<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[170876] trunk/Source</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/170876">170876</a></dd>
<dt>Author</dt> <dd>benjamin@webkit.org</dd>
<dt>Date</dt> <dd>2014-07-07 21:23:30 -0700 (Mon, 07 Jul 2014)</dd>
</dl>
<h3>Log Message</h3>
<pre>LinkBuffer should not keep a reference to the MacroAssembler
https://bugs.webkit.org/show_bug.cgi?id=134668
Reviewed by Geoffrey Garen.
Source/JavaScriptCore:
In FTL, the LinkBuffer can outlive the MacroAssembler that was used for code generation.
When that happens, the pointer m_assembler points to released memory. That was not causing
issues because the attribute is not used after linking, but that was not particularily
future proof.
This patch refactors LinkBuffer to avoid any lifetime risk. The MacroAssembler is now passed
as a reference, it is used for linking but no reference is ever stored with the LinkBuffer.
While fixing the call sites to use a reference, I also discovered LinkBuffer.h was included
everywhere. I refactored some #include to avoid that.
* assembler/LinkBuffer.cpp:
(JSC::LinkBuffer::copyCompactAndLinkCode):
(JSC::LinkBuffer::linkCode):
* assembler/LinkBuffer.h:
(JSC::LinkBuffer::LinkBuffer):
* bytecode/Watchpoint.cpp:
* dfg/DFGDisassembler.cpp:
* dfg/DFGDisassembler.h:
* dfg/DFGJITCompiler.cpp:
(JSC::DFG::JITCompiler::link):
(JSC::DFG::JITCompiler::linkFunction):
* dfg/DFGOSRExitCompiler.cpp:
* dfg/DFGPlan.cpp:
* dfg/DFGThunks.cpp:
(JSC::DFG::osrExitGenerationThunkGenerator):
(JSC::DFG::osrEntryThunkGenerator):
* ftl/FTLCompile.cpp:
(JSC::FTL::generateICFastPath):
(JSC::FTL::fixFunctionBasedOnStackMaps):
* ftl/FTLJSCall.cpp:
* ftl/FTLJSCall.h:
* ftl/FTLLink.cpp:
(JSC::FTL::link):
* ftl/FTLLowerDFGToLLVM.cpp:
* ftl/FTLOSRExitCompiler.cpp:
(JSC::FTL::compileStub):
* ftl/FTLThunks.cpp:
(JSC::FTL::osrExitGenerationThunkGenerator):
(JSC::FTL::slowPathCallThunkGenerator):
* jit/ArityCheckFailReturnThunks.cpp:
(JSC::ArityCheckFailReturnThunks::returnPCsFor):
* jit/JIT.cpp:
(JSC::JIT::privateCompile):
* jit/JITCall.cpp:
(JSC::JIT::privateCompileClosureCall):
* jit/JITCall32_64.cpp:
(JSC::JIT::privateCompileClosureCall):
* jit/JITDisassembler.cpp:
* jit/JITDisassembler.h:
* jit/JITOpcodes.cpp:
* jit/JITPropertyAccess.cpp:
(JSC::JIT::stringGetByValStubGenerator):
(JSC::JIT::privateCompileGetByVal):
(JSC::JIT::privateCompilePutByVal):
* jit/JITPropertyAccess32_64.cpp:
(JSC::JIT::stringGetByValStubGenerator):
* jit/RegisterPreservationWrapperGenerator.cpp:
(JSC::generateRegisterPreservationWrapper):
(JSC::registerRestorationThunkGenerator):
* jit/Repatch.cpp:
(JSC::generateByIdStub):
(JSC::tryCacheGetByID):
(JSC::emitPutReplaceStub):
(JSC::emitPutTransitionStub):
(JSC::tryRepatchIn):
(JSC::linkClosureCall):
* jit/SpecializedThunkJIT.h:
(JSC::SpecializedThunkJIT::finalize):
* jit/ThunkGenerators.cpp:
(JSC::throwExceptionFromCallSlowPathGenerator):
(JSC::linkForThunkGenerator):
(JSC::linkClosureCallForThunkGenerator):
(JSC::virtualForThunkGenerator):
(JSC::nativeForGenerator):
(JSC::arityFixup):
* llint/LLIntThunks.cpp:
(JSC::LLInt::generateThunkWithJumpTo):
* yarr/YarrJIT.cpp:
(JSC::Yarr::YarrGenerator::compile):
Source/WebCore:
* cssjit/SelectorCompiler.cpp:
(WebCore::SelectorCompiler::SelectorCodeGenerator::compile):</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCoreChangeLog">trunk/Source/JavaScriptCore/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCoreassemblerLinkBuffercpp">trunk/Source/JavaScriptCore/assembler/LinkBuffer.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreassemblerLinkBufferh">trunk/Source/JavaScriptCore/assembler/LinkBuffer.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeWatchpointcpp">trunk/Source/JavaScriptCore/bytecode/Watchpoint.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGDisassemblercpp">trunk/Source/JavaScriptCore/dfg/DFGDisassembler.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGDisassemblerh">trunk/Source/JavaScriptCore/dfg/DFGDisassembler.h</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGJITCompilercpp">trunk/Source/JavaScriptCore/dfg/DFGJITCompiler.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGOSRExitCompilercpp">trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGPlancpp">trunk/Source/JavaScriptCore/dfg/DFGPlan.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGThunkscpp">trunk/Source/JavaScriptCore/dfg/DFGThunks.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLCompilecpp">trunk/Source/JavaScriptCore/ftl/FTLCompile.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLJSCallcpp">trunk/Source/JavaScriptCore/ftl/FTLJSCall.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLJSCallh">trunk/Source/JavaScriptCore/ftl/FTLJSCall.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLLinkcpp">trunk/Source/JavaScriptCore/ftl/FTLLink.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLLowerDFGToLLVMcpp">trunk/Source/JavaScriptCore/ftl/FTLLowerDFGToLLVM.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLOSRExitCompilercpp">trunk/Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLThunkscpp">trunk/Source/JavaScriptCore/ftl/FTLThunks.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitArityCheckFailReturnThunkscpp">trunk/Source/JavaScriptCore/jit/ArityCheckFailReturnThunks.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITcpp">trunk/Source/JavaScriptCore/jit/JIT.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITCallcpp">trunk/Source/JavaScriptCore/jit/JITCall.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITCall32_64cpp">trunk/Source/JavaScriptCore/jit/JITCall32_64.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITDisassemblercpp">trunk/Source/JavaScriptCore/jit/JITDisassembler.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITDisassemblerh">trunk/Source/JavaScriptCore/jit/JITDisassembler.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITOpcodescpp">trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITOpcodes32_64cpp">trunk/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITPropertyAccesscpp">trunk/Source/JavaScriptCore/jit/JITPropertyAccess.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITPropertyAccess32_64cpp">trunk/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitRegisterPreservationWrapperGeneratorcpp">trunk/Source/JavaScriptCore/jit/RegisterPreservationWrapperGenerator.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitRepatchcpp">trunk/Source/JavaScriptCore/jit/Repatch.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitSpecializedThunkJITh">trunk/Source/JavaScriptCore/jit/SpecializedThunkJIT.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitThunkGeneratorscpp">trunk/Source/JavaScriptCore/jit/ThunkGenerators.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorellintLLIntThunkscpp">trunk/Source/JavaScriptCore/llint/LLIntThunks.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreyarrYarrJITcpp">trunk/Source/JavaScriptCore/yarr/YarrJIT.cpp</a></li>
<li><a href="#trunkSourceWebCoreChangeLog">trunk/Source/WebCore/ChangeLog</a></li>
<li><a href="#trunkSourceWebCorecssjitSelectorCompilercpp">trunk/Source/WebCore/cssjit/SelectorCompiler.cpp</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ChangeLog (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ChangeLog 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/ChangeLog 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -1,3 +1,91 @@
</span><ins>+2014-07-07 Benjamin Poulain <benjamin@webkit.org>
+
+ LinkBuffer should not keep a reference to the MacroAssembler
+ https://bugs.webkit.org/show_bug.cgi?id=134668
+
+ Reviewed by Geoffrey Garen.
