<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[243467] trunk/Source/JavaScriptCore</title>
</head>
<body>

<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }
#msg dl a { font-weight: bold}
#msg dl a:link    { color:#fc3; }
#msg dl a:active  { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/243467">243467</a></dd>
<dt>Author</dt> <dd>ysuzuki@apple.com</dd>
<dt>Date</dt> <dd>2019-03-25 15:40:58 -0700 (Mon, 25 Mar 2019)</dd>
</dl>

<h3>Log Message</h3>
<pre>Heap::isMarked and friends should be instance methods
https://bugs.webkit.org/show_bug.cgi?id=179988

Reviewed by Saam Barati.

Almost all the callers of Heap::isMarked have VM& reference. We should make Heap::isMarked instance function instead of static function
so that we do not need to look up Heap from the cell.

* API/JSAPIWrapperObject.mm:
(JSAPIWrapperObjectHandleOwner::isReachableFromOpaqueRoots):
* API/JSMarkingConstraintPrivate.cpp:
(JSC::isMarked):
* API/glib/JSAPIWrapperObjectGLib.cpp:
(JSAPIWrapperObjectHandleOwner::isReachableFromOpaqueRoots):
* builtins/BuiltinExecutables.cpp:
(JSC::BuiltinExecutables::finalizeUnconditionally):
* bytecode/AccessCase.cpp:
(JSC::AccessCase::visitWeak const):
(JSC::AccessCase::propagateTransitions const):
* bytecode/CallLinkInfo.cpp:
(JSC::CallLinkInfo::visitWeak):
* bytecode/CallLinkStatus.cpp:
(JSC::CallLinkStatus::finalize):
* bytecode/CallLinkStatus.h:
* bytecode/CallVariant.cpp:
(JSC::CallVariant::finalize):
* bytecode/CallVariant.h:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::shouldJettisonDueToWeakReference):
(JSC::CodeBlock::shouldJettisonDueToOldAge):
(JSC::shouldMarkTransition):
(JSC::CodeBlock::propagateTransitions):
(JSC::CodeBlock::determineLiveness):
(JSC::CodeBlock::finalizeLLIntInlineCaches):
(JSC::CodeBlock::finalizeUnconditionally):
(JSC::CodeBlock::jettison):
* bytecode/CodeBlock.h:
* bytecode/ExecutableToCodeBlockEdge.cpp:
(JSC::ExecutableToCodeBlockEdge::visitChildren):
(JSC::ExecutableToCodeBlockEdge::finalizeUnconditionally):
(JSC::ExecutableToCodeBlockEdge::runConstraint):
* bytecode/GetByIdStatus.cpp:
(JSC::GetByIdStatus::finalize):
* bytecode/GetByIdStatus.h:
* bytecode/GetByIdVariant.cpp:
(JSC::GetByIdVariant::finalize):
* bytecode/GetByIdVariant.h:
* bytecode/InByIdStatus.cpp:
(JSC::InByIdStatus::finalize):
* bytecode/InByIdStatus.h:
* bytecode/InByIdVariant.cpp:
(JSC::InByIdVariant::finalize):
* bytecode/InByIdVariant.h:
* bytecode/ObjectPropertyCondition.cpp:
(JSC::ObjectPropertyCondition::isStillLive const):
* bytecode/ObjectPropertyCondition.h:
* bytecode/ObjectPropertyConditionSet.cpp:
(JSC::ObjectPropertyConditionSet::areStillLive const):
* bytecode/ObjectPropertyConditionSet.h:
* bytecode/PolymorphicAccess.cpp:
(JSC::PolymorphicAccess::visitWeak const):
* bytecode/PropertyCondition.cpp:
(JSC::PropertyCondition::isStillLive const):
* bytecode/PropertyCondition.h:
* bytecode/PutByIdStatus.cpp:
(JSC::PutByIdStatus::finalize):
* bytecode/PutByIdStatus.h:
* bytecode/PutByIdVariant.cpp:
(JSC::PutByIdVariant::finalize):
* bytecode/PutByIdVariant.h:
* bytecode/RecordedStatuses.cpp:
(JSC::RecordedStatuses::finalizeWithoutDeleting):
(JSC::RecordedStatuses::finalize):
* bytecode/RecordedStatuses.h:
* bytecode/StructureSet.cpp:
(JSC::StructureSet::isStillAlive const):
* bytecode/StructureSet.h:
* bytecode/StructureStubInfo.cpp:
(JSC::StructureStubInfo::visitWeakReferences):
* dfg/DFGPlan.cpp:
(JSC::DFG::Plan::finalizeInGC):
(JSC::DFG::Plan::isKnownToBeLiveDuringGC):
* heap/GCIncomingRefCounted.h:
* heap/GCIncomingRefCountedInlines.h:
(JSC::GCIncomingRefCounted<T>::filterIncomingReferences):
* heap/GCIncomingRefCountedSet.h:
* heap/GCIncomingRefCountedSetInlines.h:
(JSC::GCIncomingRefCountedSet<T>::lastChanceToFinalize):
(JSC::GCIncomingRefCountedSet<T>::sweep):
(JSC::GCIncomingRefCountedSet<T>::removeAll): Deleted.
(JSC::GCIncomingRefCountedSet<T>::removeDead): Deleted.
* heap/Heap.cpp:
(JSC::Heap::addToRememberedSet):
(JSC::Heap::runEndPhase):
(JSC::Heap::sweepArrayBuffers):
(JSC::Heap::addCoreConstraints):
* heap/Heap.h:
* heap/HeapInlines.h:
(JSC::Heap::isMarked):
* heap/HeapSnapshotBuilder.cpp:
(JSC::HeapSnapshotBuilder::appendNode):
* heap/SlotVisitor.cpp:
(JSC::SlotVisitor::appendToMarkStack):
(JSC::SlotVisitor::visitChildren):
* jit/PolymorphicCallStubRoutine.cpp:
(JSC::PolymorphicCallStubRoutine::visitWeak):
* runtime/ErrorInstance.cpp:
(JSC::ErrorInstance::finalizeUnconditionally):
* runtime/InferredValueInlines.h:
(JSC::InferredValue::finalizeUnconditionally):
* runtime/StackFrame.h:
(JSC::StackFrame::isMarked const):
* runtime/Structure.cpp:
(JSC::Structure::isCheapDuringGC):
(JSC::Structure::markIfCheap):
* runtime/Structure.h:
* runtime/TypeProfiler.cpp:
(JSC::TypeProfiler::invalidateTypeSetCache):
* runtime/TypeProfiler.h:
* runtime/TypeSet.cpp:
(JSC::TypeSet::invalidateCache):
* runtime/TypeSet.h:
* runtime/WeakMapImpl.cpp:
(JSC::WeakMapImpl<WeakMapBucket<WeakMapBucketDataKeyValue>>::visitOutputConstraints):
* runtime/WeakMapImplInlines.h:
(JSC::WeakMapImpl<WeakMapBucket>::finalizeUnconditionally):</pre>

<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCoreAPIJSAPIWrapperObjectmm">trunk/Source/JavaScriptCore/API/JSAPIWrapperObject.mm</a></li>
<li><a href="#trunkSourceJavaScriptCoreAPIJSMarkingConstraintPrivatecpp">trunk/Source/JavaScriptCore/API/JSMarkingConstraintPrivate.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreAPIglibJSAPIWrapperObjectGLibcpp">trunk/Source/JavaScriptCore/API/glib/JSAPIWrapperObjectGLib.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreChangeLog">trunk/Source/JavaScriptCore/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCorebuiltinsBuiltinExecutablescpp">trunk/Source/JavaScriptCore/builtins/BuiltinExecutables.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeAccessCasecpp">trunk/Source/JavaScriptCore/bytecode/AccessCase.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeCallLinkInfocpp">trunk/Source/JavaScriptCore/bytecode/CallLinkInfo.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeCallLinkStatuscpp">trunk/Source/JavaScriptCore/bytecode/CallLinkStatus.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeCallLinkStatush">trunk/Source/JavaScriptCore/bytecode/CallLinkStatus.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeCallVariantcpp">trunk/Source/JavaScriptCore/bytecode/CallVariant.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeCallVarianth">trunk/Source/JavaScriptCore/bytecode/CallVariant.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeCodeBlockcpp">trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeCodeBlockh">trunk/Source/JavaScriptCore/bytecode/CodeBlock.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeExecutableToCodeBlockEdgecpp">trunk/Source/JavaScriptCore/bytecode/ExecutableToCodeBlockEdge.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeGetByIdStatuscpp">trunk/Source/JavaScriptCore/bytecode/GetByIdStatus.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeGetByIdStatush">trunk/Source/JavaScriptCore/bytecode/GetByIdStatus.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeGetByIdVariantcpp">trunk/Source/JavaScriptCore/bytecode/GetByIdVariant.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeGetByIdVarianth">trunk/Source/JavaScriptCore/bytecode/GetByIdVariant.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeInByIdStatuscpp">trunk/Source/JavaScriptCore/bytecode/InByIdStatus.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeInByIdStatush">trunk/Source/JavaScriptCore/bytecode/InByIdStatus.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeInByIdVariantcpp">trunk/Source/JavaScriptCore/bytecode/InByIdVariant.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeInByIdVarianth">trunk/Source/JavaScriptCore/bytecode/InByIdVariant.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeObjectPropertyConditioncpp">trunk/Source/JavaScriptCore/bytecode/ObjectPropertyCondition.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeObjectPropertyConditionh">trunk/Source/JavaScriptCore/bytecode/ObjectPropertyCondition.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeObjectPropertyConditionSetcpp">trunk/Source/JavaScriptCore/bytecode/ObjectPropertyConditionSet.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeObjectPropertyConditionSeth">trunk/Source/JavaScriptCore/bytecode/ObjectPropertyConditionSet.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodePolymorphicAccesscpp">trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodePropertyConditioncpp">trunk/Source/JavaScriptCore/bytecode/PropertyCondition.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodePropertyConditionh">trunk/Source/JavaScriptCore/bytecode/PropertyCondition.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodePutByIdStatuscpp">trunk/Source/JavaScriptCore/bytecode/PutByIdStatus.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodePutByIdStatush">trunk/Source/JavaScriptCore/bytecode/PutByIdStatus.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodePutByIdVariantcpp">trunk/Source/JavaScriptCore/bytecode/PutByIdVariant.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodePutByIdVarianth">trunk/Source/JavaScriptCore/bytecode/PutByIdVariant.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeRecordedStatusescpp">trunk/Source/JavaScriptCore/bytecode/RecordedStatuses.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeRecordedStatusesh">trunk/Source/JavaScriptCore/bytecode/RecordedStatuses.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeStructureSetcpp">trunk/Source/JavaScriptCore/bytecode/StructureSet.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeStructureSeth">trunk/Source/JavaScriptCore/bytecode/StructureSet.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeStructureStubInfocpp">trunk/Source/JavaScriptCore/bytecode/StructureStubInfo.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGPlancpp">trunk/Source/JavaScriptCore/dfg/DFGPlan.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreheapGCIncomingRefCountedh">trunk/Source/JavaScriptCore/heap/GCIncomingRefCounted.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreheapGCIncomingRefCountedInlinesh">trunk/Source/JavaScriptCore/heap/GCIncomingRefCountedInlines.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreheapGCIncomingRefCountedSeth">trunk/Source/JavaScriptCore/heap/GCIncomingRefCountedSet.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreheapGCIncomingRefCountedSetInlinesh">trunk/Source/JavaScriptCore/heap/GCIncomingRefCountedSetInlines.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreheapHeapcpp">trunk/Source/JavaScriptCore/heap/Heap.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreheapHeaph">trunk/Source/JavaScriptCore/heap/Heap.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreheapHeapInlinesh">trunk/Source/JavaScriptCore/heap/HeapInlines.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreheapHeapSnapshotBuildercpp">trunk/Source/JavaScriptCore/heap/HeapSnapshotBuilder.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreheapSlotVisitorcpp">trunk/Source/JavaScriptCore/heap/SlotVisitor.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitPolymorphicCallStubRoutinecpp">trunk/Source/JavaScriptCore/jit/PolymorphicCallStubRoutine.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeErrorInstancecpp">trunk/Source/JavaScriptCore/runtime/ErrorInstance.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeInferredValueInlinesh">trunk/Source/JavaScriptCore/runtime/InferredValueInlines.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeStackFrameh">trunk/Source/JavaScriptCore/runtime/StackFrame.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeStructurecpp">trunk/Source/JavaScriptCore/runtime/Structure.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeStructureh">trunk/Source/JavaScriptCore/runtime/Structure.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeTypeProfilercpp">trunk/Source/JavaScriptCore/runtime/TypeProfiler.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeTypeProfilerh">trunk/Source/JavaScriptCore/runtime/TypeProfiler.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeTypeSetcpp">trunk/Source/JavaScriptCore/runtime/TypeSet.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeTypeSeth">trunk/Source/JavaScriptCore/runtime/TypeSet.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeWeakMapImplcpp">trunk/Source/JavaScriptCore/runtime/WeakMapImpl.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeWeakMapImplInlinesh">trunk/Source/JavaScriptCore/runtime/WeakMapImplInlines.h</a></li>
</ul>

</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceJavaScriptCoreAPIJSAPIWrapperObjectmm"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/API/JSAPIWrapperObject.mm (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/API/JSAPIWrapperObject.mm    2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/API/JSAPIWrapperObject.mm       2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -63,7 +63,7 @@
</span><span class="cx">     // the same Objective-C object in multiple global objects keeps all of the global objects alive.
