<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[189160] trunk/Source/JavaScriptCore</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/189160">189160</a></dd>
<dt>Author</dt> <dd>fpizlo@apple.com</dd>
<dt>Date</dt> <dd>2015-08-30 15:33:23 -0700 (Sun, 30 Aug 2015)</dd>
</dl>
<h3>Log Message</h3>
<pre>JSC property attributes should fit in a byte
https://bugs.webkit.org/show_bug.cgi?id=148611
Reviewed by Sam Weinig.
I want to make room in PropertyMapEntry for more things to support property type inference (see
https://bugs.webkit.org/show_bug.cgi?id=148610). The most obvious candidate for a size reduction is
attributes, since we only have a small number of attribute bits. Even without complex changes, it
would have been possible to reduce the attribute field from 32 bits to 16 bits. Specifically, prior
to this change, the attributes field needed 9 bits. This made it very tempting to trim it so that
it could fit in a byte.
Luckily, many of the attributes bits are for the static lookup hashtables that we use for lazily
building objects in the standard library. Those bits don't need to stay around after the property
has been created, since they are just for telling the code in Lookup how to create the property.
So, this change separates the attributes bits into those that are interesting for Structure and
those that aren't. The ones used by Structure sit in the low 8 bits, allowing for the attributes
field in PropertyMapEntry to be a uint8_t. The attributes bits used only by Lookup use the higher
bits. In production, the conversion from the Lookup attributes to the Structure attributes is just
a cast to uint8_t. In debug, we assert that those bits are not dropped by accident. Code that
intentionally drops those bits calls attributesForStructure().
It turned out that there was a lot of code that was using the Function bit even in code that didn't
involve Lookup. This change removes those uses of Function. Structure does not need to know if we
think that a property points to a function.
* jsc.cpp:
(GlobalObject::finishCreation):
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
* runtime/JSObject.h:
* runtime/Lookup.cpp:
(JSC::setUpStaticFunctionSlot):
* runtime/Lookup.h:
(JSC::getStaticPropertySlot):
(JSC::getStaticValueSlot):
(JSC::reifyStaticProperties):
* runtime/MathObject.cpp:
(JSC::MathObject::finishCreation):
* runtime/NumberConstructor.cpp:
(JSC::NumberConstructor::finishCreation):
* runtime/PropertySlot.h:
(JSC::attributesForStructure):
(JSC::PropertySlot::setValue):
(JSC::PropertySlot::setCustom):
(JSC::PropertySlot::setCacheableCustom):
(JSC::PropertySlot::setGetterSlot):
(JSC::PropertySlot::setCacheableGetterSlot):
* runtime/Structure.h:
(JSC::PropertyMapEntry::PropertyMapEntry):</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCoreChangeLog">trunk/Source/JavaScriptCore/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCorejsccpp">trunk/Source/JavaScriptCore/jsc.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSGlobalObjectcpp">trunk/Source/JavaScriptCore/runtime/JSGlobalObject.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSObjecth">trunk/Source/JavaScriptCore/runtime/JSObject.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeLookupcpp">trunk/Source/JavaScriptCore/runtime/Lookup.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeLookuph">trunk/Source/JavaScriptCore/runtime/Lookup.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeMathObjectcpp">trunk/Source/JavaScriptCore/runtime/MathObject.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeNumberConstructorcpp">trunk/Source/JavaScriptCore/runtime/NumberConstructor.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimePropertySloth">trunk/Source/JavaScriptCore/runtime/PropertySlot.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeStructureh">trunk/Source/JavaScriptCore/runtime/Structure.h</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ChangeLog (189159 => 189160)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ChangeLog 2015-08-30 07:08:00 UTC (rev 189159)
+++ trunk/Source/JavaScriptCore/ChangeLog 2015-08-30 22:33:23 UTC (rev 189160)
</span><span class="lines">@@ -1,3 +1,56 @@
</span><ins>+2015-08-30 Filip Pizlo <fpizlo@apple.com>
+
+ JSC property attributes should fit in a byte
+ https://bugs.webkit.org/show_bug.cgi?id=148611
+
+ Reviewed by Sam Weinig.