+
+ In FTL, the LinkBuffer can outlive the MacroAssembler that was used for code generation.
+ When that happens, the pointer m_assembler points to released memory. That was not causing
+ issues because the attribute is not used after linking, but that was not particularily
+ future proof.
+
+ This patch refactors LinkBuffer to avoid any lifetime risk. The MacroAssembler is now passed
+ as a reference, it is used for linking but no reference is ever stored with the LinkBuffer.
+
+ While fixing the call sites to use a reference, I also discovered LinkBuffer.h was included
+ everywhere. I refactored some #include to avoid that.
+
+ * assembler/LinkBuffer.cpp:
+ (JSC::LinkBuffer::copyCompactAndLinkCode):
+ (JSC::LinkBuffer::linkCode):
+ * assembler/LinkBuffer.h:
+ (JSC::LinkBuffer::LinkBuffer):
+ * bytecode/Watchpoint.cpp:
+ * dfg/DFGDisassembler.cpp:
+ * dfg/DFGDisassembler.h:
+ * dfg/DFGJITCompiler.cpp:
+ (JSC::DFG::JITCompiler::link):
+ (JSC::DFG::JITCompiler::linkFunction):
+ * dfg/DFGOSRExitCompiler.cpp:
+ * dfg/DFGPlan.cpp:
+ * dfg/DFGThunks.cpp:
+ (JSC::DFG::osrExitGenerationThunkGenerator):
+ (JSC::DFG::osrEntryThunkGenerator):
+ * ftl/FTLCompile.cpp:
+ (JSC::FTL::generateICFastPath):
+ (JSC::FTL::fixFunctionBasedOnStackMaps):
+ * ftl/FTLJSCall.cpp:
+ * ftl/FTLJSCall.h:
+ * ftl/FTLLink.cpp:
+ (JSC::FTL::link):
+ * ftl/FTLLowerDFGToLLVM.cpp:
+ * ftl/FTLOSRExitCompiler.cpp:
+ (JSC::FTL::compileStub):
+ * ftl/FTLThunks.cpp:
+ (JSC::FTL::osrExitGenerationThunkGenerator):
+ (JSC::FTL::slowPathCallThunkGenerator):
+ * jit/ArityCheckFailReturnThunks.cpp:
+ (JSC::ArityCheckFailReturnThunks::returnPCsFor):
+ * jit/JIT.cpp:
+ (JSC::JIT::privateCompile):
+ * jit/JITCall.cpp:
+ (JSC::JIT::privateCompileClosureCall):
+ * jit/JITCall32_64.cpp:
+ (JSC::JIT::privateCompileClosureCall):
+ * jit/JITDisassembler.cpp:
+ * jit/JITDisassembler.h:
+ * jit/JITOpcodes.cpp:
+ * jit/JITPropertyAccess.cpp:
+ (JSC::JIT::stringGetByValStubGenerator):
+ (JSC::JIT::privateCompileGetByVal):
+ (JSC::JIT::privateCompilePutByVal):
+ * jit/JITPropertyAccess32_64.cpp:
+ (JSC::JIT::stringGetByValStubGenerator):
+ * jit/RegisterPreservationWrapperGenerator.cpp:
+ (JSC::generateRegisterPreservationWrapper):
+ (JSC::registerRestorationThunkGenerator):
+ * jit/Repatch.cpp:
+ (JSC::generateByIdStub):
+ (JSC::tryCacheGetByID):
+ (JSC::emitPutReplaceStub):
+ (JSC::emitPutTransitionStub):
+ (JSC::tryRepatchIn):
+ (JSC::linkClosureCall):
+ * jit/SpecializedThunkJIT.h:
+ (JSC::SpecializedThunkJIT::finalize):
+ * jit/ThunkGenerators.cpp:
+ (JSC::throwExceptionFromCallSlowPathGenerator):
+ (JSC::linkForThunkGenerator):
+ (JSC::linkClosureCallForThunkGenerator):
+ (JSC::virtualForThunkGenerator):
+ (JSC::nativeForGenerator):
+ (JSC::arityFixup):
+ * llint/LLIntThunks.cpp:
+ (JSC::LLInt::generateThunkWithJumpTo):
+ * yarr/YarrJIT.cpp:
+ (JSC::Yarr::YarrGenerator::compile):
+
</ins><span class="cx"> 2014-07-07 Andreas Kling <akling@apple.com>
</span><span class="cx">
</span><span class="cx"> Fast path for jsStringWithCache() when asked for the same string repeatedly.
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreassemblerLinkBuffercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/assembler/LinkBuffer.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/assembler/LinkBuffer.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/assembler/LinkBuffer.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -78,17 +78,17 @@
</span><span class="cx">
</span><span class="cx"> #if ENABLE(BRANCH_COMPACTION)
</span><span class="cx"> template <typename InstructionType>
</span><del>-void LinkBuffer::copyCompactAndLinkCode(void* ownerUID, JITCompilationEffort effort)
</del><ins>+void LinkBuffer::copyCompactAndLinkCode(MacroAssembler& macroAssembler, void* ownerUID, JITCompilationEffort effort)
</ins><span class="cx"> {
</span><del>- m_initialSize = m_assembler->m_assembler.codeSize();
</del><ins>+ m_initialSize = macroAssembler.m_assembler.codeSize();
</ins><span class="cx"> allocate(m_initialSize, ownerUID, effort);
</span><span class="cx"> if (didFailToAllocate())
</span><span class="cx"> return;
</span><del>- uint8_t* inData = (uint8_t*)m_assembler->unlinkedCode();
</del><ins>+ uint8_t* inData = (uint8_t*)macroAssembler.unlinkedCode();
</ins><span class="cx"> uint8_t* outData = reinterpret_cast<uint8_t*>(m_code);
</span><span class="cx"> int readPtr = 0;
</span><span class="cx"> int writePtr = 0;
</span><del>- Vector<LinkRecord, 0, UnsafeVectorOverflow>& jumpsToLink = m_assembler->jumpsToLink();
</del><ins>+ Vector<LinkRecord, 0, UnsafeVectorOverflow>& jumpsToLink = macroAssembler.jumpsToLink();
</ins><span class="cx"> unsigned jumpCount = jumpsToLink.size();
</span><span class="cx"> for (unsigned i = 0; i < jumpCount; ++i) {
</span><span class="cx"> int offset = readPtr - writePtr;
</span><span class="lines">@@ -104,7 +104,7 @@
</span><span class="cx"> ASSERT(!(writePtr % 2));
</span><span class="cx"> while (copySource != copyEnd)
</span><span class="cx"> *copyDst++ = *copySource++;
</span><del>- m_assembler->recordLinkOffsets(readPtr, jumpsToLink[i].from(), offset);
</del><ins>+ macroAssembler.recordLinkOffsets(readPtr, jumpsToLink[i].from(), offset);
</ins><span class="cx"> readPtr += regionSize;
</span><span class="cx"> writePtr += regionSize;
</span><span class="cx">
</span><span class="lines">@@ -116,26 +116,26 @@
</span><span class="cx"> else
</span><span class="cx"> target = outData + jumpsToLink[i].to() - executableOffsetFor(jumpsToLink[i].to());
</span><span class="cx">
</span><del>- JumpLinkType jumpLinkType = m_assembler->computeJumpType(jumpsToLink[i], outData + writePtr, target);
</del><ins>+ JumpLinkType jumpLinkType = macroAssembler.computeJumpType(jumpsToLink[i], outData + writePtr, target);
</ins><span class="cx"> // Compact branch if we can...
