[Isolates] Cleanup some Isolate usages.

src/ic.cc

 // Copyright 2006-2009 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 120 matching lines @@
   // Return the address in the original code. This is the place where
   // the call which has been overwritten by the DebugBreakXXX resides
   // and the place where the inline cache system should look.
   intptr_t delta =
       original_code->instruction_start() - code->instruction_start();
   return addr + delta;
 }
 #endif
 
 
-static bool HasNormalObjectsInPrototypeChain(LookupResult* lookup,
+static bool HasNormalObjectsInPrototypeChain(Isolate* isolate,
+                                             LookupResult* lookup,
                                              Object* receiver) {
-  Object* end = lookup->IsProperty() ? lookup->holder() : HEAP->null_value();
+  Object* end = lookup->IsProperty()
+      ? lookup->holder() : isolate->heap()->null_value();
   for (Object* current = receiver;
        current != end;
        current = current->GetPrototype()) {
     if (current->IsJSObject() &&
         !JSObject::cast(current)->HasFastProperties() &&
         !current->IsJSGlobalProxy() &&
         !current->IsJSGlobalObject()) {
       return true;
     }
   }
@@ skipping 59 matching lines @@
   if (receiver->IsJSBuiltinsObject()) {
     return UNINITIALIZED;
   }
 
   return MONOMORPHIC;
 }
 
 
 RelocInfo::Mode IC::ComputeMode() {
   Address addr = address();
-  Code* code = Code::cast(HEAP->FindCodeObject(addr));
+  Code* code = Code::cast(isolate()->heap()->FindCodeObject(addr));
   for (RelocIterator it(code, RelocInfo::kCodeTargetMask);
        !it.done(); it.next()) {
     RelocInfo* info = it.rinfo();
     if (info->pc() == addr) return info->rmode();
   }
   UNREACHABLE();
   return RelocInfo::NONE;
 }
 
 
 Failure* IC::TypeError(const char* type,
                        Handle<Object> object,
                        Handle<Object> key) {
-  HandleScope scope;
+  HandleScope scope(isolate());
   Handle<Object> args[2] = { key, object };
-  Handle<Object> error = FACTORY->NewTypeError(type, HandleVector(args, 2));
+  Handle<Object> error = isolate()->factory()->NewTypeError(
+      type, HandleVector(args, 2));
   return isolate()->Throw(*error);
 }
 
 
 Failure* IC::ReferenceError(const char* type, Handle<String> name) {
-  HandleScope scope;
-  Handle<Object> error =
-      FACTORY->NewReferenceError(type, HandleVector(&name, 1));
+  HandleScope scope(isolate());
+  Handle<Object> error = isolate()->factory()->NewReferenceError(
+      type, HandleVector(&name, 1));
   return isolate()->Throw(*error);
 }
 
 
 void IC::Clear(Address address) {
   Code* target = GetTargetAtAddress(address);
 
   // Don't clear debug break inline cache as it will remove the break point.
   if (target->ic_state() == DEBUG_BREAK) return;
 
@@ skipping 199 matching lines @@
       lookup->NotFound();
       return;
     }
 
     object = proto;
   }
 }
 
 
 Object* CallICBase::TryCallAsFunction(Object* object) {
-  HandleScope scope;
-  Handle<Object> target(object);
+  HandleScope scope(isolate());
+  Handle<Object> target(object, isolate());
   Handle<Object> delegate = Execution::GetFunctionDelegate(target);
 
   if (delegate->IsJSFunction()) {
     // Patch the receiver and use the delegate as the function to
     // invoke. This is used for invoking objects as if they were
     // functions.
     const int argc = this->target()->arguments_count();
     StackFrameLocator locator;
     JavaScriptFrame* frame = locator.FindJavaScriptFrame(0);
     int index = frame->ComputeExpressionsCount() - (argc + 1);
     frame->SetExpression(index, *target);
   }
 
   return *delegate;
 }
 
 
 void CallICBase::ReceiverToObject(Handle<Object> object) {
-  HandleScope scope;
-  Handle<Object> receiver(object);
+  HandleScope scope(isolate());
+  Handle<Object> receiver = object;
 
   // Change the receiver to the result of calling ToObject on it.
   const int argc = this->target()->arguments_count();
   StackFrameLocator locator;
   JavaScriptFrame* frame = locator.FindJavaScriptFrame(0);
   int index = frame->ComputeExpressionsCount() - (argc + 1);
-  frame->SetExpression(index, *FACTORY->ToObject(object));
+  frame->SetExpression(index, *isolate()->factory()->ToObject(object));
 }
 
