WebKit Bugzilla
Attachment 369414 Details for
Bug 196315
: Structure::create should call didBecomePrototype()
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for landing
patch196315 (text/plain), 79.47 KB, created by
Robin Morisset
on 2019-05-08 13:28:55 PDT
(
hide
)
Description:
Patch for landing
Filename:
MIME Type:
Creator:
Robin Morisset
Created:
2019-05-08 13:28:55 PDT
Size:
79.47 KB
patch
obsolete
>Index: JSTests/ChangeLog >=================================================================== >--- JSTests/ChangeLog (revision 245064) >+++ JSTests/ChangeLog (working copy) >@@ -1,3 +1,14 @@ >+2019-05-08 Robin Morisset <rmorisset@apple.com> >+ >+ All prototypes should call didBecomePrototype() >+ https://bugs.webkit.org/show_bug.cgi?id=196315 >+ >+ Reviewed by Saam Barati. >+ >+ This changelog already landed, but the commit was missing the actual changes. >+ >+ * stress/function-prototype-indexed-accessor.js: Added. >+ > 2019-05-08 Caio Lima <ticaiolima@gmail.com> > > [BigInt] Add ValueMod into DFG >Index: JSTests/stress/function-prototype-indexed-accessor.js >=================================================================== >--- JSTests/stress/function-prototype-indexed-accessor.js (nonexistent) >+++ JSTests/stress/function-prototype-indexed-accessor.js (working copy) >@@ -0,0 +1,3 @@ >+Function[0] = 0; >+Object.defineProperty(Function.__proto__, '42', { set: ()=>{} }); >+Function[1000] = 0; >Index: Source/JavaScriptCore/ChangeLog >=================================================================== >--- Source/JavaScriptCore/ChangeLog (revision 244996) >+++ Source/JavaScriptCore/ChangeLog (working copy) >@@ -1,3 +1,84 @@ >+2019-05-08 Robin Morisset <rmorisset@apple.com> >+ >+ All prototypes should call didBecomePrototype() >+ https://bugs.webkit.org/show_bug.cgi?id=196315 >+ >+ Reviewed by Saam Barati. >+ >+ This changelog already landed, but the commit was missing the actual changes. >+ >+ Otherwise we won't remember to run haveABadTime() when someone adds to them an indexed accessor. >+ >+ I added a check used in both Structure::finishCreation() and Structure::changePrototypeTransition to make sure we don't >+ create structures with invalid prototypes. >+ It found a lot of objects that are used as prototypes in JSGlobalObject and yet were missing didBecomePrototype() in their finishCreation(). >+ Somewhat surprisingly, some of them have names like FunctionConstructor and not only FooPrototype. >+ >+ * runtime/BigIntPrototype.cpp: >+ (JSC::BigIntPrototype::finishCreation): >+ * runtime/BooleanPrototype.cpp: >+ (JSC::BooleanPrototype::finishCreation): >+ * runtime/DatePrototype.cpp: >+ (JSC::DatePrototype::finishCreation): >+ * runtime/ErrorConstructor.cpp: >+ (JSC::ErrorConstructor::finishCreation): >+ * runtime/ErrorPrototype.cpp: >+ (JSC::ErrorPrototype::finishCreation): >+ * runtime/FunctionConstructor.cpp: >+ (JSC::FunctionConstructor::finishCreation): >+ * runtime/FunctionPrototype.cpp: >+ (JSC::FunctionPrototype::finishCreation): >+ * runtime/IntlCollatorPrototype.cpp: >+ (JSC::IntlCollatorPrototype::finishCreation): >+ * runtime/IntlDateTimeFormatPrototype.cpp: >+ (JSC::IntlDateTimeFormatPrototype::finishCreation): >+ * runtime/IntlNumberFormatPrototype.cpp: >+ (JSC::IntlNumberFormatPrototype::finishCreation): >+ * runtime/IntlPluralRulesPrototype.cpp: >+ (JSC::IntlPluralRulesPrototype::finishCreation): >+ * runtime/JSArrayBufferPrototype.cpp: >+ (JSC::JSArrayBufferPrototype::finishCreation): >+ * runtime/JSDataViewPrototype.cpp: >+ (JSC::JSDataViewPrototype::finishCreation): >+ * runtime/JSGenericTypedArrayViewPrototypeInlines.h: >+ (JSC::JSGenericTypedArrayViewPrototype<ViewClass>::finishCreation): >+ * runtime/JSGlobalObject.cpp: >+ (JSC::createConsoleProperty): >+ * runtime/JSPromisePrototype.cpp: >+ (JSC::JSPromisePrototype::finishCreation): >+ * runtime/JSTypedArrayViewConstructor.cpp: >+ (JSC::JSTypedArrayViewConstructor::finishCreation): >+ * runtime/JSTypedArrayViewPrototype.cpp: >+ (JSC::JSTypedArrayViewPrototype::finishCreation): >+ * runtime/NumberPrototype.cpp: >+ (JSC::NumberPrototype::finishCreation): >+ * runtime/RegExpPrototype.cpp: >+ (JSC::RegExpPrototype::finishCreation): >+ * runtime/StringPrototype.cpp: >+ (JSC::StringPrototype::finishCreation): >+ * runtime/Structure.cpp: >+ (JSC::Structure::isValidPrototype): >+ (JSC::Structure::changePrototypeTransition): >+ * runtime/Structure.h: >+ * runtime/SymbolPrototype.cpp: >+ (JSC::SymbolPrototype::finishCreation): >+ * wasm/js/WebAssemblyCompileErrorPrototype.cpp: >+ (JSC::WebAssemblyCompileErrorPrototype::finishCreation): >+ * wasm/js/WebAssemblyInstancePrototype.cpp: >+ (JSC::WebAssemblyInstancePrototype::finishCreation): >+ * wasm/js/WebAssemblyLinkErrorPrototype.cpp: >+ (JSC::WebAssemblyLinkErrorPrototype::finishCreation): >+ * wasm/js/WebAssemblyMemoryPrototype.cpp: >+ (JSC::WebAssemblyMemoryPrototype::finishCreation): >+ * wasm/js/WebAssemblyModulePrototype.cpp: >+ (JSC::WebAssemblyModulePrototype::finishCreation): >+ * wasm/js/WebAssemblyPrototype.cpp: >+ (JSC::WebAssemblyPrototype::finishCreation): >+ * wasm/js/WebAssemblyRuntimeErrorPrototype.cpp: >+ (JSC::WebAssemblyRuntimeErrorPrototype::finishCreation): >+ * wasm/js/WebAssemblyTablePrototype.cpp: >+ (JSC::WebAssemblyTablePrototype::finishCreation): >+ > 2019-05-06 Yusuke Suzuki <ysuzuki@apple.com> > > [JSC] We should check OOM for description string of Symbol >Index: Source/JavaScriptCore/runtime/BigIntPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/BigIntPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/BigIntPrototype.cpp (working copy) >@@ -73,6 +73,7 @@ > Base::finishCreation(vm); > ASSERT(inherits(vm, info())); > putDirectWithoutTransition(vm, vm.propertyNames->toStringTagSymbol, jsString(&vm, "BigInt"), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > } > > // ------------------------------ Functions --------------------------- >Index: Source/JavaScriptCore/runtime/BooleanPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/BooleanPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/BooleanPrototype.cpp (working copy) >@@ -59,6 +59,7 @@ > { > Base::finishCreation(vm); > setInternalValue(vm, jsBoolean(false)); >+ didBecomePrototype(); > > ASSERT(inherits(vm, info())); > } >Index: Source/JavaScriptCore/runtime/DatePrototype.