</span><del>- if (m_assembler->canCompact(jumpsToLink[i].type())) {
</del><ins>+ if (macroAssembler.canCompact(jumpsToLink[i].type())) {
</ins><span class="cx"> // Step back in the write stream
</span><del>- int32_t delta = m_assembler->jumpSizeDelta(jumpsToLink[i].type(), jumpLinkType);
</del><ins>+ int32_t delta = macroAssembler.jumpSizeDelta(jumpsToLink[i].type(), jumpLinkType);
</ins><span class="cx"> if (delta) {
</span><span class="cx"> writePtr -= delta;
</span><del>- m_assembler->recordLinkOffsets(jumpsToLink[i].from() - delta, readPtr, readPtr - writePtr);
</del><ins>+ macroAssembler.recordLinkOffsets(jumpsToLink[i].from() - delta, readPtr, readPtr - writePtr);
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx"> jumpsToLink[i].setFrom(writePtr);
</span><span class="cx"> }
</span><span class="cx"> // Copy everything after the last jump
</span><span class="cx"> memcpy(outData + writePtr, inData + readPtr, m_initialSize - readPtr);
</span><del>- m_assembler->recordLinkOffsets(readPtr, m_initialSize, readPtr - writePtr);
</del><ins>+ macroAssembler.recordLinkOffsets(readPtr, m_initialSize, readPtr - writePtr);
</ins><span class="cx">
</span><span class="cx"> for (unsigned i = 0; i < jumpCount; ++i) {
</span><span class="cx"> uint8_t* location = outData + jumpsToLink[i].from();
</span><span class="cx"> uint8_t* target = outData + jumpsToLink[i].to() - executableOffsetFor(jumpsToLink[i].to());
</span><del>- m_assembler->link(jumpsToLink[i], location, target);
</del><ins>+ macroAssembler.link(jumpsToLink[i], location, target);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> jumpsToLink.clear();
</span><span class="lines">@@ -151,23 +151,23 @@
</span><span class="cx"> #endif
</span><span class="cx">
</span><span class="cx">
</span><del>-void LinkBuffer::linkCode(void* ownerUID, JITCompilationEffort effort)
</del><ins>+void LinkBuffer::linkCode(MacroAssembler& macroAssembler, void* ownerUID, JITCompilationEffort effort)
</ins><span class="cx"> {
</span><span class="cx"> #if !ENABLE(BRANCH_COMPACTION)
</span><span class="cx"> #if defined(ASSEMBLER_HAS_CONSTANT_POOL) && ASSEMBLER_HAS_CONSTANT_POOL
</span><del>- m_assembler->m_assembler.buffer().flushConstantPool(false);
</del><ins>+ macroAssembler.m_assembler.buffer().flushConstantPool(false);
</ins><span class="cx"> #endif
</span><del>- AssemblerBuffer& buffer = m_assembler->m_assembler.buffer();
</del><ins>+ AssemblerBuffer& buffer = macroAssembler.m_assembler.buffer();
</ins><span class="cx"> allocate(buffer.codeSize(), ownerUID, effort);
</span><span class="cx"> if (!m_didAllocate)
</span><span class="cx"> return;
</span><span class="cx"> ASSERT(m_code);
</span><span class="cx"> #if CPU(ARM_TRADITIONAL)
</span><del>- m_assembler->m_assembler.prepareExecutableCopy(m_code);
</del><ins>+ macroAssembler.m_assembler.prepareExecutableCopy(m_code);
</ins><span class="cx"> #endif
</span><span class="cx"> memcpy(m_code, buffer.data(), buffer.codeSize());
</span><span class="cx"> #if CPU(MIPS)
</span><del>- m_assembler->m_assembler.relocateJumps(buffer.data(), m_code);
</del><ins>+ macroAssembler.m_assembler.relocateJumps(buffer.data(), m_code);
</ins><span class="cx"> #endif
</span><span class="cx"> #elif CPU(ARM_THUMB2)
</span><span class="cx"> copyCompactAndLinkCode<uint16_t>(ownerUID, effort);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreassemblerLinkBufferh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/assembler/LinkBuffer.h (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/assembler/LinkBuffer.h 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/assembler/LinkBuffer.h 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -80,38 +80,36 @@
</span><span class="cx"> #endif
</span><span class="cx">
</span><span class="cx"> public:
</span><del>- LinkBuffer(VM& vm, MacroAssembler* masm, void* ownerUID, JITCompilationEffort effort = JITCompilationMustSucceed)
</del><ins>+ LinkBuffer(VM& vm, MacroAssembler& macroAssembler, void* ownerUID, JITCompilationEffort effort = JITCompilationMustSucceed)
</ins><span class="cx"> : m_size(0)
</span><span class="cx"> #if ENABLE(BRANCH_COMPACTION)
</span><span class="cx"> , m_initialSize(0)
</span><span class="cx"> #endif
</span><span class="cx"> , m_didAllocate(false)
</span><span class="cx"> , m_code(0)
</span><del>- , m_storage(masm->m_assembler.buffer().storage())
- , m_assembler(masm)
</del><ins>+ , m_storage(macroAssembler.m_assembler.buffer().storage())
</ins><span class="cx"> , m_vm(&vm)
</span><span class="cx"> #ifndef NDEBUG
</span><span class="cx"> , m_completed(false)
</span><span class="cx"> #endif
</span><span class="cx"> {
</span><del>- linkCode(ownerUID, effort);
</del><ins>+ linkCode(macroAssembler, ownerUID, effort);
</ins><span class="cx"> }
</span><span class="cx">
</span><del>- LinkBuffer(VM& vm, MacroAssembler* masm, void* code, size_t size)
</del><ins>+ LinkBuffer(VM& vm, MacroAssembler& macroAssembler, void* code, size_t size)
</ins><span class="cx"> : m_size(size)
</span><span class="cx"> #if ENABLE(BRANCH_COMPACTION)
</span><span class="cx"> , m_initialSize(0)
</span><span class="cx"> #endif
</span><span class="cx"> , m_didAllocate(false)
</span><span class="cx"> , m_code(code)
</span><del>- , m_storage(masm->m_assembler.buffer().storage())
- , m_assembler(masm)
</del><ins>+ , m_storage(macroAssembler.m_assembler.buffer().storage())
</ins><span class="cx"> , m_vm(&vm)
</span><span class="cx"> #ifndef NDEBUG
</span><span class="cx"> , m_completed(false)
</span><span class="cx"> #endif
</span><span class="cx"> {
</span><del>- linkCode(0, JITCompilationCanFail);
</del><ins>+ linkCode(macroAssembler, 0, JITCompilationCanFail);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> ~LinkBuffer()
</span><span class="lines">@@ -285,10 +283,10 @@
</span><span class="cx"> void allocate(size_t initialSize, void* ownerUID, JITCompilationEffort);
</span><span class="cx"> void shrink(size_t newSize);
</span><span class="cx">
</span><del>- JS_EXPORT_PRIVATE void linkCode(void* ownerUID, JITCompilationEffort);
</del><ins>+ JS_EXPORT_PRIVATE void linkCode(MacroAssembler&, void* ownerUID, JITCompilationEffort);
</ins><span class="cx"> #if ENABLE(BRANCH_COMPACTION)
</span><span class="cx"> template <typename InstructionType>
</span><del>- void copyCompactAndLinkCode(void* ownerUID, JITCompilationEffort);
</del><ins>+ void copyCompactAndLinkCode(MacroAssembler&, void* ownerUID, JITCompilationEffort);
</ins><span class="cx"> #endif
</span><span class="cx">
</span><span class="cx"> void performFinalization();
</span><span class="lines">@@ -309,7 +307,6 @@
</span><span class="cx"> bool m_didAllocate;
</span><span class="cx"> void* m_code;
</span><span class="cx"> RefPtr<AssemblerData> m_storage;
</span><del>- MacroAssembler* m_assembler;
</del><span class="cx"> VM* m_vm;
</span><span class="cx"> #ifndef NDEBUG
