WebKit Bugzilla
Attachment 372674 Details for
Bug 196315
: Structure::create should call didBecomePrototype()
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-196315-20190622021641.patch (text/plain), 112.47 KB, created by
Yusuke Suzuki
on 2019-06-22 02:16:42 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Yusuke Suzuki
Created:
2019-06-22 02:16:42 PDT
Size:
112.47 KB
patch
obsolete
>Subversion Revision: 246709 >diff --git a/Source/JavaScriptCore/ChangeLog b/Source/JavaScriptCore/ChangeLog >index 23d774c77d32e4d4cdab8be7b7817b72fe0f6e24..0634e52c13b97515ab10fa9f701ec5f075fa5e05 100644 >--- a/Source/JavaScriptCore/ChangeLog >+++ b/Source/JavaScriptCore/ChangeLog >@@ -1,3 +1,86 @@ >+2019-06-22 Robin Morisset <rmorisset@apple.com> and Yusuke Suzuki <ysuzuki@apple.com> >+ >+ All prototypes should call didBecomePrototype() >+ https://bugs.webkit.org/show_bug.cgi?id=196315 >+ >+ Reviewed by Saam Barati. >+ >+ Trying again, after it was rolled-out because I missed one JSDOMIteratorPrototype in WebCore. >+ >+ Otherwise we won't remember to run haveABadTime() when someone adds to them an indexed accessor. >+ >+ I added a check used in both Structure::finishCreation() and Structure::changePrototypeTransition to make sure we don't >+ create structures with invalid prototypes. >+ It found a lot of objects that are used as prototypes in JSGlobalObject and yet were missing didBecomePrototype() in their finishCreation(). >+ Somewhat surprisingly, some of them have names like FunctionConstructor and not only FooPrototype. >+ >+ * runtime/BigIntPrototype.cpp: >+ (JSC::BigIntPrototype::finishCreation): >+ * runtime/BooleanPrototype.cpp: >+ (JSC::BooleanPrototype::finishCreation): >+ * runtime/DatePrototype.cpp: >+ (JSC::DatePrototype::finishCreation): >+ * runtime/ErrorConstructor.cpp: >+ (JSC::ErrorConstructor::finishCreation): >+ * runtime/ErrorPrototype.cpp: >+ (JSC::ErrorPrototype::finishCreation): >+ * runtime/FunctionConstructor.cpp: >+ (JSC::FunctionConstructor::finishCreation): >+ * runtime/FunctionPrototype.cpp: >+ (JSC::FunctionPrototype::finishCreation): >+ * runtime/IntlCollatorPrototype.cpp: >+ (JSC::IntlCollatorPrototype::finishCreation): >+ * runtime/IntlDateTimeFormatPrototype.cpp: >+ (JSC::IntlDateTimeFormatPrototype::finishCreation): >+ * runtime/IntlNumberFormatPrototype.cpp: >+ (JSC::IntlNumberFormatPrototype::finishCreation): >+ * runtime/IntlPluralRulesPrototype.cpp: >+ (JSC::IntlPluralRulesPrototype::finishCreation): >+ * runtime/JSArrayBufferPrototype.cpp: >+ (JSC::JSArrayBufferPrototype::finishCreation): >+ * runtime/JSDataViewPrototype.cpp: >+ (JSC::JSDataViewPrototype::finishCreation): >+ * runtime/JSGenericTypedArrayViewPrototypeInlines.h: >+ (JSC::JSGenericTypedArrayViewPrototype<ViewClass>::finishCreation): >+ * runtime/JSGlobalObject.cpp: >+ (JSC::createConsoleProperty): >+ * runtime/JSPromisePrototype.cpp: >+ (JSC::JSPromisePrototype::finishCreation): >+ * runtime/JSTypedArrayViewConstructor.cpp: >+ (JSC::JSTypedArrayViewConstructor::finishCreation): >+ * runtime/JSTypedArrayViewPrototype.cpp: >+ (JSC::JSTypedArrayViewPrototype::finishCreation): >+ * runtime/NumberPrototype.cpp: >+ (JSC::NumberPrototype::finishCreation): >+ * runtime/RegExpPrototype.cpp: >+ (JSC::RegExpPrototype::finishCreation): >+ * runtime/StringPrototype.cpp: >+ (JSC::StringPrototype::finishCreation): >+ * runtime/Structure.cpp: >+ (JSC::Structure::isValidPrototype): >+ (JSC::Structure::changePrototypeTransition): >+ * runtime/Structure.h: >+ * runtime/StructureInlines.h: >+ (JSC::Structure::setPrototypeWithoutTransition): >+ * runtime/SymbolPrototype.cpp: >+ (JSC::SymbolPrototype::finishCreation): >+ * wasm/js/WebAssemblyCompileErrorPrototype.cpp: >+ (JSC::WebAssemblyCompileErrorPrototype::finishCreation): >+ * wasm/js/WebAssemblyInstancePrototype.cpp: >+ (JSC::WebAssemblyInstancePrototype::finishCreation): >+ * wasm/js/WebAssemblyLinkErrorPrototype.cpp: >+ (JSC::WebAssemblyLinkErrorPrototype::finishCreation): >+ * wasm/js/WebAssemblyMemoryPrototype.cpp: >+ (JSC::WebAssemblyMemoryPrototype::finishCreation): >+ * wasm/js/WebAssemblyModulePrototype.cpp: >+ (JSC::WebAssemblyModulePrototype::finishCreation): >+ * wasm/js/WebAssemblyPrototype.cpp: >+ (JSC::WebAssemblyPrototype::finishCreation): >+ * wasm/js/WebAssemblyRuntimeErrorPrototype.cpp: >+ (JSC::WebAssemblyRuntimeErrorPrototype::finishCreation): >+ * wasm/js/WebAssemblyTablePrototype.cpp: >+ (JSC::WebAssemblyTablePrototype::finishCreation): >+ > 2019-06-22 Yusuke Suzuki <ysuzuki@apple.com> > > [JSC] Strict, Sloppy and Arrow functions should have different classInfo >@@ -902,6 +985,87 @@ > > Unreviewed, rolling out r246322. > https://bugs.webkit.org/show_bug.cgi?id=198796 >+2019-05-08 Robin Morisset <rmorisset@apple.com> >+ >+ All prototypes should call didBecomePrototype() >+ https://bugs.webkit.org/show_bug.cgi?id=196315 >+ >+ Reviewed by Saam Barati. >+ >+ This changelog already landed, but the commit was missing the actual changes. >+ >+ Otherwise we won't remember to run haveABadTime() when someone adds to them an indexed accessor. >+ >+ I added a check used in both Structure::finishCreation() and Structure::changePrototypeTransition to make sure we don't >+ create structures with invalid prototypes. >+ It found a lot of objects that are used as prototypes in JSGlobalObject and yet were missing didBecomePrototype() in their finishCreation(). >+ Somewhat surprisingly, some of them have names like FunctionConstructor and not only FooPrototype. >+ >+ * runtime/BigIntPrototype.cpp: >+ (JSC::BigIntPrototype::finishCreation): >+ * runtime/BooleanPrototype.cpp: >+ (JSC::BooleanPrototype::finishCreation): >+ * runtime/DatePrototype.cpp: >+ (JSC::DatePrototype::finishCreation): >+ * runtime/ErrorConstructor.cpp: >+ (JSC::ErrorConstructor::finishCreation): >+ * runtime/ErrorPrototype.cpp: >+ (JSC::ErrorPrototype::finishCreation): >+ * runtime/FunctionConstructor.cpp: >+ (JSC::FunctionConstructor::finishCreation): >+ * runtime/FunctionPrototype.cpp: >+ (JSC::FunctionPrototype::finishCreation): >+ * runtime/IntlCollatorPrototype.cpp: >+ (JSC::IntlCollatorPrototype::finishCreation): >+ * runtime/IntlDateTimeFormatPrototype.cpp: >+ (JSC::IntlDateTimeFormatPrototype::finishCreation): >+ * runtime/IntlNumberFormatPrototype.cpp: >+ (JSC::IntlNumberFormatPrototype::finishCreation): >+ * runtime/IntlPluralRulesPrototype.cpp: >+ (JSC::IntlPluralRulesPrototype::finishCreation): >+ * runtime/JSArrayBufferPrototype.cpp: >+ (JSC::JSArrayBufferPrototype::finishCreation): >+ * runtime/JSDataViewPrototype.cpp: >+ (JSC::JSDataViewPrototype::finishCreation): >+ * runtime/JSGenericTypedArrayViewPrototypeInlines.h: >+ (JSC::JSGenericTypedArrayViewPrototype<ViewClass>::finishCreation): >+ * runtime/JSGlobalObject.cpp: >+ (JSC::createConsoleProperty): >+ * runtime/JSPromisePrototype.cpp: >+ (JSC::JSPromisePrototype::finishCreation): >+ * runtime/JSTypedArrayViewConstructor.cpp: >+ (JSC::JSTypedArrayViewConstructor::finishCreation): >+ * runtime/JSTypedArrayViewPrototype.cpp: >+ (JSC::JSTypedArrayViewPrototype::finishCreation): >+ * runtime/NumberPrototype.cpp: >+ (JSC::NumberPrototype::finishCreation): >+ * runtime/RegExpPrototype.cpp: >+ (JSC::RegExpPrototype::finishCreation): >+ * runtime/StringPrototype.cpp: >+ (JSC::StringPrototype::finishCreation): >+ * runtime/Structure.cpp: >+ (JSC::Structure::isValidPrototype): >+ (JSC::Structure::changePrototypeTransition): >+ * runtime/Structure.h: >+ * runtime/SymbolPrototype.cpp: >+ (JSC::SymbolPrototype::finishCreation): >+ * wasm/js/WebAssemblyCompileErrorPrototype.cpp: >+ (JSC::WebAssemblyCompileErrorPrototype::finishCreation): >+ * wasm/js/WebAssemblyInstancePrototype.cpp: >+ (JSC::WebAssemblyInstancePrototype::finishCreation): >+ * wasm/js/WebAssemblyLinkErrorPrototype.cpp: >+ (JSC::WebAssemblyLinkErrorPrototype::finishCreation): >+ * wasm/js/WebAssemblyMemoryPrototype.cpp: >+ (JSC::WebAssemblyMemoryPrototype::finishCreation): >+ * wasm/js/WebAssemblyModulePrototype.cpp: >+ (JSC::WebAssemblyModulePrototype::finishCreation): >+ * wasm/js/WebAssemblyPrototype.cpp: >+ (JSC::WebAssemblyPrototype::finishCreation): >+ * wasm/js/WebAssemblyRuntimeErrorPrototype.cpp: >+ (JSC::WebAssemblyRuntimeErrorPrototype::finishCreation): >+ * wasm/js/WebAssemblyTablePrototype.cpp: >+ (JSC::WebAssemblyTablePrototype::finishCreation): >+ > > "It's a huge page load regression on iOS" (Requested by > saamyjoon on #webkit). >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index 80896f8e9f86f52bb683773c1f23577bb9458c6b..b8da0a47437205674a531616dac3ae7c12b92245 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,158 @@ >+2019-06-22 Robin Morisset <rmorisset@apple.com> and Yusuke Suzuki <ysuzuki@apple.com> >+ >+ All prototypes should call didBecomePrototype() >+ https://bugs.webkit.org/show_bug.cgi?id=196315 >+ >+ Reviewed by Saam Barati. >+ >+ Trying again, this time without forgetting JSDOMIteratorPrototype. >+ >+ It was found by existing tests, with the new assert in JSC::Structure >+ >+ * bindings/js/JSDOMIterator.h: >+ (WebCore::IteratorTraits>::finishCreation): >+ * bindings/js/JSDOMWindowProperties.h: >+ (WebCore::JSDOMWindowProperties::create): Deleted. >+ (WebCore::JSDOMWindowProperties::createStructure): Deleted. >+ (WebCore::JSDOMWindowProperties::JSDOMWindowProperties): Deleted. >+ * bindings/js/JSWindowProxy.cpp: >+ (WebCore::JSWindowProxy::setWindow): >+ * bindings/scripts/CodeGeneratorJS.pm: >+ (GeneratePrototypeDeclaration): >+ (GenerateConstructorHelperMethods): >+ * bindings/scripts/test/JS/JSInterfaceName.cpp: >+ (WebCore::JSInterfaceNamePrototype::JSInterfaceNamePrototype): >+ * bindings/scripts/test/JS/JSMapLike.cpp: >+ (WebCore::JSMapLikePrototype::JSMapLikePrototype): >+ * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp: >+ (WebCore::JSReadOnlyMapLikePrototype::JSReadOnlyMapLikePrototype): >+ * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp: >+ (WebCore::JSTestActiveDOMObjectPrototype::JSTestActiveDOMObjectPrototype): >+ * bindings/scripts/test/JS/JSTestCEReactions.cpp: >+ (WebCore::JSTestCEReactionsPrototype::JSTestCEReactionsPrototype): >+ * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp: >+ (WebCore::JSTestCEReactionsStringifierPrototype::JSTestCEReactionsStringifierPrototype): >+ * bindings/scripts/test/JS/JSTestCallTracer.cpp: >+ (WebCore::JSTestCallTracerPrototype::JSTestCallTracerPrototype): >+ * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp: >+ (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::JSTestClassWithJSBuiltinConstructorPrototype): >+ * bindings/scripts/test/JS/JSTestDOMJIT.cpp: >+ (WebCore::JSTestDOMJITPrototype::JSTestDOMJITPrototype): >+ (WebCore::JSTestDOMJITConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp: >+ (WebCore::JSTestEnabledBySettingPrototype::JSTestEnabledBySettingPrototype): >+ * bindings/scripts/test/JS/JSTestEventConstructor.cpp: >+ (WebCore::JSTestEventConstructorPrototype::JSTestEventConstructorPrototype): >+ (WebCore::JSTestEventConstructorConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestEventTarget.cpp: >+ (WebCore::JSTestEventTargetPrototype::JSTestEventTargetPrototype): >+ (WebCore::JSTestEventTargetConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestException.cpp: >+ (WebCore::JSTestExceptionPrototype::JSTestExceptionPrototype): >+ * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp: >+ (WebCore::JSTestGenerateIsReachablePrototype::JSTestGenerateIsReachablePrototype): >+ * bindings/scripts/test/JS/JSTestGlobalObject.h: >+ (WebCore::JSTestGlobalObjectPrototype::JSTestGlobalObjectPrototype): >+ * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp: >+ (WebCore::JSTestIndexedSetterNoIdentifierPrototype::JSTestIndexedSetterNoIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp: >+ (WebCore::JSTestIndexedSetterThrowingExceptionPrototype::JSTestIndexedSetterThrowingExceptionPrototype): >+ * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp: >+ (WebCore::JSTestIndexedSetterWithIdentifierPrototype::JSTestIndexedSetterWithIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestInterface.cpp: >+ (WebCore::JSTestInterfacePrototype::JSTestInterfacePrototype): >+ * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp: >+ (WebCore::JSTestInterfaceLeadingUnderscorePrototype::JSTestInterfaceLeadingUnderscorePrototype): >+ * bindings/scripts/test/JS/JSTestIterable.cpp: >+ (WebCore::JSTestIterablePrototype::JSTestIterablePrototype): >+ * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp: >+ (WebCore::JSTestJSBuiltinConstructorPrototype::JSTestJSBuiltinConstructorPrototype): >+ * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp: >+ (WebCore::JSTestMediaQueryListListenerPrototype::JSTestMediaQueryListListenerPrototype): >+ * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp: >+ (WebCore::JSTestNamedAndIndexedSetterNoIdentifierPrototype::JSTestNamedAndIndexedSetterNoIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp: >+ (WebCore::JSTestNamedAndIndexedSetterThrowingExceptionPrototype::JSTestNamedAndIndexedSetterThrowingExceptionPrototype): >+ * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp: >+ (WebCore::JSTestNamedAndIndexedSetterWithIdentifierPrototype::JSTestNamedAndIndexedSetterWithIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: >+ (WebCore::JSTestNamedConstructorPrototype::JSTestNamedConstructorPrototype): >+ * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp: >+ (WebCore::JSTestNamedDeleterNoIdentifierPrototype::JSTestNamedDeleterNoIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp: >+ (WebCore::JSTestNamedDeleterThrowingExceptionPrototype::JSTestNamedDeleterThrowingExceptionPrototype): >+ * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp: >+ (WebCore::JSTestNamedDeleterWithIdentifierPrototype::JSTestNamedDeleterWithIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp: >+ (WebCore::JSTestNamedDeleterWithIndexedGetterPrototype::JSTestNamedDeleterWithIndexedGetterPrototype): >+ * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp: >+ (WebCore::JSTestNamedGetterCallWithPrototype::JSTestNamedGetterCallWithPrototype): >+ * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp: >+ (WebCore::JSTestNamedGetterNoIdentifierPrototype::JSTestNamedGetterNoIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp: >+ (WebCore::JSTestNamedGetterWithIdentifierPrototype::JSTestNamedGetterWithIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp: >+ (WebCore::JSTestNamedSetterNoIdentifierPrototype::JSTestNamedSetterNoIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp: >+ (WebCore::JSTestNamedSetterThrowingExceptionPrototype::JSTestNamedSetterThrowingExceptionPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp: >+ (WebCore::JSTestNamedSetterWithIdentifierPrototype::JSTestNamedSetterWithIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp: >+ (WebCore::JSTestNamedSetterWithIndexedGetterPrototype::JSTestNamedSetterWithIndexedGetterPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp: >+ (WebCore::JSTestNamedSetterWithIndexedGetterAndSetterPrototype::JSTestNamedSetterWithIndexedGetterAndSetterPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp: >+ (WebCore::JSTestNamedSetterWithOverrideBuiltinsPrototype::JSTestNamedSetterWithOverrideBuiltinsPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp: >+ (WebCore::JSTestNamedSetterWithUnforgablePropertiesPrototype::JSTestNamedSetterWithUnforgablePropertiesPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp: >+ (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsPrototype::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsPrototype): >+ * bindings/scripts/test/JS/JSTestNode.cpp: >+ (WebCore::JSTestNodePrototype::JSTestNodePrototype): >+ (WebCore::JSTestNodeConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestObj.cpp: >+ (WebCore::JSTestObjPrototype::JSTestObjPrototype): >+ * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: >+ (WebCore::JSTestOverloadedConstructorsPrototype::JSTestOverloadedConstructorsPrototype): >+ * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp: >+ (WebCore::JSTestOverloadedConstructorsWithSequencePrototype::JSTestOverloadedConstructorsWithSequencePrototype): >+ * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp: >+ (WebCore::JSTestOverrideBuiltinsPrototype::JSTestOverrideBuiltinsPrototype): >+ * bindings/scripts/test/JS/JSTestPluginInterface.cpp: >+ (WebCore::JSTestPluginInterfacePrototype::JSTestPluginInterfacePrototype): >+ * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp: >+ (WebCore::JSTestPromiseRejectionEventPrototype::JSTestPromiseRejectionEventPrototype): >+ (WebCore::JSTestPromiseRejectionEventConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestSerialization.cpp: >+ (WebCore::JSTestSerializationPrototype::JSTestSerializationPrototype): >+ * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp: >+ (WebCore::JSTestSerializationIndirectInheritancePrototype::JSTestSerializationIndirectInheritancePrototype): >+ (WebCore::JSTestSerializationIndirectInheritanceConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestSerializationInherit.cpp: >+ (WebCore::JSTestSerializationInheritPrototype::JSTestSerializationInheritPrototype): >+ (WebCore::JSTestSerializationInheritConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp: >+ (WebCore::JSTestSerializationInheritFinalPrototype::JSTestSerializationInheritFinalPrototype): >+ (WebCore::JSTestSerializationInheritFinalConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: >+ (WebCore::JSTestSerializedScriptValueInterfacePrototype::JSTestSerializedScriptValueInterfacePrototype): >+ * bindings/scripts/test/JS/JSTestStringifier.cpp: >+ (WebCore::JSTestStringifierPrototype::JSTestStringifierPrototype): >+ * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp: >+ (WebCore::JSTestStringifierAnonymousOperationPrototype::JSTestStringifierAnonymousOperationPrototype): >+ * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp: >+ (WebCore::JSTestStringifierNamedOperationPrototype::JSTestStringifierNamedOperationPrototype): >+ * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp: >+ (WebCore::JSTestStringifierOperationImplementedAsPrototype::JSTestStringifierOperationImplementedAsPrototype): >+ * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp: >+ (WebCore::JSTestStringifierOperationNamedToStringPrototype::JSTestStringifierOperationNamedToStringPrototype): >+ * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp: >+ (WebCore::JSTestStringifierReadOnlyAttributePrototype::JSTestStringifierReadOnlyAttributePrototype): >+ * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp: >+ (WebCore::JSTestStringifierReadWriteAttributePrototype::JSTestStringifierReadWriteAttributePrototype): >+ * bindings/scripts/test/JS/JSTestTypedefs.cpp: >+ (WebCore::JSTestTypedefsPrototype::JSTestTypedefsPrototype): >+ > 2019-06-21 Sihui Liu <sihui_liu@apple.com> > > openDatabase should return an empty object when WebSQL is disabled >@@ -1186,6 +1341,155 @@ > > FIXMEs remain in several common files which will be addressed in > subsequent patches. >+2019-05-08 Robin Morisset <rmorisset@apple.com> >+ >+ All prototypes should call didBecomePrototype() >+ https://bugs.webkit.org/show_bug.cgi?id=196315 >+ >+ Reviewed by Saam Barati. >+ >+ This changelog already landed, but the commit was missing the actual changes. >+ >+ It was found by existing tests, with the new assert in JSC::Structure >+ >+ * bindings/js/JSWindowProxy.cpp: >+ (WebCore::JSWindowProxy::setWindow): >+ * bindings/scripts/CodeGeneratorJS.pm: >+ (GeneratePrototypeDeclaration): >+ (GenerateConstructorHelperMethods): >+ * bindings/scripts/test/JS/JSInterfaceName.cpp: >+ (WebCore::JSInterfaceNamePrototype::JSInterfaceNamePrototype): >+ * bindings/scripts/test/JS/JSMapLike.cpp: >+ (WebCore::JSMapLikePrototype::JSMapLikePrototype): >+ * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp: >+ (WebCore::JSReadOnlyMapLikePrototype::JSReadOnlyMapLikePrototype): >+ * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp: >+ (WebCore::JSTestActiveDOMObjectPrototype::JSTestActiveDOMObjectPrototype): >+ * bindings/scripts/test/JS/JSTestCEReactions.cpp: >+ (WebCore::JSTestCEReactionsPrototype::JSTestCEReactionsPrototype): >+ * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp: >+ (WebCore::JSTestCEReactionsStringifierPrototype::JSTestCEReactionsStringifierPrototype): >+ * bindings/scripts/test/JS/JSTestCallTracer.cpp: >+ (WebCore::JSTestCallTracerPrototype::JSTestCallTracerPrototype): >+ * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp: >+ (WebCore::JSTestClassWithJSBuiltinConstructorPrototype::JSTestClassWithJSBuiltinConstructorPrototype): >+ * bindings/scripts/test/JS/JSTestDOMJIT.cpp: >+ (WebCore::JSTestDOMJITPrototype::JSTestDOMJITPrototype): >+ (WebCore::JSTestDOMJITConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp: >+ (WebCore::JSTestEnabledBySettingPrototype::JSTestEnabledBySettingPrototype): >+ * bindings/scripts/test/JS/JSTestEventConstructor.cpp: >+ (WebCore::JSTestEventConstructorPrototype::JSTestEventConstructorPrototype): >+ (WebCore::JSTestEventConstructorConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestEventTarget.cpp: >+ (WebCore::JSTestEventTargetPrototype::JSTestEventTargetPrototype): >+ (WebCore::JSTestEventTargetConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestException.cpp: >+ (WebCore::JSTestExceptionPrototype::JSTestExceptionPrototype): >+ * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp: >+ (WebCore::JSTestGenerateIsReachablePrototype::JSTestGenerateIsReachablePrototype): >+ * bindings/scripts/test/JS/JSTestGlobalObject.h: >+ (WebCore::JSTestGlobalObjectPrototype::JSTestGlobalObjectPrototype): >+ * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp: >+ (WebCore::JSTestIndexedSetterNoIdentifierPrototype::JSTestIndexedSetterNoIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp: >+ (WebCore::JSTestIndexedSetterThrowingExceptionPrototype::JSTestIndexedSetterThrowingExceptionPrototype): >+ * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp: >+ (WebCore::JSTestIndexedSetterWithIdentifierPrototype::JSTestIndexedSetterWithIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestInterface.cpp: >+ (WebCore::JSTestInterfacePrototype::JSTestInterfacePrototype): >+ * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp: >+ (WebCore::JSTestInterfaceLeadingUnderscorePrototype::JSTestInterfaceLeadingUnderscorePrototype): >+ * bindings/scripts/test/JS/JSTestIterable.cpp: >+ (WebCore::JSTestIterablePrototype::JSTestIterablePrototype): >+ * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp: >+ (WebCore::JSTestJSBuiltinConstructorPrototype::JSTestJSBuiltinConstructorPrototype): >+ * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp: >+ (WebCore::JSTestMediaQueryListListenerPrototype::JSTestMediaQueryListListenerPrototype): >+ * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp: >+ (WebCore::JSTestNamedAndIndexedSetterNoIdentifierPrototype::JSTestNamedAndIndexedSetterNoIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp: >+ (WebCore::JSTestNamedAndIndexedSetterThrowingExceptionPrototype::JSTestNamedAndIndexedSetterThrowingExceptionPrototype): >+ * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp: >+ (WebCore::JSTestNamedAndIndexedSetterWithIdentifierPrototype::JSTestNamedAndIndexedSetterWithIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: >+ (WebCore::JSTestNamedConstructorPrototype::JSTestNamedConstructorPrototype): >+ * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp: >+ (WebCore::JSTestNamedDeleterNoIdentifierPrototype::JSTestNamedDeleterNoIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp: >+ (WebCore::JSTestNamedDeleterThrowingExceptionPrototype::JSTestNamedDeleterThrowingExceptionPrototype): >+ * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp: >+ (WebCore::JSTestNamedDeleterWithIdentifierPrototype::JSTestNamedDeleterWithIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp: >+ (WebCore::JSTestNamedDeleterWithIndexedGetterPrototype::JSTestNamedDeleterWithIndexedGetterPrototype): >+ * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp: >+ (WebCore::JSTestNamedGetterCallWithPrototype::JSTestNamedGetterCallWithPrototype): >+ * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp: >+ (WebCore::JSTestNamedGetterNoIdentifierPrototype::JSTestNamedGetterNoIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp: >+ (WebCore::JSTestNamedGetterWithIdentifierPrototype::JSTestNamedGetterWithIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp: >+ (WebCore::JSTestNamedSetterNoIdentifierPrototype::JSTestNamedSetterNoIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp: >+ (WebCore::JSTestNamedSetterThrowingExceptionPrototype::JSTestNamedSetterThrowingExceptionPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp: >+ (WebCore::JSTestNamedSetterWithIdentifierPrototype::JSTestNamedSetterWithIdentifierPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp: >+ (WebCore::JSTestNamedSetterWithIndexedGetterPrototype::JSTestNamedSetterWithIndexedGetterPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp: >+ (WebCore::JSTestNamedSetterWithIndexedGetterAndSetterPrototype::JSTestNamedSetterWithIndexedGetterAndSetterPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp: >+ (WebCore::JSTestNamedSetterWithOverrideBuiltinsPrototype::JSTestNamedSetterWithOverrideBuiltinsPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp: >+ (WebCore::JSTestNamedSetterWithUnforgablePropertiesPrototype::JSTestNamedSetterWithUnforgablePropertiesPrototype): >+ * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp: >+ (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsPrototype::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsPrototype): >+ * bindings/scripts/test/JS/JSTestNode.cpp: >+ (WebCore::JSTestNodePrototype::JSTestNodePrototype): >+ (WebCore::JSTestNodeConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestObj.cpp: >+ (WebCore::JSTestObjPrototype::JSTestObjPrototype): >+ * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: >+ (WebCore::JSTestOverloadedConstructorsPrototype::JSTestOverloadedConstructorsPrototype): >+ * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp: >+ (WebCore::JSTestOverloadedConstructorsWithSequencePrototype::JSTestOverloadedConstructorsWithSequencePrototype): >+ * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp: >+ (WebCore::JSTestOverrideBuiltinsPrototype::JSTestOverrideBuiltinsPrototype): >+ * bindings/scripts/test/JS/JSTestPluginInterface.cpp: >+ (WebCore::JSTestPluginInterfacePrototype::JSTestPluginInterfacePrototype): >+ * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp: >+ (WebCore::JSTestPromiseRejectionEventPrototype::JSTestPromiseRejectionEventPrototype): >+ (WebCore::JSTestPromiseRejectionEventConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestSerialization.cpp: >+ (WebCore::JSTestSerializationPrototype::JSTestSerializationPrototype): >+ * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp: >+ (WebCore::JSTestSerializationIndirectInheritancePrototype::JSTestSerializationIndirectInheritancePrototype): >+ (WebCore::JSTestSerializationIndirectInheritanceConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestSerializationInherit.cpp: >+ (WebCore::JSTestSerializationInheritPrototype::JSTestSerializationInheritPrototype): >+ (WebCore::JSTestSerializationInheritConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp: >+ (WebCore::JSTestSerializationInheritFinalPrototype::JSTestSerializationInheritFinalPrototype): >+ (WebCore::JSTestSerializationInheritFinalConstructor::prototypeForStructure): >+ * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: >+ (WebCore::JSTestSerializedScriptValueInterfacePrototype::JSTestSerializedScriptValueInterfacePrototype): >+ * bindings/scripts/test/JS/JSTestStringifier.cpp: >+ (WebCore::JSTestStringifierPrototype::JSTestStringifierPrototype): >+ * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp: >+ (WebCore::JSTestStringifierAnonymousOperationPrototype::JSTestStringifierAnonymousOperationPrototype): >+ * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp: >+ (WebCore::JSTestStringifierNamedOperationPrototype::JSTestStringifierNamedOperationPrototype): >+ * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp: >+ (WebCore::JSTestStringifierOperationImplementedAsPrototype::JSTestStringifierOperationImplementedAsPrototype): >+ * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp: >+ (WebCore::JSTestStringifierOperationNamedToStringPrototype::JSTestStringifierOperationNamedToStringPrototype): >+ * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp: >+ (WebCore::JSTestStringifierReadOnlyAttributePrototype::JSTestStringifierReadOnlyAttributePrototype): >+ * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp: >+ (WebCore::JSTestStringifierReadWriteAttributePrototype::JSTestStringifierReadWriteAttributePrototype): >+ * bindings/scripts/test/JS/JSTestTypedefs.cpp: >+ (WebCore::JSTestTypedefsPrototype::JSTestTypedefsPrototype): >+ > > This work will be tested with the preexisting WebGL conformance > suite. >diff --git a/Source/JavaScriptCore/runtime/BigIntPrototype.cpp b/Source/JavaScriptCore/runtime/BigIntPrototype.cpp >index 215c09504d8c17458582a5cf76f1b966a691429a..fc5d477375acee71829664d523fcaf2967cf44b2 100644 >--- a/Source/JavaScriptCore/runtime/BigIntPrototype.cpp >+++ b/Source/JavaScriptCore/runtime/BigIntPrototype.cpp >@@ -73,6 +73,7 @@ void BigIntPrototype::finishCreation(VM& vm, JSGlobalObject*) > Base::finishCreation(vm); > ASSERT(inherits(vm, info())); > putDirectWithoutTransition(vm, vm.propertyNames->toStringTagSymbol, jsString(&vm, "BigInt"), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > } > > // ------------------------------ Functions --------------------------- >diff --git a/Source/JavaScriptCore/runtime/BooleanPrototype.cpp b/Source/JavaScriptCore/runtime/BooleanPrototype.cpp >index 06f9fd30ad5278980a5312847d36af056c1279c6..f02fa9e780cba055444c9f5b6f6bc458aec93c1f 100644 >--- a/Source/JavaScriptCore/runtime/BooleanPrototype.cpp >+++ b/Source/JavaScriptCore/runtime/BooleanPrototype.cpp >@@ -59,6 +59,7 @@ void BooleanPrototype::finishCreation(VM& vm, JSGlobalObject*) > { > Base::finishCreation(vm); > setInternalValue(vm, jsBoolean(false)); >+ didBecomePrototype(); > > ASSERT(inherits(vm, info())); > } >diff --git a/Source/JavaScriptCore/runtime/DatePrototype.cpp b/Source/JavaScriptCore/runtime/DatePrototype.cpp >index fbd09756de27b12bdc9f32918b767b4fa8cea54f..0fe696d9e58301a2824799be82be4421328873fe 100644 >--- a/Source/JavaScriptCore/runtime/DatePrototype.cpp >+++ b/Source/JavaScriptCore/runtime/DatePrototype.cpp >@@ -515,6 +515,7 @@ void DatePrototype::finishCreation(VM& vm, JSGlobalObject* globalObject) > > JSFunction* toPrimitiveFunction = JSFunction::create(vm, globalObject, 1, "[Symbol.toPrimitive]"_s, dateProtoFuncToPrimitiveSymbol, NoIntrinsic); > putDirectWithoutTransition(vm, vm.propertyNames->toPrimitiveSymbol, toPrimitiveFunction, PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > > // The constructor will be added later, after DateConstructor has been built. > } >diff --git a/Source/JavaScriptCore/runtime/ErrorConstructor.cpp b/Source/JavaScriptCore/runtime/ErrorConstructor.cpp >index da69116b4646657c887cb5d289c542e8782f0bee..c8f621b2d578a65f4eadc7aec19f18c959e88a44 100644 >--- a/Source/JavaScriptCore/runtime/ErrorConstructor.cpp >+++ b/Source/JavaScriptCore/runtime/ErrorConstructor.cpp >@@ -48,6 +48,7 @@ void ErrorConstructor::finishCreation(VM& vm, ErrorPrototype* errorPrototype) > putDirectWithoutTransition(vm, vm.propertyNames->prototype, errorPrototype, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly); > putDirectWithoutTransition(vm, vm.propertyNames->length, jsNumber(1), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); > putDirectWithoutTransition(vm, vm.propertyNames->stackTraceLimit, jsNumber(globalObject(vm)->stackTraceLimit().valueOr(Options::defaultErrorStackTraceLimit())), static_cast<unsigned>(PropertyAttribute::None)); >+ didBecomePrototype(); > } > > // ECMA 15.9.3 >diff --git a/Source/JavaScriptCore/runtime/ErrorPrototype.cpp b/Source/JavaScriptCore/runtime/ErrorPrototype.cpp >index 713c738e07b401597b42ee8a7b709e2954314382..a19f8668d20d4c06ed9c5d576a444fc6031f39b6 100644 >--- a/Source/JavaScriptCore/runtime/ErrorPrototype.cpp >+++ b/Source/JavaScriptCore/runtime/ErrorPrototype.cpp >@@ -66,6 +66,7 @@ void ErrorPrototype::finishCreation(VM& vm, const String& name) > ASSERT(inherits(vm, info())); > putDirectWithoutTransition(vm, vm.propertyNames->name, jsString(&vm, name), static_cast<unsigned>(PropertyAttribute::DontEnum)); > putDirectWithoutTransition(vm, vm.propertyNames->message, jsEmptyString(&vm), static_cast<unsigned>(PropertyAttribute::DontEnum)); >+ didBecomePrototype(); > } > > // ------------------------------ Functions --------------------------- >diff --git a/Source/JavaScriptCore/runtime/FunctionConstructor.cpp b/Source/JavaScriptCore/runtime/FunctionConstructor.cpp >index a2c0ad9c393375859f420452e77f8cea6abc73fa..c2eb11c46b8077bcb09d469b6442e2e138b4b6cb 100644 >--- a/Source/JavaScriptCore/runtime/FunctionConstructor.cpp >+++ b/Source/JavaScriptCore/runtime/FunctionConstructor.cpp >@@ -61,6 +61,7 @@ void FunctionConstructor::finishCreation(VM& vm, FunctionPrototype* functionProt > Base::finishCreation(vm, vm.propertyNames->Function.string(), NameVisibility::Visible, NameAdditionMode::WithoutStructureTransition); > putDirectWithoutTransition(vm, vm.propertyNames->prototype, functionPrototype, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly); > putDirectWithoutTransition(vm, vm.propertyNames->length, jsNumber(1), PropertyAttribute::ReadOnly | PropertyAttribute::DontEnum); >+ didBecomePrototype(); > } > > // ECMA 15.3.2 The Function Constructor >diff --git a/Source/JavaScriptCore/runtime/FunctionPrototype.cpp b/Source/JavaScriptCore/runtime/FunctionPrototype.cpp >index 2cec7d677171c2e16f215783eed5bc927437fba1..8a0d5c4af232f305c97f880d11288ceb77a4e302 100644 >--- a/Source/JavaScriptCore/runtime/FunctionPrototype.cpp >+++ b/Source/JavaScriptCore/runtime/FunctionPrototype.cpp >@@ -54,6 +54,7 @@ void FunctionPrototype::finishCreation(VM& vm, const String& name) > { > Base::finishCreation(vm, name, NameVisibility::Visible, NameAdditionMode::WithoutStructureTransition); > putDirectWithoutTransition(vm, vm.propertyNames->length, jsNumber(0), PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly | PropertyAttribute::DontEnum); >+ didBecomePrototype(); > } > > void FunctionPrototype::addFunctionProperties(VM& vm, JSGlobalObject* globalObject, JSFunction** callFunction, JSFunction** applyFunction, JSFunction** hasInstanceSymbolFunction) >diff --git a/Source/JavaScriptCore/runtime/IntlCollatorPrototype.cpp b/Source/JavaScriptCore/runtime/IntlCollatorPrototype.cpp >index 35269d0b514748ca939742ecfc0188e869e887b3..c9192db69ef13e7915e2e8ee2caf50cfa8374955 100644 >--- a/Source/JavaScriptCore/runtime/IntlCollatorPrototype.cpp >+++ b/Source/JavaScriptCore/runtime/IntlCollatorPrototype.cpp >@@ -76,6 +76,7 @@ void IntlCollatorPrototype::finishCreation(VM& vm) > Base::finishCreation(vm); > > putDirectWithoutTransition(vm, vm.propertyNames->toStringTagSymbol, jsString(&vm, "Object"), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > } > > static EncodedJSValue JSC_HOST_CALL IntlCollatorFuncCompare(ExecState* state) >diff --git a/Source/JavaScriptCore/runtime/IntlDateTimeFormatPrototype.cpp b/Source/JavaScriptCore/runtime/IntlDateTimeFormatPrototype.cpp >index 1e4d7604c5dfa77e76ce3bb2aa2332a9d08f6c4e..760f5b62f2ecb2e39c0764c15da4fd13baf26542 100644 >--- a/Source/JavaScriptCore/runtime/IntlDateTimeFormatPrototype.cpp >+++ b/Source/JavaScriptCore/runtime/IntlDateTimeFormatPrototype.cpp >@@ -90,6 +90,7 @@ void IntlDateTimeFormatPrototype::finishCreation(VM& vm, JSGlobalObject* globalO > #endif > > putDirectWithoutTransition(vm, vm.propertyNames->toStringTagSymbol, jsString(&vm, "Object"), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > } > > static EncodedJSValue JSC_HOST_CALL IntlDateTimeFormatFuncFormatDateTime(ExecState* state) >diff --git a/Source/JavaScriptCore/runtime/IntlNumberFormatPrototype.cpp b/Source/JavaScriptCore/runtime/IntlNumberFormatPrototype.cpp >index 679fe68cc7f3f9d6167a42ce5dc6287a61798132..039807258c7d5b786ed22cc67c69fe8e49ddc747 100644 >--- a/Source/JavaScriptCore/runtime/IntlNumberFormatPrototype.cpp >+++ b/Source/JavaScriptCore/runtime/IntlNumberFormatPrototype.cpp >@@ -88,6 +88,7 @@ void IntlNumberFormatPrototype::finishCreation(VM& vm, JSGlobalObject* globalObj > #endif > > putDirectWithoutTransition(vm, vm.propertyNames->toStringTagSymbol, jsString(&vm, "Object"), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > } > > static EncodedJSValue JSC_HOST_CALL IntlNumberFormatFuncFormatNumber(ExecState* state) >diff --git a/Source/JavaScriptCore/runtime/IntlPluralRulesPrototype.cpp b/Source/JavaScriptCore/runtime/IntlPluralRulesPrototype.cpp >index 92a4367ef318462c0ae00a0496d29ed522faa14e..39cdd4cc22e60755958888ec125a7639f284d58c 100644 >--- a/Source/JavaScriptCore/runtime/IntlPluralRulesPrototype.cpp >+++ b/Source/JavaScriptCore/runtime/IntlPluralRulesPrototype.cpp >@@ -75,6 +75,7 @@ void IntlPluralRulesPrototype::finishCreation(VM& vm, Structure*) > Base::finishCreation(vm); > > putDirectWithoutTransition(vm, vm.propertyNames->toStringTagSymbol, jsString(&vm, "Object"), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > } > > EncodedJSValue JSC_HOST_CALL IntlPluralRulesPrototypeFuncSelect(ExecState* state) >diff --git a/Source/JavaScriptCore/runtime/JSArrayBufferPrototype.cpp b/Source/JavaScriptCore/runtime/JSArrayBufferPrototype.cpp >index bd13325833ed9901811a2d3a6f43bdc18afae51f..02147fe514dffcd91db38942c1c4139cadf0b761 100644 >--- a/Source/JavaScriptCore/runtime/JSArrayBufferPrototype.cpp >+++ b/Source/JavaScriptCore/runtime/JSArrayBufferPrototype.cpp >@@ -121,6 +121,7 @@ void JSArrayBufferPrototype::finishCreation(VM& vm, JSGlobalObject* globalObject > JSC_NATIVE_GETTER_WITHOUT_TRANSITION(vm.propertyNames->byteLength, arrayBufferProtoGetterFuncByteLength, PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); > else > JSC_NATIVE_GETTER_WITHOUT_TRANSITION(vm.propertyNames->byteLength, sharedArrayBufferProtoGetterFuncByteLength, PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > } > > JSArrayBufferPrototype* JSArrayBufferPrototype::create(VM& vm, JSGlobalObject* globalObject, Structure* structure, ArrayBufferSharingMode sharingMode) >diff --git a/Source/JavaScriptCore/runtime/JSDataViewPrototype.cpp b/Source/JavaScriptCore/runtime/JSDataViewPrototype.cpp >index df2f6764e103f0c2094b6d0a36e9e5f171caacde..53a83cad05421229b5b871b9140b301d182c14ea 100644 >--- a/Source/JavaScriptCore/runtime/JSDataViewPrototype.cpp >+++ b/Source/JavaScriptCore/runtime/JSDataViewPrototype.cpp >@@ -110,6 +110,7 @@ void JSDataViewPrototype::finishCreation(JSC::VM& vm) > { > Base::finishCreation(vm); > putDirectWithoutTransition(vm, vm.propertyNames->toStringTagSymbol, jsString(&vm, "DataView"), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > } > > Structure* JSDataViewPrototype::createStructure( >diff --git a/Source/JavaScriptCore/runtime/JSGenericTypedArrayViewPrototypeInlines.h b/Source/JavaScriptCore/runtime/JSGenericTypedArrayViewPrototypeInlines.h >index 76aaaabc0ce2afd998e5a0e6d6fa61c87372bcc7..2d20fb4ee51d11470ccad45504270e770534b462 100644 >--- a/Source/JavaScriptCore/runtime/JSGenericTypedArrayViewPrototypeInlines.h >+++ b/Source/JavaScriptCore/runtime/JSGenericTypedArrayViewPrototypeInlines.h >@@ -45,6 +45,7 @@ void JSGenericTypedArrayViewPrototype<ViewClass>::finishCreation( > > putDirect(vm, vm.propertyNames->BYTES_PER_ELEMENT, jsNumber(ViewClass::elementSize), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly | PropertyAttribute::DontDelete); > >+ didBecomePrototype(); > } > > template<typename ViewClass> >diff --git a/Source/JavaScriptCore/runtime/JSGlobalObject.cpp b/Source/JavaScriptCore/runtime/JSGlobalObject.cpp >index 3c04536449105f07665aa7728ff0a211654a0540..fde44db6cecb416c7c5ad832f6e93e92d2096d5d 100644 >--- a/Source/JavaScriptCore/runtime/JSGlobalObject.cpp >+++ b/Source/JavaScriptCore/runtime/JSGlobalObject.cpp >@@ -236,7 +236,9 @@ static JSValue createReflectProperty(VM& vm, JSObject* object) > static JSValue createConsoleProperty(VM& vm, JSObject* object) > { > JSGlobalObject* global = jsCast<JSGlobalObject*>(object); >- return ConsoleObject::create(vm, global, ConsoleObject::createStructure(vm, global, constructEmptyObject(global->globalExec()))); >+ JSObject* prototype = constructEmptyObject(global->globalExec()); >+ prototype->didBecomePrototype(); >+ return ConsoleObject::create(vm, global, ConsoleObject::createStructure(vm, global, prototype)); > } > > static EncodedJSValue JSC_HOST_CALL makeBoundFunction(ExecState* exec) >diff --git a/Source/JavaScriptCore/runtime/JSPromisePrototype.cpp b/Source/JavaScriptCore/runtime/JSPromisePrototype.cpp >index 3a2d5696608b436d2da6e76cce2b086d486572cf..ddca7c79d843fdccf264fc1aa830f470b5929934 100644 >--- a/Source/JavaScriptCore/runtime/JSPromisePrototype.cpp >+++ b/Source/JavaScriptCore/runtime/JSPromisePrototype.cpp >@@ -77,6 +77,7 @@ void JSPromisePrototype::finishCreation(VM& vm, Structure*) > { > Base::finishCreation(vm); > putDirectWithoutTransition(vm, vm.propertyNames->toStringTagSymbol, jsString(&vm, "Promise"), PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ didBecomePrototype(); > } > > void JSPromisePrototype::addOwnInternalSlots(VM& vm, JSGlobalObject* globalObject) >diff --git a/Source/JavaScriptCore/runtime/JSTypedArrayViewConstructor.cpp b/Source/JavaScriptCore/runtime/JSTypedArrayViewConstructor.cpp >index dd1124599a120ccf7a29eddba368f6547f3de500..fe647b618faa4e754c95edbe63e330ff905a0fa4 100644 >--- a/Source/JavaScriptCore/runtime/JSTypedArrayViewConstructor.cpp >+++ b/Source/JavaScriptCore/runtime/JSTypedArrayViewConstructor.cpp >@@ -55,6 +55,8 @@ void JSTypedArrayViewConstructor::finishCreation(VM& vm, JSGlobalObject* globalO > > JSC_BUILTIN_FUNCTION_WITHOUT_TRANSITION(vm.propertyNames->of, typedArrayConstructorOfCodeGenerator, static_cast<unsigned>(PropertyAttribute::DontEnum)); > JSC_BUILTIN_FUNCTION_WITHOUT_TRANSITION(vm.propertyNames->from, typedArrayConstructorFromCodeGenerator, static_cast<unsigned>(PropertyAttribute::DontEnum)); >+ >+ didBecomePrototype(); > } > > Structure* JSTypedArrayViewConstructor::createStructure( >diff --git a/Source/JavaScriptCore/runtime/JSTypedArrayViewPrototype.cpp b/Source/JavaScriptCore/runtime/JSTypedArrayViewPrototype.cpp >index ac16dc937c307c12df6861cd9c70b292b1d41f83..a6ae196b7e7834733295dd7a7ec9be32ac95e204 100644 >--- a/Source/JavaScriptCore/runtime/JSTypedArrayViewPrototype.cpp >+++ b/Source/JavaScriptCore/runtime/JSTypedArrayViewPrototype.cpp >@@ -334,6 +334,7 @@ void JSTypedArrayViewPrototype::finishCreation(VM& vm, JSGlobalObject* globalObj > putDirectWithoutTransition(vm, vm.propertyNames->builtinNames().valuesPublicName(), valuesFunction, static_cast<unsigned>(PropertyAttribute::DontEnum)); > putDirectWithoutTransition(vm, vm.propertyNames->iteratorSymbol, valuesFunction, static_cast<unsigned>(PropertyAttribute::DontEnum)); > >+ didBecomePrototype(); > } > > JSTypedArrayViewPrototype* JSTypedArrayViewPrototype::create( >diff --git a/Source/JavaScriptCore/runtime/NumberPrototype.cpp b/Source/JavaScriptCore/runtime/NumberPrototype.cpp >index f69e68b8ef5d1b4ca133d567ebefc9967a1ef0e5..70b337b76cf96a6ea53c08d026fe3e22a936c504 100644 >--- a/Source/JavaScriptCore/runtime/NumberPrototype.cpp >+++ b/Source/JavaScriptCore/runtime/NumberPrototype.cpp >@@ -82,6 +82,7 @@ void NumberPrototype::finishCreation(VM& vm, JSGlobalObject* globalObject) > > JSC_NATIVE_INTRINSIC_FUNCTION_WITHOUT_TRANSITION(vm.propertyNames->toString, numberProtoFuncToString, static_cast<unsigned>(PropertyAttribute::DontEnum), 1, NumberPrototypeToStringIntrinsic); > ASSERT(inherits(vm, info())); >+ didBecomePrototype(); > } > > // ------------------------------ Functions --------------------------- >diff --git a/Source/JavaScriptCore/runtime/RegExpPrototype.cpp b/Source/JavaScriptCore/runtime/RegExpPrototype.cpp >index ed8049b646ac1ec4969b2533881b97df4b60ac63..b843bc03f7a26cc7ee174cfc98184b1726f3963f 100644 >--- a/Source/JavaScriptCore/runtime/RegExpPrototype.cpp >+++ b/Source/JavaScriptCore/runtime/RegExpPrototype.cpp >@@ -82,6 +82,8 @@ void