</span><span class="cx">     if (!wrapperObject->wrappedObject())
</span><span class="cx">         return false;
</span><del>-    return JSC::Heap::isMarked(wrapperObject->structure()->globalObject()) && visitor.containsOpaqueRoot(wrapperObject->wrappedObject());
</del><ins>+    return visitor.vm().heap.isMarked(wrapperObject->structure()->globalObject()) && visitor.containsOpaqueRoot(wrapperObject->wrappedObject());
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> namespace JSC {
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreAPIJSMarkingConstraintPrivatecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/API/JSMarkingConstraintPrivate.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/API/JSMarkingConstraintPrivate.cpp   2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/API/JSMarkingConstraintPrivate.cpp      2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -40,12 +40,12 @@
</span><span class="cx">     SlotVisitor* visitor;
</span><span class="cx"> };
</span><span class="cx"> 
</span><del>-bool isMarked(JSMarkerRef, JSObjectRef objectRef)
</del><ins>+bool isMarked(JSMarkerRef markerRef, JSObjectRef objectRef)
</ins><span class="cx"> {
</span><span class="cx">     if (!objectRef)
</span><span class="cx">         return true; // Null is an immortal object.
</span><span class="cx">     
</span><del>-    return Heap::isMarked(toJS(objectRef));
</del><ins>+    return static_cast<Marker*>(markerRef)->visitor->vm().heap.isMarked(toJS(objectRef));
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> void mark(JSMarkerRef markerRef, JSObjectRef objectRef)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreAPIglibJSAPIWrapperObjectGLibcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/API/glib/JSAPIWrapperObjectGLib.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/API/glib/JSAPIWrapperObjectGLib.cpp  2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/API/glib/JSAPIWrapperObjectGLib.cpp     2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -62,7 +62,7 @@
</span><span class="cx">     // the same wrapped object in multiple global objects keeps all of the global objects alive.
</span><span class="cx">     if (!wrapperObject->wrappedObject())
</span><span class="cx">         return false;
</span><del>-    return JSC::Heap::isMarked(wrapperObject->structure()->globalObject()) && visitor.containsOpaqueRoot(wrapperObject->wrappedObject());
</del><ins>+    return visitor.vm().heap.isMarked(wrapperObject->structure()->globalObject()) && visitor.containsOpaqueRoot(wrapperObject->wrappedObject());
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> namespace JSC {
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ChangeLog (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ChangeLog    2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/ChangeLog       2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -1,3 +1,132 @@
</span><ins>+2019-03-25  Yusuke Suzuki  <ysuzuki@apple.com>
+
+        Heap::isMarked and friends should be instance methods
+        https://bugs.webkit.org/show_bug.cgi?id=179988
+
+        Reviewed by Saam Barati.
+
+        Almost all the callers of Heap::isMarked have VM& reference. We should make Heap::isMarked instance function instead of static function
+        so that we do not need to look up Heap from the cell.
+
+        * API/JSAPIWrapperObject.mm:
+        (JSAPIWrapperObjectHandleOwner::isReachableFromOpaqueRoots):
+        * API/JSMarkingConstraintPrivate.cpp:
+        (JSC::isMarked):
+        * API/glib/JSAPIWrapperObjectGLib.cpp:
+        (JSAPIWrapperObjectHandleOwner::isReachableFromOpaqueRoots):
+        * builtins/BuiltinExecutables.cpp:
+        (JSC::BuiltinExecutables::finalizeUnconditionally):
+        * bytecode/AccessCase.cpp:
+        (JSC::AccessCase::visitWeak const):
+        (JSC::AccessCase::propagateTransitions const):
+        * bytecode/CallLinkInfo.cpp:
+        (JSC::CallLinkInfo::visitWeak):
+        * bytecode/CallLinkStatus.cpp:
+        (JSC::CallLinkStatus::finalize):
+        * bytecode/CallLinkStatus.h:
+        * bytecode/CallVariant.cpp:
+        (JSC::CallVariant::finalize):
+        * bytecode/CallVariant.h:
+        * bytecode/CodeBlock.cpp:
+        (JSC::CodeBlock::shouldJettisonDueToWeakReference):
+        (JSC::CodeBlock::shouldJettisonDueToOldAge):
+        (JSC::shouldMarkTransition):
+        (JSC::CodeBlock::propagateTransitions):
+        (JSC::CodeBlock::determineLiveness):
+        (JSC::CodeBlock::finalizeLLIntInlineCaches):
+        (JSC::CodeBlock::finalizeUnconditionally):
+        (JSC::CodeBlock::jettison):
+        * bytecode/CodeBlock.h:
+        * bytecode/ExecutableToCodeBlockEdge.cpp:
+        (JSC::ExecutableToCodeBlockEdge::visitChildren):
+        (JSC::ExecutableToCodeBlockEdge::finalizeUnconditionally):
+        (JSC::ExecutableToCodeBlockEdge::runConstraint):
+        * bytecode/GetByIdStatus.cpp:
+        (JSC::GetByIdStatus::finalize):
+        * bytecode/GetByIdStatus.h:
+        * bytecode/GetByIdVariant.cpp:
+        (JSC::GetByIdVariant::finalize):
+        * bytecode/GetByIdVariant.h:
+        * bytecode/InByIdStatus.cpp:
+        (JSC::InByIdStatus::finalize):
+        * bytecode/InByIdStatus.h:
+        * bytecode/InByIdVariant.cpp:
+        (JSC::InByIdVariant::finalize):
+        * bytecode/InByIdVariant.h:
+        * bytecode/ObjectPropertyCondition.cpp:
+        (JSC::ObjectPropertyCondition::isStillLive const):
+        * bytecode/ObjectPropertyCondition.h:
+        * bytecode/ObjectPropertyConditionSet.cpp:
+        (JSC::ObjectPropertyConditionSet::areStillLive const):
+        * bytecode/ObjectPropertyConditionSet.h:
+        * bytecode/PolymorphicAccess.cpp:
+        (JSC::PolymorphicAccess::visitWeak const):
+        * bytecode/PropertyCondition.cpp:
+        (JSC::PropertyCondition::isStillLive const):
+        * bytecode/PropertyCondition.h:
+        * bytecode/PutByIdStatus.cpp:
+        (JSC::PutByIdStatus::finalize):
+        * bytecode/PutByIdStatus.h:
+        * bytecode/PutByIdVariant.cpp:
+        (JSC::PutByIdVariant::finalize):
+        * bytecode/PutByIdVariant.h:
+        * bytecode/RecordedStatuses.cpp:
+        (JSC::RecordedStatuses::finalizeWithoutDeleting):
+        (JSC::RecordedStatuses::finalize):
+        * bytecode/RecordedStatuses.h:
+        * bytecode/StructureSet.cpp:
+        (JSC::StructureSet::isStillAlive const):
+        * bytecode/StructureSet.h:
+        * bytecode/StructureStubInfo.cpp:
+        (JSC::StructureStubInfo::visitWeakReferences):
+        * dfg/DFGPlan.cpp:
+        (JSC::DFG::Plan::finalizeInGC):
+        (JSC::DFG::Plan::isKnownToBeLiveDuringGC):
+        * heap/GCIncomingRefCounted.h:
+        * heap/GCIncomingRefCountedInlines.h:
+        (JSC::GCIncomingRefCounted<T>::filterIncomingReferences):
+        * heap/GCIncomingRefCountedSet.h:
+        * heap/GCIncomingRefCountedSetInlines.h:
+        (JSC::GCIncomingRefCountedSet<T>::lastChanceToFinalize):
+        (JSC::GCIncomingRefCountedSet<T>::sweep):
+        (JSC::GCIncomingRefCountedSet<T>::removeAll): Deleted.
+        (JSC::GCIncomingRefCountedSet<T>::removeDead): Deleted.