</span><span class="cx"> bool m_completed;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeWatchpointcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/Watchpoint.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/Watchpoint.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/bytecode/Watchpoint.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -26,7 +26,6 @@
</span><span class="cx"> #include "config.h"
</span><span class="cx"> #include "Watchpoint.h"
</span><span class="cx">
</span><del>-#include "LinkBuffer.h"
</del><span class="cx"> #include <wtf/CompilationThread.h>
</span><span class="cx"> #include <wtf/PassRefPtr.h>
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGDisassemblercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGDisassembler.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGDisassembler.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/dfg/DFGDisassembler.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -32,6 +32,7 @@
</span><span class="cx"> #include "DFGGraph.h"
</span><span class="cx"> #include "DFGJITCode.h"
</span><span class="cx"> #include "JSCInlines.h"
</span><ins>+#include "LinkBuffer.h"
</ins><span class="cx"> #include "ProfilerDatabase.h"
</span><span class="cx"> #include <wtf/StdLibExtras.h>
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGDisassemblerh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGDisassembler.h (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGDisassembler.h 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/dfg/DFGDisassembler.h 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -30,15 +30,18 @@
</span><span class="cx">
</span><span class="cx"> #include "DFGCommon.h"
</span><span class="cx"> #include "DumpContext.h"
</span><del>-#include "LinkBuffer.h"
</del><span class="cx"> #include "MacroAssembler.h"
</span><del>-#include "ProfilerDatabase.h"
</del><ins>+#include "ProfilerCompilation.h"
</ins><span class="cx"> #include <wtf/HashMap.h>
</span><span class="cx"> #include <wtf/StringPrintStream.h>
</span><span class="cx"> #include <wtf/Vector.h>
</span><span class="cx">
</span><del>-namespace JSC { namespace DFG {
</del><ins>+namespace JSC {
</ins><span class="cx">
</span><ins>+class LinkBuffer;
+
+namespace DFG {
+
</ins><span class="cx"> class Graph;
</span><span class="cx">
</span><span class="cx"> class Disassembler {
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGJITCompilercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGJITCompiler.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGJITCompiler.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/dfg/DFGJITCompiler.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -304,7 +304,7 @@
</span><span class="cx">
</span><span class="cx"> void JITCompiler::link()
</span><span class="cx"> {
</span><del>- OwnPtr<LinkBuffer> linkBuffer = adoptPtr(new LinkBuffer(*m_vm, this, m_codeBlock, JITCompilationCanFail));
</del><ins>+ OwnPtr<LinkBuffer> linkBuffer = adoptPtr(new LinkBuffer(*m_vm, *this, m_codeBlock, JITCompilationCanFail));
</ins><span class="cx"> if (linkBuffer->didFailToAllocate()) {
</span><span class="cx"> m_graph.m_plan.finalizer = adoptPtr(new FailedFinalizer(m_graph.m_plan));
</span><span class="cx"> return;
</span><span class="lines">@@ -406,7 +406,7 @@
</span><span class="cx"> void JITCompiler::linkFunction()
</span><span class="cx"> {
</span><span class="cx"> // === Link ===
</span><del>- OwnPtr<LinkBuffer> linkBuffer = adoptPtr(new LinkBuffer(*m_vm, this, m_codeBlock, JITCompilationCanFail));
</del><ins>+ OwnPtr<LinkBuffer> linkBuffer = adoptPtr(new LinkBuffer(*m_vm, *this, m_codeBlock, JITCompilationCanFail));
</ins><span class="cx"> if (linkBuffer->didFailToAllocate()) {
</span><span class="cx"> m_graph.m_plan.finalizer = adoptPtr(new FailedFinalizer(m_graph.m_plan));
</span><span class="cx"> return;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGOSRExitCompilercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -94,7 +94,7 @@
</span><span class="cx">
</span><span class="cx"> exitCompiler.compileExit(exit, operands, recovery);
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &jit, codeBlock);
</del><ins>+ LinkBuffer patchBuffer(*vm, jit, codeBlock);
</ins><span class="cx"> exit.m_code = FINALIZE_CODE_IF(
</span><span class="cx"> shouldShowDisassembly() || Options::verboseOSR(),
</span><span class="cx"> patchBuffer,
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGPlancpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGPlan.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGPlan.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/dfg/DFGPlan.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -65,8 +65,9 @@
</span><span class="cx"> #include "DFGVirtualRegisterAllocationPhase.h"
</span><span class="cx"> #include "DFGWatchpointCollectionPhase.h"
</span><span class="cx"> #include "Debugger.h"
</span><ins>+#include "JSCInlines.h"
</ins><span class="cx"> #include "OperandsInlines.h"
</span><del>-#include "JSCInlines.h"
</del><ins>+#include "ProfilerDatabase.h"
</ins><span class="cx"> #include <wtf/CurrentTime.h>
</span><span class="cx">
</span><span class="cx"> #if ENABLE(FTL_JIT)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGThunkscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGThunks.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGThunks.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/dfg/DFGThunks.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -88,7 +88,7 @@
</span><span class="cx">
</span><span class="cx"> jit.jump(MacroAssembler::AbsoluteAddress(&vm->osrExitJumpDestination));
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &jit, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer patchBuffer(*vm, jit, GLOBAL_THUNK_ID);
</ins><span class="cx">
</span><span class="cx"> patchBuffer.link(functionCall, compileOSRExit);
</span><span class="cx">
</span><span class="lines">@@ -131,7 +131,7 @@
</span><span class="cx"> ok.link(&jit);
</span><span class="cx"> jit.jump(GPRInfo::regT1);
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &jit, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer patchBuffer(*vm, jit, GLOBAL_THUNK_ID);
</ins><span class="cx"> return FINALIZE_CODE(patchBuffer, ("DFG OSR entry thunk"));
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLCompilecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLCompile.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLCompile.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/ftl/FTLCompile.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -147,7 +147,7 @@
</span><span class="cx"> char* startOfIC =
</span><span class="cx"> bitwise_cast<char*>(generatedFunction) + record.instructionOffset;
</span><span class="cx">
</span><del>- LinkBuffer linkBuffer(vm, &fastPathJIT, startOfIC, sizeOfIC);
</del><ins>+ LinkBuffer linkBuffer(vm, fastPathJIT, startOfIC, sizeOfIC);
</ins><span class="cx"> // Note: we could handle the !isValid() case. We just don't appear to have a
</span><span class="cx"> // reason to do so, yet.