+
+ I want to make room in PropertyMapEntry for more things to support property type inference (see
+ https://bugs.webkit.org/show_bug.cgi?id=148610). The most obvious candidate for a size reduction is
+ attributes, since we only have a small number of attribute bits. Even without complex changes, it
+ would have been possible to reduce the attribute field from 32 bits to 16 bits. Specifically, prior
+ to this change, the attributes field needed 9 bits. This made it very tempting to trim it so that
+ it could fit in a byte.
+
+ Luckily, many of the attributes bits are for the static lookup hashtables that we use for lazily
+ building objects in the standard library. Those bits don't need to stay around after the property
+ has been created, since they are just for telling the code in Lookup how to create the property.
+ So, this change separates the attributes bits into those that are interesting for Structure and
+ those that aren't. The ones used by Structure sit in the low 8 bits, allowing for the attributes
+ field in PropertyMapEntry to be a uint8_t. The attributes bits used only by Lookup use the higher
+ bits. In production, the conversion from the Lookup attributes to the Structure attributes is just
+ a cast to uint8_t. In debug, we assert that those bits are not dropped by accident. Code that
+ intentionally drops those bits calls attributesForStructure().
+
+ It turned out that there was a lot of code that was using the Function bit even in code that didn't
+ involve Lookup. This change removes those uses of Function. Structure does not need to know if we
+ think that a property points to a function.
+
+ * jsc.cpp:
+ (GlobalObject::finishCreation):
+ * runtime/JSGlobalObject.cpp:
+ (JSC::JSGlobalObject::init):
+ * runtime/JSObject.h:
+ * runtime/Lookup.cpp:
+ (JSC::setUpStaticFunctionSlot):
+ * runtime/Lookup.h:
+ (JSC::getStaticPropertySlot):
+ (JSC::getStaticValueSlot):
+ (JSC::reifyStaticProperties):
+ * runtime/MathObject.cpp:
+ (JSC::MathObject::finishCreation):
+ * runtime/NumberConstructor.cpp:
+ (JSC::NumberConstructor::finishCreation):
+ * runtime/PropertySlot.h:
+ (JSC::attributesForStructure):
+ (JSC::PropertySlot::setValue):
+ (JSC::PropertySlot::setCustom):
+ (JSC::PropertySlot::setCacheableCustom):
+ (JSC::PropertySlot::setGetterSlot):
+ (JSC::PropertySlot::setCacheableGetterSlot):
+ * runtime/Structure.h:
+ (JSC::PropertyMapEntry::PropertyMapEntry):
+
</ins><span class="cx"> 2015-08-29 Chris Dumez <cdumez@apple.com>
</span><span class="cx">
</span><span class="cx"> Unreviewed, fix PropertyName::isNull() that was introduced in r188994.
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejsccpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jsc.cpp (189159 => 189160)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jsc.cpp 2015-08-30 07:08:00 UTC (rev 189159)
+++ trunk/Source/JavaScriptCore/jsc.cpp 2015-08-30 22:33:23 UTC (rev 189160)
</span><span class="lines">@@ -647,12 +647,12 @@
</span><span class="cx"> addFunction(vm, "getElement", functionGetElement, 1);
</span><span class="cx"> addFunction(vm, "setElementRoot", functionSetElementRoot, 2);
</span><span class="cx">
</span><del>- putDirectNativeFunction(vm, this, Identifier::fromString(&vm, "DFGTrue"), 0, functionFalse1, DFGTrueIntrinsic, DontEnum | JSC::Function);
- putDirectNativeFunction(vm, this, Identifier::fromString(&vm, "OSRExit"), 0, functionUndefined1, OSRExitIntrinsic, DontEnum | JSC::Function);
- putDirectNativeFunction(vm, this, Identifier::fromString(&vm, "isFinalTier"), 0, functionFalse2, IsFinalTierIntrinsic, DontEnum | JSC::Function);
- putDirectNativeFunction(vm, this, Identifier::fromString(&vm, "predictInt32"), 0, functionUndefined2, SetInt32HeapPredictionIntrinsic, DontEnum | JSC::Function);
- putDirectNativeFunction(vm, this, Identifier::fromString(&vm, "isInt32"), 0, functionIsInt32, CheckInt32Intrinsic, DontEnum | JSC::Function);