+        * heap/Heap.cpp:
+        (JSC::Heap::addToRememberedSet):
+        (JSC::Heap::runEndPhase):
+        (JSC::Heap::sweepArrayBuffers):
+        (JSC::Heap::addCoreConstraints):
+        * heap/Heap.h:
+        * heap/HeapInlines.h:
+        (JSC::Heap::isMarked):
+        * heap/HeapSnapshotBuilder.cpp:
+        (JSC::HeapSnapshotBuilder::appendNode):
+        * heap/SlotVisitor.cpp:
+        (JSC::SlotVisitor::appendToMarkStack):
+        (JSC::SlotVisitor::visitChildren):
+        * jit/PolymorphicCallStubRoutine.cpp:
+        (JSC::PolymorphicCallStubRoutine::visitWeak):
+        * runtime/ErrorInstance.cpp:
+        (JSC::ErrorInstance::finalizeUnconditionally):
+        * runtime/InferredValueInlines.h:
+        (JSC::InferredValue::finalizeUnconditionally):
+        * runtime/StackFrame.h:
+        (JSC::StackFrame::isMarked const):
+        * runtime/Structure.cpp:
+        (JSC::Structure::isCheapDuringGC):
+        (JSC::Structure::markIfCheap):
+        * runtime/Structure.h:
+        * runtime/TypeProfiler.cpp:
+        (JSC::TypeProfiler::invalidateTypeSetCache):
+        * runtime/TypeProfiler.h:
+        * runtime/TypeSet.cpp:
+        (JSC::TypeSet::invalidateCache):
+        * runtime/TypeSet.h:
+        * runtime/WeakMapImpl.cpp:
+        (JSC::WeakMapImpl<WeakMapBucket<WeakMapBucketDataKeyValue>>::visitOutputConstraints):
+        * runtime/WeakMapImplInlines.h:
+        (JSC::WeakMapImpl<WeakMapBucket>::finalizeUnconditionally):
+
</ins><span class="cx"> 2019-03-25  Keith Miller  <keith_miller@apple.com>
</span><span class="cx"> 
</span><span class="cx">         ASSERTION FAILED: m_op == CompareStrictEq in JSC::DFG::Node::convertToCompareEqPtr(JSC::DFG::FrozenValue *, JSC::DFG::Edge)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebuiltinsBuiltinExecutablescpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/builtins/BuiltinExecutables.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/builtins/BuiltinExecutables.cpp      2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/builtins/BuiltinExecutables.cpp 2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -262,7 +262,7 @@
</span><span class="cx"> void BuiltinExecutables::finalizeUnconditionally()
</span><span class="cx"> {
</span><span class="cx">     for (auto*& unlinkedExecutable : m_unlinkedExecutables) {
</span><del>-        if (unlinkedExecutable && !Heap::isMarked(unlinkedExecutable))
</del><ins>+        if (unlinkedExecutable && !m_vm.heap.isMarked(unlinkedExecutable))
</ins><span class="cx">             unlinkedExecutable = nullptr;
</span><span class="cx">     }
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeAccessCasecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/AccessCase.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/AccessCase.cpp      2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/AccessCase.cpp 2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -323,34 +323,34 @@
</span><span class="cx"> 
</span><span class="cx"> bool AccessCase::visitWeak(VM& vm) const
</span><span class="cx"> {
</span><del>-    if (m_structure && !Heap::isMarked(m_structure.get()))
</del><ins>+    if (m_structure && !vm.heap.isMarked(m_structure.get()))
</ins><span class="cx">         return false;
</span><span class="cx">     if (m_polyProtoAccessChain) {
</span><span class="cx">         for (Structure* structure : m_polyProtoAccessChain->chain()) {
</span><del>-            if (!Heap::isMarked(structure))
</del><ins>+            if (!vm.heap.isMarked(structure))
</ins><span class="cx">                 return false;
</span><span class="cx">         }
</span><span class="cx">     }
</span><del>-    if (!m_conditionSet.areStillLive())
</del><ins>+    if (!m_conditionSet.areStillLive(vm))
</ins><span class="cx">         return false;
</span><span class="cx">     if (isAccessor()) {
</span><span class="cx">         auto& accessor = this->as<GetterSetterAccessCase>();
</span><span class="cx">         if (accessor.callLinkInfo())
</span><span class="cx">             accessor.callLinkInfo()->visitWeak(vm);
</span><del>-        if (accessor.customSlotBase() && !Heap::isMarked(accessor.customSlotBase()))
</del><ins>+        if (accessor.customSlotBase() && !vm.heap.isMarked(accessor.customSlotBase()))
</ins><span class="cx">             return false;
</span><span class="cx">     } else if (type() == IntrinsicGetter) {
</span><span class="cx">         auto& intrinsic = this->as<IntrinsicGetterAccessCase>();
</span><del>-        if (intrinsic.intrinsicFunction() && !Heap::isMarked(intrinsic.intrinsicFunction()))
</del><ins>+        if (intrinsic.intrinsicFunction() && !vm.heap.isMarked(intrinsic.intrinsicFunction()))
</ins><span class="cx">             return false;
</span><span class="cx">     } else if (type() == ModuleNamespaceLoad) {
</span><span class="cx">         auto& accessCase = this->as<ModuleNamespaceAccessCase>();
</span><del>-        if (accessCase.moduleNamespaceObject() && !Heap::isMarked(accessCase.moduleNamespaceObject()))
</del><ins>+        if (accessCase.moduleNamespaceObject() && !vm.heap.isMarked(accessCase.moduleNamespaceObject()))
</ins><span class="cx">             return false;
</span><del>-        if (accessCase.moduleEnvironment() && !Heap::isMarked(accessCase.moduleEnvironment()))
</del><ins>+        if (accessCase.moduleEnvironment() && !vm.heap.isMarked(accessCase.moduleEnvironment()))
</ins><span class="cx">             return false;
</span><span class="cx">     } else if (type() == InstanceOfHit || type() == InstanceOfMiss) {
</span><del>-        if (as<InstanceOfAccessCase>().prototype() && !Heap::isMarked(as<InstanceOfAccessCase>().prototype()))
</del><ins>+        if (as<InstanceOfAccessCase>().prototype() && !vm.heap.isMarked(as<InstanceOfAccessCase>().prototype()))
</ins><span class="cx">             return false;
</span><span class="cx">     }
</span><span class="cx"> 
</span><span class="lines">@@ -371,7 +371,7 @@
</span><span class="cx"> 
</span><span class="cx">     switch (m_type) {
</span><span class="cx">     case Transition:
</span><del>-        if (Heap::isMarked(m_structure->previousID()))
</del><ins>+        if (visitor.vm().heap.isMarked(m_structure->previousID()))
</ins><span class="cx">             visitor.appendUnbarriered(m_structure.get());
</span><span class="cx">         else
</span><span class="cx">             result = false;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeCallLinkInfocpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/CallLinkInfo.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/CallLinkInfo.cpp    2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/CallLinkInfo.cpp       2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -210,7 +210,7 @@
</span><span class="cx"> void CallLinkInfo::visitWeak(VM& vm)
</span><span class="cx"> {
</span><span class="cx">     auto handleSpecificCallee = [&] (JSFunction* callee) {
</span><del>-        if (Heap::isMarked(callee->executable()))
</del><ins>+        if (vm.heap.isMarked(callee->executable()))
</ins><span class="cx">             m_hasSeenClosure = true;
</span><span class="cx">         else
</span><span class="cx">             m_clearedByGC = true;
</span><span class="lines">@@ -228,7 +228,7 @@
</span><span class="cx">                 unlink(vm);
</span><span class="cx">                 m_clearedByGC = true;
</span><span class="cx">             }
</span><del>-        } else if (!Heap::isMarked(m_calleeOrCodeBlock.get())) {
</del><ins>+        } else if (!vm.heap.isMarked(m_calleeOrCodeBlock.get())) {
</ins><span class="cx">             if (isDirect()) {
</span><span class="cx">                 if (Options::verboseOSR()) {
</span><span class="cx">                     dataLog(
</span><span class="lines">@@ -252,7 +252,7 @@
</span><span class="cx">                 }
</span><span class="cx">             }
</span><span class="cx">             unlink(vm);
</span><del>-        } else if (isDirect() && !Heap::isMarked(m_lastSeenCalleeOrExecutable.get())) {
</del><ins>+        } else if (isDirect() && !vm.heap.isMarked(m_lastSeenCalleeOrExecutable.get())) {
</ins><span class="cx">             if (Options::verboseOSR()) {
</span><span class="cx">                 dataLog(
</span><span class="cx">                     "Clearing call to ", RawPointer(executable()),
</span><span class="lines">@@ -264,7 +264,7 @@
</span><span class="cx">             m_lastSeenCalleeOrExecutable.clear();
</span><span class="cx">         }
</span><span class="cx">     }
</span><del>-    if (!isDirect() && haveLastSeenCallee() && !Heap::isMarked(lastSeenCallee())) {
</del><ins>+    if (!isDirect() && haveLastSeenCallee() && !vm.heap.isMarked(lastSeenCallee())) {
</ins><span class="cx">         if (lastSeenCallee()->type() == JSFunctionType)
</span><span class="cx">             handleSpecificCallee(jsCast<JSFunction*>(lastSeenCallee()));
</span><span class="cx">         else
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeCallLinkStatuscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/CallLinkStatus.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/CallLinkStatus.cpp  2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/CallLinkStatus.cpp     2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -418,10 +418,10 @@
</span><span class="cx">     m_variants = despecifiedVariantList(m_variants);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool CallLinkStatus::finalize()
</del><ins>+bool CallLinkStatus::finalize(VM& vm)
</ins><span class="cx"> {
</span><span class="cx">     for (CallVariant& variant : m_variants) {
</span><del>-        if (!variant.finalize())
</del><ins>+        if (!variant.finalize(vm))
</ins><span class="cx">             return false;
</span><span class="cx">     }
</span><span class="cx">     return true;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeCallLinkStatush"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/CallLinkStatus.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/CallLinkStatus.h    2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/CallLinkStatus.h       2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -106,7 +106,7 @@
</span><span class="cx">     
</span><span class="cx">     unsigned maxNumArguments() const { return m_maxNumArguments; }
</span><span class="cx">     
</span><del>-    bool finalize();
</del><ins>+    bool finalize(VM&);
</ins><span class="cx">     
</span><span class="cx">     void merge(const CallLinkStatus&);
</span><span class="cx">     
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeCallVariantcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/CallVariant.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/CallVariant.cpp     2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/CallVariant.cpp        2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -31,9 +31,9 @@
</span><span class="cx"> 
</span><span class="cx"> namespace JSC {
</span><span class="cx"> 
</span><del>-bool CallVariant::finalize()
</del><ins>+bool CallVariant::finalize(VM& vm)
</ins><span class="cx"> {
</span><del>-    if (m_callee && !Heap::isMarked(m_callee))
</del><ins>+    if (m_callee && !vm.heap.isMarked(m_callee))
</ins><span class="cx">         return false;
</span><span class="cx">     return true;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeCallVarianth"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/CallVariant.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/CallVariant.h       2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/CallVariant.h  2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -137,7 +137,7 @@
</span><span class="cx">         return nullptr;
</span><span class="cx">     }
</span><span class="cx">     
</span><del>-    bool finalize();
</del><ins>+    bool finalize(VM&);
</ins><span class="cx">     
</span><span class="cx">     bool merge(const CallVariant&);
</span><span class="cx">     
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeCodeBlockcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp       2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp  2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -998,11 +998,11 @@
</span><span class="cx">     return false;
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool CodeBlock::shouldJettisonDueToWeakReference()
</del><ins>+bool CodeBlock::shouldJettisonDueToWeakReference(VM& vm)
</ins><span class="cx"> {
</span><span class="cx">     if (!JITCode::isOptimizingJIT(jitType()))
</span><span class="cx">         return false;
</span><del>-    return !Heap::isMarked(this);
</del><ins>+    return !vm.heap.isMarked(this);
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> static Seconds timeToLive(JITCode::JITType jitType)
</span><span class="lines">@@ -1040,7 +1040,7 @@
</span><span class="cx"> 
</span><span class="cx"> bool CodeBlock::shouldJettisonDueToOldAge(const ConcurrentJSLocker&)
</span><span class="cx"> {
</span><del>-    if (Heap::isMarked(this))
</del><ins>+    if (m_vm->heap.isMarked(this))
</ins><span class="cx">         return false;
</span><span class="cx"> 
</span><span class="cx">     if (UNLIKELY(Options::forceCodeBlockToJettisonDueToOldAge()))
</span><span class="lines">@@ -1053,12 +1053,12 @@
</span><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> #if ENABLE(DFG_JIT)
</span><del>-static bool shouldMarkTransition(DFG::WeakReferenceTransition& transition)
</del><ins>+static bool shouldMarkTransition(VM& vm, DFG::WeakReferenceTransition& transition)
</ins><span class="cx"> {
</span><del>-    if (transition.m_codeOrigin && !Heap::isMarked(transition.m_codeOrigin.get()))
</del><ins>+    if (transition.m_codeOrigin && !vm.heap.isMarked(transition.m_codeOrigin.get()))
</ins><span class="cx">         return false;
</span><span class="cx">     
</span><del>-    if (!Heap::isMarked(transition.m_from.get()))
</del><ins>+    if (!vm.heap.isMarked(transition.m_from.get()))