</span><span class="cx"> RELEASE_ASSERT(linkBuffer.isValid());
</span><span class="lines">@@ -238,7 +238,7 @@
</span><span class="cx"> checkJIT.jump(exceptionContinueArg1Set);
</span><span class="cx">
</span><span class="cx"> OwnPtr<LinkBuffer> linkBuffer = adoptPtr(new LinkBuffer(
</span><del>- vm, &checkJIT, codeBlock, JITCompilationMustSucceed));
</del><ins>+ vm, checkJIT, codeBlock, JITCompilationMustSucceed));
</ins><span class="cx"> linkBuffer->link(call, FunctionPtr(lookupExceptionHandler));
</span><span class="cx">
</span><span class="cx"> state.finalizer->handleExceptionsLinkBuffer = linkBuffer.release();
</span><span class="lines">@@ -251,7 +251,7 @@
</span><span class="cx"> RELEASE_ASSERT(didSeeUnwindInfo);
</span><span class="cx">
</span><span class="cx"> OwnPtr<LinkBuffer> linkBuffer = adoptPtr(new LinkBuffer(
</span><del>- vm, &exitThunkGenerator, codeBlock, JITCompilationMustSucceed));
</del><ins>+ vm, exitThunkGenerator, codeBlock, JITCompilationMustSucceed));
</ins><span class="cx">
</span><span class="cx"> RELEASE_ASSERT(state.finalizer->osrExit.size() == state.jitCode->osrExit.size());
</span><span class="cx">
</span><span class="lines">@@ -374,7 +374,7 @@
</span><span class="cx"> MacroAssembler::Jump exceptionJump = slowPathJIT.jump();
</span><span class="cx">
</span><span class="cx"> state.finalizer->sideCodeLinkBuffer = adoptPtr(
</span><del>- new LinkBuffer(vm, &slowPathJIT, codeBlock, JITCompilationMustSucceed));
</del><ins>+ new LinkBuffer(vm, slowPathJIT, codeBlock, JITCompilationMustSucceed));
</ins><span class="cx"> state.finalizer->sideCodeLinkBuffer->link(
</span><span class="cx"> exceptionJump, state.finalizer->handleExceptionsLinkBuffer->entrypoint());
</span><span class="cx">
</span><span class="lines">@@ -418,7 +418,7 @@
</span><span class="cx">
</span><span class="cx"> char* startOfIC = bitwise_cast<char*>(generatedFunction) + call.m_instructionOffset;
</span><span class="cx">
</span><del>- LinkBuffer linkBuffer(vm, &fastPathJIT, startOfIC, sizeOfCall());
</del><ins>+ LinkBuffer linkBuffer(vm, fastPathJIT, startOfIC, sizeOfCall());
</ins><span class="cx"> if (!linkBuffer.isValid()) {
</span><span class="cx"> dataLog("Failed to insert inline cache for call because we thought the size would be ", sizeOfCall(), " but it ended up being ", fastPathJIT.m_assembler.codeSize(), " prior to compaction.\n");
</span><span class="cx"> RELEASE_ASSERT_NOT_REACHED();
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLJSCallcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLJSCall.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLJSCall.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/ftl/FTLJSCall.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -29,6 +29,7 @@
</span><span class="cx"> #if ENABLE(FTL_JIT)
</span><span class="cx">
</span><span class="cx"> #include "DFGNode.h"
</span><ins>+#include "LinkBuffer.h"
</ins><span class="cx">
</span><span class="cx"> namespace JSC { namespace FTL {
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLJSCallh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLJSCall.h (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLJSCall.h 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/ftl/FTLJSCall.h 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -31,10 +31,11 @@
</span><span class="cx"> #include "CCallHelpers.h"
</span><span class="cx"> #include "CallLinkInfo.h"
</span><span class="cx"> #include "CodeOrigin.h"
</span><del>-#include "LinkBuffer.h"
</del><span class="cx">
</span><span class="cx"> namespace JSC {
</span><span class="cx">
</span><ins>+class LinkBuffer;
+
</ins><span class="cx"> namespace DFG {
</span><span class="cx"> struct Node;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLLinkcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLLink.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLLink.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/ftl/FTLLink.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -176,7 +176,7 @@
</span><span class="cx"> jit.emitFunctionEpilogue();
</span><span class="cx"> mainPathJumps.append(jit.jump());
</span><span class="cx">
</span><del>- linkBuffer = adoptPtr(new LinkBuffer(vm, &jit, codeBlock, JITCompilationMustSucceed));
</del><ins>+ linkBuffer = adoptPtr(new LinkBuffer(vm, jit, codeBlock, JITCompilationMustSucceed));
</ins><span class="cx"> linkBuffer->link(callArityCheck, codeBlock->m_isConstructor ? operationConstructArityCheck : operationCallArityCheck);
</span><span class="cx"> linkBuffer->link(callArityFixup, FunctionPtr((vm.getCTIStub(arityFixup)).code().executableAddress()));
</span><span class="cx"> linkBuffer->link(mainPathJumps, CodeLocationLabel(bitwise_cast<void*>(state.generatedFunction)));
</span><span class="lines">@@ -194,7 +194,7 @@
</span><span class="cx"> jit.emitFunctionEpilogue();
</span><span class="cx"> CCallHelpers::Jump mainPathJump = jit.jump();
</span><span class="cx">
</span><del>- linkBuffer = adoptPtr(new LinkBuffer(vm, &jit, codeBlock, JITCompilationMustSucceed));
</del><ins>+ linkBuffer = adoptPtr(new LinkBuffer(vm, jit, codeBlock, JITCompilationMustSucceed));
</ins><span class="cx"> linkBuffer->link(mainPathJump, CodeLocationLabel(bitwise_cast<void*>(state.generatedFunction)));
</span><span class="cx">
</span><span class="cx"> state.jitCode->initializeAddressForCall(linkBuffer->locationOf(start));
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLLowerDFGToLLVMcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLLowerDFGToLLVM.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLLowerDFGToLLVM.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/ftl/FTLLowerDFGToLLVM.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -40,7 +40,6 @@
</span><span class="cx"> #include "FTLOutput.h"
</span><span class="cx"> #include "FTLThunks.h"
</span><span class="cx"> #include "FTLWeightedTarget.h"
</span><del>-#include "LinkBuffer.h"
</del><span class="cx"> #include "OperandsInlines.h"
</span><span class="cx"> #include "JSCInlines.h"
</span><span class="cx"> #include "VirtualRegister.h"
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLOSRExitCompilercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -363,7 +363,7 @@
</span><span class="cx">
</span><span class="cx"> adjustAndJumpToTarget(jit, exit);
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &jit, codeBlock);
</del><ins>+ LinkBuffer patchBuffer(*vm, jit, codeBlock);
</ins><span class="cx"> exit.m_code = FINALIZE_CODE_IF(
</span><span class="cx"> shouldShowDisassembly() || Options::verboseOSR() || Options::verboseFTLOSRExit(),
</span><span class="cx"> patchBuffer,
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLThunkscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLThunks.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLThunks.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/ftl/FTLThunks.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -101,7 +101,7 @@
</span><span class="cx">
</span><span class="cx"> jit.ret();
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &jit, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer patchBuffer(*vm, jit, GLOBAL_THUNK_ID);
</ins><span class="cx"> patchBuffer.link(functionCall, compileFTLOSRExit);
</span><span class="cx"> return FINALIZE_CODE(patchBuffer, ("FTL OSR exit generation thunk"));