 
 MaybeObject* CallICBase::LoadFunction(State state,
                                       Handle<Object> object,
                                       Handle<String> name) {
   // If the object is undefined or null it's illegal to try to get any
   // of its properties; throw a TypeError in that case.
   if (object->IsUndefined() || object->IsNull()) {
     return TypeError("non_object_property_call", object, name);
@@ skipping 50 matching lines @@
     // If the object does not have the requested property, check which
     // exception we need to throw.
     if (attr == ABSENT) {
       if (IsContextual(object)) {
         return ReferenceError("not_defined", name);
       }
       return TypeError("undefined_method", object, name);
     }
   }
 
-  ASSERT(result != HEAP->the_hole_value());
+  ASSERT(result != isolate()->heap()->the_hole_value());
 
   if (result->IsJSFunction()) {
 #ifdef ENABLE_DEBUGGER_SUPPORT
     // Handle stepping into a function if step into is active.
     Debug* debug = isolate()->debug();
     if (debug->StepInActive()) {
       // Protect the result in a handle as the debugger can allocate and might
       // cause GC.
-      HandleScope scope;
-      Handle<JSFunction> function(JSFunction::cast(result));
+      HandleScope scope(isolate());
+      Handle<JSFunction> function(JSFunction::cast(result), isolate());
       debug->HandleStepIn(function, object, fp(), false);
       return *function;
     }
 #endif
 
     return result;
   }
 
   // Try to find a suitable function delegate for the object at hand.
   result = TryCallAsFunction(result);
   MaybeObject* answer = result;
   if (!result->IsJSFunction()) {
     answer = TypeError("property_not_function", object, name);
   }
   return answer;
 }
 
 
 void CallICBase::UpdateCaches(LookupResult* lookup,
                               State state,
                               Handle<Object> object,
                               Handle<String> name) {
   // Bail out if we didn't find a result.
   if (!lookup->IsProperty() || !lookup->IsCacheable()) return;
 
   if (lookup->holder() != *object &&
-      HasNormalObjectsInPrototypeChain(lookup, object->GetPrototype())) {
+      HasNormalObjectsInPrototypeChain(
+          isolate(), lookup, object->GetPrototype())) {
     // Suppress optimization for prototype chains with slow properties objects
     // in the middle.
     return;
   }
 
   // Compute the number of arguments.
   int argc = target()->arguments_count();
   InLoopFlag in_loop = target()->ic_in_loop();
   MaybeObject* maybe_code = NULL;
   Object* code;
@@ skipping 172 matching lines @@
   if (object->IsUndefined() || object->IsNull()) {
     return TypeError("non_object_property_load", object, name);
   }
 
   if (FLAG_use_ic) {
     // Use specialized code for getting the length of strings and
     // string wrapper objects.  The length property of string wrapper
     // objects is read-only and therefore always returns the length of
     // the underlying string value.  See ECMA-262 15.5.5.1.
     if ((object->IsString() || object->IsStringWrapper()) &&
-        name->Equals(HEAP->length_symbol())) {
-      HandleScope scope;
+        name->Equals(isolate()->heap()->length_symbol())) {
+      HandleScope scope(isolate());
       // Get the string if we have a string wrapper object.
       if (object->IsJSValue()) {
-        object = Handle<Object>(Handle<JSValue>::cast(object)->value());
+        object = Handle<Object>(Handle<JSValue>::cast(object)->value(),
+                                isolate());
       }
 #ifdef DEBUG
       if (FLAG_trace_ic) PrintF("[LoadIC : +#length /string]\n");
 #endif
       Map* map = HeapObject::cast(*object)->map();
       if (object->IsString()) {
         const int offset = String::kLengthOffset;
         PatchInlinedLoad(address(), map, offset);
       }
 
       Code* target = NULL;
       target = isolate()->builtins()->builtin(
           Builtins::LoadIC_StringLength);
       set_target(target);
       return Smi::FromInt(String::cast(*object)->length());
     }
 
     // Use specialized code for getting the length of arrays.
-    if (object->IsJSArray() && name->Equals(HEAP->length_symbol())) {
+    if (object->IsJSArray() &&
+        name->Equals(isolate()->heap()->length_symbol())) {
 #ifdef DEBUG
       if (FLAG_trace_ic) PrintF("[LoadIC : +#length /array]\n");
 #endif
       Map* map = HeapObject::cast(*object)->map();
       const int offset = JSArray::kLengthOffset;
       PatchInlinedLoad(address(), map, offset);
 