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/DatePrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/DatePrototype.cpp (working copy) >@@ -515,6 +515,7 @@ > > JSFunction* toPrimitiveFunction = JSFunction::create(vm, globalObject, 1, "[Symbol.toPrimitive]"_s, dateProtoFuncToPrimitiveSymbol, NoIntrinsic); > putDirectWithoutTransition(vm, vm.propertyNames->toPrimitiveSymbol, toPrimitiveFunction, PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > > // The constructor will be added later, after DateConstructor has been built. > } >Index: Source/JavaScriptCore/runtime/ErrorConstructor.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/ErrorConstructor.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/ErrorConstructor.cpp (working copy) >@@ -48,6 +48,7 @@ > putDirectWithoutTransition(vm, vm.propertyNames->prototype, errorPrototype, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly); > putDirectWithoutTransition(vm, vm.propertyNames->length, jsNumber(1), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); > putDirectWithoutTransition(vm, vm.propertyNames->stackTraceLimit, jsNumber(globalObject(vm)->stackTraceLimit().valueOr(Options::defaultErrorStackTraceLimit())), static_cast<unsigned>(PropertyAttribute::None)); >+ didBecomePrototype(); > } > > // ECMA 15.9.3 >Index: Source/JavaScriptCore/runtime/ErrorPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/ErrorPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/ErrorPrototype.cpp (working copy) >@@ -66,6 +66,7 @@ > ASSERT(inherits(vm, info())); > putDirectWithoutTransition(vm, vm.propertyNames->name, jsString(&vm, name), static_cast<unsigned>(PropertyAttribute::DontEnum)); > putDirectWithoutTransition(vm, vm.propertyNames->message, jsEmptyString(&vm), static_cast<unsigned>(PropertyAttribute::DontEnum)); >+ didBecomePrototype(); > } > > // ------------------------------ Functions --------------------------- >Index: Source/JavaScriptCore/runtime/FunctionConstructor.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/FunctionConstructor.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/FunctionConstructor.cpp (working copy) >@@ -61,6 +61,7 @@ > Base::finishCreation(vm, vm.propertyNames->Function.string(), NameVisibility::Visible, NameAdditionMode::WithoutStructureTransition); > putDirectWithoutTransition(vm, vm.propertyNames->prototype, functionPrototype, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly); > putDirectWithoutTransition(vm, vm.propertyNames->length, jsNumber(1), PropertyAttribute::ReadOnly | PropertyAttribute::DontEnum); >+ didBecomePrototype(); > } > > // ECMA 15.3.2 The Function Constructor >Index: Source/JavaScriptCore/runtime/FunctionPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/FunctionPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/FunctionPrototype.cpp (working copy) >@@ -54,6 +54,7 @@ > { > Base::finishCreation(vm, name, NameVisibility::Visible, NameAdditionMode::WithoutStructureTransition); > putDirectWithoutTransition(vm, vm.propertyNames->length, jsNumber(0), PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly | PropertyAttribute::DontEnum); >+ didBecomePrototype(); > } > > void FunctionPrototype::addFunctionProperties(VM& vm, JSGlobalObject* globalObject, JSFunction** callFunction, JSFunction** applyFunction, JSFunction** hasInstanceSymbolFunction) >Index: Source/JavaScriptCore/runtime/IntlCollatorPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/IntlCollatorPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/IntlCollatorPrototype.cpp (working copy) >@@ -76,6 +76,7 @@ > Base::finishCreation(vm); > > putDirectWithoutTransition(vm, vm.propertyNames->toStringTagSymbol, jsString(&vm, "Object"), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > } > > static EncodedJSValue JSC_HOST_CALL IntlCollatorFuncCompare(ExecState* state) >Index: Source/JavaScriptCore/runtime/IntlDateTimeFormatPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/IntlDateTimeFormatPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/IntlDateTimeFormatPrototype.cpp (working copy) >@@ -90,6 +90,7 @@ > #endif > > putDirectWithoutTransition(vm, vm.propertyNames->toStringTagSymbol, jsString(&vm, "Object"), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > } > > static EncodedJSValue JSC_HOST_CALL IntlDateTimeFormatFuncFormatDateTime(ExecState* state) >Index: Source/JavaScriptCore/runtime/IntlNumberFormatPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/IntlNumberFormatPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/IntlNumberFormatPrototype.cpp (working copy) >@@ -88,6 +88,7 @@ > #endif > > putDirectWithoutTransition(vm, vm.propertyNames->toStringTagSymbol, jsString(&vm, "Object"), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > } > > static EncodedJSValue JSC_HOST_CALL IntlNumberFormatFuncFormatNumber(ExecState* state) >Index: Source/JavaScriptCore/runtime/IntlPluralRulesPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/IntlPluralRulesPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/IntlPluralRulesPrototype.cpp (working copy) >@@ -75,6 +75,7 @@ > Base::finishCreation(vm); > > putDirectWithoutTransition(vm, vm.propertyNames->toStringTagSymbol, jsString(&vm, "Object"), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > } > > EncodedJSValue JSC_HOST_CALL IntlPluralRulesPrototypeFuncSelect(ExecState* state) >Index: Source/JavaScriptCore/runtime/JSArrayBufferPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/JSArrayBufferPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/JSArrayBufferPrototype.cpp (working copy) >@@ -121,6 +121,7 @@ > JSC_NATIVE_GETTER_WITHOUT_TRANSITION(vm.propertyNames->byteLength, arrayBufferProtoGetterFuncByteLength, PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); > else > JSC_NATIVE_GETTER_WITHOUT_TRANSITION(vm.propertyNames->byteLength, sharedArrayBufferProtoGetterFuncByteLength, PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > } > > JSArrayBufferPrototype* JSArrayBufferPrototype::create(VM& vm, JSGlobalObject* globalObject, Structure* structure, ArrayBufferSharingMode sharingMode) >Index: Source/JavaScriptCore/runtime/JSDataViewPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/JSDataViewPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/JSDataViewPrototype.cpp (working copy) >@@ -110,6 +110,7 @@ > { > Base::finishCreation(vm); > putDirectWithoutTransition(vm, vm.propertyNames->toStringTagSymbol, jsString(&vm, "DataView"), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > } > > Structure* JSDataViewPrototype::createStructure( >Index: Source/JavaScriptCore/runtime/JSGenericTypedArrayViewPrototypeInlines.h >=================================================================== >--- Source/JavaScriptCore/runtime/JSGenericTypedArrayViewPrototypeInlines.h (revision 244996) >+++ Source/JavaScriptCore/runtime/JSGenericTypedArrayViewPrototypeInlines.h (working copy) >@@ -45,6 +45,7 @@ > > putDirect(vm, vm.propertyNames->BYTES_PER_ELEMENT, jsNumber(ViewClass::elementSize), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly | PropertyAttribute::DontDelete); > >+ didBecomePrototype(); > } > > template<typename ViewClass> >Index: Source/JavaScriptCore/runtime/JSGlobalObject.