</span><span class="cx"> }
</span><span class="lines">@@ -192,7 +192,7 @@
</span><span class="cx">
</span><span class="cx"> jit.ret();
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(vm, &jit, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer patchBuffer(vm, jit, GLOBAL_THUNK_ID);
</ins><span class="cx"> patchBuffer.link(call, FunctionPtr(key.callTarget()));
</span><span class="cx"> return FINALIZE_CODE(patchBuffer, ("FTL slow path call thunk for %s", toCString(key).data()));
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitArityCheckFailReturnThunkscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/ArityCheckFailReturnThunks.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/ArityCheckFailReturnThunks.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/jit/ArityCheckFailReturnThunks.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -97,7 +97,7 @@
</span><span class="cx"> jit.jump(GPRInfo::regT2);
</span><span class="cx"> }
</span><span class="cx">
</span><del>- LinkBuffer linkBuffer(vm, &jit, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer linkBuffer(vm, jit, GLOBAL_THUNK_ID);
</ins><span class="cx">
</span><span class="cx"> unsigned returnPCsSize = numExpectedArgumentsIncludingThis / stackAlignmentRegisters() + 1;
</span><span class="cx"> std::unique_ptr<CodeLocationLabel[]> returnPCs =
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JIT.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JIT.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/jit/JIT.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -46,6 +46,7 @@
</span><span class="cx"> #include "LinkBuffer.h"
</span><span class="cx"> #include "MaxFrameExtentForSlowPathCall.h"
</span><span class="cx"> #include "JSCInlines.h"
</span><ins>+#include "ProfilerDatabase.h"
</ins><span class="cx"> #include "RepatchBuffer.h"
</span><span class="cx"> #include "ResultType.h"
</span><span class="cx"> #include "SamplingTool.h"
</span><span class="lines">@@ -586,7 +587,7 @@
</span><span class="cx"> if (m_disassembler)
</span><span class="cx"> m_disassembler->setEndOfCode(label());
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*m_vm, this, m_codeBlock, effort);
</del><ins>+ LinkBuffer patchBuffer(*m_vm, *this, m_codeBlock, effort);
</ins><span class="cx"> if (patchBuffer.didFailToAllocate())
</span><span class="cx"> return CompilationFailed;
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITCallcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITCall.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITCall.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/jit/JITCall.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -36,6 +36,7 @@
</span><span class="cx"> #include "JSFunction.h"
</span><span class="cx"> #include "Interpreter.h"
</span><span class="cx"> #include "JSCInlines.h"
</span><ins>+#include "LinkBuffer.h"
</ins><span class="cx"> #include "RepatchBuffer.h"
</span><span class="cx"> #include "ResultType.h"
</span><span class="cx"> #include "SamplingTool.h"
</span><span class="lines">@@ -286,7 +287,7 @@
</span><span class="cx"> restoreReturnAddressBeforeReturn(regT2);
</span><span class="cx"> Jump slow = jump();
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*m_vm, this, m_codeBlock);
</del><ins>+ LinkBuffer patchBuffer(*m_vm, *this, m_codeBlock);
</ins><span class="cx">
</span><span class="cx"> patchBuffer.link(call, FunctionPtr(codePtr.executableAddress()));
</span><span class="cx"> patchBuffer.link(done, callLinkInfo->hotPathOther.labelAtOffset(0));
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITCall32_64cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITCall32_64.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITCall32_64.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/jit/JITCall32_64.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -36,6 +36,7 @@
</span><span class="cx"> #include "JSArray.h"
</span><span class="cx"> #include "JSFunction.h"
</span><span class="cx"> #include "JSCInlines.h"
</span><ins>+#include "LinkBuffer.h"
</ins><span class="cx"> #include "RepatchBuffer.h"
</span><span class="cx"> #include "ResultType.h"
</span><span class="cx"> #include "SamplingTool.h"
</span><span class="lines">@@ -377,7 +378,7 @@
</span><span class="cx"> restoreReturnAddressBeforeReturn(regT2);
</span><span class="cx"> Jump slow = jump();
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*m_vm, this, m_codeBlock);
</del><ins>+ LinkBuffer patchBuffer(*m_vm, *this, m_codeBlock);
</ins><span class="cx">
</span><span class="cx"> patchBuffer.link(call, FunctionPtr(codePtr.executableAddress()));
</span><span class="cx"> patchBuffer.link(done, callLinkInfo->hotPathOther.labelAtOffset(0));
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITDisassemblercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITDisassembler.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITDisassembler.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/jit/JITDisassembler.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -32,6 +32,7 @@
</span><span class="cx"> #include "CodeBlockWithJITType.h"
</span><span class="cx"> #include "JIT.h"
</span><span class="cx"> #include "JSCInlines.h"
</span><ins>+#include "LinkBuffer.h"
</ins><span class="cx"> #include <wtf/StringPrintStream.h>
</span><span class="cx">
</span><span class="cx"> namespace JSC {
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITDisassemblerh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITDisassembler.h (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITDisassembler.h 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/jit/JITDisassembler.h 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -28,15 +28,19 @@
</span><span class="cx">
</span><span class="cx"> #if ENABLE(JIT)
</span><span class="cx">
</span><del>-#include "LinkBuffer.h"
</del><span class="cx"> #include "MacroAssembler.h"
</span><del>-#include "ProfilerDatabase.h"
</del><span class="cx"> #include <wtf/Vector.h>
</span><ins>+#include <wtf/text/CString.h>
</ins><span class="cx">
</span><span class="cx"> namespace JSC {
</span><span class="cx">
</span><span class="cx"> class CodeBlock;
</span><ins>+class LinkBuffer;
</ins><span class="cx">
</span><ins>+namespace Profiler {
+class Compilation;
+}
+
</ins><span class="cx"> class JITDisassembler {
</span><span class="cx"> WTF_MAKE_FAST_ALLOCATED;
</span><span class="cx"> public:
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITOpcodescpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -37,7 +37,6 @@
</span><span class="cx"> #include "JSCell.h"
</span><span class="cx"> #include "JSFunction.h"
</span><span class="cx"> #include "JSPropertyNameIterator.h"
</span><del>-#include "LinkBuffer.h"
</del><span class="cx"> #include "MaxFrameExtentForSlowPathCall.h"
</span><span class="cx"> #include "SlowPathCall.h"
</span><span class="cx"> #include "VirtualRegister.h"
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITOpcodes32_64cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -133,7 +133,7 @@
</span><span class="cx"> jumpToExceptionHandler();
</span><span class="cx">
</span><span class="cx"> // All trampolines constructed! copy the code, link up calls, and set the pointers on the Machine object.