</ins><span class="cx">         return false;
</span><span class="cx">     
</span><span class="cx">     return true;
</span><span class="lines">@@ -1086,7 +1086,7 @@
</span><span class="cx">                     vm.heap.structureIDTable().get(oldStructureID);
</span><span class="cx">                 Structure* newStructure =
</span><span class="cx">                     vm.heap.structureIDTable().get(newStructureID);
</span><del>-                if (Heap::isMarked(oldStructure))
</del><ins>+                if (vm.heap.isMarked(oldStructure))
</ins><span class="cx">                     visitor.appendUnbarriered(newStructure);
</span><span class="cx">                 continue;
</span><span class="cx">             }
</span><span class="lines">@@ -1112,7 +1112,7 @@
</span><span class="cx">             weakReference->markIfCheap(visitor);
</span><span class="cx"> 
</span><span class="cx">         for (auto& transition : dfgCommon->transitions) {
</span><del>-            if (shouldMarkTransition(transition)) {
</del><ins>+            if (shouldMarkTransition(vm, transition)) {
</ins><span class="cx">                 // If the following three things are live, then the target of the
</span><span class="cx">                 // transition is also live:
</span><span class="cx">                 //
</span><span class="lines">@@ -1144,7 +1144,8 @@
</span><span class="cx">     UNUSED_PARAM(visitor);
</span><span class="cx">     
</span><span class="cx"> #if ENABLE(DFG_JIT)
</span><del>-    if (Heap::isMarked(this))
</del><ins>+    VM& vm = *m_vm;
+    if (vm.heap.isMarked(this))
</ins><span class="cx">         return;
</span><span class="cx">     
</span><span class="cx">     // In rare and weird cases, this could be called on a baseline CodeBlock. One that I found was
</span><span class="lines">@@ -1160,8 +1161,8 @@
</span><span class="cx">     bool allAreLiveSoFar = true;
</span><span class="cx">     for (unsigned i = 0; i < dfgCommon->weakReferences.size(); ++i) {
</span><span class="cx">         JSCell* reference = dfgCommon->weakReferences[i].get();
</span><del>-        ASSERT(!jsDynamicCast<CodeBlock*>(*reference->vm(), reference));
-        if (!Heap::isMarked(reference)) {
</del><ins>+        ASSERT(!jsDynamicCast<CodeBlock*>(vm, reference));
+        if (!vm.heap.isMarked(reference)) {
</ins><span class="cx">             allAreLiveSoFar = false;
</span><span class="cx">             break;
</span><span class="cx">         }
</span><span class="lines">@@ -1168,7 +1169,7 @@
</span><span class="cx">     }
</span><span class="cx">     if (allAreLiveSoFar) {
</span><span class="cx">         for (unsigned i = 0; i < dfgCommon->weakStructureReferences.size(); ++i) {
</span><del>-            if (!Heap::isMarked(dfgCommon->weakStructureReferences[i].get())) {
</del><ins>+            if (!vm.heap.isMarked(dfgCommon->weakStructureReferences[i].get())) {
</ins><span class="cx">                 allAreLiveSoFar = false;
</span><span class="cx">                 break;
</span><span class="cx">             }
</span><span class="lines">@@ -1191,13 +1192,13 @@
</span><span class="cx">     VM& vm = *m_vm;
</span><span class="cx">     const Vector<InstructionStream::Offset>& propertyAccessInstructions = m_unlinkedCode->propertyAccessInstructions();
</span><span class="cx"> 
</span><del>-    auto handleGetPutFromScope = [](auto& metadata) {
</del><ins>+    auto handleGetPutFromScope = [&] (auto& metadata) {
</ins><span class="cx">         GetPutInfo getPutInfo = metadata.m_getPutInfo;
</span><span class="cx">         if (getPutInfo.resolveType() == GlobalVar || getPutInfo.resolveType() == GlobalVarWithVarInjectionChecks 
</span><span class="cx">             || getPutInfo.resolveType() == LocalClosureVar || getPutInfo.resolveType() == GlobalLexicalVar || getPutInfo.resolveType() == GlobalLexicalVarWithVarInjectionChecks)
</span><span class="cx">             return;
</span><span class="cx">         WriteBarrierBase<Structure>& structure = metadata.m_structure;
</span><del>-        if (!structure || Heap::isMarked(structure.get()))
</del><ins>+        if (!structure || vm.heap.isMarked(structure.get()))
</ins><span class="cx">             return;
</span><span class="cx">         if (Options::verboseOSR())
</span><span class="cx">             dataLogF("Clearing scope access with structure %p.\n", structure.get());
</span><span class="lines">@@ -1213,7 +1214,7 @@
</span><span class="cx">             if (metadata.m_mode != GetByIdMode::Default)
</span><span class="cx">                 break;
</span><span class="cx">             StructureID oldStructureID = metadata.m_modeMetadata.defaultMode.structureID;
</span><del>-            if (!oldStructureID || Heap::isMarked(vm.heap.structureIDTable().get(oldStructureID)))
</del><ins>+            if (!oldStructureID || vm.heap.isMarked(vm.heap.structureIDTable().get(oldStructureID)))
</ins><span class="cx">                 break;
</span><span class="cx">             if (Options::verboseOSR())
</span><span class="cx">                 dataLogF("Clearing LLInt property access.\n");
</span><span class="lines">@@ -1223,7 +1224,7 @@
</span><span class="cx">         case op_get_by_id_direct: {
</span><span class="cx">             auto& metadata = curInstruction->as<OpGetByIdDirect>().metadata(this);
</span><span class="cx">             StructureID oldStructureID = metadata.m_structureID;
</span><del>-            if (!oldStructureID || Heap::isMarked(vm.heap.structureIDTable().get(oldStructureID)))
</del><ins>+            if (!oldStructureID || vm.heap.isMarked(vm.heap.structureIDTable().get(oldStructureID)))
</ins><span class="cx">                 break;
</span><span class="cx">             if (Options::verboseOSR())
</span><span class="cx">                 dataLogF("Clearing LLInt property access.\n");
</span><span class="lines">@@ -1236,9 +1237,9 @@
</span><span class="cx">             StructureID oldStructureID = metadata.m_oldStructureID;
</span><span class="cx">             StructureID newStructureID = metadata.m_newStructureID;
</span><span class="cx">             StructureChain* chain = metadata.m_structureChain.get();
</span><del>-            if ((!oldStructureID || Heap::isMarked(vm.heap.structureIDTable().get(oldStructureID)))
-                && (!newStructureID || Heap::isMarked(vm.heap.structureIDTable().get(newStructureID)))
-                && (!chain || Heap::isMarked(chain)))
</del><ins>+            if ((!oldStructureID || vm.heap.isMarked(vm.heap.structureIDTable().get(oldStructureID)))
+                && (!newStructureID || vm.heap.isMarked(vm.heap.structureIDTable().get(newStructureID)))
+                && (!chain || vm.heap.isMarked(chain)))
</ins><span class="cx">                 break;
</span><span class="cx">             if (Options::verboseOSR())
</span><span class="cx">                 dataLogF("Clearing LLInt put transition.\n");
</span><span class="lines">@@ -1254,7 +1255,7 @@
</span><span class="cx">             break;
</span><span class="cx">         case op_to_this: {
</span><span class="cx">             auto& metadata = curInstruction->as<OpToThis>().metadata(this);
</span><del>-            if (!metadata.m_cachedStructure || Heap::isMarked(metadata.m_cachedStructure.get()))
</del><ins>+            if (!metadata.m_cachedStructure || vm.heap.isMarked(metadata.m_cachedStructure.get()))
</ins><span class="cx">                 break;
</span><span class="cx">             if (Options::verboseOSR())
</span><span class="cx">                 dataLogF("Clearing LLInt to_this with structure %p.\n", metadata.m_cachedStructure.get());
</span><span class="lines">@@ -1268,7 +1269,7 @@
</span><span class="cx">             if (!cacheWriteBarrier || cacheWriteBarrier.unvalidatedGet() == JSCell::seenMultipleCalleeObjects())
</span><span class="cx">                 break;
</span><span class="cx">             JSCell* cachedFunction = cacheWriteBarrier.get();
</span><del>-            if (Heap::isMarked(cachedFunction))
</del><ins>+            if (vm.heap.isMarked(cachedFunction))
</ins><span class="cx">                 break;
</span><span class="cx">             if (Options::verboseOSR())
</span><span class="cx">                 dataLogF("Clearing LLInt create_this with cached callee %p.\n", cachedFunction);
</span><span class="lines">@@ -1281,7 +1282,7 @@
</span><span class="cx">             // to the symbol table strongly. But it's nice to be on the safe side.
</span><span class="cx">             auto& metadata = curInstruction->as<OpResolveScope>().metadata(this);
</span><span class="cx">             WriteBarrierBase<SymbolTable>& symbolTable = metadata.m_symbolTable;
</span><del>-            if (!symbolTable || Heap::isMarked(symbolTable.get()))
</del><ins>+            if (!symbolTable || vm.heap.isMarked(symbolTable.get()))
</ins><span class="cx">                 break;
</span><span class="cx">             if (Options::verboseOSR())
</span><span class="cx">                 dataLogF("Clearing dead symbolTable %p.\n", symbolTable.get());
</span><span class="lines">@@ -1314,11 +1315,11 @@
</span><span class="cx">             return true;
</span><span class="cx">         };
</span><span class="cx"> 
</span><del>-        if (!Heap::isMarked(std::get<0>(pair.key)))
</del><ins>+        if (!vm.heap.isMarked(std::get<0>(pair.key)))
</ins><span class="cx">             return clear();
</span><span class="cx"> 
</span><span class="cx">         for (const LLIntPrototypeLoadAdaptiveStructureWatchpoint* watchpoint : pair.value) {
</span><del>-            if (!watchpoint->key().isStillLive())
</del><ins>+            if (!watchpoint->key().isStillLive(vm))
</ins><span class="cx">                 return clear();
</span><span class="cx">         }
</span><span class="cx"> 
</span><span class="lines">@@ -1326,12 +1327,12 @@
</span><span class="cx">     });
</span><span class="cx"> 
</span><span class="cx">     forEachLLIntCallLinkInfo([&](LLIntCallLinkInfo& callLinkInfo) {
</span><del>-        if (callLinkInfo.isLinked() && !Heap::isMarked(callLinkInfo.callee.get())) {
</del><ins>+        if (callLinkInfo.isLinked() && !vm.heap.isMarked(callLinkInfo.callee.get())) {
</ins><span class="cx">             if (Options::verboseOSR())
</span><span class="cx">                 dataLog("Clearing LLInt call from ", *this, "\n");
</span><span class="cx">             callLinkInfo.unlink();
</span><span class="cx">         }
</span><del>-        if (!!callLinkInfo.lastSeenCallee && !Heap::isMarked(callLinkInfo.lastSeenCallee.get()))
</del><ins>+        if (!!callLinkInfo.lastSeenCallee && !vm.heap.isMarked(callLinkInfo.lastSeenCallee.get()))
</ins><span class="cx">             callLinkInfo.lastSeenCallee.clear();
</span><span class="cx">     });
</span><span class="cx"> }
</span><span class="lines">@@ -1356,8 +1357,10 @@
</span><span class="cx"> }
</span><span class="cx"> #endif
</span><span class="cx"> 
</span><del>-void CodeBlock::finalizeUnconditionally(VM&)
</del><ins>+void CodeBlock::finalizeUnconditionally(VM& vm)
</ins><span class="cx"> {
</span><ins>+    UNUSED_PARAM(vm);
+
</ins><span class="cx">     updateAllPredictions();
</span><span class="cx">     
</span><span class="cx">     if (JITCode::couldBeInterpreted(jitType()))
</span><span class="lines">@@ -1371,7 +1374,7 @@
</span><span class="cx"> #if ENABLE(DFG_JIT)
</span><span class="cx">     if (JITCode::isOptimizingJIT(jitType())) {
</span><span class="cx">         DFG::CommonData* dfgCommon = m_jitCode->dfgCommon();
</span><del>-        dfgCommon->recordedStatuses.finalize();
</del><ins>+        dfgCommon->recordedStatuses.finalize(vm);
</ins><span class="cx">     }
</span><span class="cx"> #endif // ENABLE(DFG_JIT)
</span><span class="cx"> 
</span><span class="lines">@@ -1952,6 +1955,8 @@
</span><span class="cx">     UNUSED_PARAM(mode);
</span><span class="cx">     UNUSED_PARAM(detail);
</span><span class="cx"> #endif
</span><ins>+
+    VM& vm = *m_vm;
</ins><span class="cx">     
</span><span class="cx">     CODEBLOCK_LOG_EVENT(this, "jettison", ("due to ", reason, ", counting = ", mode == CountReoptimization, ", detail = ", pointerDump(detail)));
</span><span class="cx"> 
</span><span class="lines">@@ -1976,13 +1981,13 @@
</span><span class="cx">                 JSCell* origin = transition.m_codeOrigin.get();
</span><span class="cx">                 JSCell* from = transition.m_from.get();
</span><span class="cx">                 JSCell* to = transition.m_to.get();
</span><del>-                if ((!origin || Heap::isMarked(origin)) && Heap::isMarked(from))
</del><ins>+                if ((!origin || vm.heap.isMarked(origin)) && vm.heap.isMarked(from))
</ins><span class="cx">                     continue;
</span><span class="cx">                 dataLog("    Transition under ", RawPointer(origin), ", ", RawPointer(from), " -> ", RawPointer(to), ".\n");
</span><span class="cx">             }
</span><span class="cx">             for (unsigned i = 0; i < dfgCommon->weakReferences.size(); ++i) {
</span><span class="cx">                 JSCell* weak = dfgCommon->weakReferences[i].get();
</span><del>-                if (Heap::isMarked(weak))
</del><ins>+                if (vm.heap.isMarked(weak))
</ins><span class="cx">                     continue;
</span><span class="cx">                 dataLog("    Weak reference ", RawPointer(weak), ".\n");
</span><span class="cx">             }
</span><span class="lines">@@ -1990,7 +1995,6 @@
</span><span class="cx">     }
</span><span class="cx"> #endif // ENABLE(DFG_JIT)
</span><span class="cx"> 
</span><del>-    VM& vm = *m_vm;
</del><span class="cx">     DeferGCForAWhile deferGC(*heap());
</span><span class="cx">     
</span><span class="cx">     // We want to accomplish two things here:
</span><span class="lines">@@ -2010,7 +2014,7 @@
</span><span class="cx">         // This accomplishes (1), and does its own book-keeping about whether it has already happened.