- putDirectNativeFunction(vm, this, Identifier::fromString(&vm, "fiatInt52"), 0, functionIdentity, FiatInt52Intrinsic, DontEnum | JSC::Function);
</del><ins>+ putDirectNativeFunction(vm, this, Identifier::fromString(&vm, "DFGTrue"), 0, functionFalse1, DFGTrueIntrinsic, DontEnum);
+ putDirectNativeFunction(vm, this, Identifier::fromString(&vm, "OSRExit"), 0, functionUndefined1, OSRExitIntrinsic, DontEnum);
+ putDirectNativeFunction(vm, this, Identifier::fromString(&vm, "isFinalTier"), 0, functionFalse2, IsFinalTierIntrinsic, DontEnum);
+ putDirectNativeFunction(vm, this, Identifier::fromString(&vm, "predictInt32"), 0, functionUndefined2, SetInt32HeapPredictionIntrinsic, DontEnum);
+ putDirectNativeFunction(vm, this, Identifier::fromString(&vm, "isInt32"), 0, functionIsInt32, CheckInt32Intrinsic, DontEnum);
+ putDirectNativeFunction(vm, this, Identifier::fromString(&vm, "fiatInt52"), 0, functionIdentity, FiatInt52Intrinsic, DontEnum);
</ins><span class="cx">
</span><span class="cx"> addFunction(vm, "effectful42", functionEffectful42, 0);
</span><span class="cx"> addFunction(vm, "makeMasquerader", functionMakeMasquerader, 0);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSGlobalObjectcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSGlobalObject.cpp (189159 => 189160)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSGlobalObject.cpp 2015-08-30 07:08:00 UTC (rev 189159)
+++ trunk/Source/JavaScriptCore/runtime/JSGlobalObject.cpp 2015-08-30 22:33:23 UTC (rev 189160)
</span><span class="lines">@@ -354,7 +354,7 @@
</span><span class="cx"> #endif
</span><span class="cx">
</span><span class="cx"> m_parseIntFunction.set(vm, this, JSFunction::create(vm, this, 2, vm.propertyNames->parseInt.string(), globalFuncParseInt, NoIntrinsic));
</span><del>- putDirectWithoutTransition(vm, vm.propertyNames->parseInt, m_parseIntFunction.get(), DontEnum | Function);
</del><ins>+ putDirectWithoutTransition(vm, vm.propertyNames->parseInt, m_parseIntFunction.get(), DontEnum);
</ins><span class="cx">
</span><span class="cx"> #define CREATE_PROTOTYPE_FOR_SIMPLE_TYPE(capitalName, lowerName, properName, instanceType, jsName) \
</span><span class="cx"> m_ ## lowerName ## Prototype.set(vm, this, capitalName##Prototype::create(vm, this, capitalName##Prototype::createStructure(vm, this, m_objectPrototype.get()))); \
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSObjecth"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSObject.h (189159 => 189160)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSObject.h 2015-08-30 07:08:00 UTC (rev 189159)
+++ trunk/Source/JavaScriptCore/runtime/JSObject.h 2015-08-30 22:33:23 UTC (rev 189160)
</span><span class="lines">@@ -75,7 +75,6 @@
</span><span class="cx"> COMPILE_ASSERT(ReadOnly < FirstInternalAttribute, ReadOnly_is_below_FirstInternalAttribute);
</span><span class="cx"> COMPILE_ASSERT(DontEnum < FirstInternalAttribute, DontEnum_is_below_FirstInternalAttribute);
</span><span class="cx"> COMPILE_ASSERT(DontDelete < FirstInternalAttribute, DontDelete_is_below_FirstInternalAttribute);
</span><del>-COMPILE_ASSERT(Function < FirstInternalAttribute, Function_is_below_FirstInternalAttribute);
</del><span class="cx"> COMPILE_ASSERT(Accessor < FirstInternalAttribute, Accessor_is_below_FirstInternalAttribute);
</span><span class="cx">
</span><span class="cx"> class JSFinalObject;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeLookupcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/Lookup.cpp (189159 => 189160)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/Lookup.cpp 2015-08-30 07:08:00 UTC (rev 189159)
+++ trunk/Source/JavaScriptCore/runtime/Lookup.cpp 2015-08-30 22:33:23 UTC (rev 189160)
</span><span class="lines">@@ -1,5 +1,5 @@
</span><span class="cx"> /*
</span><del>- * Copyright (C) 2008, 2012 Apple Inc. All rights reserved.