</span><del>- LinkBuffer patchBuffer(*m_vm, this, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer patchBuffer(*m_vm, *this, GLOBAL_THUNK_ID);
</ins><span class="cx">
</span><span class="cx"> patchBuffer.link(nativeCall, FunctionPtr(func));
</span><span class="cx"> return FINALIZE_CODE(patchBuffer, ("JIT CTI native call"));
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITPropertyAccesscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITPropertyAccess.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITPropertyAccess.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/jit/JITPropertyAccess.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -86,7 +86,7 @@
</span><span class="cx"> jit.move(TrustedImm32(0), regT0);
</span><span class="cx"> jit.ret();
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &jit, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer patchBuffer(*vm, jit, GLOBAL_THUNK_ID);
</ins><span class="cx"> return FINALIZE_CODE(patchBuffer, ("String get_by_val stub"));
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -1007,7 +1007,7 @@
</span><span class="cx">
</span><span class="cx"> Jump done = jump();
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*m_vm, this, m_codeBlock);
</del><ins>+ LinkBuffer patchBuffer(*m_vm, *this, m_codeBlock);
</ins><span class="cx">
</span><span class="cx"> patchBuffer.link(badType, CodeLocationLabel(MacroAssemblerCodePtr::createFromExecutableAddress(returnAddress.value())).labelAtOffset(byValInfo->returnAddressToSlowPath));
</span><span class="cx"> patchBuffer.link(slowCases, CodeLocationLabel(MacroAssemblerCodePtr::createFromExecutableAddress(returnAddress.value())).labelAtOffset(byValInfo->returnAddressToSlowPath));
</span><span class="lines">@@ -1064,7 +1064,7 @@
</span><span class="cx">
</span><span class="cx"> Jump done = jump();
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*m_vm, this, m_codeBlock);
</del><ins>+ LinkBuffer patchBuffer(*m_vm, *this, m_codeBlock);
</ins><span class="cx"> patchBuffer.link(badType, CodeLocationLabel(MacroAssemblerCodePtr::createFromExecutableAddress(returnAddress.value())).labelAtOffset(byValInfo->returnAddressToSlowPath));
</span><span class="cx"> patchBuffer.link(slowCases, CodeLocationLabel(MacroAssemblerCodePtr::createFromExecutableAddress(returnAddress.value())).labelAtOffset(byValInfo->returnAddressToSlowPath));
</span><span class="cx"> patchBuffer.link(done, byValInfo->badTypeJump.labelAtOffset(byValInfo->badTypeJumpToDone));
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITPropertyAccess32_64cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -117,7 +117,7 @@
</span><span class="cx"> jit.move(TrustedImm32(0), regT0);
</span><span class="cx"> jit.ret();
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &jit, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer patchBuffer(*vm, jit, GLOBAL_THUNK_ID);
</ins><span class="cx"> return FINALIZE_CODE(patchBuffer, ("String get_by_val stub"));
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitRegisterPreservationWrapperGeneratorcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/RegisterPreservationWrapperGenerator.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/RegisterPreservationWrapperGenerator.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/jit/RegisterPreservationWrapperGenerator.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -124,7 +124,7 @@
</span><span class="cx"> jit.restoreReturnAddressBeforeReturn(GPRInfo::nonArgGPR0);
</span><span class="cx"> AssemblyHelpers::Jump jump = jit.jump();
</span><span class="cx">
</span><del>- LinkBuffer linkBuffer(vm, &jit, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer linkBuffer(vm, jit, GLOBAL_THUNK_ID);
</ins><span class="cx"> linkBuffer.link(jump, CodeLocationLabel(target));
</span><span class="cx">
</span><span class="cx"> if (Options::verboseFTLToJSThunk())
</span><span class="lines">@@ -226,7 +226,7 @@
</span><span class="cx"> {
</span><span class="cx"> AssemblyHelpers jit(vm, 0);
</span><span class="cx"> generateRegisterRestoration(jit);
</span><del>- LinkBuffer linkBuffer(*vm, &jit, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer linkBuffer(*vm, jit, GLOBAL_THUNK_ID);
</ins><span class="cx"> return FINALIZE_CODE(linkBuffer, ("Register restoration thunk"));
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitRepatchcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/Repatch.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/Repatch.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/jit/Repatch.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -565,7 +565,7 @@
</span><span class="cx"> }
</span><span class="cx"> emitRestoreScratch(stubJit, needToRestoreScratch, scratchGPR, success, fail, failureCases);
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &stubJit, exec->codeBlock());
</del><ins>+ LinkBuffer patchBuffer(*vm, stubJit, exec->codeBlock());
</ins><span class="cx">
</span><span class="cx"> linkRestoreScratch(patchBuffer, needToRestoreScratch, success, fail, failureCases, successLabel, slowCaseLabel);
</span><span class="cx"> if (kind == CallCustomGetter || kind == CallCustomSetter) {
</span><span class="lines">@@ -678,7 +678,7 @@
</span><span class="cx">
</span><span class="cx"> emitRestoreScratch(stubJit, needToRestoreScratch, scratchGPR, success, fail, failureCases);
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &stubJit, codeBlock);
</del><ins>+ LinkBuffer patchBuffer(*vm, stubJit, codeBlock);
</ins><span class="cx">
</span><span class="cx"> linkRestoreScratch(patchBuffer, needToRestoreScratch, stubInfo, success, fail, failureCases);
</span><span class="cx">
</span><span class="lines">@@ -708,7 +708,7 @@
</span><span class="cx">
</span><span class="cx"> MacroAssembler::Jump success = stubJit.jump();
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &stubJit, codeBlock);
</del><ins>+ LinkBuffer patchBuffer(*vm, stubJit, codeBlock);
</ins><span class="cx">
</span><span class="cx"> patchBuffer.link(success, stubInfo.callReturnLocation.labelAtOffset(stubInfo.patch.deltaCallToDone));
</span><span class="cx"> patchBuffer.link(failure, stubInfo.callReturnLocation.labelAtOffset(stubInfo.patch.deltaCallToSlowCase));
</span><span class="lines">@@ -953,7 +953,7 @@
</span><span class="cx"> failure = badStructure;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &stubJit, exec->codeBlock());
</del><ins>+ LinkBuffer patchBuffer(*vm, stubJit, exec->codeBlock());
</ins><span class="cx"> patchBuffer.link(success, stubInfo.callReturnLocation.labelAtOffset(stubInfo.patch.deltaCallToDone));
</span><span class="cx"> patchBuffer.link(failure, failureLabel);
</span><span class="cx">
</span><span class="lines">@@ -1140,7 +1140,7 @@
</span><span class="cx"> successInSlowPath = stubJit.jump();
</span><span class="cx"> }
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &stubJit, exec->codeBlock());
</del><ins>+ LinkBuffer patchBuffer(*vm, stubJit, exec->codeBlock());
</ins><span class="cx"> patchBuffer.link(success, stubInfo.callReturnLocation.labelAtOffset(stubInfo.patch.deltaCallToDone));
</span><span class="cx"> if (allocator.didReuseRegisters())
</span><span class="cx"> patchBuffer.link(failure, failureLabel);
</span><span class="lines">@@ -1513,7 +1513,7 @@
</span><span class="cx">
</span><span class="cx"> emitRestoreScratch(stubJit, needToRestoreScratch, scratchGPR, success, fail, failureCases);
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &stubJit, exec->codeBlock());
</del><ins>+ LinkBuffer patchBuffer(*vm, stubJit, exec->codeBlock());
</ins><span class="cx">
</span><span class="cx"> linkRestoreScratch(patchBuffer, needToRestoreScratch, success, fail, failureCases, successLabel, slowCaseLabel);
</span><span class="cx">
</span><span class="lines">@@ -1676,7 +1676,7 @@
</span><span class="cx"> stubJit.restoreReturnAddressBeforeReturn(GPRInfo::regT4);