</span><span class="cx">         if (!jitCode()->dfgCommon()->invalidate()) {
</span><span class="cx">             // We've already been invalidated.
</span><del>-            RELEASE_ASSERT(this != replacement() || (vm.heap.isCurrentThreadBusy() && !Heap::isMarked(ownerExecutable())));
</del><ins>+            RELEASE_ASSERT(this != replacement() || (vm.heap.isCurrentThreadBusy() && !vm.heap.isMarked(ownerExecutable())));
</ins><span class="cx">             return;
</span><span class="cx">         }
</span><span class="cx">     }
</span><span class="lines">@@ -2042,7 +2046,7 @@
</span><span class="cx"> 
</span><span class="cx">     // Jettison can happen during GC. We don't want to install code to a dead executable
</span><span class="cx">     // because that would add a dead object to the remembered set.
</span><del>-    if (vm.heap.isCurrentThreadBusy() && !Heap::isMarked(ownerExecutable()))
</del><ins>+    if (vm.heap.isCurrentThreadBusy() && !vm.heap.isMarked(ownerExecutable()))
</ins><span class="cx">         return;
</span><span class="cx"> 
</span><span class="cx">     // This accomplishes (2).
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeCodeBlockh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/CodeBlock.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/CodeBlock.h 2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/CodeBlock.h    2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -919,7 +919,7 @@
</span><span class="cx">     }
</span><span class="cx"> 
</span><span class="cx">     bool shouldVisitStrongly(const ConcurrentJSLocker&);
</span><del>-    bool shouldJettisonDueToWeakReference();
</del><ins>+    bool shouldJettisonDueToWeakReference(VM&);
</ins><span class="cx">     bool shouldJettisonDueToOldAge(const ConcurrentJSLocker&);
</span><span class="cx">     
</span><span class="cx">     void propagateTransitions(const ConcurrentJSLocker&, SlotVisitor&);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeExecutableToCodeBlockEdgecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/ExecutableToCodeBlockEdge.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/ExecutableToCodeBlockEdge.cpp       2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/ExecutableToCodeBlockEdge.cpp  2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -75,7 +75,7 @@
</span><span class="cx">     if (codeBlock->shouldVisitStrongly(locker))
</span><span class="cx">         visitor.appendUnbarriered(codeBlock);
</span><span class="cx">     
</span><del>-    if (!Heap::isMarked(codeBlock))
</del><ins>+    if (!vm.heap.isMarked(codeBlock))
</ins><span class="cx">         vm.executableToCodeBlockEdgesWithFinalizers.add(edge);
</span><span class="cx">     
</span><span class="cx">     if (JITCode::isOptimizingJIT(codeBlock->jitType())) {
</span><span class="lines">@@ -125,8 +125,8 @@
</span><span class="cx"> {
</span><span class="cx">     CodeBlock* codeBlock = m_codeBlock.get();
</span><span class="cx">     
</span><del>-    if (!Heap::isMarked(codeBlock)) {
-        if (codeBlock->shouldJettisonDueToWeakReference())
</del><ins>+    if (!vm.heap.isMarked(codeBlock)) {
+        if (codeBlock->shouldJettisonDueToWeakReference(vm))
</ins><span class="cx">             codeBlock->jettison(Profiler::JettisonDueToWeakReference);
</span><span class="cx">         else
</span><span class="cx">             codeBlock->jettison(Profiler::JettisonDueToOldAge);
</span><span class="lines">@@ -189,7 +189,7 @@
</span><span class="cx">     codeBlock->propagateTransitions(locker, visitor);
</span><span class="cx">     codeBlock->determineLiveness(locker, visitor);
</span><span class="cx">     
</span><del>-    if (Heap::isMarked(codeBlock))
</del><ins>+    if (vm.heap.isMarked(codeBlock))
</ins><span class="cx">         vm.executableToCodeBlockEdgesWithConstraints.remove(this);
</span><span class="cx"> }
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeGetByIdStatuscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/GetByIdStatus.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/GetByIdStatus.cpp   2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/GetByIdStatus.cpp      2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -476,15 +476,15 @@
</span><span class="cx">         variant.markIfCheap(visitor);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool GetByIdStatus::finalize()
</del><ins>+bool GetByIdStatus::finalize(VM& vm)
</ins><span class="cx"> {
</span><span class="cx">     for (GetByIdVariant& variant : m_variants) {
</span><del>-        if (!variant.finalize())
</del><ins>+        if (!variant.finalize(vm))
</ins><span class="cx">             return false;
</span><span class="cx">     }
</span><del>-    if (m_moduleNamespaceObject && !Heap::isMarked(m_moduleNamespaceObject))
</del><ins>+    if (m_moduleNamespaceObject && !vm.heap.isMarked(m_moduleNamespaceObject))
</ins><span class="cx">         return false;
</span><del>-    if (m_moduleEnvironment && !Heap::isMarked(m_moduleEnvironment))
</del><ins>+    if (m_moduleEnvironment && !vm.heap.isMarked(m_moduleEnvironment))
</ins><span class="cx">         return false;
</span><span class="cx">     return true;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeGetByIdStatush"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/GetByIdStatus.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/GetByIdStatus.h     2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/GetByIdStatus.h        2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -141,7 +141,7 @@
</span><span class="cx">     ScopeOffset scopeOffset() const { return m_scopeOffset; }
</span><span class="cx">     
</span><span class="cx">     void markIfCheap(SlotVisitor&);
</span><del>-    bool finalize(); // Return true if this gets to live.
</del><ins>+    bool finalize(VM&); // Return true if this gets to live.
</ins><span class="cx">     
</span><span class="cx">     void dump(PrintStream&) const;
</span><span class="cx">     
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeGetByIdVariantcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/GetByIdVariant.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/GetByIdVariant.cpp  2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/GetByIdVariant.cpp     2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -149,15 +149,15 @@
</span><span class="cx">     m_structureSet.markIfCheap(visitor);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool GetByIdVariant::finalize()
</del><ins>+bool GetByIdVariant::finalize(VM& vm)
</ins><span class="cx"> {
</span><del>-    if (!m_structureSet.isStillAlive())
</del><ins>+    if (!m_structureSet.isStillAlive(vm))
</ins><span class="cx">         return false;
</span><del>-    if (!m_conditionSet.areStillLive())
</del><ins>+    if (!m_conditionSet.areStillLive(vm))
</ins><span class="cx">         return false;
</span><del>-    if (m_callLinkStatus && !m_callLinkStatus->finalize())
</del><ins>+    if (m_callLinkStatus && !m_callLinkStatus->finalize(vm))
</ins><span class="cx">         return false;
</span><del>-    if (m_intrinsicFunction && !Heap::isMarked(m_intrinsicFunction))
</del><ins>+    if (m_intrinsicFunction && !vm.heap.isMarked(m_intrinsicFunction))
</ins><span class="cx">         return false;
</span><span class="cx">     return true;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeGetByIdVarianth"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/GetByIdVariant.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/GetByIdVariant.h    2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/GetByIdVariant.h       2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -74,7 +74,7 @@
</span><span class="cx">     bool attemptToMerge(const GetByIdVariant& other);
</span><span class="cx">     
</span><span class="cx">     void markIfCheap(SlotVisitor&);
</span><del>-    bool finalize();
</del><ins>+    bool finalize(VM&);
</ins><span class="cx">     
</span><span class="cx">     void dump(PrintStream&) const;
</span><span class="cx">     void dumpInContext(PrintStream&, DumpContext*) const;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeInByIdStatuscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/InByIdStatus.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/InByIdStatus.cpp    2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/InByIdStatus.cpp       2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -258,10 +258,10 @@
</span><span class="cx">         variant.markIfCheap(visitor);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool InByIdStatus::finalize()
</del><ins>+bool InByIdStatus::finalize(VM& vm)
</ins><span class="cx"> {
</span><span class="cx">     for (InByIdVariant& variant : m_variants) {
</span><del>-        if (!variant.finalize())
</del><ins>+        if (!variant.finalize(vm))
</ins><span class="cx">             return false;
</span><span class="cx">     }
</span><span class="cx">     return true;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeInByIdStatush"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/InByIdStatus.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/InByIdStatus.h      2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/InByIdStatus.h 2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -106,7 +106,7 @@
</span><span class="cx">     void filter(const StructureSet&);
</span><span class="cx">     
</span><span class="cx">     void markIfCheap(SlotVisitor&);
</span><del>-    bool finalize();
</del><ins>+    bool finalize(VM&);
</ins><span class="cx"> 
</span><span class="cx">     void dump(PrintStream&) const;
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeInByIdVariantcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/InByIdVariant.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/InByIdVariant.cpp   2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/InByIdVariant.cpp      2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -72,11 +72,11 @@
</span><span class="cx">     m_structureSet.markIfCheap(visitor);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool InByIdVariant::finalize()
</del><ins>+bool InByIdVariant::finalize(VM& vm)
</ins><span class="cx"> {
</span><del>-    if (!m_structureSet.isStillAlive())
</del><ins>+    if (!m_structureSet.isStillAlive(vm))
</ins><span class="cx">         return false;
</span><del>-    if (!m_conditionSet.areStillLive())
</del><ins>+    if (!m_conditionSet.areStillLive(vm))
</ins><span class="cx">         return false;
</span><span class="cx">     return true;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeInByIdVarianth"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/InByIdVariant.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/InByIdVariant.h     2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/InByIdVariant.h        2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -57,7 +57,7 @@
</span><span class="cx">     bool attemptToMerge(const InByIdVariant& other);
</span><span class="cx">     
</span><span class="cx">     void markIfCheap(SlotVisitor&);
</span><del>-    bool finalize();
</del><ins>+    bool finalize(VM&);
</ins><span class="cx"> 
</span><span class="cx">     void dump(PrintStream&) const;
</span><span class="cx">     void dumpInContext(PrintStream&, DumpContext*) const;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeObjectPropertyConditioncpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/ObjectPropertyCondition.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/ObjectPropertyCondition.cpp 2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/ObjectPropertyCondition.cpp    2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -142,15 +142,15 @@
</span><span class="cx">     return isWatchable(m_object->structure(), effort);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool ObjectPropertyCondition::isStillLive() const
</del><ins>+bool ObjectPropertyCondition::isStillLive(VM& vm) const
</ins><span class="cx"> {
</span><span class="cx">     if (!*this)
</span><span class="cx">         return false;
</span><span class="cx">     
</span><del>-    if (!Heap::isMarked(m_object))
</del><ins>+    if (!vm.heap.isMarked(m_object))
</ins><span class="cx">         return false;
</span><span class="cx">     
</span><del>-    return m_condition.isStillLive();
</del><ins>+    return m_condition.isStillLive(vm);
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> void ObjectPropertyCondition::validateReferences(const TrackedReferences& tracked) const
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeObjectPropertyConditionh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/ObjectPropertyCondition.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/ObjectPropertyCondition.h   2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/ObjectPropertyCondition.h      2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -244,7 +244,7 @@
</span><span class="cx">     }
</span><span class="cx">     
</span><span class="cx">     // This means that the objects involved in this are still live.