</del><ins>+ * Copyright (C) 2008, 2012, 2015 Apple Inc. All rights reserved.
</ins><span class="cx"> *
</span><span class="cx"> * This library is free software; you can redistribute it and/or
</span><span class="cx"> * modify it under the terms of the GNU Lesser General Public
</span><span class="lines">@@ -56,11 +56,11 @@
</span><span class="cx"> return false;
</span><span class="cx">
</span><span class="cx"> if (entry->attributes() & Builtin)
</span><del>- thisObj->putDirectBuiltinFunction(vm, thisObj->globalObject(), propertyName, entry->builtinGenerator()(vm), entry->attributes());
</del><ins>+ thisObj->putDirectBuiltinFunction(vm, thisObj->globalObject(), propertyName, entry->builtinGenerator()(vm), attributesForStructure(entry->attributes()));
</ins><span class="cx"> else if (entry->attributes() & Function) {
</span><span class="cx"> thisObj->putDirectNativeFunction(
</span><span class="cx"> vm, thisObj->globalObject(), propertyName, entry->functionLength(),
</span><del>- entry->function(), entry->intrinsic(), entry->attributes());
</del><ins>+ entry->function(), entry->intrinsic(), attributesForStructure(entry->attributes()));
</ins><span class="cx"> } else {
</span><span class="cx"> ASSERT(isAccessor);
</span><span class="cx"> reifyStaticAccessor(vm, *entry, *thisObj, propertyName);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeLookuph"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/Lookup.h (189159 => 189160)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/Lookup.h 2015-08-30 07:08:00 UTC (rev 189159)
+++ trunk/Source/JavaScriptCore/runtime/Lookup.h 2015-08-30 22:33:23 UTC (rev 189160)
</span><span class="lines">@@ -188,11 +188,11 @@
</span><span class="cx"> return setUpStaticFunctionSlot(exec, entry, thisObj, propertyName, slot);
</span><span class="cx">
</span><span class="cx"> if (entry->attributes() & ConstantInteger) {
</span><del>- slot.setValue(thisObj, entry->attributes(), jsNumber(entry->constantInteger()));
</del><ins>+ slot.setValue(thisObj, attributesForStructure(entry->attributes()), jsNumber(entry->constantInteger()));
</ins><span class="cx"> return true;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- slot.setCacheableCustom(thisObj, entry->attributes(), entry->propertyGetter());
</del><ins>+ slot.setCacheableCustom(thisObj, attributesForStructure(entry->attributes()), entry->propertyGetter());
</ins><span class="cx"> return true;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -229,11 +229,11 @@
</span><span class="cx"> ASSERT(!(entry->attributes() & BuiltinOrFunctionOrAccessor));
</span><span class="cx">
</span><span class="cx"> if (entry->attributes() & ConstantInteger) {
</span><del>- slot.setValue(thisObj, entry->attributes(), jsNumber(entry->constantInteger()));
</del><ins>+ slot.setValue(thisObj, attributesForStructure(entry->attributes()), jsNumber(entry->constantInteger()));
</ins><span class="cx"> return true;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- slot.setCacheableCustom(thisObj, entry->attributes(), entry->propertyGetter());
</del><ins>+ slot.setCacheableCustom(thisObj, attributesForStructure(entry->attributes()), entry->propertyGetter());
</ins><span class="cx"> return true;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -279,18 +279,19 @@
</span><span class="cx">
</span><span class="cx"> Identifier propertyName = Identifier::fromString(&vm, reinterpret_cast<const LChar*>(value.m_key), strlen(value.m_key));
</span><span class="cx"> if (value.attributes() & Builtin) {
</span><del>- thisObj.putDirectBuiltinFunction(vm, thisObj.globalObject(), propertyName, value.builtinGenerator()(vm), value.attributes());
</del><ins>+ thisObj.putDirectBuiltinFunction(vm, thisObj.globalObject(), propertyName, value.builtinGenerator()(vm), attributesForStructure(value.attributes()));
</ins><span class="cx"> continue;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (value.attributes() & Function) {
</span><del>- thisObj.putDirectNativeFunction(vm, thisObj.globalObject(), propertyName, value.functionLength(),
- value.function(), value.intrinsic(), value.attributes());
</del><ins>+ thisObj.putDirectNativeFunction(
+ vm, thisObj.globalObject(), propertyName, value.functionLength(),
+ value.function(), value.intrinsic(), attributesForStructure(value.attributes()));
</ins><span class="cx"> continue;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (value.attributes() & ConstantInteger) {
