<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[190522] trunk/Source/JavaScriptCore</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/190522">190522</a></dd>
<dt>Author</dt> <dd>ggaren@apple.com</dd>
<dt>Date</dt> <dd>2015-10-02 14:16:20 -0700 (Fri, 02 Oct 2015)</dd>
</dl>
<h3>Log Message</h3>
<pre>Unreviewed, rolling back in <a href="http://trac.webkit.org/projects/webkit/changeset/190450">r190450</a>
https://bugs.webkit.org/show_bug.cgi?id=149727
The cause of the crash was a CodeBlock, after surviving a call to
deleteAllCode by virtue of being in the remembered set, trying to mark
its inlined CodeBlocks via pointers from its inlined executables.
Since deleteAllCode clears those pointers, the CodeBlock would ASSERT.
(Any other choice to retain a CodeBlock after deleteAllCode -- for
example, conservative marking -- could trigger the same bug.)
The fix is for InlineCallFrame to point directly to its inlined CodeBlock
instead of pointing indirectly via an executable. This guarantees that
CodeBlocks are GC safe regardless of whether we've called deleteAllCode.
Restored changesets:
"CodeBlock should be a GC object"
https://bugs.webkit.org/show_bug.cgi?id=149727
http://trac.webkit.org/changeset/190450</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCoreChangeLog">trunk/Source/JavaScriptCore/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeCodeBlockcpp">trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeCodeBlockh">trunk/Source/JavaScriptCore/bytecode/CodeBlock.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeCodeOrigincpp">trunk/Source/JavaScriptCore/bytecode/CodeOrigin.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeCodeOriginh">trunk/Source/JavaScriptCore/bytecode/CodeOrigin.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeDeferredCompilationCallbackcpp">trunk/Source/JavaScriptCore/bytecode/DeferredCompilationCallback.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeDeferredCompilationCallbackh">trunk/Source/JavaScriptCore/bytecode/DeferredCompilationCallback.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeEvalCodeCacheh">trunk/Source/JavaScriptCore/bytecode/EvalCodeCache.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeInlineCallFramecpp">trunk/Source/JavaScriptCore/bytecode/InlineCallFrame.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeInlineCallFrameh">trunk/Source/JavaScriptCore/bytecode/InlineCallFrame.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodePolymorphicAccesscpp">trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeStructureStubInfocpp">trunk/Source/JavaScriptCore/bytecode/StructureStubInfo.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGByteCodeParsercpp">trunk/Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGCommonDatacpp">trunk/Source/JavaScriptCore/dfg/DFGCommonData.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGDesiredTransitionscpp">trunk/Source/JavaScriptCore/dfg/DFGDesiredTransitions.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGDesiredTransitionsh">trunk/Source/JavaScriptCore/dfg/DFGDesiredTransitions.h</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGDesiredWeakReferencescpp">trunk/Source/JavaScriptCore/dfg/DFGDesiredWeakReferences.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGDrivercpp">trunk/Source/JavaScriptCore/dfg/DFGDriver.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGGraphcpp">trunk/Source/JavaScriptCore/dfg/DFGGraph.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGGraphh">trunk/Source/JavaScriptCore/dfg/DFGGraph.h</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGJITCodeh">trunk/Source/JavaScriptCore/dfg/DFGJITCode.h</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGJITFinalizercpp">trunk/Source/JavaScriptCore/dfg/DFGJITFinalizer.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGOSRExitCompilerCommoncpp">trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGOSRExitPreparationcpp">trunk/Source/JavaScriptCore/dfg/DFGOSRExitPreparation.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGOperationscpp">trunk/Source/JavaScriptCore/dfg/DFGOperations.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGPlancpp">trunk/Source/JavaScriptCore/dfg/DFGPlan.