</span><del>-    bool isStillLive() const;
</del><ins>+    bool isStillLive(VM&) const;
</ins><span class="cx">     
</span><span class="cx">     void validateReferences(const TrackedReferences&) const;
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeObjectPropertyConditionSetcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/ObjectPropertyConditionSet.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/ObjectPropertyConditionSet.cpp      2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/ObjectPropertyConditionSet.cpp 2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -141,10 +141,10 @@
</span><span class="cx">     return false;
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool ObjectPropertyConditionSet::areStillLive() const
</del><ins>+bool ObjectPropertyConditionSet::areStillLive(VM& vm) const
</ins><span class="cx"> {
</span><span class="cx">     for (const ObjectPropertyCondition& condition : *this) {
</span><del>-        if (!condition.isStillLive())
</del><ins>+        if (!condition.isStillLive(vm))
</ins><span class="cx">             return false;
</span><span class="cx">     }
</span><span class="cx">     return true;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeObjectPropertyConditionSeth"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/ObjectPropertyConditionSet.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/ObjectPropertyConditionSet.h        2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/ObjectPropertyConditionSet.h   2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -111,7 +111,7 @@
</span><span class="cx">     bool structuresEnsureValidityAssumingImpurePropertyWatchpoint() const;
</span><span class="cx">     
</span><span class="cx">     bool needImpurePropertyWatchpoint() const;
</span><del>-    bool areStillLive() const;
</del><ins>+    bool areStillLive(VM&) const;
</ins><span class="cx">     
</span><span class="cx">     void dumpInContext(PrintStream&, DumpContext*) const;
</span><span class="cx">     void dump(PrintStream&) const;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodePolymorphicAccesscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp       2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp  2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -324,7 +324,7 @@
</span><span class="cx">     }
</span><span class="cx">     if (Vector<WriteBarrier<JSCell>>* weakReferences = m_weakReferences.get()) {
</span><span class="cx">         for (WriteBarrier<JSCell>& weakReference : *weakReferences) {
</span><del>-            if (!Heap::isMarked(weakReference.get()))
</del><ins>+            if (!vm.heap.isMarked(weakReference.get()))
</ins><span class="cx">                 return false;
</span><span class="cx">         }
</span><span class="cx">     }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodePropertyConditioncpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/PropertyCondition.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/PropertyCondition.cpp       2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/PropertyCondition.cpp  2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -352,15 +352,15 @@
</span><span class="cx">         && isWatchableWhenValid(structure, effort);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool PropertyCondition::isStillLive() const
</del><ins>+bool PropertyCondition::isStillLive(VM& vm) const
</ins><span class="cx"> {
</span><del>-    if (hasPrototype() && prototype() && !Heap::isMarked(prototype()))
</del><ins>+    if (hasPrototype() && prototype() && !vm.heap.isMarked(prototype()))
</ins><span class="cx">         return false;
</span><span class="cx">     
</span><span class="cx">     if (hasRequiredValue()
</span><span class="cx">         && requiredValue()
</span><span class="cx">         && requiredValue().isCell()
</span><del>-        && !Heap::isMarked(requiredValue().asCell()))
</del><ins>+        && !vm.heap.isMarked(requiredValue().asCell()))
</ins><span class="cx">         return false;
</span><span class="cx">     
</span><span class="cx">     return true;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodePropertyConditionh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/PropertyCondition.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/PropertyCondition.h 2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/PropertyCondition.h    2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -297,7 +297,7 @@
</span><span class="cx">     }
</span><span class="cx">     
</span><span class="cx">     // This means that the objects involved in this are still live.
</span><del>-    bool isStillLive() const;
</del><ins>+    bool isStillLive(VM&) const;
</ins><span class="cx">     
</span><span class="cx">     void validateReferences(const TrackedReferences&) const;
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodePutByIdStatuscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/PutByIdStatus.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/PutByIdStatus.cpp   2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/PutByIdStatus.cpp      2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -386,10 +386,10 @@
</span><span class="cx">         variant.markIfCheap(visitor);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool PutByIdStatus::finalize()
</del><ins>+bool PutByIdStatus::finalize(VM& vm)
</ins><span class="cx"> {
</span><span class="cx">     for (PutByIdVariant& variant : m_variants) {
</span><del>-        if (!variant.finalize())
</del><ins>+        if (!variant.finalize(vm))
</ins><span class="cx">             return false;
</span><span class="cx">     }
</span><span class="cx">     return true;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodePutByIdStatush"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/PutByIdStatus.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/PutByIdStatus.h     2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/PutByIdStatus.h        2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -116,7 +116,7 @@
</span><span class="cx">     const PutByIdVariant& operator[](size_t index) const { return at(index); }
</span><span class="cx">     
</span><span class="cx">     void markIfCheap(SlotVisitor&);
</span><del>-    bool finalize();
</del><ins>+    bool finalize(VM&);
</ins><span class="cx">     
</span><span class="cx">     void merge(const PutByIdStatus&);
</span><span class="cx">     
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodePutByIdVariantcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/PutByIdVariant.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/PutByIdVariant.cpp  2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/PutByIdVariant.cpp     2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -270,15 +270,15 @@
</span><span class="cx">         m_newStructure->markIfCheap(visitor);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool PutByIdVariant::finalize()
</del><ins>+bool PutByIdVariant::finalize(VM& vm)
</ins><span class="cx"> {
</span><del>-    if (!m_oldStructure.isStillAlive())
</del><ins>+    if (!m_oldStructure.isStillAlive(vm))
</ins><span class="cx">         return false;
</span><del>-    if (m_newStructure && !Heap::isMarked(m_newStructure))
</del><ins>+    if (m_newStructure && !vm.heap.isMarked(m_newStructure))
</ins><span class="cx">         return false;
</span><del>-    if (!m_conditionSet.areStillLive())
</del><ins>+    if (!m_conditionSet.areStillLive(vm))
</ins><span class="cx">         return false;
</span><del>-    if (m_callLinkStatus && !m_callLinkStatus->finalize())
</del><ins>+    if (m_callLinkStatus && !m_callLinkStatus->finalize(vm))
</ins><span class="cx">         return false;
</span><span class="cx">     return true;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodePutByIdVarianth"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/PutByIdVariant.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/PutByIdVariant.h    2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/PutByIdVariant.h       2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -132,7 +132,7 @@
</span><span class="cx">     bool attemptToMerge(const PutByIdVariant& other);
</span><span class="cx">     
</span><span class="cx">     void markIfCheap(SlotVisitor&);
</span><del>-    bool finalize();
</del><ins>+    bool finalize(VM&);
</ins><span class="cx">     
</span><span class="cx">     void dump(PrintStream&) const;
</span><span class="cx">     void dumpInContext(PrintStream&, DumpContext*) const;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeRecordedStatusescpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/RecordedStatuses.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/RecordedStatuses.cpp        2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/RecordedStatuses.cpp   2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -85,7 +85,7 @@
</span><span class="cx">         pair.second->markIfCheap(slotVisitor);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-void RecordedStatuses::finalizeWithoutDeleting()
</del><ins>+void RecordedStatuses::finalizeWithoutDeleting(VM& vm)
</ins><span class="cx"> {
</span><span class="cx">     // This variant of finalize gets called from within graph safepoints -- so there may be DFG IR in
</span><span class="cx">     // some compiler thread that points to the statuses. That thread is stopped at a safepoint so
</span><span class="lines">@@ -92,9 +92,9 @@
</span><span class="cx">     // it's OK to edit its data structure, but it's not OK to delete them. Hence we don't remove
</span><span class="cx">     // anything from the vector or delete the unique_ptrs.
</span><span class="cx">     
</span><del>-    auto finalize = [] (auto& vector) {
</del><ins>+    auto finalize = [&] (auto& vector) {
</ins><span class="cx">         for (auto& pair : vector) {
</span><del>-            if (!pair.second->finalize())
</del><ins>+            if (!pair.second->finalize(vm))
</ins><span class="cx">                 *pair.second = { };
</span><span class="cx">         }
</span><span class="cx">     };
</span><span class="lines">@@ -101,12 +101,12 @@
</span><span class="cx">     forEachVector(finalize);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-void RecordedStatuses::finalize()
</del><ins>+void RecordedStatuses::finalize(VM& vm)
</ins><span class="cx"> {
</span><del>-    auto finalize = [] (auto& vector) {
</del><ins>+    auto finalize = [&] (auto& vector) {
</ins><span class="cx">         vector.removeAllMatching(
</span><span class="cx">             [&] (auto& pair) -> bool {
</span><del>-                return !*pair.second || !pair.second->finalize();
</del><ins>+                return !*pair.second || !pair.second->finalize(vm);
</ins><span class="cx">             });
</span><span class="cx">         vector.shrinkToFit();
</span><span class="cx">     };
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeRecordedStatusesh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/RecordedStatuses.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/RecordedStatuses.h  2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/RecordedStatuses.h     2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -50,8 +50,8 @@
</span><span class="cx">     
</span><span class="cx">     void markIfCheap(SlotVisitor& slotVisitor);
</span><span class="cx">     
</span><del>-    void finalizeWithoutDeleting();
-    void finalize();
</del><ins>+    void finalizeWithoutDeleting(VM&);
+    void finalize(VM&);
</ins><span class="cx">     
</span><span class="cx">     void shrinkToFit();
</span><span class="cx">     
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeStructureSetcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/StructureSet.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/StructureSet.cpp    2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/StructureSet.cpp       2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -37,10 +37,10 @@
</span><span class="cx">         structure->markIfCheap(visitor);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool StructureSet::isStillAlive() const
</del><ins>+bool StructureSet::isStillAlive(VM& vm) const
</ins><span class="cx"> {
</span><span class="cx">     for (Structure* structure : *this) {
</span><del>-        if (!Heap::isMarked(structure))
</del><ins>+        if (!vm.heap.isMarked(structure))
</ins><span class="cx">             return false;
</span><span class="cx">     }
</span><span class="cx">     return true;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeStructureSeth"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/StructureSet.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/StructureSet.h      2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/StructureSet.h 2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -55,7 +55,7 @@
</span><span class="cx">     }
</span><span class="cx"> 
</span><span class="cx">     void markIfCheap(SlotVisitor&) const;
</span><del>-    bool isStillAlive() const;
</del><ins>+    bool isStillAlive(VM&) const;
</ins><span class="cx">     
</span><span class="cx">     void dumpInContext(PrintStream&, DumpContext*) const;
</span><span class="cx">     void dump(PrintStream&) const;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeStructureStubInfocpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/StructureStubInfo.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/StructureStubInfo.cpp       2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/bytecode/StructureStubInfo.cpp  2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -272,7 +272,7 @@
</span><span class="cx">     
</span><span class="cx">     bufferedStructures.genericFilter(
</span><span class="cx">         [&] (Structure* structure) -> bool {
</span><del>-            return Heap::isMarked(structure);
</del><ins>+            return vm.heap.isMarked(structure);
</ins><span class="cx">         });
</span><span class="cx"> 
</span><span class="cx">     switch (cacheType) {
</span><span class="lines">@@ -279,7 +279,7 @@
</span><span class="cx">     case CacheType::GetByIdSelf:
</span><span class="cx">     case CacheType::PutByIdReplace:
</span><span class="cx">     case CacheType::InByIdSelf:
</span><del>-        if (Heap::isMarked(u.byIdSelf.baseObjectStructure.get()))
</del><ins>+        if (vm.heap.isMarked(u.byIdSelf.baseObjectStructure.get()))
</ins><span class="cx">             return;
</span><span class="cx">         break;
</span><span class="cx">     case CacheType::Stub:
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGPlancpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGPlan.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGPlan.cpp      2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/dfg/DFGPlan.cpp 2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -664,7 +664,8 @@
</span><span class="cx"> 
</span><span class="cx"> void Plan::finalizeInGC()
</span><span class="cx"> {
</span><del>-    m_recordedStatuses.finalizeWithoutDeleting();
</del><ins>+    ASSERT(m_vm);
+    m_recordedStatuses.finalizeWithoutDeleting(*m_vm);
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> bool Plan::isKnownToBeLiveDuringGC()
</span><span class="lines">@@ -671,11 +672,11 @@
</span><span class="cx"> {
</span><span class="cx">     if (m_stage == Cancelled)
</span><span class="cx">         return false;
</span><del>-    if (!Heap::isMarked(m_codeBlock->ownerExecutable()))
</del><ins>+    if (!m_vm->heap.isMarked(m_codeBlock->ownerExecutable()))
</ins><span class="cx">         return false;
</span><del>-    if (!Heap::isMarked(m_codeBlock->alternative()))
</del><ins>+    if (!m_vm->heap.isMarked(m_codeBlock->alternative()))
</ins><span class="cx">         return false;
</span><del>-    if (!!m_profiledDFGCodeBlock && !Heap::isMarked(m_profiledDFGCodeBlock))
</del><ins>+    if (!!m_profiledDFGCodeBlock && !m_vm->heap.isMarked(m_profiledDFGCodeBlock))
</ins><span class="cx">         return false;
</span><span class="cx">     return true;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreheapGCIncomingRefCountedh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/heap/GCIncomingRefCounted.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/heap/GCIncomingRefCounted.h  2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/heap/GCIncomingRefCounted.h     2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -82,7 +82,7 @@
</span><span class="cx">     // to use this with a filter function that can return false unless
</span><span class="cx">     // you're also walking the GC's list.