</span><del>- thisObj.putDirect(vm, propertyName, jsNumber(value.constantInteger()), value.attributes());
</del><ins>+ thisObj.putDirect(vm, propertyName, jsNumber(value.constantInteger()), attributesForStructure(value.attributes()));
</ins><span class="cx"> continue;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -300,7 +301,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> CustomGetterSetter* customGetterSetter = CustomGetterSetter::create(vm, value.propertyGetter(), value.propertyPutter());
</span><del>- thisObj.putDirectCustomAccessor(vm, propertyName, customGetterSetter, value.attributes());
</del><ins>+ thisObj.putDirectCustomAccessor(vm, propertyName, customGetterSetter, attributesForStructure(value.attributes()));
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeMathObjectcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/MathObject.cpp (189159 => 189160)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/MathObject.cpp 2015-08-30 07:08:00 UTC (rev 189159)
+++ trunk/Source/JavaScriptCore/runtime/MathObject.cpp 2015-08-30 22:33:23 UTC (rev 189160)
</span><span class="lines">@@ -1,6 +1,6 @@
</span><span class="cx"> /*
</span><span class="cx"> * Copyright (C) 1999-2000 Harri Porten (porten@kde.org)
</span><del>- * Copyright (C) 2007, 2008, 2013 Apple Inc. All Rights Reserved.
</del><ins>+ * Copyright (C) 2007, 2008, 2013, 2015 Apple Inc. All Rights Reserved.
</ins><span class="cx"> *
</span><span class="cx"> * This library is free software; you can redistribute it and/or
</span><span class="cx"> * modify it under the terms of the GNU Lesser General Public
</span><span class="lines">@@ -95,41 +95,41 @@
</span><span class="cx"> putDirectWithoutTransition(vm, Identifier::fromString(&vm, "SQRT1_2"), jsNumber(sqrt(0.5)), DontDelete | DontEnum | ReadOnly);
</span><span class="cx"> putDirectWithoutTransition(vm, Identifier::fromString(&vm, "SQRT2"), jsNumber(sqrt(2.0)), DontDelete | DontEnum | ReadOnly);
</span><span class="cx">
</span><del>- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "abs"), 1, mathProtoFuncAbs, AbsIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "acos"), 1, mathProtoFuncACos, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "asin"), 1, mathProtoFuncASin, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "atan"), 1, mathProtoFuncATan, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "acosh"), 1, mathProtoFuncACosh, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "asinh"), 1, mathProtoFuncASinh, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "atanh"), 1, mathProtoFuncATanh, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "atan2"), 2, mathProtoFuncATan2, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "cbrt"), 1, mathProtoFuncCbrt, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "ceil"), 1, mathProtoFuncCeil, CeilIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "clz32"), 1, mathProtoFuncClz32, Clz32Intrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "cos"), 1, mathProtoFuncCos, CosIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "cosh"), 1, mathProtoFuncCosh, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "exp"), 1, mathProtoFuncExp, ExpIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "expm1"), 1, mathProtoFuncExpm1, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "floor"), 1, mathProtoFuncFloor, FloorIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "fround"), 1, mathProtoFuncFround, FRoundIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "hypot"), 2, mathProtoFuncHypot, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "log"), 1, mathProtoFuncLog, LogIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "log10"), 1, mathProtoFuncLog10, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "log1p"), 1, mathProtoFuncLog1p, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "log2"), 1, mathProtoFuncLog2, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "max"), 2, mathProtoFuncMax, MaxIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "min"), 2, mathProtoFuncMin, MinIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "pow"), 2, mathProtoFuncPow, PowIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "random"), 0, mathProtoFuncRandom, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "round"), 1, mathProtoFuncRound, RoundIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "sign"), 1, mathProtoFuncSign, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "sin"), 1, mathProtoFuncSin, SinIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "sinh"), 1, mathProtoFuncSinh, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "sqrt"), 1, mathProtoFuncSqrt, SqrtIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "tan"), 1, mathProtoFuncTan, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "tanh"), 1, mathProtoFuncTanh, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "trunc"), 1, mathProtoFuncTrunc, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "imul"), 2, mathProtoFuncIMul, IMulIntrinsic, DontEnum | Function);