       Code* target = isolate()->builtins()->builtin(
           Builtins::LoadIC_ArrayLength);
       set_target(target);
       return JSArray::cast(*object)->length();
     }
 
     // Use specialized code for getting prototype of functions.
-    if (object->IsJSFunction() && name->Equals(HEAP->prototype_symbol()) &&
+    if (object->IsJSFunction() &&
+        name->Equals(isolate()->heap()->prototype_symbol()) &&
         JSFunction::cast(*object)->should_have_prototype()) {
 #ifdef DEBUG
       if (FLAG_trace_ic) PrintF("[LoadIC : +#prototype /function]\n");
 #endif
       Code* target = isolate()->builtins()->builtin(
           Builtins::LoadIC_FunctionPrototype);
       set_target(target);
       return Accessors::FunctionGetPrototype(*object, 0);
     }
   }
@@ skipping 103 matching lines @@
                           Handle<Object> object,
                           Handle<String> name) {
   // Bail out if the result is not cacheable.
   if (!lookup->IsCacheable()) return;
 
   // Loading properties from values is not common, so don't try to
   // deal with non-JS objects here.
   if (!object->IsJSObject()) return;
   Handle<JSObject> receiver = Handle<JSObject>::cast(object);
 
-  if (HasNormalObjectsInPrototypeChain(lookup, *object)) return;
+  if (HasNormalObjectsInPrototypeChain(isolate(), lookup, *object)) return;
 
   // Compute the code stub for this load.
   MaybeObject* maybe_code = NULL;
   Object* code;
   if (state == UNINITIALIZED) {
     // This is the first time we execute this inline cache.
     // Set the target to the pre monomorphic stub to delay
     // setting the monomorphic state.
     maybe_code = pre_monomorphic_stub();
   } else if (!lookup->IsProperty()) {
@@ skipping 89 matching lines @@
     Handle<String> name = Handle<String>::cast(key);
 
     // If the object is undefined or null it's illegal to try to get any
     // of its properties; throw a TypeError in that case.
     if (object->IsUndefined() || object->IsNull()) {
       return TypeError("non_object_property_load", object, name);
     }
 
     if (FLAG_use_ic) {
       // Use specialized code for getting the length of strings.
-      if (object->IsString() && name->Equals(HEAP->length_symbol())) {
+      if (object->IsString() &&
+          name->Equals(isolate()->heap()->length_symbol())) {
         Handle<String> string = Handle<String>::cast(object);
         Object* code = NULL;
         { MaybeObject* maybe_code =
               isolate()->stub_cache()->ComputeKeyedLoadStringLength(*name,
                                                                     *string);
           if (!maybe_code->ToObject(&code)) return maybe_code;
         }
         set_target(Code::cast(code));
 #ifdef DEBUG
         TraceIC("KeyedLoadIC", name, state, target());
 #endif  // DEBUG
         return Smi::FromInt(string->length());
       }
 
       // Use specialized code for getting the length of arrays.
-      if (object->IsJSArray() && name->Equals(HEAP->length_symbol())) {
+      if (object->IsJSArray() &&
+          name->Equals(isolate()->heap()->length_symbol())) {
         Handle<JSArray> array = Handle<JSArray>::cast(object);
         Object* code;
         { MaybeObject* maybe_code =
               isolate()->stub_cache()->ComputeKeyedLoadArrayLength(*name,
                                                                    *array);
           if (!maybe_code->ToObject(&code)) return maybe_code;
         }
         set_target(Code::cast(code));
 #ifdef DEBUG
         TraceIC("KeyedLoadIC", name, state, target());
 #endif  // DEBUG
         return JSArray::cast(*object)->length();
       }
 
       // Use specialized code for getting prototype of functions.
-      if (object->IsJSFunction() && name->Equals(HEAP->prototype_symbol()) &&
+      if (object->IsJSFunction() &&
+          name->Equals(isolate()->heap()->prototype_symbol()) &&
         JSFunction::cast(*object)->should_have_prototype()) {
         Handle<JSFunction> function = Handle<JSFunction>::cast(object);
         Object* code;
         { MaybeObject* maybe_code =
               isolate()->stub_cache()->ComputeKeyedLoadFunctionPrototype(
                   *name, *function);
           if (!maybe_code->ToObject(&code)) return maybe_code;
         }
         set_target(Code::cast(code));
 #ifdef DEBUG
         TraceIC("KeyedLoadIC", name, state, target());
 #endif  // DEBUG
         return Accessors::FunctionGetPrototype(*object, 0);
       }
     }
 