</span><span class="cx">     template<typename FilterFunctionType>
</span><del>-    bool filterIncomingReferences(FilterFunctionType&);
</del><ins>+    bool filterIncomingReferences(FilterFunctionType&&);
</ins><span class="cx">     
</span><span class="cx"> private:
</span><span class="cx">     static uintptr_t singletonFlag() { return 1; }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreheapGCIncomingRefCountedInlinesh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/heap/GCIncomingRefCountedInlines.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/heap/GCIncomingRefCountedInlines.h   2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/heap/GCIncomingRefCountedInlines.h      2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -57,7 +57,7 @@
</span><span class="cx"> 
</span><span class="cx"> template<typename T>
</span><span class="cx"> template<typename FilterFunctionType>
</span><del>-bool GCIncomingRefCounted<T>::filterIncomingReferences(FilterFunctionType& filterFunction)
</del><ins>+bool GCIncomingRefCounted<T>::filterIncomingReferences(FilterFunctionType&& filterFunction)
</ins><span class="cx"> {
</span><span class="cx">     const bool verbose = false;
</span><span class="cx">     
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreheapGCIncomingRefCountedSeth"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/heap/GCIncomingRefCountedSet.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/heap/GCIncomingRefCountedSet.h       2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/heap/GCIncomingRefCountedSet.h  2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -41,14 +41,11 @@
</span><span class="cx">     // Returns true if the native object is new to this set.
</span><span class="cx">     bool addReference(JSCell*, T*);
</span><span class="cx">     
</span><del>-    void sweep();
</del><ins>+    void sweep(VM&);
</ins><span class="cx">     
</span><span class="cx">     size_t size() const { return m_bytes; };
</span><span class="cx">     
</span><span class="cx"> private:
</span><del>-    static bool removeAll(JSCell*);
-    static bool removeDead(JSCell*);
-    
</del><span class="cx">     Vector<T*> m_vector;
</span><span class="cx">     size_t m_bytes;
</span><span class="cx"> };
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreheapGCIncomingRefCountedSetInlinesh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/heap/GCIncomingRefCountedSetInlines.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/heap/GCIncomingRefCountedSetInlines.h        2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/heap/GCIncomingRefCountedSetInlines.h   2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -40,7 +40,7 @@
</span><span class="cx"> void GCIncomingRefCountedSet<T>::lastChanceToFinalize()
</span><span class="cx"> {
</span><span class="cx">     for (size_t i = m_vector.size(); i--;)
</span><del>-        m_vector[i]->filterIncomingReferences(removeAll);
</del><ins>+        m_vector[i]->filterIncomingReferences([] (JSCell*) { return false; });
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> template<typename T>
</span><span class="lines">@@ -59,7 +59,7 @@
</span><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> template<typename T>
</span><del>-void GCIncomingRefCountedSet<T>::sweep()
</del><ins>+void GCIncomingRefCountedSet<T>::sweep(VM& vm)
</ins><span class="cx"> {
</span><span class="cx">     for (size_t i = 0; i < m_vector.size(); ++i) {
</span><span class="cx">         T* object = m_vector[i];
</span><span class="lines">@@ -66,7 +66,7 @@
</span><span class="cx">         size_t size = object->gcSizeEstimateInBytes();
</span><span class="cx">         ASSERT(object->isDeferred());
</span><span class="cx">         ASSERT(object->numberOfIncomingReferences());
</span><del>-        if (!object->filterIncomingReferences(removeDead))
</del><ins>+        if (!object->filterIncomingReferences([&] (JSCell* cell) { return vm.heap.isMarked(cell); }))
</ins><span class="cx">             continue;
</span><span class="cx">         m_bytes -= size;
</span><span class="cx">         m_vector[i--] = m_vector.last();
</span><span class="lines">@@ -74,16 +74,4 @@
</span><span class="cx">     }
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-template<typename T>
-bool GCIncomingRefCountedSet<T>::removeAll(JSCell*)
-{
-    return false;
-}
-
-template<typename T>
-bool GCIncomingRefCountedSet<T>::removeDead(JSCell* cell)
-{
-    return Heap::isMarked(cell);
-}
-
</del><span class="cx"> } // namespace JSC
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreheapHeapcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/heap/Heap.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/heap/Heap.cpp        2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/heap/Heap.cpp   2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -1010,7 +1010,7 @@
</span><span class="cx">             return;
</span><span class="cx">         }
</span><span class="cx">     } else
</span><del>-        ASSERT(Heap::isMarked(cell));
</del><ins>+        ASSERT(isMarked(cell));
</ins><span class="cx">     // It could be that the object was *just* marked. This means that the collector may set the
</span><span class="cx">     // state to DefinitelyGrey and then to PossiblyOldOrBlack at any time. It's OK for us to
</span><span class="cx">     // race with the collector here. If we win then this is accurate because the object _will_
</span><span class="lines">@@ -1494,7 +1494,7 @@
</span><span class="cx">     }
</span><span class="cx">         
</span><span class="cx">     if (vm()->typeProfiler())
</span><del>-        vm()->typeProfiler()->invalidateTypeSetCache();
</del><ins>+        vm()->typeProfiler()->invalidateTypeSetCache(*vm());
</ins><span class="cx"> 
</span><span class="cx">     reapWeakHandles();
</span><span class="cx">     pruneStaleEntriesFromWeakGCMaps();
</span><span class="lines">@@ -2212,7 +2212,7 @@
</span><span class="cx"> 
</span><span class="cx"> void Heap::sweepArrayBuffers()
</span><span class="cx"> {
</span><del>-    m_arrayBuffers.sweep();
</del><ins>+    m_arrayBuffers.sweep(*vm());
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> void Heap::snapshotUnswept()
</span><span class="lines">@@ -2833,7 +2833,7 @@
</span><span class="cx">             iterateExecutingAndCompilingCodeBlocksWithoutHoldingLocks(
</span><span class="cx">                 [&] (CodeBlock* codeBlock) {
</span><span class="cx">                     // Visit the CodeBlock as a constraint only if it's black.
</span><del>-                    if (Heap::isMarked(codeBlock)
</del><ins>+                    if (isMarked(codeBlock)
</ins><span class="cx">                         && codeBlock->cellState() == CellState::PossiblyBlack)
</span><span class="cx">                         slotVisitor.visitAsConstraint(codeBlock);
</span><span class="cx">                 });
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreheapHeaph"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/heap/Heap.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/heap/Heap.h  2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/heap/Heap.h     2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -123,7 +123,7 @@
</span><span class="cx">     // our scan to run faster. 
</span><span class="cx">     static const unsigned s_timeCheckResolution = 16;
</span><span class="cx"> 
</span><del>-    static bool isMarked(const void*);
</del><ins>+    bool isMarked(const void*);
</ins><span class="cx">     static bool testAndSetMarked(HeapVersion, const void*);
</span><span class="cx">     
</span><span class="cx">     static size_t cellSize(const void*);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreheapHeapInlinesh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/heap/HeapInlines.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/heap/HeapInlines.h   2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/heap/HeapInlines.h      2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -68,8 +68,6 @@
</span><span class="cx">     return m_worldIsStopped;
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-// FIXME: This should be an instance method, so that it can get the markingVersion() quickly.
