbol()) {
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
@@ -207,7 +207,7 @@
auto propertyName = Identifier::from(state, index);
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
Modified: trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp (223745 => 223746)
--- trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -187,7 +187,7 @@
if (!propertyName.isSymbol()) {
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
@@ -207,7 +207,7 @@
auto propertyName = Identifier::from(state, index);
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
Modified: trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp (223745 => 223746)
--- trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -193,7 +193,7 @@
if (!propertyName.isSymbol()) {
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
@@ -213,7 +213,7 @@
auto propertyName = Identifier::from(state, index);
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
Modified: trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp (223745 => 223746)
--- trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -216,7 +216,7 @@
if (!propertyName.isSymbol()) {
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
@@ -236,7 +236,7 @@
auto propertyName = Identifier::from(state, index);
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
Modified: trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp (223745 => 223746)
--- trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -224,7 +224,7 @@
if (!propertyName.isSymbol()) {
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
@@ -252,7 +252,7 @@
auto propertyName = Identifier::from(state, index);
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
Modified: trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp (223745 => 223746)
--- trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp 2017-10-20 07:35:16 UTC (rev 223745)
+++ trunk/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp 2017-10-20 07:50:08 UTC (rev 223746)
@@ -211,7 +211,7 @@
if (!propertyName.isSymbol()) {
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
@@ -231,7 +231,7 @@
auto propertyName = Identifier::from(state, index);
PropertySlot slot { thisObject, PropertySlot::InternalMethodType::VMInquiry };
- JSValue prototype = thisObject->getPrototypeDirect();
+ JSValue prototype = thisObject->getPrototypeDirect(state->vm());
if (!(prototype.isObject() && asObject(prototype)->getPropertySlot(state, propertyName, slot))) {
auto throwScope = DECLARE_THROW_SCOPE(state->vm());
auto nativeValue = convert<IDLDOMString>(*state, value);