     // Check if the name is trivially convertible to an index and get
     // the element or char if so.
     uint32_t index = 0;
     if (name->AsArrayIndex(&index)) {
-      HandleScope scope;
+      HandleScope scope(isolate());
       // Rewrite to the generic keyed load stub.
       if (FLAG_use_ic) set_target(generic_stub());
       return Runtime::GetElementOrCharAt(isolate(), object, index);
     }
 
     // Named lookup.
     LookupResult lookup;
     LookupForRead(*object, *name, &lookup);
 
     // If we did not find a property, check if we need to throw an exception.
@@ skipping 74 matching lines @@
 
 
 void KeyedLoadIC::UpdateCaches(LookupResult* lookup, State state,
                                Handle<Object> object, Handle<String> name) {
   // Bail out if we didn't find a result.
   if (!lookup->IsProperty() || !lookup->IsCacheable()) return;
 
   if (!object->IsJSObject()) return;
   Handle<JSObject> receiver = Handle<JSObject>::cast(object);
 
-  if (HasNormalObjectsInPrototypeChain(lookup, *object)) return;
+  if (HasNormalObjectsInPrototypeChain(isolate(), lookup, *object)) return;
 
   // Compute the code stub for this load.
   MaybeObject* maybe_code = NULL;
   Object* code;
 
   if (state == UNINITIALIZED) {
     // This is the first time we execute this inline cache.
     // Set the target to the pre monomorphic stub to delay
     // setting the monomorphic state.
     maybe_code = pre_monomorphic_stub();
@@ skipping 95 matching lines @@
     return TypeError("non_object_property_store", object, name);
   }
 
   // Ignore stores where the receiver is not a JSObject.
   if (!object->IsJSObject()) return *value;
   Handle<JSObject> receiver = Handle<JSObject>::cast(object);
 
   // Check if the given name is an array index.
   uint32_t index;
   if (name->AsArrayIndex(&index)) {
-    HandleScope scope;
+    HandleScope scope(isolate());
     Handle<Object> result = SetElement(receiver, index, value);
     if (result.is_null()) return Failure::Exception();
     return *value;
   }
 
   // Use specialized code for setting the length of arrays.
   if (receiver->IsJSArray()
-      && name->Equals(HEAP->length_symbol())
+      && name->Equals(isolate()->heap()->length_symbol())
       && receiver->AllowsSetElementsLength()) {
 #ifdef DEBUG
     if (FLAG_trace_ic) PrintF("[StoreIC : +#length /array]\n");
 #endif
     Code* target = isolate()->builtins()->builtin(
         Builtins::StoreIC_ArrayLength);
     set_target(target);
     return receiver->SetProperty(*name, *value, NONE);
   }
 
@@ skipping 92 matching lines @@
   MaybeObject* maybe_code = NULL;
   Object* code = NULL;
   switch (type) {
     case FIELD: {
       maybe_code = isolate()->stub_cache()->ComputeStoreField(
           *name, *receiver, lookup->GetFieldIndex());
       break;
     }
     case MAP_TRANSITION: {
       if (lookup->GetAttributes() != NONE) return;
-      HandleScope scope;
+      HandleScope scope(isolate());
       ASSERT(type == MAP_TRANSITION);
       Handle<Map> transition(lookup->GetTransitionMap());
       int index = transition->PropertyIndexFor(*name);
       maybe_code = isolate()->stub_cache()->ComputeStoreField(
           *name, *receiver, index, *transition);
       break;
     }
     case NORMAL: {
       if (receiver->IsGlobalObject()) {
         // The stub generated for the global object picks the value directly
@@ skipping 65 matching lines @@
       return TypeError("non_object_property_store", object, name);
     }
 
     // Ignore stores where the receiver is not a JSObject.
     if (!object->IsJSObject()) return *value;
     Handle<JSObject> receiver = Handle<JSObject>::cast(object);
 
     // Check if the given name is an array index.
     uint32_t index;
     if (name->AsArrayIndex(&index)) {
-      HandleScope scope;
+      HandleScope scope(isolate());
       Handle<Object> result = SetElement(receiver, index, value);
       if (result.is_null()) return Failure::Exception();
       return *value;
     }
 