RegExpPrototype::finishCreation(VM& vm, JSGlobalObject* globalObject) > JSC_BUILTIN_FUNCTION_WITHOUT_TRANSITION(vm.propertyNames->searchSymbol, regExpPrototypeSearchCodeGenerator, static_cast<unsigned>(PropertyAttribute::DontEnum)); > JSC_BUILTIN_FUNCTION_WITHOUT_TRANSITION(vm.propertyNames->splitSymbol, regExpPrototypeSplitCodeGenerator, static_cast<unsigned>(PropertyAttribute::DontEnum)); > JSC_BUILTIN_FUNCTION_WITHOUT_TRANSITION(vm.propertyNames->test, regExpPrototypeTestCodeGenerator, static_cast<unsigned>(PropertyAttribute::DontEnum)); >+ >+ didBecomePrototype(); > } > > // ------------------------------ Functions --------------------------- >diff --git a/Source/JavaScriptCore/runtime/StringPrototype.cpp b/Source/JavaScriptCore/runtime/StringPrototype.cpp >index 89238834956a445211ca2313e80a6a0b52d4c76d..8d84a45b10903bfa312b7bee2f8a2828dba341ee 100644 >--- a/Source/JavaScriptCore/runtime/StringPrototype.cpp >+++ b/Source/JavaScriptCore/runtime/StringPrototype.cpp >@@ -173,6 +173,8 @@ void StringPrototype::finishCreation(VM& vm, JSGlobalObject* globalObject, JSStr > > // The constructor will be added later, after StringConstructor has been built > putDirectWithoutTransition(vm, vm.propertyNames->length, jsNumber(0), PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly | PropertyAttribute::DontEnum); >+ >+ didBecomePrototype(); > } > > StringPrototype* StringPrototype::create(VM& vm, JSGlobalObject* globalObject, Structure* structure) >diff --git a/Source/JavaScriptCore/runtime/Structure.cpp b/Source/JavaScriptCore/runtime/Structure.cpp >index ff38bb987bf3b645136f428e9cae33f1b5729f4c..293c46472e748941ca9cc2adac16a3d2dc5deeec 100644 >--- a/Source/JavaScriptCore/runtime/Structure.cpp >+++ b/Source/JavaScriptCore/runtime/Structure.cpp >@@ -321,6 +321,11 @@ Structure* Structure::create(PolyProtoTag, VM& vm, JSGlobalObject* globalObject, > return result; > } > >+bool Structure::isValidPrototype(JSValue prototype) >+{ >+ return prototype.isNull() || (prototype.isObject() && prototype.getObject()->mayBePrototype()); >+} >+ > void Structure::findStructuresAndMapForMaterialization(Vector<Structure*, 8>& structures, Structure*& structure, PropertyTable*& table) > { > ASSERT(structures.isEmpty()); >@@ -544,7 +549,7 @@ Structure* Structure::removePropertyTransition(VM& vm, Structure* structure, Pro > > Structure* Structure::changePrototypeTransition(VM& vm, Structure* structure, JSValue prototype, DeferredStructureTransitionWatchpointFire& deferred) > { >- ASSERT(prototype.isObject() || prototype.isNull()); >+ ASSERT(isValidPrototype(prototype)); > > DeferGC deferGC(vm.heap); > Structure* transition = create(vm, structure, &deferred); >diff --git a/Source/JavaScriptCore/runtime/Structure.h b/Source/JavaScriptCore/runtime/Structure.h >index 4b0d031d44038dcb2e90bb760c51c41d4a7f1088..dd45a8594002b44c531f65e23e91d6a5554bd8a0 100644 >--- a/Source/JavaScriptCore/runtime/Structure.h >+++ b/Source/JavaScriptCore/runtime/Structure.h >@@ -142,7 +142,7 @@ class Structure final : public JSCell { > void finishCreation(VM& vm) > { > Base::finishCreation(vm); >- ASSERT(m_prototype.get().isEmpty() || m_prototype.isObject() || m_prototype.isNull()); >+ ASSERT(m_prototype.get().isEmpty() || isValidPrototype(m_prototype.get())); > } > > void finishCreation(VM& vm, const Structure* previous) >@@ -680,6 +680,8 @@ class Structure final : public JSCell { > > void checkConsistency(); > >+ JS_EXPORT_PRIVATE static bool isValidPrototype(JSValue); >+ > // This may grab the lock, or not. Do not call when holding the Structure's lock. > PropertyTable* ensurePropertyTableIfNotEmpty(VM& vm) > { >diff --git a/Source/JavaScriptCore/runtime/StructureInlines.h b/Source/JavaScriptCore/runtime/StructureInlines.h >index 4a30f37dd75a63150375b891f9de8210d4433f0c..fd4f8605db99978e554ca870b9c31a0b0cf49b00 100644 >--- a/Source/JavaScriptCore/runtime/StructureInlines.h >+++ b/Source/JavaScriptCore/runtime/StructureInlines.h >@@ -493,6 +493,7 @@ inline PropertyOffset Structure::removePropertyWithoutTransition(VM&, PropertyNa > > ALWAYS_INLINE void Structure::setPrototypeWithoutTransition(VM& vm, JSValue prototype) > { >+ ASSERT(isValidPrototype(prototype)); > m_prototype.set(vm, this, prototype); > } > >diff --git a/Source/JavaScriptCore/runtime/SymbolPrototype.cpp b/Source/JavaScriptCore/runtime/SymbolPrototype.cpp >index cb9994595b4c971ddf42b84bc1aba1e4a18f960e..644a08a6e3894ba12e58aef7c77e3ab2f1cbc38f 100644 >--- a/Source/JavaScriptCore/runtime/SymbolPrototype.cpp >+++ b/Source/JavaScriptCore/runtime/SymbolPrototype.cpp >@@ -67,6 +67,8 @@ void SymbolPrototype::finishCreation(VM& vm, JSGlobalObject* globalObject) > > JSFunction* toPrimitiveFunction = JSFunction::create(vm, globalObject, 1, "[Symbol.toPrimitive]"_s, symbolProtoFuncValueOf, NoIntrinsic); > putDirectWithoutTransition(vm, vm.propertyNames->toPrimitiveSymbol, toPrimitiveFunction, PropertyAttribute::DontEnum | PropertyAttribute::ReadOnly); >+ >+ didBecomePrototype(); > } > > // ------------------------------ Functions --------------------------- >diff --git a/Source/JavaScriptCore/wasm/js/WebAssemblyCompileErrorPrototype.cpp b/Source/JavaScriptCore/wasm/js/WebAssemblyCompileErrorPrototype.cpp >index 9289202b961c5685f4ffa72c6e834fd59dbf3a80..ebdfc0726007665c3ffe79237e173231a74bf5d3 100644 >--- a/Source/JavaScriptCore/wasm/js/WebAssemblyCompileErrorPrototype.cpp >+++ b/Source/JavaScriptCore/wasm/js/WebAssemblyCompileErrorPrototype.cpp >@@ -57,6 +57,7 @@ Structure* WebAssemblyCompileErrorPrototype::createStructure(VM& vm, JSGlobalObj > void WebAssemblyCompileErrorPrototype::finishCreation(VM& vm) > { > Base::finishCreation(vm); >+ didBecomePrototype(); > } > > WebAssemblyCompileErrorPrototype::WebAssemblyCompileErrorPrototype(VM& vm, Structure* structure) >diff --git a/Source/JavaScriptCore/wasm/js/WebAssemblyInstancePrototype.cpp b/Source/JavaScriptCore/wasm/js/WebAssemblyInstancePrototype.cpp >index 10c2fec5c34e1e0d02769b497341d68f9bc78a41..991288cd38dafcc93f94b61de2fb8347357f9d44 100644 >--- a/Source/JavaScriptCore/wasm/js/WebAssemblyInstancePrototype.cpp >+++ b/Source/JavaScriptCore/wasm/js/WebAssemblyInstancePrototype.cpp >@@ -86,6 +86,7 @@ Structure* WebAssemblyInstancePrototype::createStructure(VM& vm, JSGlobalObject* > void WebAssemblyInstancePrototype::finishCreation(VM& vm) > { > Base::finishCreation(vm); >+ didBecomePrototype(); > } > > WebAssemblyInstancePrototype::WebAssemblyInstancePrototype(VM& vm, Structure* structure) >diff --git a/Source/JavaScriptCore/wasm/js/WebAssemblyLinkErrorPrototype.cpp b/Source/JavaScriptCore/wasm/js/WebAssemblyLinkErrorPrototype.cpp >index a205a58227d167016380540bc3af0c9a9f1a04c1..d35b78fb25115004b3ab7e1f99a6d938800f0557 100644 >--- a/Source/JavaScriptCore/wasm/js/WebAssemblyLinkErrorPrototype.cpp >+++ b/Source/JavaScriptCore/wasm/js/WebAssemblyLinkErrorPrototype.cpp >@@ -57,6 +57,7 @@ Structure* WebAssemblyLinkErrorPrototype::createStructure(VM& vm, JSGlobalObject > void WebAssemblyLinkErrorPrototype::finishCreation(VM& vm) > { > Base::finishCreation(vm); >+ didBecomePrototype(); > } > > WebAssemblyLinkErrorPrototype::WebAssemblyLinkErrorPrototype(VM& vm, Structure* structure) >diff --git a/Source/JavaScriptCore/wasm/js/WebAssemblyMemoryPrototype.cpp b/Source/JavaScriptCore/wasm/js/WebAssemblyMemoryPrototype.cpp >index 082b08d7c333aa038e3d6729cc53972f0e06038d..cbf6403f0a80bb6a29969af6154cd060c789d9ce 100644 >--- a/Source/JavaScriptCore/wasm/js/WebAssemblyMemoryPrototype.cpp >+++ b/Source/JavaScriptCore/wasm/js/WebAssemblyMemoryPrototype.cpp >@@ -109,6 +109,7 @@ void WebAssemblyMemoryPrototype::finishCreation(VM& vm) > { > Base::finishCreation(vm); > ASSERT(inherits(vm, info())); >+ didBecomePrototype(); > } > > WebAssemblyMemoryPrototype::WebAssemblyMemoryPrototype(VM& vm, Structure* structure) >diff --git a/Source/JavaScriptCore/wasm/js/WebAssemblyModulePrototype.cpp b/Source/JavaScriptCore/wasm/js/WebAssemblyModulePrototype.cpp >index 94d615856749b34b079d353bd8a221ab93eb75ef..68a6b8ab41ba894abbe438d35cf1ed57215a213d 100644 >--- a/Source/JavaScriptCore/wasm/js/WebAssemblyModulePrototype.cpp >+++ b/Source/JavaScriptCore/wasm/js/WebAssemblyModulePrototype.cpp >@@ -56,6 +56,7 @@ Structure* WebAssemblyModulePrototype::createStructure(VM& vm, JSGlobalObject* g > void WebAssemblyModulePrototype::finishCreation(VM& vm) > { > Base::finishCreation(vm); >+ didBecomePrototype(); > } > > WebAssemblyModulePrototype::WebAssemblyModulePrototype(VM& vm, Structure* structure) >diff --git a/Source/JavaScriptCore/wasm/js/WebAssemblyPrototype.cpp b/Source/JavaScriptCore/wasm/js/WebAssemblyPrototype.cpp >index 20c34b2aae85c8d63e3eab047989329d304f1c3a..838e7bcd9ee09dd4a68be61bdd8e279a03ce1ea3 100644 >--- a/Source/JavaScriptCore/wasm/js/WebAssemblyPrototype.cpp >+++ b/Source/JavaScriptCore/wasm/js/WebAssemblyPrototype.cpp >@@ -381,6 +381,8 @@ void WebAssemblyPrototype::finishCreation(VM& vm, JSGlobalObject* globalObject) > JSC_BUILTIN_FUNCTION_WITHOUT_TRANSITION("compileStreaming", webAssemblyPrototypeCompileStreamingCodeGenerator, static_cast<unsigned>(PropertyAttribute::DontEnum)); > JSC_BUILTIN_FUNCTION_WITHOUT_TRANSITION("instantiateStreaming", webAssemblyPrototypeInstantiateStreamingCodeGenerator, static_cast<unsigned>(PropertyAttribute::DontEnum)); > } >+ >+ didBecomePrototype(); > } > > WebAssemblyPrototype::WebAssemblyPrototype(VM& vm, Structure* structure) >diff --git a/Source/JavaScriptCore/wasm/js/WebAssemblyRuntimeErrorPrototype.cpp b/Source/JavaScriptCore/wasm/js/WebAssemblyRuntimeErrorPrototype.cpp >index 4211965c71cc2d0f25641b564b5f480b92541798..dc10a27556bb37322ab72915a66d71817ed210d8 100644 >--- a/Source/JavaScriptCore/wasm/js/WebAssemblyRuntimeErrorPrototype.cpp >+++ b/Source/JavaScriptCore/wasm/js/WebAssemblyRuntimeErrorPrototype.cpp >@@ -57,6 +57,7 @@ Structure* WebAssemblyRuntimeErrorPrototype::createStructure(VM& vm, JSGlobalObj > void WebAssemblyRuntimeErrorPrototype::finishCreation(VM& vm) > { > Base::finishCreation(vm); >+ didBecomePrototype(); > } > > WebAssemblyRuntimeErrorPrototype::WebAssemblyRuntimeErrorPrototype(VM& vm, Structure* structure) >diff --git a/Source/JavaScriptCore/wasm/js/WebAssemblyTablePrototype.cpp b/Source/JavaScriptCore/wasm/js/WebAssemblyTablePrototype.cpp >index 7f1057f1c9ecfdcc66a7806ee71c0cd4d6fa885e..1fc2257749abb27c04dd116ada82b090f4c98650 100644 >--- a/Source/JavaScriptCore/wasm/js/WebAssemblyTablePrototype.cpp >+++ b/Source/JavaScriptCore/wasm/js/WebAssemblyTablePrototype.cpp >@@ -166,6 +166,7 @@ void WebAssemblyTablePrototype::finishCreation(VM& vm) > { > Base::finishCreation(vm); > ASSERT(inherits(vm, info())); >+ didBecomePrototype(); > } > > WebAssemblyTablePrototype::WebAssemblyTablePrototype(VM& vm, Structure* structure) >diff --git a/Source/WebCore/bindings/js/JSDOMIterator.h b/Source/WebCore/bindings/js/JSDOMIterator.h >index 2709b1fb980f17038dcb9c7a84756799ce2a4ebd..b5c8c9ee2348e0464c5b93c521b21d14c9943efa 100644 >--- a/Source/WebCore/bindings/js/JSDOMIterator.h >+++ b/Source/WebCore/bindings/js/JSDOMIterator.h >@@ -265,6 +265,7 @@ void JSDOMIteratorPrototype<JSWrapper, IteratorTraits>::finishCreation(JSC::VM& > ASSERT(inherits(vm, info())); > > JSC_NATIVE_INTRINSIC_FUNCTION_WITHOUT_TRANSITION(vm.propertyNames->next, next, 0, 0, JSC::NoIntrinsic); >+ didBecomePrototype(); > } > > } >diff --git a/Source/WebCore/bindings/js/JSDOMWindowProperties.h b/Source/WebCore/bindings/js/JSDOMWindowProperties.h >index 128b7ae83dd3150ac3a41b2c2de039f7eb787efc..3166e643074523bc65e32bc956687de90ddace7e 100644 >--- a/Source/WebCore/bindings/js/JSDOMWindowProperties.h >+++ b/Source/WebCore/bindings/js/JSDOMWindowProperties.h >@@ -30,7 +30,7 @@ > > namespace WebCore { > >-class JSDOMWindowProperties : public JSDOMObject { >+class JSDOMWindowProperties final : public JSDOMObject { > public: > static JSDOMWindowProperties* create(JSC::Structure* structure, JSC::JSGlobalObject& globalObject) > { >@@ -55,6 +55,7 @@ class JSDOMWindowProperties : public JSDOMObject { > JSDOMWindowProperties(JSC::Structure* structure, JSC::JSGlobalObject& globalObject) > : JSDOMObject(structure, globalObject) > { >+ didBecomePrototype(); > } > }; > >diff --git a/Source/WebCore/bindings/js/JSWindowProxy.cpp b/Source/WebCore/bindings/js/JSWindowProxy.cpp >index bf0e22591e546d0d81f63e48d66707fbacd61d63..b1ea37f49036c67d6889cd983e0c953529f5bce1 100644 >--- a/Source/WebCore/bindings/js/JSWindowProxy.cpp >+++ b/Source/WebCore/bindings/js/JSWindowProxy.cpp >@@ -97,6 +97,7 @@ void JSWindowProxy::setWindow(AbstractDOMWindow& domWindow) > // FIXME: Why do we need to protect this when there's a pointer to it on the stack? > // Perhaps the issue is that structure objects aren't seen when scanning the stack? > Strong<JSNonFinalObject> prototype(vm, isRemoteDOMWindow ? static_cast<JSNonFinalObject*>(JSRemoteDOMWindowPrototype::create(vm, nullptr, &prototypeStructure)) : static_cast<JSNonFinalObject*>(JSDOMWindowPrototype::create(vm, nullptr, &prototypeStructure))); >+ prototype->didBecomePrototype(); > > JSDOMGlobalObject* window = nullptr; > if (isRemoteDOMWindow) { >diff --git a/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm b/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm >index 35636c98da3c75b860d0fadace44812b11caa510..f29422dcd6e72f999286115fbdcbb06ff559a725 100644 >--- a/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm >+++ b/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm >@@ -7088,6 +7088,7 @@ sub GeneratePrototypeDeclaration > push(@$outputArray, " ${prototypeClassName}(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure)\n"); > push(@$outputArray, " : JSC::JSNonFinalObject(vm, structure)\n"); > push(@$outputArray, " {\n"); >+ push(@$outputArray, " didBecomePrototype();\n"); > push(@$outputArray, " }\n"); > > if (PrototypeHasStaticPropertyTable($interface)) { >@@ -7322,7 +7323,9 @@ sub GenerateConstructorHelperMethods > > if (!$generatingNamedConstructor and $interface->parentType) { > my $parentClassName = "JS" . $interface->parentType->name; >- push(@$outputArray, " return ${parentClassName}::getConstructor(vm, &globalObject);\n"); >+ push(@$outputArray, " auto result = ${parentClassName}::getConstructor(vm, &globalObject);\n"); >+ push(@$outputArray, " result.getObject()->didBecomePrototype();\n"); >+ push(@$outputArray, " return result;\n"); > } else { > AddToImplIncludes("<JavaScriptCore/FunctionPrototype.h>"); > push(@$outputArray, " UNUSED_PARAM(vm);\n"); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSInterfaceName.cpp b/Source/WebCore/bindings/scripts/test/JS/JSInterfaceName.cpp >index 141eb8ee56904cf3772d96be6fb34e4782340fb1..a82f0d6ad92e570322a164d2539cbe2dc26cd295 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSInterfaceName.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSInterfaceName.cpp >@@ -62,6 +62,7 @@ class JSInterfaceNamePrototype : public JSC::JSNonFinalObject { > JSInterfaceNamePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSMapLike.cpp b/Source/WebCore/bindings/scripts/test/JS/JSMapLike.cpp >index 3567a72d07fd6c7ae1e48cb3b348849f208853df..ba1fc77fd23bc5494e51201f6ab585456616e711 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSMapLike.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSMapLike.cpp >@@ -81,6 +81,7 @@ class JSMapLikePrototype : public JSC::JSNonFinalObject { > JSMapLikePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSReadOnlyMapLike.cpp b/Source/WebCore/bindings/scripts/test/JS/JSReadOnlyMapLike.cpp >index ab281f059d6b317c2c9233d0c6809a1ff796cd30..3b91deddf887aa6258a100c1230f333a435d25b9 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSReadOnlyMapLike.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSReadOnlyMapLike.cpp >@@ -78,6 +78,7 @@ class JSReadOnlyMapLikePrototype : public JSC::JSNonFinalObject { > JSReadOnlyMapLikePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestActiveDOMObject.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestActiveDOMObject.cpp >index 2b614176fc0809a85a4f0b69c7dbfdc9e9ac2bcd..e38745956aa649d82813fe0f111bcbd25708ed3e 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestActiveDOMObject.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestActiveDOMObject.cpp >@@ -75,6 +75,7 @@ class JSTestActiveDOMObjectPrototype : public JSC::JSNonFinalObject { > JSTestActiveDOMObjectPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestCEReactions.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestCEReactions.cpp >index a1bdab10f5ea296880fa08822dadce3d1c08e6ac..fc98128b3785f24588b73af578b7885a0cc55495 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestCEReactions.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestCEReactions.cpp >@@ -87,6 +87,7 @@ class JSTestCEReactionsPrototype : public JSC::JSNonFinalObject { > JSTestCEReactionsPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp >index 580e2437393c5e0f89c9a2752e743ec894668128..636928615958f4ba7115d98dd7e6522c0e9e5137 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp >@@ -74,6 +74,7 @@ class JSTestCEReactionsStringifierPrototype : public JSC::JSNonFinalObject { > JSTestCEReactionsStringifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestCallTracer.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestCallTracer.cpp >index 6b81bffe495e500bcba3451c7fd7b6bee7754250..bfe9bb600a20f126e9659cd18135a83f87bd7333 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestCallTracer.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestCallTracer.cpp >@@ -92,6 +92,7 @@ class JSTestCallTracerPrototype : public JSC::JSNonFinalObject { > JSTestCallTracerPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp >index 5c8c78558c59a2b1b2368b0bb6143c06d1ce0a3e..363e1903dc1290ba5a19943a73931857445a008c 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp >@@ -63,6 +63,7 @@ class JSTestClassWithJSBuiltinConstructorPrototype : public JSC::JSNonFinalObjec > JSTestClassWithJSBuiltinConstructorPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestDOMJIT.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestDOMJIT.cpp >index 600437b06a32f2cbd6782766832fd7a225465d46..87e4555d2e18ee880fd02a920903c9b15e791afa 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestDOMJIT.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestDOMJIT.cpp >@@ -485,6 +485,7 @@ class JSTestDOMJITPrototype : public JSC::JSNonFinalObject { > JSTestDOMJITPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >@@ -494,7 +495,9 @@ using JSTestDOMJITConstructor = JSDOMConstructorNotConstructable<JSTestDOMJIT>; > > template<> JSValue JSTestDOMJITConstructor::prototypeForStructure(JSC::VM& vm, const JSDOMGlobalObject& globalObject) > { >- return JSNode::getConstructor(vm, &globalObject); >+ auto result = JSNode::getConstructor(vm, &globalObject); >+ result.getObject()->didBecomePrototype(); >+ return result; > } > > template<> void JSTestDOMJITConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject) >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestEnabledBySetting.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestEnabledBySetting.cpp >index 4df8130ff5f822d241eca49aa8a9d8348109642a..6a573382a8d9bf710ce695407237e9e2b9b1369d 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestEnabledBySetting.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestEnabledBySetting.cpp >@@ -84,6 +84,7 @@ class JSTestEnabledBySettingPrototype : public JSC::JSNonFinalObject { > JSTestEnabledBySettingPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestEventConstructor.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestEventConstructor.cpp >index 33e2f9d4a0fc381f966ab9fb8b1c9e7092f286c8..0dcf4aff716f24cb3054332c98fab79afd551166 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestEventConstructor.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestEventConstructor.cpp >@@ -144,6 +144,7 @@ class JSTestEventConstructorPrototype : public JSC::JSNonFinalObject { > JSTestEventConstructorPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >@@ -170,7 +171,9 @@ template<> EncodedJSValue JSC_HOST_CALL JSTestEventConstructorConstructor::const > > template<> JSValue JSTestEventConstructorConstructor::prototypeForStructure(JSC::VM& vm, const JSDOMGlobalObject& globalObject) > { >- return JSEvent::getConstructor(vm, &globalObject); >+ auto result = JSEvent::getConstructor(vm, &globalObject); >+ result.getObject()->didBecomePrototype(); >+ return result; > } > > template<> void JSTestEventConstructorConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject) >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestEventTarget.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestEventTarget.cpp >index 92b9d98a5e7372f2146c74181107b5a288a39991..05e4d9f0ad0229130bc02274ce05bb6f89b58503 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestEventTarget.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestEventTarget.cpp >@@ -72,6 +72,7 @@ class JSTestEventTargetPrototype : public JSC::JSNonFinalObject { > JSTestEventTargetPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >@@ -81,7 +82,9 @@ using JSTestEventTargetConstructor = JSDOMConstructorNotConstructable<JSTestEven > > template<> JSValue JSTestEventTargetConstructor::prototypeForStructure(JSC::VM& vm, const JSDOMGlobalObject& globalObject) > { >- return JSEventTarget::getConstructor(vm, &globalObject); >+ auto result = JSEventTarget::getConstructor(vm, &globalObject); >+ result.getObject()->didBecomePrototype(); >+ return result; > } > > template<> void JSTestEventTargetConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject) >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestException.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestException.cpp >index 36d62411a8d99e133e75ae2bb1200b993d5d0a14..9afb2fce2e46b3f8c4fe7f8a0703a84fbc52b66c 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestException.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestException.cpp >@@ -65,6 +65,7 @@ class JSTestExceptionPrototype : public JSC::JSNonFinalObject { > JSTestExceptionPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp >index 9f16b828c8b3d2e953e3558ea7f2e0583f293379..f810e9e01412a04bb1be10d0a6fc6cd0ca6894a7 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp >@@ -65,6 +65,7 @@ class JSTestGenerateIsReachablePrototype : public JSC::JSNonFinalObject { > JSTestGenerateIsReachablePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestGlobalObject.h b/Source/WebCore/bindings/scripts/test/JS/JSTestGlobalObject.h >index 16c07497f8be2b28576a2e7f96e19bef178a17dd..dac01ff1b50337c4e668c90e7e169e714178a38f 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestGlobalObject.h >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestGlobalObject.h >@@ -102,6 +102,7 @@ class JSTestGlobalObjectPrototype : public JSC::JSNonFinalObject { > JSTestGlobalObjectPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > public: > static const unsigned StructureFlags = Base::StructureFlags | JSC::HasStaticPropertyTable; >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp >index 093adcba6e45698eb4d6ba295b49340ec1feab55..9db29635e4e8aa80b878ddb71862ccb610198ffa 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp >@@ -64,6 +64,7 @@ class JSTestIndexedSetterNoIdentifierPrototype : public JSC::JSNonFinalObject { > JSTestIndexedSetterNoIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp >index 615802d96e77ecf61e6e67972d7b6ff96ec7793e..17fbf916577e16260432e2568f4ffb2a8142ff1b 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp >@@ -64,6 +64,7 @@ class JSTestIndexedSetterThrowingExceptionPrototype : public JSC::JSNonFinalObje > JSTestIndexedSetterThrowingExceptionPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp >index a871231879a9f0b64dd5ca995b401655024ae400..44a5f45eb9dc59ee9555570f48d6a6be9cebbb0d 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp >@@ -70,6 +70,7 @@ class JSTestIndexedSetterWithIdentifierPrototype : public JSC::JSNonFinalObject > JSTestIndexedSetterWithIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestInterface.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestInterface.cpp >index d6c41fb10c356d56d0ef9a7281e98b745cf0ee16..60323ac3c4f297dd281a1aad59a349cba4ae642b 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestInterface.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestInterface.cpp >@@ -168,6 +168,7 @@ class JSTestInterfacePrototype : public JSC::JSNonFinalObject { > JSTestInterfacePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp >index c94182c2444473dd7c57aabaf30b5108a96fcb00..62fd904828beea722d1e52575871a185b7d35405 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp >@@ -65,6 +65,7 @@ class JSTestInterfaceLeadingUnderscorePrototype : public JSC::JSNonFinalObject { > JSTestInterfaceLeadingUnderscorePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestIterable.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestIterable.cpp >index 1a9237470c8fd6581bf046a040a1e6ea7c177a4c..802c54937478cc14afe9333f358ac21f8c7ed526 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestIterable.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestIterable.cpp >@@ -73,6 +73,7 @@ class JSTestIterablePrototype : public JSC::JSNonFinalObject { > JSTestIterablePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp >index a6560b395be62132fd4fbf4797ed3a2e77d80d91..19129293662de64b04449827134f8f22b062cf6c 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp >@@ -69,6 +69,7 @@ class JSTestJSBuiltinConstructorPrototype : public JSC::JSNonFinalObject { > JSTestJSBuiltinConstructorPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp >index fa78d03cc5bc7cd9717934fb0268f7f467d590f7..8ca4cda8b1de59ef0c0c69a7096da871ccd5ba67 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp >@@ -70,6 +70,7 @@ class JSTestMediaQueryListListenerPrototype : public JSC::JSNonFinalObject { > JSTestMediaQueryListListenerPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp >index 39e6ae5778b107cd625b2d28239a62e1fd91263e..7a4a5e6e1c189c0e705ebc28908f0e50b187131f 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp >@@ -65,6 +65,7 @@ class JSTestNamedAndIndexedSetterNoIdentifierPrototype : public JSC::JSNonFinalO > JSTestNamedAndIndexedSetterNoIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp >index 9f8dcc68bb73431592d8bcb89b4f4b146791cea3..8ad341cdff745962664daabfe577835647467738 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp >@@ -65,6 +65,7 @@ class JSTestNamedAndIndexedSetterThrowingExceptionPrototype : public JSC::JSNonF > JSTestNamedAndIndexedSetterThrowingExceptionPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp >index c3f14e57acb357ee16e71eb60d0c922a2285125f..e9bdcf49ed5a801f8d7d2457b30aca0c26b12fb7 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp >@@ -72,6 +72,7 @@ class JSTestNamedAndIndexedSetterWithIdentifierPrototype : public JSC::JSNonFina > JSTestNamedAndIndexedSetterWithIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedConstructor.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedConstructor.cpp >index 022d3cdc3fe940c24eca85ab3bf8b184e06e78ef..267c1205e7f746e949646090c11e8a8e0008bd8a 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedConstructor.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedConstructor.cpp >@@ -65,6 +65,7 @@ class JSTestNamedConstructorPrototype : public JSC::JSNonFinalObject { > JSTestNamedConstructorPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp >index ef3e5591aeff4c3f6833d1d8632071d73e99b5bb..5d2b6b68611b9e568134d60a193cded71de95f00 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp >@@ -64,6 +64,7 @@ class JSTestNamedDeleterNoIdentifierPrototype : public JSC::JSNonFinalObject { > JSTestNamedDeleterNoIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp >index 0fd763b328fbb8818cdc11d98fc85538fc73e8fb..f0b5b743f52cb9a30617ea83e3b718d6e26e3abf 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp >@@ -64,6 +64,7 @@ class JSTestNamedDeleterThrowingExceptionPrototype : public JSC::JSNonFinalObjec > JSTestNamedDeleterThrowingExceptionPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp >index 9e500bdd6d80e81583cc6b77275266b398821134..d3dca2a9f3889f8eeb667f4c0a6a8efb94b27c5d 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp >@@ -69,6 +69,7 @@ class JSTestNamedDeleterWithIdentifierPrototype : public JSC::JSNonFinalObject { > JSTestNamedDeleterWithIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp >index 9492b57ef7ed1f9ccd487ee35f20eae3998ce867..d2c14cf2e359fb442223ed4e48f95fff18406490 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp >@@ -65,6 +65,7 @@ class JSTestNamedDeleterWithIndexedGetterPrototype : public JSC::JSNonFinalObjec > JSTestNamedDeleterWithIndexedGetterPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp >index 10e4a6b4b6353dd061e101873b3da6b9787fa4fd..d3fa0722f1d64b5ceac1b112a5d85c986a26df6e 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp >@@ -64,6 +64,7 @@ class JSTestNamedGetterCallWithPrototype : public JSC::JSNonFinalObject { > JSTestNamedGetterCallWithPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp >index b2db2ada44f97798b91c0d86b0c6f5d3399dea98..e592a7fdf72c6eac6f733ac414e46a2391bd76bb 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp >@@ -64,6 +64,7 @@ class JSTestNamedGetterNoIdentifierPrototype : public JSC::JSNonFinalObject { > JSTestNamedGetterNoIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp >index daa279f99f0a2b18a71313ecd56352f0547e74a2..ed6ed8b6bcbcdbc99b797682a362e2c5d1d1f37f 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp >@@ -69,6 +69,7 @@ class JSTestNamedGetterWithIdentifierPrototype : public JSC::JSNonFinalObject { > JSTestNamedGetterWithIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp >index de61438d03a821dff14e99a431e15b8cd038438c..32edb0acf71d1e12a333edc836354b9128c34713 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp >@@ -64,6 +64,7 @@ class JSTestNamedSetterNoIdentifierPrototype : public JSC::JSNonFinalObject { > JSTestNamedSetterNoIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp >index ff95182d91dfdd2434bb5fa059faca04d2b8365f..2779be839fdb844057b3f44f346008a820b0bf63 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp >@@ -64,6 +64,7 @@ class JSTestNamedSetterThrowingExceptionPrototype : public JSC::JSNonFinalObject > JSTestNamedSetterThrowingExceptionPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp >index f5fb8b27cb05e48aec80481eb06df7b5f16171b0..2bfd7d0c02c57ec3d2b0aa9cc9430f515cb9bcdd 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp >@@ -69,6 +69,7 @@ class JSTestNamedSetterWithIdentifierPrototype : public JSC::JSNonFinalObject { > JSTestNamedSetterWithIdentifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp >index 80eb5525621cdefbdc98eb5da50290d38a8d74f2..5a276805fc79761d7a01437a2f9311223267d53f 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp >@@ -72,6 +72,7 @@ class JSTestNamedSetterWithIndexedGetterPrototype : public JSC::JSNonFinalObject > JSTestNamedSetterWithIndexedGetterPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp >index 8e15fdf9d10f10699e0575d89a78cf6a027a8d49..8027fc1d871daa21181bb5c708d328a28dbe1c9e 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp >@@ -72,6 +72,7 @@ class JSTestNamedSetterWithIndexedGetterAndSetterPrototype : public JSC::JSNonFi > JSTestNamedSetterWithIndexedGetterAndSetterPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp >index 53b137bfe3bb60eee76b5040b5e6caf1dbaa1745..60357222ef4628859600fdc072f184bac9d294ab 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp >@@ -64,6 +64,7 @@ class JSTestNamedSetterWithOverrideBuiltinsPrototype : public JSC::JSNonFinalObj > JSTestNamedSetterWithOverrideBuiltinsPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp >index bc9a41f261e57785679f50b636d0ff4db8782a11..2b236e8c749214b3ebda440d76d9acbcf278f44e 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp >@@ -71,6 +71,7 @@ class JSTestNamedSetterWithUnforgablePropertiesPrototype : public JSC::JSNonFina > JSTestNamedSetterWithUnforgablePropertiesPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp >index 198783eb9f1c40ac710da985bc17b7f2aa25411f..a490305a615dd72ce2f68259fd705932a01b514b 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp >@@ -71,6 +71,7 @@ class JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsPrototype : pu > JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestNode.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestNode.cpp >index 264bf961423acb7819bcebdc904f2730e88a8c1c..31180d2e7a5f5aa77a029fe37a9e45a1a6612853 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestNode.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestNode.cpp >@@ -88,6 +88,7 @@ class JSTestNodePrototype : public JSC::JSNonFinalObject { > JSTestNodePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >@@ -108,7 +109,9 @@ template<> EncodedJSValue JSC_HOST_CALL JSTestNodeConstructor::construct(ExecSta > > template<> JSValue JSTestNodeConstructor::prototypeForStructure(JSC::VM& vm, const JSDOMGlobalObject& globalObject) > { >- return JSNode::getConstructor(vm, &globalObject); >+ auto result = JSNode::getConstructor(vm, &globalObject); >+ result.getObject()->didBecomePrototype(); >+ return result; > } > > template<> void JSTestNodeConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject) >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestObj.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestObj.cpp >index bf3c85dd8cbcf4c9aba4aab3305b47b1e0fdd190..8409518fcf00a1ff698a731de80f89acbebc2306 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestObj.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestObj.cpp >@@ -1819,6 +1819,7 @@ class JSTestObjPrototype : public JSC::JSNonFinalObject { > JSTestObjPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp >index 7708eda3aadc73bd12ff15ed68e3188629714801..8446c0723197b6e3f616e87de2b648f87032f567 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp >@@ -68,6 +68,7 @@ class JSTestOverloadedConstructorsPrototype : public JSC::JSNonFinalObject { > JSTestOverloadedConstructorsPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp >index 3831269640733ec635b7ecc46c833b73f550ac17..0a0a0d725f401a3242702230a1f0619c82bdf99e 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp >@@ -67,6 +67,7 @@ class JSTestOverloadedConstructorsWithSequencePrototype : public JSC::JSNonFinal > JSTestOverloadedConstructorsWithSequencePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp >index 30c7912adb6c38d30045955384e300bf530dd217..5666642286156afa1ed329af9cfd31b8b41172c0 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp >@@ -72,6 +72,7 @@ class JSTestOverrideBuiltinsPrototype : public JSC::JSNonFinalObject { > JSTestOverrideBuiltinsPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestPluginInterface.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestPluginInterface.cpp >index c340edd757895eecb11b6ffc321d588c522472a2..7acf2a37c811a863d983e2facb5133e43c80b5cc 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestPluginInterface.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestPluginInterface.cpp >@@ -63,6 +63,7 @@ class JSTestPluginInterfacePrototype : public JSC::JSNonFinalObject { > JSTestPluginInterfacePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp >index c8da5dd06c8b14d5880fd1fceec94af600e0cd9d..45a09c7a16cf4ad8f3100b430c5d6db3c4e59a50 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp >@@ -147,6 +147,7 @@ class JSTestPromiseRejectionEventPrototype : public JSC::JSNonFinalObject { > JSTestPromiseRejectionEventPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >@@ -174,7 +175,9 @@ template<> EncodedJSValue JSC_HOST_CALL JSTestPromiseRejectionEventConstructor:: > > template<> JSValue JSTestPromiseRejectionEventConstructor::prototypeForStructure(JSC::VM& vm, const JSDOMGlobalObject& globalObject) > { >- return JSEvent::getConstructor(vm, &globalObject); >+ auto result = JSEvent::getConstructor(vm, &globalObject); >+ result.getObject()->didBecomePrototype(); >+ return result; > } > > template<> void JSTestPromiseRejectionEventConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject) >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestSerialization.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestSerialization.cpp >index 965634adf1a35e2047fd2db4af8758db354f7517..ce6a881a21fa6961e15504757dccae3953a62f15 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestSerialization.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestSerialization.cpp >@@ -104,6 +104,7 @@ class JSTestSerializationPrototype : public JSC::JSNonFinalObject { > JSTestSerializationPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp >index 64920052284ae525b12c6e720d83de17f4ece6d3..c5196873865b7eabf50b6d80265a3c19e7629e9d 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp >@@ -61,6 +61,7 @@ class JSTestSerializationIndirectInheritancePrototype : public JSC::JSNonFinalOb > JSTestSerializationIndirectInheritancePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >@@ -70,7 +71,9 @@ using JSTestSerializationIndirectInheritanceConstructor = JSDOMConstructorNotCon > > template<> JSValue JSTestSerializationIndirectInheritanceConstructor::prototypeForStructure(JSC::VM& vm, const JSDOMGlobalObject& globalObject) > { >- return JSTestSerializationInherit::getConstructor(vm, &globalObject); >+ auto result = JSTestSerializationInherit::getConstructor(vm, &globalObject); >+ result.getObject()->didBecomePrototype(); >+ return result; > } > > template<> void JSTestSerializationIndirectInheritanceConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject) >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestSerializationInherit.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestSerializationInherit.cpp >index 4442f5139bec98be4b11a6b0d83c7348a8c44382..a1a824308f4f080c9d2cd7c6da78a9140f1bad9f 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestSerializationInherit.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestSerializationInherit.cpp >@@ -71,6 +71,7 @@ class JSTestSerializationInheritPrototype : public JSC::JSNonFinalObject { > JSTestSerializationInheritPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >@@ -80,7 +81,9 @@ using JSTestSerializationInheritConstructor = JSDOMConstructorNotConstructable<J > > template<> JSValue JSTestSerializationInheritConstructor::prototypeForStructure(JSC::VM& vm, const JSDOMGlobalObject& globalObject) > { >- return JSTestSerialization::getConstructor(vm, &globalObject); >+ auto result = JSTestSerialization::getConstructor(vm, &globalObject); >+ result.getObject()->didBecomePrototype(); >+ return result; > } > > template<> void JSTestSerializationInheritConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject) >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp >index ba61bc52a84f70fd34301c38f73f970d4c9f0f4e..069b115d4af4a53e93cf2d6a726f77d4a0bd66ad 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp >@@ -73,6 +73,7 @@ class JSTestSerializationInheritFinalPrototype : public JSC::JSNonFinalObject { > JSTestSerializationInheritFinalPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >@@ -82,7 +83,9 @@ using JSTestSerializationInheritFinalConstructor = JSDOMConstructorNotConstructa > > template<> JSValue JSTestSerializationInheritFinalConstructor::prototypeForStructure(JSC::VM& vm, const JSDOMGlobalObject& globalObject) > { >- return JSTestSerializationInherit::getConstructor(vm, &globalObject); >+ auto result = JSTestSerializationInherit::getConstructor(vm, &globalObject); >+ result.getObject()->didBecomePrototype(); >+ return result; > } > > template<> void JSTestSerializationInheritFinalConstructor::initializeProperties(VM& vm, JSDOMGlobalObject& globalObject) >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp >index 42b2836f9d2e791735945484643dca28f567ed5b..d37fde1dc193dc8d8a36f28c58dac3c323a0289c 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp >@@ -86,6 +86,7 @@ class JSTestSerializedScriptValueInterfacePrototype : public JSC::JSNonFinalObje > JSTestSerializedScriptValueInterfacePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestStringifier.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestStringifier.cpp >index 31392cb920b79fbbcb34edd29e14784eee2a36ae..1ffafdae01c37469650f642d133dad940dbeb71a 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestStringifier.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestStringifier.cpp >@@ -68,6 +68,7 @@ class JSTestStringifierPrototype : public JSC::JSNonFinalObject { > JSTestStringifierPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp >index 58cd0ff94092bce04c291fff32b0d6dae39d1bc2..c6465d70960abf434fb6b6b1b4570b464421e9c5 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp >@@ -68,6 +68,7 @@ class JSTestStringifierAnonymousOperationPrototype : public JSC::JSNonFinalObjec > JSTestStringifierAnonymousOperationPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp >index c9b25f0ad9d6bb83e760e42ac9411abae1ce9b6e..fe867d62e0b3a3782f50da17681d3603abc20093 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp >@@ -69,6 +69,7 @@ class JSTestStringifierNamedOperationPrototype : public JSC::JSNonFinalObject { > JSTestStringifierNamedOperationPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp >index 35d863a85d62497480b1a5f84549bae4efd1f198..34ab9dac708c5cac37fe171812e1e3658b1212ab 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp >@@ -69,6 +69,7 @@ class JSTestStringifierOperationImplementedAsPrototype : public JSC::JSNonFinalO > JSTestStringifierOperationImplementedAsPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp >index 6ba4cd1fd05810ea79d81fc8af0bb8c64c6261b9..fe730ba0023fc49a4acc78067a92707a08e7fe47 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp >@@ -68,6 +68,7 @@ class JSTestStringifierOperationNamedToStringPrototype : public JSC::JSNonFinalO > JSTestStringifierOperationNamedToStringPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp >index 41523a5af2ac1e869a9ad10d384ef4d4d07848c3..df4ef8c7247c76f2feccb584623ab6ebe3290cce 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp >@@ -70,6 +70,7 @@ class JSTestStringifierReadOnlyAttributePrototype : public JSC::JSNonFinalObject > JSTestStringifierReadOnlyAttributePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp >index 7cc60e80c8e32111647773a6c004359334f48d3c..b204fa263645a45d0db22cdfc9369a033ce5ece0 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp >@@ -71,6 +71,7 @@ class JSTestStringifierReadWriteAttributePrototype : public JSC::JSNonFinalObjec > JSTestStringifierReadWriteAttributePrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/Source/WebCore/bindings/scripts/test/JS/JSTestTypedefs.cpp b/Source/WebCore/bindings/scripts/test/JS/JSTestTypedefs.cpp >index 906b66de8fa22cd2735eb9b36f9ffee80a283b65..a71b58c6c7d36e7ac4886a5cc5934b0accc2526f 100644 >--- a/Source/WebCore/bindings/scripts/test/JS/JSTestTypedefs.cpp >+++ b/Source/WebCore/bindings/scripts/test/JS/JSTestTypedefs.cpp >@@ -114,6 +114,7 @@ class JSTestTypedefsPrototype : public JSC::JSNonFinalObject { > JSTestTypedefsPrototype(JSC::VM& vm, JSC::JSGlobalObject*, JSC::Structure* structure) > : JSC::JSNonFinalObject(vm, structure) > { >+ didBecomePrototype(); > } > > void finishCreation(JSC::VM&); >diff --git a/JSTests/ChangeLog b/JSTests/ChangeLog >index 209b898afbb1a2a8def9d9cb40f39737e7f51139..03957fdf2927ac2151e32f68f47fb56208b6830d 100644 >--- a/JSTests/ChangeLog >+++ b/JSTests/ChangeLog >@@ -1,3 +1,14 @@ >+2019-06-22 Robin Morisset <rmorisset@apple.com> and Yusuke Suzuki <ysuzuki@apple.com> >+ >+ All prototypes should call didBecomePrototype() >+ https://bugs.webkit.org/show_bug.cgi?id=196315 >+ >+ Reviewed by Saam Barati. >+ >+ This changelog already landed, but the commit was missing the actual changes. >+ >+ * stress/function-prototype-indexed-accessor.js: Added. >+ > 2019-06-22 Yusuke Suzuki <ysuzuki@apple.com> > > [JSC] Strict, Sloppy and Arrow functions should have different classInfo >diff --git a/JSTests/stress/function-prototype-indexed-accessor.js b/JSTests/stress/function-prototype-indexed-accessor.js >new file mode 100644 >index 0000000000000000000000000000000000000000..2b6954e08e70648ea06a53bc0ff626f823674ca3 >--- /dev/null >+++ b/JSTests/stress/function-prototype-indexed-accessor.js >@@ -0,0 +1,3 @@ >+Function[0] = 0; >+Object.defineProperty(Function.__proto__, '42', { set: ()=>{} }); >+Function[1000] = 0;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=372674">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 196315
:
366101
|
366108
|
366136
|
366853
|
366861
|
367056
|
367057
|
367061
|
367081
|
367089
|
367097
|
367140
|
367363
|
367369
|
367423
|
368352
|
368983
|
369025
|
369414
|
369598
|
369622
|
369640
|
372674
|
372675
|
372851