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/JSGlobalObject.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/JSGlobalObject.cpp (working copy) >@@ -232,7 +232,9 @@ > static JSValue createConsoleProperty(VM& vm, JSObject* object) > { > JSGlobalObject* global = jsCast<JSGlobalObject*>(object); >- return ConsoleObject::create(vm, global, ConsoleObject::createStructure(vm, global, constructEmptyObject(global->globalExec()))); >+ JSValue prototype = constructEmptyObject(global->globalExec()); >+ prototype.getObject()->didBecomePrototype(); >+ return ConsoleObject::create(vm, global, ConsoleObject::createStructure(vm, global, prototype)); > } > > static EncodedJSValue JSC_HOST_CALL makeBoundFunction(ExecState* exec) >Index: Source/JavaScriptCore/runtime/JSPromisePrototype.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/JSPromisePrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/JSPromisePrototype.cpp (working copy) >@@ -77,6 +77,7 @@ > { > Base::finishCreation(vm); > putDirectWithoutTransition(vm, vm.propertyNames->toStringTagSymbol, jsString(&vm, "Promise"), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > } > > void JSPromisePrototype::addOwnInternalSlots(VM& vm, JSGlobalObject* globalObject) >Index: Source/JavaScriptCore/runtime/JSTypedArrayViewConstructor.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/JSTypedArrayViewConstructor.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/JSTypedArrayViewConstructor.cpp (working copy) >@@ -55,6 +55,8 @@ > > JSC_BUILTIN_FUNCTION_WITHOUT_TRANSITION(vm.propertyNames->of, typedArrayConstructorOfCodeGenerator, static_cast<unsigned>(PropertyAttribute::DontEnum)); > JSC_BUILTIN_FUNCTION_WITHOUT_TRANSITION(vm.propertyNames->from, typedArrayConstructorFromCodeGenerator, static_cast<unsigned>(PropertyAttribute::DontEnum)); >+ >+ didBecomePrototype(); > } > > Structure* JSTypedArrayViewConstructor::createStructure( >Index: Source/JavaScriptCore/runtime/JSTypedArrayViewPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/JSTypedArrayViewPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/JSTypedArrayViewPrototype.cpp (working copy) >@@ -334,6 +334,7 @@ > putDirectWithoutTransition(vm, vm.propertyNames->builtinNames().valuesPublicName(), valuesFunction, static_cast<unsigned>(PropertyAttribute::DontEnum)); > putDirectWithoutTransition(vm, vm.propertyNames->iteratorSymbol, valuesFunction, static_cast<unsigned>(PropertyAttribute::DontEnum)); > >+ didBecomePrototype(); > } > > JSTypedArrayViewPrototype* JSTypedArrayViewPrototype::create( >Index: Source/JavaScriptCore/runtime/NumberPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/NumberPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/NumberPrototype.cpp (working copy) >@@ -82,6 +82,7 @@ > > JSC_NATIVE_INTRINSIC_FUNCTION_WITHOUT_TRANSITION(vm.propertyNames->toString, numberProtoFuncToString, static_cast<unsigned>(PropertyAttribute::DontEnum), 1, NumberPrototypeToStringIntrinsic); > ASSERT(inherits(vm, info())); >+ didBecomePrototype(); > } > > // ------------------------------ Functions --------------------------- >Index: Source/JavaScriptCore/runtime/RegExpPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/RegExpPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/RegExpPrototype.cpp (working copy) >@@ -81,6 +81,8 @@ > JSC_BUILTIN_FUNCTION_WITHOUT_TRANSITION(vm.propertyNames->searchSymbol, regExpPrototypeSearchCodeGenerator, static_cast<unsigned>(PropertyAttribute::DontEnum)); > JSC_BUILTIN_FUNCTION_WITHOUT_TRANSITION(vm.propertyNames->splitSymbol, regExpPrototypeSplitCodeGenerator, static_cast<unsigned>(PropertyAttribute::DontEnum)); > JSC_BUILTIN_FUNCTION_WITHOUT_TRANSITION(vm.propertyNames->test, regExpPrototypeTestCodeGenerator, static_cast<unsigned>(PropertyAttribute::DontEnum)); >+ >+ didBecomePrototype(); > } > > // ------------------------------ Functions --------------------------- >Index: Source/JavaScriptCore/runtime/StringPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/StringPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/StringPrototype.cpp (working copy) >@@ -172,6 +172,8 @@ > > // The constructor will be added later, after StringConstructor has been built > putDirectWithoutTransition(vm, vm.propertyNames->length, jsNumber(0), PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly | PropertyAttribute::DontEnum); >+ >+ didBecomePrototype(); > } > > StringPrototype* StringPrototype::create(VM& vm, JSGlobalObject* globalObject, Structure* structure) >Index: Source/JavaScriptCore/runtime/Structure.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/Structure.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/Structure.cpp (working copy) >@@ -321,6 +321,11 @@ > return result; > } > >+bool Structure::isValidPrototype(JSValue prototype) >+{ >+ return prototype.isNull() || (prototype.isObject() && prototype.getObject()->mayBePrototype()); >+} >+ > void Structure::findStructuresAndMapForMaterialization(Vector<Structure*, 8>& structures, Structure*& structure, PropertyTable*& table) > { > ASSERT(structures.isEmpty()); >@@ -544,7 +549,7 @@ > > Structure* Structure::changePrototypeTransition(VM& vm, Structure* structure, JSValue prototype, DeferredStructureTransitionWatchpointFire& deferred) > { >- ASSERT(prototype.isObject() || prototype.isNull()); >+ ASSERT(isValidPrototype(prototype)); > > DeferGC deferGC(vm.heap); > Structure* transition = create(vm, structure, &deferred); >Index: Source/JavaScriptCore/runtime/Structure.h >=================================================================== >--- Source/JavaScriptCore/runtime/Structure.h (revision 244996) >+++ Source/JavaScriptCore/runtime/Structure.h (working copy) >@@ -142,7 +142,7 @@ > void finishCreation(VM& vm) > { > Base::finishCreation(vm); >- ASSERT(m_prototype.get().isEmpty() || m_prototype.isObject() || m_prototype.isNull()); >+ ASSERT(m_prototype.get().isEmpty() || isValidPrototype(m_prototype.get())); > } > > void finishCreation(VM& vm, const Structure* previous) >@@ -680,6 +680,8 @@ > > void checkConsistency(); > >+ JS_EXPORT_PRIVATE static bool isValidPrototype(JSValue); >+ > // This may grab the lock, or not. Do not call when holding the Structure's lock. > PropertyTable* ensurePropertyTableIfNotEmpty(VM& vm) > { >Index: Source/JavaScriptCore/runtime/SymbolPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/SymbolPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/runtime/SymbolPrototype.cpp (working copy) >@@ -67,6 +67,8 @@ > > JSFunction* toPrimitiveFunction = JSFunction::create(vm, globalObject, 1, "[Symbol.toPrimitive]"_s, symbolProtoFuncValueOf, NoIntrinsic); > putDirectWithoutTransition(vm, vm.propertyNames->toPrimitiveSymbol, toPrimitiveFunction, PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ >+ didBecomePrototype(); > } > > // ------------------------------ Functions --------------------------- >Index: Source/JavaScriptCore/wasm/js/WebAssemblyCompileErrorPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/wasm/js/WebAssemblyCompileErrorPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/wasm/js/WebAssemblyCompileErrorPrototype.cpp (working copy) >@@ -57,6 +57,7 @@ > void WebAssemblyCompileErrorPrototype::finishCreation(VM& vm) > { > Base::finishCreation(vm); >+ didBecomePrototype(); > } > > WebAssemblyCompileErrorPrototype::WebAssemblyCompileErrorPrototype(VM& vm, Structure* structure) >Index: Source/JavaScriptCore/wasm/js/WebAssemblyInstancePrototype.cpp >=================================================================== >--- Source/JavaScriptCore/wasm/js/WebAssemblyInstancePrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/wasm/js/WebAssemblyInstancePrototype.cpp (working copy) >@@ -86,6 +86,7 @@ > void WebAssemblyInstancePrototype::finishCreation(VM& vm) > { > Base::finishCreation(vm); >+ didBecomePrototype(); > } > > WebAssemblyInstancePrototype::WebAssemblyInstancePrototype(VM& vm, Structure* structure) >Index: Source/JavaScriptCore/wasm/js/WebAssemblyLinkErrorPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/wasm/js/WebAssemblyLinkErrorPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/wasm/js/WebAssemblyLinkErrorPrototype.cpp (working copy) >@@ -57,6 +57,7 @@ > void WebAssemblyLinkErrorPrototype::finishCreation(VM& vm) > { > Base::finishCreation(vm); >+ didBecomePrototype(); > } > > WebAssemblyLinkErrorPrototype::WebAssemblyLinkErrorPrototype(VM& vm, Structure* structure) >Index: Source/JavaScriptCore/wasm/js/WebAssemblyMemoryPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/wasm/js/WebAssemblyMemoryPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/wasm/js/WebAssemblyMemoryPrototype.cpp (working copy) >@@ -109,6 +109,7 @@ > { > Base::finishCreation(vm); > ASSERT(inherits(vm, info())); >+ didBecomePrototype(); > } > > WebAssemblyMemoryPrototype::WebAssemblyMemoryPrototype(VM& vm, Structure* structure) >Index: Source/JavaScriptCore/wasm/js/WebAssemblyModulePrototype.cpp >=================================================================== >--- Source/JavaScriptCore/wasm/js/WebAssemblyModulePrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/wasm/js/WebAssemblyModulePrototype.cpp (working copy) >@@ -56,6 +56,7 @@ > void WebAssemblyModulePrototype::finishCreation(VM& vm) > { > Base::finishCreation(vm); >+ didBecomePrototype(); > } > > WebAssemblyModulePrototype::WebAssemblyModulePrototype(VM& vm, Structure* structure) >Index: Source/JavaScriptCore/wasm/js/WebAssemblyPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/wasm/js/WebAssemblyPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/wasm/js/WebAssemblyPrototype.cpp (working copy) >@@ -381,6 +381,8 @@ > JSC_BUILTIN_FUNCTION_WITHOUT_TRANSITION("compileStreaming", webAssemblyPrototypeCompileStreamingCodeGenerator, static_cast<unsigned>(PropertyAttribute::DontEnum)); > JSC_BUILTIN_FUNCTION_WITHOUT_TRANSITION("instantiateStreaming", webAssemblyPrototypeInstantiateStreamingCodeGenerator, static_cast<unsigned>(PropertyAttribute::DontEnum)); > } >+ >+ didBecomePrototype(); > } > > WebAssemblyPrototype::WebAssemblyPrototype(VM& vm, Structure* structure) >Index: Source/JavaScriptCore/wasm/js/WebAssemblyRuntimeErrorPrototype.cpp >=================================================================== >--- Source/JavaScriptCore/wasm/js/WebAssemblyRuntimeErrorPrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/wasm/js/WebAssemblyRuntimeErrorPrototype.cpp (working copy) >@@ -57,6 +57,7 @@ > void WebAssemblyRuntimeErrorPrototype::finishCreation(VM& vm) > { > Base::finishCreation(vm); >+ didBecomePrototype(); > } > > WebAssemblyRuntimeErrorPrototype::WebAssemblyRuntimeErrorPrototype(VM& vm, Structure* structure) >Index: Source/JavaScriptCore/wasm/js/WebAssemblyTablePrototype.cpp >=================================================================== >--- Source/JavaScriptCore/wasm/js/WebAssemblyTablePrototype.cpp (revision 244996) >+++ Source/JavaScriptCore/wasm/js/WebAssemblyTablePrototype.cpp (working copy) >@@ -164,6 +164,7 @@ > { > Base::finishCreation(vm); > ASSERT(inherits(vm, info())); >+ didBecomePrototype(); > } > > WebAssemblyTablePrototype::WebAssemblyTablePrototype(VM& vm, Structure* structure) >Index: Source/WebCore/ChangeLog >=================================================================== >--- Source/WebCore/ChangeLog (revision 244996) >+++ Source/WebCore/ChangeLog (working copy) >@@ -1,3 +1,152 @@ >+2019-05-08 Robin Morisset <rmorisset@apple.com> >+ >+ All prototypes should call didBecomePrototype() >+ https://bugs.webkit.org/show_bug.cgi?id=196315 >+ >+ Reviewed by Saam Barati. >+ >+ This changelog already landed, but the commit was missing the actual changes. >+ >+ It was found by existing tests, with the new assert in JSC::Structure >+ >+ * bindings/js/JSWindowProxy.cpp: >+ (WebCore::JSWindowProxy::setWindow): >+ * bindings/scripts/CodeGeneratorJS.pm: >+ (GeneratePrototypeDeclaration): >+ (GenerateConstructorHelperMethods): >+ * bindings/scripts/test/JS/JSInterfaceName.cpp: >+ (WebCore::JSInterfaceNamePrototype::JSInterfaceNamePrototype): >+ * bindings/scripts/test/JS/JSMapLike.cpp: >+ (WebCore::JSMapLikePrototype::JSMapLikePrototype): >+ * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp: >+ (WebCore::JSReadOnlyMapLikePrototype::JSReadOnlyMapLikePrototype): >+ * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp: >+ (WebCore::JSTestActiveDOMObjectPrototype::JSTestActiveDOMObjectPrototype): >+ * bindings/scripts/test/JS/JSTestCEReactions.cpp: >+ (WebCore::JSTestCEReactionsPrototype::JSTestCEReactionsPrototype): >+ * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp: >+ (WebCore::JSTestCEReactionsStringifierPrototype::JSTestCEReactionsStringifierPrototype): >+ * bindings/scripts/test/JS/JSTestCallTracer.cpp: >+ (WebCore::JSTestCallTracerPrototype::JSTestCallTracerPrototype): >+ * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp: >+ (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::JSTestClassWithJSBuiltinConstructorPrototype): >+ * bindings/scripts/test/JS/JSTestDOMJIT.cpp: >+ (WebCore::JSTestDOMJITPrototype::JSTestDOMJITPrototype): >+ (WebCore::JSTestDOMJITConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp: >+ (WebCore::JSTestEnabledBySettingPrototype::JSTestEnabledBySettingPrototype): >+ * bindings/scripts/test/JS/JSTestEventConstructor.cpp: >+ (WebCore::JSTestEventConstructorPrototype::JSTestEventConstructorPrototype): >+ (WebCore::JSTestEventConstructorConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestEventTarget.cpp: >+ (WebCore::JSTestEventTargetPrototype::JSTestEventTargetPrototype): >+ (WebCore::JSTestEventTargetConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestException.cpp: >+ (WebCore::JSTestExceptionPrototype::JSTestExceptionPrototype): >+ * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp: >+ (WebCore::JSTestGenerateIsReachablePrototype::JSTestGenerateIsReachablePrototype): >+ * bindings/scripts/test/JS/JSTestGlobalObject.h: >+ (WebCore::JSTestGlobalObjectPrototype::JSTestGlobalObjectPrototype): >+ * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp: >+ (WebCore::JSTestIndexedSetterNoIdentifierPrototype::JSTestIndexedSetterNoIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp: >+ (WebCore::JSTestIndexedSetterThrowingExceptionPrototype::JSTestIndexedSetterThrowingExceptionPrototype): >+ * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp: >+ (WebCore::JSTestIndexedSetterWithIdentifierPrototype::JSTestIndexedSetterWithIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestInterface.cpp: >+ (WebCore::JSTestInterfacePrototype::JSTestInterfacePrototype): >+ * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp: >+ (WebCore::JSTestInterfaceLeadingUnderscorePrototype::JSTestInterfaceLeadingUnderscorePrototype): >+ * bindings/scripts/test/JS/JSTestIterable.cpp: >+ (WebCore::JSTestIterablePrototype::JSTestIterablePrototype): >+ * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp: >+ (WebCore::JSTestJSBuiltinConstructorPrototype::JSTestJSBuiltinConstructorPrototype): >+ * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp: >+ (WebCore::JSTestMediaQueryListListenerPrototype::JSTestMediaQueryListListenerPrototype): >+ * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp: >+ (WebCore::JSTestNamedAndIndexedSetterNoIdentifierPrototype::JSTestNamedAndIndexedSetterNoIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp: >+ (WebCore::JSTestNamedAndIndexedSetterThrowingExceptionPrototype::JSTestNamedAndIndexedSetterThrowingExceptionPrototype): >+ * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp: >+ (WebCore::JSTestNamedAndIndexedSetterWithIdentifierPrototype::JSTestNamedAndIndexedSetterWithIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: >+ (WebCore::JSTestNamedConstructorPrototype::JSTestNamedConstructorPrototype): >+ * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp: >+ (WebCore::JSTestNamedDeleterNoIdentifierPrototype::JSTestNamedDeleterNoIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp: >+ (WebCore::JSTestNamedDeleterThrowingExceptionPrototype::JSTestNamedDeleterThrowingExceptionPrototype): >+ * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp: >+ (WebCore::JSTestNamedDeleterWithIdentifierPrototype::JSTestNamedDeleterWithIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp: >+ (WebCore::JSTestNamedDeleterWithIndexedGetterPrototype::JSTestNamedDeleterWithIndexedGetterPrototype): >+ * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp: >+ (WebCore::JSTestNamedGetterCallWithPrototype::JSTestNamedGetterCallWithPrototype): >+ * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp: >+ (WebCore::JSTestNamedGetterNoIdentifierPrototype::JSTestNamedGetterNoIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp: >+ (WebCore::JSTestNamedGetterWithIdentifierPrototype::JSTestNamedGetterWithIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp: >+ (WebCore::JSTestNamedSetterNoIdentifierPrototype::JSTestNamedSetterNoIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp: >+ (WebCore::JSTestNamedSetterThrowingExceptionPrototype::JSTestNamedSetterThrowingExceptionPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp: >+ (WebCore::JSTestNamedSetterWithIdentifierPrototype::JSTestNamedSetterWithIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp: >+ (WebCore::JSTestNamedSetterWithIndexedGetterPrototype::JSTestNamedSetterWithIndexedGetterPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp: >+ (WebCore::JSTestNamedSetterWithIndexedGetterAndSetterPrototype::JSTestNamedSetterWithIndexedGetterAndSetterPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp: >+ (WebCore::JSTestNamedSetterWithOverrideBuiltinsPrototype::JSTestNamedSetterWithOverrideBuiltinsPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp: >+ (WebCore::JSTestNamedSetterWithUnforgablePropertiesPrototype::JSTestNamedSetterWithUnforgablePropertiesPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp: >+ (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsPrototype::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsPrototype): >+ * bindings/scripts/test/JS/JSTestNode.cpp: >+ (WebCore::JSTestNodePrototype::JSTestNodePrototype): >+ (WebCore::JSTestNodeConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestObj.cpp: >+ (WebCore::JSTestObjPrototype::JSTestObjPrototype): >+ * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: >+ (WebCore::JSTestOverloadedConstructorsPrototype::JSTestOverloadedConstructorsPrototype): >+ * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp: >+ (WebCore::JSTestOverloadedConstructorsWithSequencePrototype::JSTestOverloadedConstructorsWithSequencePrototype): >+ * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp: >+ (WebCore::JSTestOverrideBuiltinsPrototype::JSTestOverrideBuiltinsPrototype): >+ * bindings/scripts/test/JS/JSTestPluginInterface.cpp: >+ (WebCore::JSTestPluginInterfacePrototype::JSTestPluginInterfacePrototype): >+ * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp: >+ (WebCore::JSTestPromiseRejectionEventPrototype::JSTestPromiseRejectionEventPrototype): >+ (WebCore::JSTestPromiseRejectionEventConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestSerialization.cpp: >+ (WebCore::JSTestSerializationPrototype::JSTestSerializationPrototype): >+ * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp: >+ (WebCore::JSTestSerializationIndirectInheritancePrototype::JSTestSerializationIndirectInheritancePrototype): >+ (WebCore::JSTestSerializationIndirectInheritanceConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestSerializationInherit.cpp: >+ (WebCore::JSTestSerializationInheritPrototype::JSTestSerializationInheritPrototype): >+ (WebCore::JSTestSerializationInheritConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp: >+ (WebCore::JSTestSerializationInheritFinalPrototype::JSTestSerializationInheritFinalPrototype): >+ (WebCore::JSTestSerializationInheritFinalConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: >+ (WebCore::JSTestSerializedScriptValueInterfacePrototype::JSTestSerializedScriptValueInterfacePrototype): >+ * bindings/scripts/test/JS/JSTestStringifier.cpp: >+ (WebCore::JSTestStringifierPrototype::JSTestStringifierPrototype): >+ * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp: >+ (WebCore::JSTestStringifierAnonymousOperationPrototype::JSTestStringifierAnonymousOperationPrototype): >+ * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp: >+ (WebCore::JSTestStringifierNamedOperationPrototype::JSTestStringifierNamedOperationPrototype): >+ * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp: >+ (WebCore::JSTestStringifierOperationImplementedAsPrototype::JSTestStringifierOperationImplementedAsPrototype): >+ * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp: >+ (WebCore::JSTestStringifierOperationNamedToStringPrototype::JSTestStringifierOperationNamedToStringPrototype): >+ * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp: >+ (WebCore::JSTestStringifierReadOnlyAttributePrototype::JSTestStringifierReadOnlyAttributePrototype): >+ * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp: >+ (WebCore::JSTestStringifierReadWriteAttributePrototype::JSTestStringifierReadWriteAttributePrototype): >+ * bindings/scripts/test/JS/JSTestTypedefs.cpp: >+ (WebCore::JSTestTypedefsPrototype::JSTestTypedefsPrototype): >+ > 2019-05-06 Chris Dumez <cdumez@apple.com> > > Add assertions to JSLazyEventListener to help catch the cause of a crash >Index: Source/WebCore/bindings/js/JSWindowProxy.cpp >=================================================================== >--- Source/WebCore/bindings/js/JSWindowProxy.cpp (revision 244996) >+++ Source/WebCore/bindings/js/JSWindowProxy.cpp (working copy) >@@ -97,6 +97,7 @@ > // FIXME: Why do we need to protect this when there's a pointer to it on the stack? > // Perhaps the issue is that structure objects aren't seen when scanning the stack? > Strong<JSNonFinalObject> prototype(vm, isRemoteDOMWindow ? static_cast<JSNonFinalObject*>(JSRemoteDOMWindowPrototype::create(vm, nullptr, &prototypeStructure)) : static_cast<JSNonFinalObject*>(JSDOMWindowPrototype::create(vm, nullptr, &prototypeStructure))); >+ prototype->didBecomePrototype(); > > JSDOMGlobalObject* window = nullptr; > if (isRemoteDOMWindow) { >Index: Source/WebCore/bindings/scripts/CodeGeneratorJS.pm >=================================================================== >--- Source/WebCore/bindings/scripts/CodeGeneratorJS.pm (revision 244996) >+++ Source/WebCore/bindings/scripts/CodeGeneratorJS.pm (working copy) >@@ -7070,6 +7070,7 @@ > push(@$outputArray, " ${prototypeClassName}(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure)\n"); > push(@$outputArray, " : JSC::JSNonFinalObject(vm, structure)\n"); > push(@$outputArray, " {\n"); >+ push(@$outputArray, " didBecomePrototype();\n"); > push(@$outputArray, " }\n"); > > if (PrototypeHasStaticPropertyTable($interface)) { >@@ -7304,7 +7305,9 @@ > > if (!$generatingNamedConstructor and $interface->parentType) { > my $parentClassName = "JS" . $interface->parentType->name; >- push(@$outputArray, " return ${parentClassName}::getConstructor(vm, &globalObject);\n"); >+ push(@$outputArray, " auto result = ${parentClassName}::getConstructor(vm, &globalObject);\n"); >+ push(@$outputArray, " result.getObject()->didBecomePrototype();\n"); >+ push(@$outputArray, " return result;\n"); > } else { > AddToImplIncludes("<JavaScriptCore/FunctionPrototype.h>"); > push(@$outputArray, " UNUSED_PARAM(vm);\n"); >Index: Source/WebCore/bindings/scripts/test/JS/JSInterfaceName.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSInterfaceName.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSInterfaceName.cpp (working copy) >@@ -62,6 +62,7 @@ > JSInterfaceNamePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSMapLike.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSMapLike.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSMapLike.cpp (working copy) >@@ -81,6 +81,7 @@ > JSMapLikePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSReadOnlyMapLike.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSReadOnlyMapLike.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSReadOnlyMapLike.cpp (working copy) >@@ -78,6 +78,7 @@ > JSReadOnlyMapLikePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestActiveDOMObject.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestActiveDOMObject.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestActiveDOMObject.cpp (working copy) >@@ -75,6 +75,7 @@ > JSTestActiveDOMObjectPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestCEReactions.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestCEReactions.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestCEReactions.cpp (working copy) >@@ -87,6 +87,7 @@ > JSTestCEReactionsPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp (working copy) >@@ -74,6 +74,7 @@ > JSTestCEReactionsStringifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestCallTracer.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestCallTracer.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestCallTracer.cpp (working copy) >@@ -92,6 +92,7 @@ > JSTestCallTracerPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp (working copy) >@@ -63,6 +63,7 @@ > JSTestClassWithJSBuiltinConstructorPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestDOMJIT.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestDOMJIT.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestDOMJIT.cpp (working copy) >@@ -485,6 +485,7 @@ > JSTestDOMJITPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >@@ -494,7 +495,9 @@ > > template<> JSValue JSTestDOMJITConstructor::prototypeForStructure(JSC::VM& vm, const JSDOMGlobalObject& globalObject) > { >- return JSNode::getConstructor(vm, &globalObject); >+ auto result = JSNode::getConstructor(vm, &globalObject); >+ result.getObject()->didBecomePrototype(); >+ return result; > } > > template<> void JSTestDOMJITConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject) >Index: Source/WebCore/bindings/scripts/test/JS/JSTestEnabledBySetting.