</del><ins>+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "abs"), 1, mathProtoFuncAbs, AbsIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "acos"), 1, mathProtoFuncACos, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "asin"), 1, mathProtoFuncASin, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "atan"), 1, mathProtoFuncATan, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "acosh"), 1, mathProtoFuncACosh, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "asinh"), 1, mathProtoFuncASinh, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "atanh"), 1, mathProtoFuncATanh, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "atan2"), 2, mathProtoFuncATan2, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "cbrt"), 1, mathProtoFuncCbrt, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "ceil"), 1, mathProtoFuncCeil, CeilIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "clz32"), 1, mathProtoFuncClz32, Clz32Intrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "cos"), 1, mathProtoFuncCos, CosIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "cosh"), 1, mathProtoFuncCosh, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "exp"), 1, mathProtoFuncExp, ExpIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "expm1"), 1, mathProtoFuncExpm1, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "floor"), 1, mathProtoFuncFloor, FloorIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "fround"), 1, mathProtoFuncFround, FRoundIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "hypot"), 2, mathProtoFuncHypot, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "log"), 1, mathProtoFuncLog, LogIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "log10"), 1, mathProtoFuncLog10, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "log1p"), 1, mathProtoFuncLog1p, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "log2"), 1, mathProtoFuncLog2, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "max"), 2, mathProtoFuncMax, MaxIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "min"), 2, mathProtoFuncMin, MinIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "pow"), 2, mathProtoFuncPow, PowIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "random"), 0, mathProtoFuncRandom, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "round"), 1, mathProtoFuncRound, RoundIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "sign"), 1, mathProtoFuncSign, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "sin"), 1, mathProtoFuncSin, SinIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "sinh"), 1, mathProtoFuncSinh, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "sqrt"), 1, mathProtoFuncSqrt, SqrtIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "tan"), 1, mathProtoFuncTan, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "tanh"), 1, mathProtoFuncTanh, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "trunc"), 1, mathProtoFuncTrunc, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, globalObject, Identifier::fromString(&vm, "imul"), 2, mathProtoFuncIMul, IMulIntrinsic, DontEnum);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // ------------------------------ Functions --------------------------------
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeNumberConstructorcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/NumberConstructor.cpp (189159 => 189160)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/NumberConstructor.cpp 2015-08-30 07:08:00 UTC (rev 189159)
+++ trunk/Source/JavaScriptCore/runtime/NumberConstructor.cpp 2015-08-30 22:33:23 UTC (rev 189160)
</span><span class="lines">@@ -1,6 +1,6 @@
</span><span class="cx"> /*
</span><span class="cx"> * Copyright (C) 1999-2000,2003 Harri Porten (porten@kde.org)
</span><del>- * Copyright (C) 2007, 2008, 2011 Apple Inc. All rights reserved.
</del><ins>+ * Copyright (C) 2007, 2008, 2011, 2015 Apple Inc. All rights reserved.