-// https://bugs.webkit.org/show_bug.cgi?id=179988
</del><span class="cx"> ALWAYS_INLINE bool Heap::isMarked(const void* rawCell)
</span><span class="cx"> {
</span><span class="cx">     HeapCell* cell = bitwise_cast<HeapCell*>(rawCell);
</span><span class="lines">@@ -76,7 +74,7 @@
</span><span class="cx">     if (cell->isLargeAllocation())
</span><span class="cx">         return cell->largeAllocation().isMarked();
</span><span class="cx">     MarkedBlock& block = cell->markedBlock();
</span><del>-    return block.isMarked(block.vm()->heap.objectSpace().markingVersion(), cell);
</del><ins>+    return block.isMarked(m_objectSpace.markingVersion(), cell);
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> ALWAYS_INLINE bool Heap::testAndSetMarked(HeapVersion markingVersion, const void* rawCell)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreheapHeapSnapshotBuildercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/heap/HeapSnapshotBuilder.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/heap/HeapSnapshotBuilder.cpp 2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/heap/HeapSnapshotBuilder.cpp    2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -80,7 +80,7 @@
</span><span class="cx"> {
</span><span class="cx">     ASSERT(m_profiler.activeSnapshotBuilder() == this);
</span><span class="cx"> 
</span><del>-    ASSERT(Heap::isMarked(cell));
</del><ins>+    ASSERT(m_profiler.vm().heap.isMarked(cell));
</ins><span class="cx"> 
</span><span class="cx">     NodeIdentifier identifier;
</span><span class="cx">     if (previousSnapshotHasNodeForCell(cell, identifier))
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreheapSlotVisitorcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/heap/SlotVisitor.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/heap/SlotVisitor.cpp 2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/heap/SlotVisitor.cpp    2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -285,7 +285,7 @@
</span><span class="cx"> template<typename ContainerType>
</span><span class="cx"> ALWAYS_INLINE void SlotVisitor::appendToMarkStack(ContainerType& container, JSCell* cell)
</span><span class="cx"> {
</span><del>-    ASSERT(Heap::isMarked(cell));
</del><ins>+    ASSERT(m_heap.isMarked(cell));
</ins><span class="cx">     ASSERT(!cell->isZapped());
</span><span class="cx">     
</span><span class="cx">     container.noteMarked();
</span><span class="lines">@@ -354,7 +354,7 @@
</span><span class="cx"> 
</span><span class="cx"> ALWAYS_INLINE void SlotVisitor::visitChildren(const JSCell* cell)
</span><span class="cx"> {
</span><del>-    ASSERT(Heap::isMarked(cell));
</del><ins>+    ASSERT(m_heap.isMarked(cell));
</ins><span class="cx">     
</span><span class="cx">     SetCurrentCellScope currentCellScope(*this, cell);
</span><span class="cx">     
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitPolymorphicCallStubRoutinecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/PolymorphicCallStubRoutine.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/PolymorphicCallStubRoutine.cpp   2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/jit/PolymorphicCallStubRoutine.cpp      2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -130,10 +130,10 @@
</span><span class="cx">     }
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool PolymorphicCallStubRoutine::visitWeak(VM&)
</del><ins>+bool PolymorphicCallStubRoutine::visitWeak(VM& vm)
</ins><span class="cx"> {
</span><span class="cx">     for (auto& variant : m_variants) {
</span><del>-        if (!Heap::isMarked(variant.get()))
</del><ins>+        if (!vm.heap.isMarked(variant.get()))
</ins><span class="cx">             return false;
</span><span class="cx">     }
</span><span class="cx">     return true;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeErrorInstancecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/ErrorInstance.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/ErrorInstance.cpp    2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/runtime/ErrorInstance.cpp       2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -212,7 +212,7 @@
</span><span class="cx">     // If we did, we might end up keeping functions (and their global objects) alive that happened to
</span><span class="cx">     // get caught in a trace.
</span><span class="cx">     for (const auto& frame : *m_stackTrace.get()) {
</span><del>-        if (!frame.isMarked()) {
</del><ins>+        if (!frame.isMarked(vm)) {
</ins><span class="cx">             computeErrorInfo(vm);
</span><span class="cx">             return;
</span><span class="cx">         }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeInferredValueInlinesh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/InferredValueInlines.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/InferredValueInlines.h       2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/runtime/InferredValueInlines.h  2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -34,7 +34,7 @@
</span><span class="cx">     JSValue value = m_value.get();
</span><span class="cx">     
</span><span class="cx">     if (value && value.isCell()) {
</span><del>-        if (Heap::isMarked(value.asCell()))
</del><ins>+        if (vm.heap.isMarked(value.asCell()))
</ins><span class="cx">             return;
</span><span class="cx">         
</span><span class="cx">         invalidate(vm, StringFireDetail("InferredValue clean-up during GC"));
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeStackFrameh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/StackFrame.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/StackFrame.h 2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/runtime/StackFrame.h    2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -58,7 +58,7 @@
</span><span class="cx">     }
</span><span class="cx">     
</span><span class="cx">     void visitChildren(SlotVisitor&);
</span><del>-    bool isMarked() const { return (!m_callee || Heap::isMarked(m_callee.get())) && (!m_codeBlock || Heap::isMarked(m_codeBlock.get())); }
</del><ins>+    bool isMarked(VM& vm) const { return (!m_callee || vm.heap.isMarked(m_callee.get())) && (!m_codeBlock || vm.heap.isMarked(m_codeBlock.get())); }
</ins><span class="cx"> 
</span><span class="cx"> private:
</span><span class="cx">     WriteBarrier<JSCell> m_callee { };
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeStructurecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/Structure.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/Structure.cpp        2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/runtime/Structure.cpp   2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -1054,20 +1054,21 @@
</span><span class="cx">         thisObject->m_propertyTableUnsafe.clear();
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-bool Structure::isCheapDuringGC()
</del><ins>+bool Structure::isCheapDuringGC(VM& vm)
</ins><span class="cx"> {
</span><span class="cx">     // FIXME: We could make this even safer by returning false if this structure's property table
</span><span class="cx">     // has any large property names.
</span><span class="cx">     // https://bugs.webkit.org/show_bug.cgi?id=157334
</span><span class="cx">     
</span><del>-    return (!m_globalObject || Heap::isMarked(m_globalObject.get()))
-        && (hasPolyProto() || !storedPrototypeObject() || Heap::isMarked(storedPrototypeObject()));
</del><ins>+    return (!m_globalObject || vm.heap.isMarked(m_globalObject.get()))
+        && (hasPolyProto() || !storedPrototypeObject() || vm.heap.isMarked(storedPrototypeObject()));
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> bool Structure::markIfCheap(SlotVisitor& visitor)
</span><span class="cx"> {
</span><del>-    if (!isCheapDuringGC())
-        return Heap::isMarked(this);
</del><ins>+    VM& vm = visitor.vm();
+    if (!isCheapDuringGC(vm))
+        return vm.heap.isMarked(this);
</ins><span class="cx">     
</span><span class="cx">     visitor.appendUnbarriered(this);
</span><span class="cx">     return true;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeStructureh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/Structure.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/Structure.h  2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/runtime/Structure.h     2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -299,7 +299,7 @@
</span><span class="cx">     // increase in footprint because no other object refers to that global object. This method
</span><span class="cx">     // returns true if all user-controlled (and hence unbounded in size) objects referenced from the
</span><span class="cx">     // Structure are already marked.
</span><del>-    bool isCheapDuringGC();
</del><ins>+    bool isCheapDuringGC(VM&);
</ins><span class="cx">     
</span><span class="cx">     // Returns true if this structure is now marked.
</span><span class="cx">     bool markIfCheap(SlotVisitor&);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeTypeProfilercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/TypeProfiler.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/TypeProfiler.cpp     2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/runtime/TypeProfiler.cpp        2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -148,13 +148,13 @@
</span><span class="cx">     return m_typeLocationInfo.add(); 
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-void TypeProfiler::invalidateTypeSetCache()
</del><ins>+void TypeProfiler::invalidateTypeSetCache(VM& vm)
</ins><span class="cx"> {
</span><span class="cx">     for (Bag<TypeLocation>::iterator iter = m_typeLocationInfo.begin(); !!iter; ++iter) {
</span><span class="cx">         TypeLocation* location = *iter;
</span><del>-        location->m_instructionTypeSet->invalidateCache();
</del><ins>+        location->m_instructionTypeSet->invalidateCache(vm);
</ins><span class="cx">         if (location->m_globalTypeSet)
</span><del>-            location->m_globalTypeSet->invalidateCache();
</del><ins>+            location->m_globalTypeSet->invalidateCache(vm);
</ins><span class="cx">     }
</span><span class="cx"> }
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeTypeProfilerh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/TypeProfiler.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/TypeProfiler.h       2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/runtime/TypeProfiler.h  2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -124,7 +124,7 @@
</span><span class="cx">     TypeLocation* findLocation(unsigned divot, intptr_t sourceID, TypeProfilerSearchDescriptor, VM&);
</span><span class="cx">     GlobalVariableID getNextUniqueVariableID() { return m_nextUniqueVariableID++; }
</span><span class="cx">     TypeLocation* nextTypeLocation();
</span><del>-    void invalidateTypeSetCache();
</del><ins>+    void invalidateTypeSetCache(VM&);
</ins><span class="cx">     void dumpTypeProfilerData(VM&);
</span><span class="cx">     
</span><span class="cx"> private:
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeTypeSetcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/TypeSet.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/TypeSet.cpp  2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/runtime/TypeSet.cpp     2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -79,10 +79,12 @@
</span><span class="cx">     }
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-void TypeSet::invalidateCache()
</del><ins>+void TypeSet::invalidateCache(VM& vm)
</ins><span class="cx"> {
</span><span class="cx">     ConcurrentJSLocker locker(m_lock);
</span><del>-    auto keepMarkedStructuresFilter = [] (Structure* structure) -> bool { return Heap::isMarked(structure); };
</del><ins>+    auto keepMarkedStructuresFilter = [&] (Structure* structure) -> bool {
+        return vm.heap.isMarked(structure);
+    };
</ins><span class="cx">     m_structureSet.genericFilter(keepMarkedStructuresFilter);
</span><span class="cx"> }
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeTypeSeth"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/TypeSet.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/TypeSet.h    2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/runtime/TypeSet.h       2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -86,7 +86,7 @@
</span><span class="cx">     static Ref<TypeSet> create() { return adoptRef(*new TypeSet); }
</span><span class="cx">     TypeSet();
</span><span class="cx">     void addTypeInformation(RuntimeType, RefPtr<StructureShape>&&, Structure*, bool sawPolyProtoStructure);
</span><del>-    void invalidateCache();
</del><ins>+    void invalidateCache(VM&);
</ins><span class="cx">     String dumpTypes() const;
</span><span class="cx">     String displayName() const;
</span><span class="cx">     Ref<JSON::ArrayOf<Inspector::Protocol::Runtime::StructureDescription>> allStructureRepresentations() const;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeWeakMapImplcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/WeakMapImpl.cpp (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/WeakMapImpl.cpp      2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/runtime/WeakMapImpl.cpp 2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -64,6 +64,7 @@
</span><span class="cx"> template <>
</span><span class="cx"> void WeakMapImpl<WeakMapBucket<WeakMapBucketDataKeyValue>>::visitOutputConstraints(JSCell* cell, SlotVisitor& visitor)
</span><span class="cx"> {
</span><ins>+    VM& vm = visitor.vm();
</ins><span class="cx">     auto* thisObject = jsCast<WeakMapImpl*>(cell);
</span><span class="cx">     auto locker = holdLock(thisObject->cellLock());
</span><span class="cx">     auto* buffer = thisObject->buffer();
</span><span class="lines">@@ -71,7 +72,7 @@
</span><span class="cx">         auto* bucket = buffer + index;
</span><span class="cx">         if (bucket->isEmpty() || bucket->isDeleted())
</span><span class="cx">             continue;
</span><del>-        if (!Heap::isMarked(bucket->key()))
</del><ins>+        if (!vm.heap.isMarked(bucket->key()))
</ins><span class="cx">             continue;
</span><span class="cx">         bucket->visitAggregate(visitor);
</span><span class="cx">     }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeWeakMapImplInlinesh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/WeakMapImplInlines.h (243466 => 243467)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/WeakMapImplInlines.h 2019-03-25 22:15:41 UTC (rev 243466)
+++ trunk/Source/JavaScriptCore/runtime/WeakMapImplInlines.h    2019-03-25 22:40:58 UTC (rev 243467)
</span><span class="lines">@@ -31,7 +31,7 @@
</span><span class="cx"> 
</span><span class="cx"> // Note that this function can be executed in parallel as long as the mutator stops.
</span><span class="cx"> template<typename WeakMapBucket>
</span><del>-void WeakMapImpl<WeakMapBucket>::finalizeUnconditionally(VM&)
</del><ins>+void WeakMapImpl<WeakMapBucket>::finalizeUnconditionally(VM& vm)
</ins><span class="cx"> {
</span><span class="cx">     auto* buffer = this->buffer();
</span><span class="cx">     for (uint32_t index = 0; index < m_capacity; ++index) {
</span><span class="lines">@@ -39,7 +39,7 @@
</span><span class="cx">         if (bucket->isEmpty() || bucket->isDeleted())
</span><span class="cx">             continue;
</span><span class="cx"> 
</span><del>-        if (Heap::isMarked(bucket->key()))
</del><ins>+        if (vm.heap.isMarked(bucket->key()))
</ins><span class="cx">             continue;
</span><span class="cx"> 
</span><span class="cx">         bucket->makeDeleted();
</span></span></pre>
</div>
</div>

</body>
</html>