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGPlanh">trunk/Source/JavaScriptCore/dfg/DFGPlan.h</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGToFTLDeferredCompilationCallbackcpp">trunk/Source/JavaScriptCore/dfg/DFGToFTLDeferredCompilationCallback.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGToFTLDeferredCompilationCallbackh">trunk/Source/JavaScriptCore/dfg/DFGToFTLDeferredCompilationCallback.h</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGToFTLForOSREntryDeferredCompilationCallbackcpp">trunk/Source/JavaScriptCore/dfg/DFGToFTLForOSREntryDeferredCompilationCallback.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGToFTLForOSREntryDeferredCompilationCallbackh">trunk/Source/JavaScriptCore/dfg/DFGToFTLForOSREntryDeferredCompilationCallback.h</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGWorklistcpp">trunk/Source/JavaScriptCore/dfg/DFGWorklist.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGWorklisth">trunk/Source/JavaScriptCore/dfg/DFGWorklist.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLJITFinalizercpp">trunk/Source/JavaScriptCore/ftl/FTLJITFinalizer.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreheapCodeBlockSetcpp">trunk/Source/JavaScriptCore/heap/CodeBlockSet.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreheapCodeBlockSeth">trunk/Source/JavaScriptCore/heap/CodeBlockSet.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreheapHeapcpp">trunk/Source/JavaScriptCore/heap/Heap.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreinterpreterInterpretercpp">trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreinterpreterStackVisitorcpp">trunk/Source/JavaScriptCore/interpreter/StackVisitor.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitAssemblyHelperscpp">trunk/Source/JavaScriptCore/jit/AssemblyHelpers.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitAssemblyHelpersh">trunk/Source/JavaScriptCore/jit/AssemblyHelpers.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitGCAwareJITStubRoutineh">trunk/Source/JavaScriptCore/jit/GCAwareJITStubRoutine.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITCodeh">trunk/Source/JavaScriptCore/jit/JITCode.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITOpcodescpp">trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITOperationscpp">trunk/Source/JavaScriptCore/jit/JITOperations.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITToDFGDeferredCompilationCallbackcpp">trunk/Source/JavaScriptCore/jit/JITToDFGDeferredCompilationCallback.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITToDFGDeferredCompilationCallbackh">trunk/Source/JavaScriptCore/jit/JITToDFGDeferredCompilationCallback.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitRepatchcpp">trunk/Source/JavaScriptCore/jit/Repatch.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorellintLLIntSlowPathscpp">trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreprofilerProfilerOriginStackcpp">trunk/Source/JavaScriptCore/profiler/ProfilerOriginStack.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeCommonSlowPathscpp">trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeCommonSlowPathsh">trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeExecutablecpp">trunk/Source/JavaScriptCore/runtime/Executable.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeExecutableh">trunk/Source/JavaScriptCore/runtime/Executable.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeVMcpp">trunk/Source/JavaScriptCore/runtime/VM.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeVMh">trunk/Source/JavaScriptCore/runtime/VM.h</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ChangeLog (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ChangeLog 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/ChangeLog 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -1,3 +1,25 @@
</span><ins>+2015-10-01 Geoffrey Garen <ggaren@apple.com>
+
+ Unreviewed, rolling back in r190450
+ https://bugs.webkit.org/show_bug.cgi?id=149727
+
+ The cause of the crash was a CodeBlock, after surviving a call to
+ deleteAllCode by virtue of being in the remembered set, trying to mark