</span><span class="cx"> AssemblyHelpers::Jump slow = stubJit.jump();
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &stubJit, callerCodeBlock);
</del><ins>+ LinkBuffer patchBuffer(*vm, stubJit, callerCodeBlock);
</ins><span class="cx">
</span><span class="cx"> patchBuffer.link(call, FunctionPtr(codePtr.executableAddress()));
</span><span class="cx"> if (JITCode::isOptimizingJIT(callerCodeBlock->jitType()))
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitSpecializedThunkJITh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/SpecializedThunkJIT.h (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/SpecializedThunkJIT.h 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/jit/SpecializedThunkJIT.h 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -168,7 +168,7 @@
</span><span class="cx">
</span><span class="cx"> MacroAssemblerCodeRef finalize(MacroAssemblerCodePtr fallback, const char* thunkKind)
</span><span class="cx"> {
</span><del>- LinkBuffer patchBuffer(*m_vm, this, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer patchBuffer(*m_vm, *this, GLOBAL_THUNK_ID);
</ins><span class="cx"> patchBuffer.link(m_failures, CodeLocationLabel(fallback));
</span><span class="cx"> for (unsigned i = 0; i < m_calls.size(); i++)
</span><span class="cx"> patchBuffer.link(m_calls[i].first, m_calls[i].second);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitThunkGeneratorscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/ThunkGenerators.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/ThunkGenerators.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/jit/ThunkGenerators.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -71,7 +71,7 @@
</span><span class="cx"> jit.call(GPRInfo::nonArgGPR0);
</span><span class="cx"> jit.jumpToExceptionHandler();
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &jit, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer patchBuffer(*vm, jit, GLOBAL_THUNK_ID);
</ins><span class="cx"> return FINALIZE_CODE(patchBuffer, ("Throw exception from call slow path thunk"));
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -111,7 +111,7 @@
</span><span class="cx">
</span><span class="cx"> slowPathFor(jit, vm, operationLinkFor(kind, registers));
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &jit, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer patchBuffer(*vm, jit, GLOBAL_THUNK_ID);
</ins><span class="cx"> return FINALIZE_CODE(
</span><span class="cx"> patchBuffer,
</span><span class="cx"> ("Link %s%s slow path thunk", kind == CodeForCall ? "call" : "construct", registers == MustPreserveRegisters ? " that preserves registers" : ""));
</span><span class="lines">@@ -144,7 +144,7 @@
</span><span class="cx">
</span><span class="cx"> slowPathFor(jit, vm, operationLinkClosureCallFor(registers));
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &jit, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer patchBuffer(*vm, jit, GLOBAL_THUNK_ID);
</ins><span class="cx"> return FINALIZE_CODE(patchBuffer, ("Link closure call %s slow path thunk", registers == MustPreserveRegisters ? " that preserves registers" : ""));
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -235,7 +235,7 @@
</span><span class="cx">
</span><span class="cx"> slowPathFor(jit, vm, operationVirtualFor(kind, registers));
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &jit, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer patchBuffer(*vm, jit, GLOBAL_THUNK_ID);
</ins><span class="cx"> return FINALIZE_CODE(
</span><span class="cx"> patchBuffer,
</span><span class="cx"> ("Virtual %s%s slow path thunk", kind == CodeForCall ? "call" : "construct", registers == MustPreserveRegisters ? " that preserves registers" : ""));
</span><span class="lines">@@ -415,7 +415,7 @@
</span><span class="cx">
</span><span class="cx"> jit.jumpToExceptionHandler();
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &jit, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer patchBuffer(*vm, jit, GLOBAL_THUNK_ID);
</ins><span class="cx"> return FINALIZE_CODE(patchBuffer, ("native %s%s trampoline", entryType == EnterViaJump ? "Tail " : "", toCString(kind).data()));
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -533,7 +533,7 @@
</span><span class="cx"> jit.ret();
</span><span class="cx"> #endif
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &jit, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer patchBuffer(*vm, jit, GLOBAL_THUNK_ID);
</ins><span class="cx"> return FINALIZE_CODE(patchBuffer, ("fixup arity"));
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorellintLLIntThunkscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/llint/LLIntThunks.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/llint/LLIntThunks.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/llint/LLIntThunks.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -53,7 +53,7 @@
</span><span class="cx"> jit.move(JSInterfaceJIT::TrustedImmPtr(bitwise_cast<void*>(target)), JSInterfaceJIT::regT0);
</span><span class="cx"> jit.jump(JSInterfaceJIT::regT0);
</span><span class="cx">
</span><del>- LinkBuffer patchBuffer(*vm, &jit, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer patchBuffer(*vm, jit, GLOBAL_THUNK_ID);
</ins><span class="cx"> return FINALIZE_CODE(patchBuffer, ("LLInt %s prologue thunk", thunkKind));
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreyarrYarrJITcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/yarr/YarrJIT.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/yarr/YarrJIT.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/JavaScriptCore/yarr/YarrJIT.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -2657,7 +2657,7 @@
</span><span class="cx"> backtrack();
</span><span class="cx">
</span><span class="cx"> // Link & finalize the code.
</span><del>- LinkBuffer linkBuffer(*vm, this, REGEXP_CODE_ID);
</del><ins>+ LinkBuffer linkBuffer(*vm, *this, REGEXP_CODE_ID);
</ins><span class="cx"> m_backtrackingState.linkDataLabels(linkBuffer);
</span><span class="cx">
</span><span class="cx"> if (compileMode == MatchOnly) {
</span></span></pre></div>
<a id="trunkSourceWebCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/ChangeLog (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/ChangeLog 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/WebCore/ChangeLog 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -1,3 +1,13 @@
</span><ins>+2014-07-07 Benjamin Poulain <benjamin@webkit.org>
+
+ LinkBuffer should not keep a reference to the MacroAssembler
+ https://bugs.webkit.org/show_bug.cgi?id=134668
+
+ Reviewed by Geoffrey Garen.
+
+ * cssjit/SelectorCompiler.cpp:
+ (WebCore::SelectorCompiler::SelectorCodeGenerator::compile):
+
</ins><span class="cx"> 2014-07-07 Zalan Bujtas <zalan@apple.com>
</span><span class="cx">
</span><span class="cx"> Subpixel rendering: Inline box decoration rounds to integral.
</span></span></pre></div>
<a id="trunkSourceWebCorecssjitSelectorCompilercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebCore/cssjit/SelectorCompiler.cpp (170875 => 170876)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebCore/cssjit/SelectorCompiler.cpp 2014-07-08 04:13:40 UTC (rev 170875)
+++ trunk/Source/WebCore/cssjit/SelectorCompiler.cpp 2014-07-08 04:23:30 UTC (rev 170876)
</span><span class="lines">@@ -749,7 +749,7 @@
</span><span class="cx"> return SelectorCompilationStatus::CannotCompile;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- JSC::LinkBuffer linkBuffer(*vm, &m_assembler, CSS_CODE_ID);
</del><ins>+ JSC::LinkBuffer linkBuffer(*vm, m_assembler, CSS_CODE_ID);
</ins><span class="cx"> for (unsigned i = 0; i < m_functionCalls.size(); i++)
</span><span class="cx"> linkBuffer.link(m_functionCalls[i].first, m_functionCalls[i].second);
</span><span class="cx">
</span></span></pre>
</div>
</div>
</body>
</html>