</ins><span class="cx"> *
</span><span class="cx"> * This library is free software; you can redistribute it and/or
</span><span class="cx"> * modify it under the terms of the GNU Lesser General Public
</span><span class="lines">@@ -68,12 +68,12 @@
</span><span class="cx"> putDirectWithoutTransition(vm, Identifier::fromString(&vm, "POSITIVE_INFINITY"), jsDoubleNumber(std::numeric_limits<double>::infinity()), DontDelete | DontEnum | ReadOnly);
</span><span class="cx"> putDirectWithoutTransition(vm, Identifier::fromString(&vm, "NaN"), jsNaN(), DontDelete | DontEnum | ReadOnly);
</span><span class="cx">
</span><del>- putDirectNativeFunctionWithoutTransition(vm, numberPrototype->globalObject(), Identifier::fromString(&vm, "isFinite"), 1, numberConstructorFuncIsFinite, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, numberPrototype->globalObject(), Identifier::fromString(&vm, "isInteger"), 1, numberConstructorFuncIsInteger, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, numberPrototype->globalObject(), Identifier::fromString(&vm, "isNaN"), 1, numberConstructorFuncIsNaN, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, numberPrototype->globalObject(), Identifier::fromString(&vm, "isSafeInteger"), 1, numberConstructorFuncIsSafeInteger, NoIntrinsic, DontEnum | Function);
- putDirectNativeFunctionWithoutTransition(vm, numberPrototype->globalObject(), Identifier::fromString(&vm, "parseFloat"), 1, globalFuncParseFloat, NoIntrinsic, DontEnum | Function);
- putDirectWithoutTransition(vm, Identifier::fromString(&vm, "parseInt"), numberPrototype->globalObject()->parseIntFunction(), DontEnum | Function);
</del><ins>+ putDirectNativeFunctionWithoutTransition(vm, numberPrototype->globalObject(), Identifier::fromString(&vm, "isFinite"), 1, numberConstructorFuncIsFinite, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, numberPrototype->globalObject(), Identifier::fromString(&vm, "isInteger"), 1, numberConstructorFuncIsInteger, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, numberPrototype->globalObject(), Identifier::fromString(&vm, "isNaN"), 1, numberConstructorFuncIsNaN, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, numberPrototype->globalObject(), Identifier::fromString(&vm, "isSafeInteger"), 1, numberConstructorFuncIsSafeInteger, NoIntrinsic, DontEnum);
+ putDirectNativeFunctionWithoutTransition(vm, numberPrototype->globalObject(), Identifier::fromString(&vm, "parseFloat"), 1, globalFuncParseFloat, NoIntrinsic, DontEnum);
+ putDirectWithoutTransition(vm, Identifier::fromString(&vm, "parseInt"), numberPrototype->globalObject()->parseIntFunction(), DontEnum);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // ECMA 15.7.1
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimePropertySloth"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/PropertySlot.h (189159 => 189160)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/PropertySlot.h 2015-08-30 07:08:00 UTC (rev 189159)
+++ trunk/Source/JavaScriptCore/runtime/PropertySlot.h 2015-08-30 22:33:23 UTC (rev 189160)
</span><span class="lines">@@ -40,16 +40,24 @@
</span><span class="cx"> ReadOnly = 1 << 1, // property can be only read, not written
</span><span class="cx"> DontEnum = 1 << 2, // property doesn't appear in (for .. in ..)
</span><span class="cx"> DontDelete = 1 << 3, // property can't be deleted
</span><del>- Function = 1 << 4, // property is a function - only used by static hashtables
- Accessor = 1 << 5, // property is a getter/setter
- CustomAccessor = 1 << 6,
- Builtin = 1 << 7, // property is a builtin function - only used by static hashtables
- ConstantInteger = 1 << 8, // property is a constant integer - only used by static hashtables
</del><ins>+ Accessor = 1 << 4, // property is a getter/setter
+ CustomAccessor = 1 << 5,
+
+ // Things that are used by static hashtables are not in the attributes byte in PropertyMapEntry.
+ Function = 1 << 8, // property is a function - only used by static hashtables
+ Builtin = 1 << 9, // property is a builtin function - only used by static hashtables
+ ConstantInteger = 1 << 10, // property is a constant integer - only used by static hashtables
</ins><span class="cx"> BuiltinOrFunction = Builtin | Function, // helper only used by static hashtables
</span><span class="cx"> BuiltinOrFunctionOrAccessor = Builtin | Function | Accessor, // helper only used by static hashtables
</span><span class="cx"> BuiltinOrFunctionOrAccessorOrConstant = Builtin | Function | Accessor | ConstantInteger, // helper only used by static hashtables
</span><span class="cx"> };
</span><span class="cx">
</span><ins>+inline unsigned attributesForStructure(unsigned attributes)
+{
+ // The attributes that are used just for the static hashtable are at bit 8 and higher.