+ its inlined CodeBlocks via pointers from its inlined executables.
+ Since deleteAllCode clears those pointers, the CodeBlock would ASSERT.
+ (Any other choice to retain a CodeBlock after deleteAllCode -- for
+ example, conservative marking -- could trigger the same bug.)
+
+ The fix is for InlineCallFrame to point directly to its inlined CodeBlock
+ instead of pointing indirectly via an executable. This guarantees that
+ CodeBlocks are GC safe regardless of whether we've called deleteAllCode.
+
+ Restored changesets:
+
+ "CodeBlock should be a GC object"
+ https://bugs.webkit.org/show_bug.cgi?id=149727
+ http://trac.webkit.org/changeset/190450
+
</ins><span class="cx"> 2015-10-02 Joseph Pecoraro <pecoraro@apple.com>
</span><span class="cx">
</span><span class="cx"> Web Inspector: Include Garbage Collection Event in Timeline
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeCodeBlockcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -82,6 +82,70 @@
</span><span class="cx">
</span><span class="cx"> namespace JSC {
</span><span class="cx">
</span><ins>+const ClassInfo CodeBlock::s_info = {
+ "CodeBlock", 0, 0,
+ CREATE_METHOD_TABLE(CodeBlock)
+};
+
+const ClassInfo FunctionCodeBlock::s_info = {
+ "FunctionCodeBlock", &Base::s_info, 0,
+ CREATE_METHOD_TABLE(FunctionCodeBlock)
+};
+
+#if ENABLE(WEBASSEMBLY)
+const ClassInfo WebAssemblyCodeBlock::s_info = {
+ "WebAssemblyCodeBlock", &Base::s_info, 0,
+ CREATE_METHOD_TABLE(WebAssemblyCodeBlock)
+};
+#endif
+
+const ClassInfo GlobalCodeBlock::s_info = {
+ "GlobalCodeBlock", &Base::s_info, 0,
+ CREATE_METHOD_TABLE(GlobalCodeBlock)
+};
+
+const ClassInfo ProgramCodeBlock::s_info = {
+ "ProgramCodeBlock", &Base::s_info, 0,
+ CREATE_METHOD_TABLE(ProgramCodeBlock)
+};
+
+const ClassInfo ModuleProgramCodeBlock::s_info = {
+ "ModuleProgramCodeBlock", &Base::s_info, 0,
+ CREATE_METHOD_TABLE(ModuleProgramCodeBlock)
+};
+
+const ClassInfo EvalCodeBlock::s_info = {
+ "EvalCodeBlock", &Base::s_info, 0,
+ CREATE_METHOD_TABLE(EvalCodeBlock)
+};
+
+void FunctionCodeBlock::destroy(JSCell* cell)
+{
+ jsCast<FunctionCodeBlock*>(cell)->~FunctionCodeBlock();
+}
+
+#if ENABLE(WEBASSEMBLY)
+void WebAssemblyCodeBlock::destroy(JSCell* cell)
+{
+ jsCast<WebAssemblyCodeBlock*>(cell)->~WebAssemblyCodeBlock();
+}
+#endif
+
+void ProgramCodeBlock::destroy(JSCell* cell)
+{
+ jsCast<ProgramCodeBlock*>(cell)->~ProgramCodeBlock();
+}
+
+void ModuleProgramCodeBlock::destroy(JSCell* cell)
+{
+ jsCast<ModuleProgramCodeBlock*>(cell)->~ModuleProgramCodeBlock();
+}
+
+void EvalCodeBlock::destroy(JSCell* cell)
+{
+ jsCast<EvalCodeBlock*>(cell)->~EvalCodeBlock();
+}
+
</ins><span class="cx"> CString CodeBlock::inferredName() const
</span><span class="cx"> {
</span><span class="cx"> switch (codeType()) {
</span><span class="lines">@@ -153,7 +217,7 @@
</span><span class="cx"> out.print(inferredName(), "#", hashAsStringIfPossible());
</span><span class="cx"> out.print(":[", RawPointer(this), "->");
</span><span class="cx"> if (!!m_alternative)
</span><del>- out.print(RawPointer(m_alternative.get()), "->");
</del><ins>+ out.print(RawPointer(alternative()), "->");
</ins><span class="cx"> out.print(RawPointer(ownerExecutable()), ", ", jitType, codeType());
</span><span class="cx">
</span><span class="cx"> if (codeType() == FunctionCode)
</span><span class="lines">@@ -1585,8 +1649,9 @@
</span><span class="cx">
</span><span class="cx"> } // anonymous namespace
</span><span class="cx">
</span><del>-CodeBlock::CodeBlock(CopyParsedBlockTag, CodeBlock& other)
- : m_globalObject(other.m_globalObject)
</del><ins>+CodeBlock::CodeBlock(VM* vm, Structure* structure, CopyParsedBlockTag, CodeBlock& other)
+ : JSCell(*vm, structure)
+ , m_globalObject(other.m_globalObject)
</ins><span class="cx"> , m_heap(other.m_heap)
</span><span class="cx"> , m_numCalleeRegisters(other.m_numCalleeRegisters)
</span><span class="cx"> , m_numVars(other.m_numVars)
</span><span class="lines">@@ -1594,11 +1659,11 @@
</span><span class="cx"> , m_shouldAlwaysBeInlined(true)
</span><span class="cx"> , m_didFailFTLCompilation(false)
</span><span class="cx"> , m_hasBeenCompiledWithFTL(false)