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestEnabledBySetting.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestEnabledBySetting.cpp (working copy) >@@ -84,6 +84,7 @@ > JSTestEnabledBySettingPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestEventConstructor.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestEventConstructor.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestEventConstructor.cpp (working copy) >@@ -144,6 +144,7 @@ > JSTestEventConstructorPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >@@ -170,7 +171,9 @@ > > template<> JSValue JSTestEventConstructorConstructor::prototypeForStructure(JSC::VM& vm, const JSDOMGlobalObject& globalObject) > { >- return JSEvent::getConstructor(vm, &globalObject); >+ auto result = JSEvent::getConstructor(vm, &globalObject); >+ result.getObject()->didBecomePrototype(); >+ return result; > } > > template<> void JSTestEventConstructorConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject) >Index: Source/WebCore/bindings/scripts/test/JS/JSTestEventTarget.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestEventTarget.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestEventTarget.cpp (working copy) >@@ -72,6 +72,7 @@ > JSTestEventTargetPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >@@ -81,7 +82,9 @@ > > template<> JSValue JSTestEventTargetConstructor::prototypeForStructure(JSC::VM& vm, const JSDOMGlobalObject& globalObject) > { >- return JSEventTarget::getConstructor(vm, &globalObject); >+ auto result = JSEventTarget::getConstructor(vm, &globalObject); >+ result.getObject()->didBecomePrototype(); >+ return result; > } > > template<> void JSTestEventTargetConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject) >Index: Source/WebCore/bindings/scripts/test/JS/JSTestException.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestException.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestException.cpp (working copy) >@@ -65,6 +65,7 @@ > JSTestExceptionPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp (working copy) >@@ -65,6 +65,7 @@ > JSTestGenerateIsReachablePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestGlobalObject.h >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestGlobalObject.h (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestGlobalObject.h (working copy) >@@ -102,6 +102,7 @@ > JSTestGlobalObjectPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > public: > static const unsigned StructureFlags = Base::StructureFlags | JSC::HasStaticPropertyTable; >Index: Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp (working copy) >@@ -64,6 +64,7 @@ > JSTestIndexedSetterNoIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp (working copy) >@@ -64,6 +64,7 @@ > JSTestIndexedSetterThrowingExceptionPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp (working copy) >@@ -70,6 +70,7 @@ > JSTestIndexedSetterWithIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestInterface.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestInterface.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestInterface.cpp (working copy) >@@ -168,6 +168,7 @@ > JSTestInterfacePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp (working copy) >@@ -65,6 +65,7 @@ > JSTestInterfaceLeadingUnderscorePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestIterable.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestIterable.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestIterable.cpp (working copy) >@@ -73,6 +73,7 @@ > JSTestIterablePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp (working copy) >@@ -69,6 +69,7 @@ > JSTestJSBuiltinConstructorPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp (working copy) >@@ -70,6 +70,7 @@ > JSTestMediaQueryListListenerPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp (working copy) >@@ -65,6 +65,7 @@ > JSTestNamedAndIndexedSetterNoIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp (working copy) >@@ -65,6 +65,7 @@ > JSTestNamedAndIndexedSetterThrowingExceptionPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp (working copy) >@@ -72,6 +72,7 @@ > JSTestNamedAndIndexedSetterWithIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedConstructor.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedConstructor.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedConstructor.cpp (working copy) >@@ -65,6 +65,7 @@ > JSTestNamedConstructorPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp (working copy) >@@ -64,6 +64,7 @@ > JSTestNamedDeleterNoIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp (working copy) >@@ -64,6 +64,7 @@ > JSTestNamedDeleterThrowingExceptionPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp (working copy) >@@ -69,6 +69,7 @@ > JSTestNamedDeleterWithIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp (working copy) >@@ -65,6 +65,7 @@ > JSTestNamedDeleterWithIndexedGetterPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp (working copy) >@@ -64,6 +64,7 @@ > JSTestNamedGetterCallWithPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp (working copy) >@@ -64,6 +64,7 @@ > JSTestNamedGetterNoIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp (working copy) >@@ -69,6 +69,7 @@ > JSTestNamedGetterWithIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp (working copy) >@@ -64,6 +64,7 @@ > JSTestNamedSetterNoIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp (working copy) >@@ -64,6 +64,7 @@ > JSTestNamedSetterThrowingExceptionPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp (working copy) >@@ -69,6 +69,7 @@ > JSTestNamedSetterWithIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp (working copy) >@@ -72,6 +72,7 @@ > JSTestNamedSetterWithIndexedGetterPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp (working copy) >@@ -72,6 +72,7 @@ > JSTestNamedSetterWithIndexedGetterAndSetterPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp (working copy) >@@ -64,6 +64,7 @@ > JSTestNamedSetterWithOverrideBuiltinsPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp (working copy) >@@ -71,6 +71,7 @@ > JSTestNamedSetterWithUnforgablePropertiesPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp (working copy) >@@ -71,6 +71,7 @@ > JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestNode.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestNode.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestNode.cpp (working copy) >@@ -88,6 +88,7 @@ > JSTestNodePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >@@ -108,7 +109,9 @@ > > template<> JSValue JSTestNodeConstructor::prototypeForStructure(JSC::VM& vm, const JSDOMGlobalObject& globalObject) > { >- return JSNode::getConstructor(vm, &globalObject); >+ auto result = JSNode::getConstructor(vm, &globalObject); >+ result.getObject()->didBecomePrototype(); >+ return result; > } > > template<> void JSTestNodeConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject) >Index: Source/WebCore/bindings/scripts/test/JS/JSTestObj.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestObj.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestObj.cpp (working copy) >@@ -1819,6 +1819,7 @@ > JSTestObjPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp (working copy) >@@ -68,6 +68,7 @@ > JSTestOverloadedConstructorsPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp (working copy) >@@ -67,6 +67,7 @@ > JSTestOverloadedConstructorsWithSequencePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp (working copy) >@@ -72,6 +72,7 @@ > JSTestOverrideBuiltinsPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestPluginInterface.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestPluginInterface.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestPluginInterface.cpp (working copy) >@@ -63,6 +63,7 @@ > JSTestPluginInterfacePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp (working copy) >@@ -147,6 +147,7 @@ > JSTestPromiseRejectionEventPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >@@ -174,7 +175,9 @@ > > template<> JSValue JSTestPromiseRejectionEventConstructor::prototypeForStructure(JSC::VM& vm, const JSDOMGlobalObject& globalObject) > { >- return JSEvent::getConstructor(vm, &globalObject); >+ auto result = JSEvent::getConstructor(vm, &globalObject); >+ result.getObject()->didBecomePrototype(); >+ return result; > } > > template<> void JSTestPromiseRejectionEventConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject) >Index: Source/WebCore/bindings/scripts/test/JS/JSTestSerialization.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestSerialization.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestSerialization.cpp (working copy) >@@ -104,6 +104,7 @@ > JSTestSerializationPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp (working copy) >@@ -61,6 +61,7 @@ > JSTestSerializationIndirectInheritancePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >@@ -70,7 +71,9 @@ > > template<> JSValue JSTestSerializationIndirectInheritanceConstructor::prototypeForStructure(JSC::VM& vm, const JSDOMGlobalObject& globalObject) > { >- return JSTestSerializationInherit::getConstructor(vm, &globalObject); >+ auto result = JSTestSerializationInherit::getConstructor(vm, &globalObject); >+ result.getObject()->didBecomePrototype(); >+ return result; > } > > template<> void JSTestSerializationIndirectInheritanceConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject) >Index: Source/WebCore/bindings/scripts/test/JS/JSTestSerializationInherit.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestSerializationInherit.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestSerializationInherit.cpp (working copy) >@@ -71,6 +71,7 @@ > JSTestSerializationInheritPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >@@ -80,7 +81,9 @@ > > template<> JSValue JSTestSerializationInheritConstructor::prototypeForStructure(JSC::VM& vm, const JSDOMGlobalObject& globalObject) > { >- return JSTestSerialization::getConstructor(vm, &globalObject); >+ auto result = JSTestSerialization::getConstructor(vm, &globalObject); >+ result.getObject()->didBecomePrototype(); >+ return result; > } > > template<> void JSTestSerializationInheritConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject) >Index: Source/WebCore/bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp (working copy) >@@ -73,6 +73,7 @@ > JSTestSerializationInheritFinalPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >@@ -82,7 +83,9 @@ > > template<> JSValue JSTestSerializationInheritFinalConstructor::prototypeForStructure(JSC::VM& vm, const JSDOMGlobalObject& globalObject) > { >- return JSTestSerializationInherit::getConstructor(vm, &globalObject); >+ auto result = JSTestSerializationInherit::getConstructor(vm, &globalObject); >+ result.getObject()->didBecomePrototype(); >+ return result; > } > > template<> void JSTestSerializationInheritFinalConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject) >Index: Source/WebCore/bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp (working copy) >@@ -86,6 +86,7 @@ > JSTestSerializedScriptValueInterfacePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestStringifier.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestStringifier.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestStringifier.cpp (working copy) >@@ -68,6 +68,7 @@ > JSTestStringifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp (working copy) >@@ -68,6 +68,7 @@ > JSTestStringifierAnonymousOperationPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp (working copy) >@@ -69,6 +69,7 @@ > JSTestStringifierNamedOperationPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp (working copy) >@@ -69,6 +69,7 @@ > JSTestStringifierOperationImplementedAsPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp (working copy) >@@ -68,6 +68,7 @@ > JSTestStringifierOperationNamedToStringPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp (working copy) >@@ -70,6 +70,7 @@ > JSTestStringifierReadOnlyAttributePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp (working copy) >@@ -71,6 +71,7 @@ > JSTestStringifierReadWriteAttributePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >Index: Source/WebCore/bindings/scripts/test/JS/JSTestTypedefs.cpp >=================================================================== >--- Source/WebCore/bindings/scripts/test/JS/JSTestTypedefs.cpp (revision 244996) >+++ Source/WebCore/bindings/scripts/test/JS/JSTestTypedefs.cpp (working copy) >@@ -114,6 +114,7 @@ > JSTestTypedefsPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=369414">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 196315
:
366101
|
366108
|
366136
|
366853
|
366861
|
367056
|
367057
|
367061
|
367081
|
367089
|
367097
|
367140
|
367363
|
367369
|
367423
|
368352
|
368983
|
369025
|
369414
|
369598
|
369622
|
369640
|
372674
|
372675
|
372851