     // Lookup the property locally in the receiver.
     LookupResult lookup;
     receiver->LocalLookup(*name, &lookup);
 
     // Update inline cache and stub cache.
@@ skipping 60 matching lines @@
   Object* code = NULL;
 
   switch (type) {
     case FIELD: {
       maybe_code = isolate()->stub_cache()->ComputeKeyedStoreField(
           *name, *receiver, lookup->GetFieldIndex());
       break;
     }
     case MAP_TRANSITION: {
       if (lookup->GetAttributes() == NONE) {
-        HandleScope scope;
+        HandleScope scope(isolate());
         ASSERT(type == MAP_TRANSITION);
         Handle<Map> transition(lookup->GetTransitionMap());
         int index = transition->PropertyIndexFor(*name);
         maybe_code = isolate()->stub_cache()->ComputeKeyedStoreField(
             *name, *receiver, index, *transition);
         break;
       }
       // fall through.
     }
     default: {
@@ skipping 20 matching lines @@
 #ifdef DEBUG
   TraceIC("KeyedStoreIC", name, state, target());
 #endif
 }
 
 
 // ----------------------------------------------------------------------------
 // Static IC stub generators.
 //
 
-static JSFunction* CompileFunction(JSFunction* function,
+static JSFunction* CompileFunction(Isolate* isolate,
+                                   JSFunction* function,
                                    InLoopFlag in_loop) {
   // Compile now with optimization.
-  HandleScope scope;
-  Handle<JSFunction> function_handle(function);
+  HandleScope scope(isolate);
+  Handle<JSFunction> function_handle(function, isolate);
   if (in_loop == IN_LOOP) {
     CompileLazyInLoop(function_handle, CLEAR_EXCEPTION);
   } else {
     CompileLazy(function_handle, CLEAR_EXCEPTION);
   }
   return *function_handle;
 }
 
 
 // Used from ic-<arch>.cc.
@@ skipping 12 matching lines @@
   // The first time the inline cache is updated may be the first time the
   // function it references gets called.  If the function was lazily compiled
   // then the first call will trigger a compilation.  We check for this case
   // and we do the compilation immediately, instead of waiting for the stub
   // currently attached to the JSFunction object to trigger compilation.  We
   // do this in the case where we know that the inline cache is inside a loop,
   // because then we know that we want to optimize the function.
   if (!result->IsJSFunction() || JSFunction::cast(result)->is_compiled()) {
     return result;
   }
-  return CompileFunction(JSFunction::cast(result), ic.target()->ic_in_loop());
+  return CompileFunction(isolate,
+                         JSFunction::cast(result),
+                         ic.target()->ic_in_loop());
 }
 
 
 // Used from ic-<arch>.cc.
 MUST_USE_RESULT MaybeObject* KeyedCallIC_Miss(RUNTIME_CALLING_CONVENTION) {
   RUNTIME_GET_ISOLATE;
   NoHandleAllocation na;
   ASSERT(args.length() == 2);
   KeyedCallIC ic(isolate);
   IC::State state = IC::StateFrom(ic.target(), args[0], args[1]);
   Object* result;
   { MaybeObject* maybe_result =
       ic.LoadFunction(state, args.at<Object>(0), args.at<Object>(1));
     if (!maybe_result->ToObject(&result)) return maybe_result;
   }
 
   if (!result->IsJSFunction() || JSFunction::cast(result)->is_compiled()) {
     return result;
   }
-  return CompileFunction(JSFunction::cast(result), ic.target()->ic_in_loop());
+  return CompileFunction(isolate,
+                         JSFunction::cast(result),
+                         ic.target()->ic_in_loop());
 }
 
 
 // Used from ic-<arch>.cc.
 MUST_USE_RESULT MaybeObject* LoadIC_Miss(RUNTIME_CALLING_CONVENTION) {
   RUNTIME_GET_ISOLATE;
   NoHandleAllocation na;
   ASSERT(args.length() == 2);
   LoadIC ic(isolate);
   IC::State state = IC::StateFrom(ic.target(), args[0], args[1]);
@@ skipping 149 matching lines @@
 
 
 // defined in code-stubs-<arch>.cc
 Handle<Code> GetBinaryOpStub(int key, BinaryOpIC::TypeInfo type_info);
 
 
 MUST_USE_RESULT MaybeObject* BinaryOp_Patch(RUNTIME_CALLING_CONVENTION) {
   RUNTIME_GET_ISOLATE;
   ASSERT(args.length() == 5);
 