</span><del>- , m_unlinkedCode(*other.m_vm, other.m_ownerExecutable.get(), other.m_unlinkedCode.get())
</del><ins>+ , m_unlinkedCode(*other.m_vm, this, other.m_unlinkedCode.get())
</ins><span class="cx"> , m_hasDebuggerStatement(false)
</span><span class="cx"> , m_steppingMode(SteppingModeDisabled)
</span><span class="cx"> , m_numBreakpoints(0)
</span><del>- , m_ownerExecutable(*other.m_vm, other.m_ownerExecutable.get(), other.m_ownerExecutable.get())
</del><ins>+ , m_ownerExecutable(*other.m_vm, this, other.m_ownerExecutable.get())
</ins><span class="cx"> , m_vm(other.m_vm)
</span><span class="cx"> , m_instructions(other.m_instructions)
</span><span class="cx"> , m_thisRegister(other.m_thisRegister)
</span><span class="lines">@@ -1623,13 +1688,18 @@
</span><span class="cx"> , m_capabilityLevelState(DFG::CapabilityLevelNotSet)
</span><span class="cx"> #endif
</span><span class="cx"> {
</span><del>- m_visitStronglyHasBeenCalled.store(false, std::memory_order_relaxed);
- m_visitAggregateHasBeenCalled.store(false, std::memory_order_relaxed);
</del><ins>+ m_visitWeaklyHasBeenCalled.store(false, std::memory_order_relaxed);
</ins><span class="cx">
</span><span class="cx"> ASSERT(m_heap->isDeferred());
</span><span class="cx"> ASSERT(m_scopeRegister.isLocal());
</span><span class="cx">
</span><span class="cx"> setNumParameters(other.numParameters());
</span><ins>+}
+
+void CodeBlock::finishCreation(VM& vm, CopyParsedBlockTag, CodeBlock& other)
+{
+ Base::finishCreation(vm);
+
</ins><span class="cx"> optimizeAfterWarmUp();
</span><span class="cx"> jitAfterWarmUp();
</span><span class="cx">
</span><span class="lines">@@ -1643,11 +1713,12 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> m_heap->m_codeBlocks.add(this);
</span><del>- m_heap->reportExtraMemoryAllocated(sizeof(CodeBlock));
</del><span class="cx"> }
</span><span class="cx">
</span><del>-CodeBlock::CodeBlock(ScriptExecutable* ownerExecutable, UnlinkedCodeBlock* unlinkedCodeBlock, JSScope* scope, PassRefPtr<SourceProvider> sourceProvider, unsigned sourceOffset, unsigned firstLineColumnOffset)
- : m_globalObject(scope->globalObject()->vm(), ownerExecutable, scope->globalObject())
</del><ins>+CodeBlock::CodeBlock(VM* vm, Structure* structure, ScriptExecutable* ownerExecutable, UnlinkedCodeBlock* unlinkedCodeBlock,
+ JSScope* scope, PassRefPtr<SourceProvider> sourceProvider, unsigned sourceOffset, unsigned firstLineColumnOffset)
+ : JSCell(*vm, structure)
+ , m_globalObject(scope->globalObject()->vm(), this, scope->globalObject())
</ins><span class="cx"> , m_heap(&m_globalObject->vm().heap)
</span><span class="cx"> , m_numCalleeRegisters(unlinkedCodeBlock->m_numCalleeRegisters)
</span><span class="cx"> , m_numVars(unlinkedCodeBlock->m_numVars)
</span><span class="lines">@@ -1655,11 +1726,11 @@
</span><span class="cx"> , m_shouldAlwaysBeInlined(true)
</span><span class="cx"> , m_didFailFTLCompilation(false)
</span><span class="cx"> , m_hasBeenCompiledWithFTL(false)
</span><del>- , m_unlinkedCode(m_globalObject->vm(), ownerExecutable, unlinkedCodeBlock)
</del><ins>+ , m_unlinkedCode(m_globalObject->vm(), this, unlinkedCodeBlock)
</ins><span class="cx"> , m_hasDebuggerStatement(false)
</span><span class="cx"> , m_steppingMode(SteppingModeDisabled)
</span><span class="cx"> , m_numBreakpoints(0)
</span><del>- , m_ownerExecutable(m_globalObject->vm(), ownerExecutable, ownerExecutable)
</del><ins>+ , m_ownerExecutable(m_globalObject->vm(), this, ownerExecutable)
</ins><span class="cx"> , m_vm(unlinkedCodeBlock->vm())
</span><span class="cx"> , m_thisRegister(unlinkedCodeBlock->thisRegister())
</span><span class="cx"> , m_scopeRegister(unlinkedCodeBlock->scopeRegister())
</span><span class="lines">@@ -1678,26 +1749,31 @@
</span><span class="cx"> , m_capabilityLevelState(DFG::CapabilityLevelNotSet)
</span><span class="cx"> #endif
</span><span class="cx"> {
</span><del>- m_visitStronglyHasBeenCalled.store(false, std::memory_order_relaxed);
- m_visitAggregateHasBeenCalled.store(false, std::memory_order_relaxed);
</del><ins>+ m_visitWeaklyHasBeenCalled.store(false, std::memory_order_relaxed);
</ins><span class="cx">