+ return static_cast<uint8_t>(attributes);
+}
+
</ins><span class="cx"> class PropertySlot {
</span><span class="cx"> enum PropertyType {
</span><span class="cx"> TypeUnset,
</span><span class="lines">@@ -125,6 +133,8 @@
</span><span class="cx">
</span><span class="cx"> void setValue(JSObject* slotBase, unsigned attributes, JSValue value)
</span><span class="cx"> {
</span><ins>+ ASSERT(attributes == attributesForStructure(attributes));
+
</ins><span class="cx"> m_data.value = JSValue::encode(value);
</span><span class="cx"> m_attributes = attributes;
</span><span class="cx">
</span><span class="lines">@@ -136,6 +146,8 @@
</span><span class="cx">
</span><span class="cx"> void setValue(JSObject* slotBase, unsigned attributes, JSValue value, PropertyOffset offset)
</span><span class="cx"> {
</span><ins>+ ASSERT(attributes == attributesForStructure(attributes));
+
</ins><span class="cx"> ASSERT(value);
</span><span class="cx"> m_data.value = JSValue::encode(value);
</span><span class="cx"> m_attributes = attributes;
</span><span class="lines">@@ -148,6 +160,8 @@
</span><span class="cx">
</span><span class="cx"> void setValue(JSString*, unsigned attributes, JSValue value)
</span><span class="cx"> {
</span><ins>+ ASSERT(attributes == attributesForStructure(attributes));
+
</ins><span class="cx"> ASSERT(value);
</span><span class="cx"> m_data.value = JSValue::encode(value);
</span><span class="cx"> m_attributes = attributes;
</span><span class="lines">@@ -159,6 +173,8 @@
</span><span class="cx">
</span><span class="cx"> void setCustom(JSObject* slotBase, unsigned attributes, GetValueFunc getValue)
</span><span class="cx"> {
</span><ins>+ ASSERT(attributes == attributesForStructure(attributes));
+
</ins><span class="cx"> ASSERT(getValue);
</span><span class="cx"> m_data.custom.getValue = getValue;
</span><span class="cx"> m_attributes = attributes;
</span><span class="lines">@@ -171,6 +187,8 @@
</span><span class="cx">
</span><span class="cx"> void setCacheableCustom(JSObject* slotBase, unsigned attributes, GetValueFunc getValue)
</span><span class="cx"> {
</span><ins>+ ASSERT(attributes == attributesForStructure(attributes));
+
</ins><span class="cx"> ASSERT(getValue);
</span><span class="cx"> m_data.custom.getValue = getValue;
</span><span class="cx"> m_attributes = attributes;
</span><span class="lines">@@ -183,6 +201,8 @@
</span><span class="cx">
</span><span class="cx"> void setGetterSlot(JSObject* slotBase, unsigned attributes, GetterSetter* getterSetter)
</span><span class="cx"> {
</span><ins>+ ASSERT(attributes == attributesForStructure(attributes));
+
</ins><span class="cx"> ASSERT(getterSetter);
</span><span class="cx"> m_data.getter.getterSetter = getterSetter;
</span><span class="cx"> m_attributes = attributes;
</span><span class="lines">@@ -195,6 +215,8 @@
</span><span class="cx">
</span><span class="cx"> void setCacheableGetterSlot(JSObject* slotBase, unsigned attributes, GetterSetter* getterSetter, PropertyOffset offset)
</span><span class="cx"> {
</span><ins>+ ASSERT(attributes == attributesForStructure(attributes));
+
</ins><span class="cx"> ASSERT(getterSetter);
</span><span class="cx"> m_data.getter.getterSetter = getterSetter;
</span><span class="cx"> m_attributes = attributes;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeStructureh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/Structure.h (189159 => 189160)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/Structure.h 2015-08-30 07:08:00 UTC (rev 189159)
+++ trunk/Source/JavaScriptCore/runtime/Structure.h 2015-08-30 22:33:23 UTC (rev 189160)
</span><span class="lines">@@ -80,7 +80,7 @@
</span><span class="cx"> struct PropertyMapEntry {
</span><span class="cx"> UniquedStringImpl* key;
</span><span class="cx"> PropertyOffset offset;
</span><del>- unsigned attributes;
</del><ins>+ uint8_t attributes;
</ins><span class="cx">
</span><span class="cx"> PropertyMapEntry()
</span><span class="cx"> : key(nullptr)
</span><span class="lines">@@ -94,6 +94,7 @@
</span><span class="cx"> , offset(offset)
</span><span class="cx"> , attributes(attributes)
</span><span class="cx"> {
</span><ins>+ ASSERT(this->attributes == attributes);
</ins><span class="cx"> }
</span><span class="cx"> };
</span><span class="cx">
</span></span></pre>
</div>
</div>
</body>
</html>