-  HandleScope scope;
+  HandleScope scope(isolate);
   Handle<Object> left = args.at<Object>(0);
   Handle<Object> right = args.at<Object>(1);
   int key = Smi::cast(args[2])->value();
   Token::Value op = static_cast<Token::Value>(Smi::cast(args[3])->value());
   BinaryOpIC::TypeInfo previous_type =
       static_cast<BinaryOpIC::TypeInfo>(Smi::cast(args[4])->value());
 
   BinaryOpIC::TypeInfo type = BinaryOpIC::GetTypeInfo(*left, *right);
   Handle<Code> code = GetBinaryOpStub(key, type);
   if (!code.is_null()) {
     BinaryOpIC ic(isolate);
     ic.patch(*code);
     if (FLAG_trace_ic) {
       PrintF("[BinaryOpIC (%s->%s)#%s]\n",
              BinaryOpIC::GetName(previous_type),
              BinaryOpIC::GetName(type),
              Token::Name(op));
     }
   }
 
   Handle<JSBuiltinsObject> builtins = Handle<JSBuiltinsObject>(
-      isolate->thread_local_top()->context_->builtins());
+      isolate->thread_local_top()->context_->builtins(), isolate);
   Object* builtin = NULL;  // Initialization calms down the compiler.
   switch (op) {
     case Token::ADD:
       builtin = builtins->javascript_builtin(Builtins::ADD);
       break;
     case Token::SUB:
       builtin = builtins->javascript_builtin(Builtins::SUB);
       break;
     case Token::MUL:
       builtin = builtins->javascript_builtin(Builtins::MUL);
@@ skipping 19 matching lines @@
     case Token::SAR:
       builtin = builtins->javascript_builtin(Builtins::SAR);
       break;
     case Token::SHL:
       builtin = builtins->javascript_builtin(Builtins::SHL);
       break;
     default:
       UNREACHABLE();
   }
 
-  Handle<JSFunction> builtin_function(JSFunction::cast(builtin));
+  Handle<JSFunction> builtin_function(JSFunction::cast(builtin),
+                                      isolate);
 
   bool caught_exception;
   Object** builtin_args[] = { right.location() };
   Handle<Object> result = Execution::Call(builtin_function,
                                           left,
                                           ARRAY_SIZE(builtin_args),
                                           builtin_args,
                                           &caught_exception);
   if (caught_exception) {
     return Failure::Exception();
@@ skipping 125 matching lines @@
     if (FLAG_trace_ic) {
       PrintF("[TypeRecordingBinaryOpIC (%s->(%s->%s))#%s]\n",
              TRBinaryOpIC::GetName(previous_type),
              TRBinaryOpIC::GetName(type),
              TRBinaryOpIC::GetName(result_type),
              Token::Name(op));
     }
   }
 
   Handle<JSBuiltinsObject> builtins = Handle<JSBuiltinsObject>(
-      isolate->thread_local_top()->context_->builtins());
+      isolate->thread_local_top()->context_->builtins(), isolate);
   Object* builtin = NULL;  // Initialization calms down the compiler.
   switch (op) {
     case Token::ADD:
       builtin = builtins->javascript_builtin(Builtins::ADD);
       break;
     case Token::SUB:
       builtin = builtins->javascript_builtin(Builtins::SUB);
       break;
     case Token::MUL:
       builtin = builtins->javascript_builtin(Builtins::MUL);
@@ skipping 19 matching lines @@
     case Token::SAR:
       builtin = builtins->javascript_builtin(Builtins::SAR);
       break;
     case Token::SHL:
       builtin = builtins->javascript_builtin(Builtins::SHL);
       break;
     default:
       UNREACHABLE();
   }
 
-  Handle<JSFunction> builtin_function(JSFunction::cast(builtin));
+  Handle<JSFunction> builtin_function(JSFunction::cast(builtin), isolate);
 
   bool caught_exception;
   Object** builtin_args[] = { right.location() };
   Handle<Object> result = Execution::Call(builtin_function,
                                           left,
                                           ARRAY_SIZE(builtin_args),
                                           builtin_args,
                                           &caught_exception);
   if (caught_exception) {
     return Failure::Exception();
@@ skipping 59 matching lines @@
 #undef ADDR
 };
 
 
 Address IC::AddressFromUtilityId(IC::UtilityId id) {
   return IC_utilities[id];
 }
 
 
 } }  // namespace v8::internal