</span><span class="cx"> ASSERT(m_heap->isDeferred());
</span><span class="cx"> ASSERT(m_scopeRegister.isLocal());
</span><span class="cx">
</span><span class="cx"> ASSERT(m_source);
</span><span class="cx"> setNumParameters(unlinkedCodeBlock->numParameters());
</span><ins>+}
</ins><span class="cx">
</span><del>- if (vm()->typeProfiler() || vm()->controlFlowProfiler())
- vm()->functionHasExecutedCache()->removeUnexecutedRange(ownerExecutable->sourceID(), ownerExecutable->typeProfilingStartOffset(), ownerExecutable->typeProfilingEndOffset());
</del><ins>+void CodeBlock::finishCreation(VM& vm, ScriptExecutable* ownerExecutable, UnlinkedCodeBlock* unlinkedCodeBlock,
+ JSScope* scope)
+{
+ Base::finishCreation(vm);
</ins><span class="cx">
</span><ins>+ if (vm.typeProfiler() || vm.controlFlowProfiler())
+ vm.functionHasExecutedCache()->removeUnexecutedRange(ownerExecutable->sourceID(), ownerExecutable->typeProfilingStartOffset(), ownerExecutable->typeProfilingEndOffset());
+
</ins><span class="cx"> setConstantRegisters(unlinkedCodeBlock->constantRegisters(), unlinkedCodeBlock->constantsSourceCodeRepresentation());
</span><span class="cx"> if (unlinkedCodeBlock->usesGlobalObject())
</span><del>- m_constantRegisters[unlinkedCodeBlock->globalObjectRegister().toConstantIndex()].set(*m_vm, ownerExecutable, m_globalObject.get());
</del><ins>+ m_constantRegisters[unlinkedCodeBlock->globalObjectRegister().toConstantIndex()].set(*m_vm, this, m_globalObject.get());
</ins><span class="cx">
</span><span class="cx"> for (unsigned i = 0; i < LinkTimeConstantCount; i++) {
</span><span class="cx"> LinkTimeConstant type = static_cast<LinkTimeConstant>(i);
</span><span class="cx"> if (unsigned registerIndex = unlinkedCodeBlock->registerIndexForLinkTimeConstant(type))
</span><del>- m_constantRegisters[registerIndex].set(*m_vm, ownerExecutable, m_globalObject->jsCellForLinkTimeConstant(type));
</del><ins>+ m_constantRegisters[registerIndex].set(*m_vm, this, m_globalObject->jsCellForLinkTimeConstant(type));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> HashSet<int, WTF::IntHash<int>, WTF::UnsignedWithZeroKeyHashTraits<int>> clonedConstantSymbolTables;
</span><span class="lines">@@ -1712,7 +1788,7 @@
</span><span class="cx"> ConcurrentJITLocker locker(symbolTable->m_lock);
</span><span class="cx"> symbolTable->prepareForTypeProfiling(locker);
</span><span class="cx"> }
</span><del>- m_constantRegisters[i].set(*m_vm, ownerExecutable, symbolTable->cloneScopePart(*m_vm));
</del><ins>+ m_constantRegisters[i].set(*m_vm, this, symbolTable->cloneScopePart(*m_vm));
</ins><span class="cx"> clonedConstantSymbolTables.add(i + FirstConstantRegisterIndex);
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="lines">@@ -1732,17 +1808,17 @@
</span><span class="cx"> m_functionDecls.resizeToFit(unlinkedCodeBlock->numberOfFunctionDecls());
</span><span class="cx"> for (size_t count = unlinkedCodeBlock->numberOfFunctionDecls(), i = 0; i < count; ++i) {
</span><span class="cx"> UnlinkedFunctionExecutable* unlinkedExecutable = unlinkedCodeBlock->functionDecl(i);
</span><del>- if (vm()->typeProfiler() || vm()->controlFlowProfiler())
- vm()->functionHasExecutedCache()->insertUnexecutedRange(ownerExecutable->sourceID(), unlinkedExecutable->typeProfilingStartOffset(), unlinkedExecutable->typeProfilingEndOffset());
- m_functionDecls[i].set(*m_vm, ownerExecutable, unlinkedExecutable->link(*m_vm, ownerExecutable->source()));
</del><ins>+ if (vm.typeProfiler() || vm.controlFlowProfiler())
+ vm.functionHasExecutedCache()->insertUnexecutedRange(ownerExecutable->sourceID(), unlinkedExecutable->typeProfilingStartOffset(), unlinkedExecutable->typeProfilingEndOffset());
+ m_functionDecls[i].set(*m_vm, this, unlinkedExecutable->link(*m_vm, ownerExecutable->source()));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> m_functionExprs.resizeToFit(unlinkedCodeBlock->numberOfFunctionExprs());
</span><span class="cx"> for (size_t count = unlinkedCodeBlock->numberOfFunctionExprs(), i = 0; i < count; ++i) {
</span><span class="cx"> UnlinkedFunctionExecutable* unlinkedExecutable = unlinkedCodeBlock->functionExpr(i);
</span><del>- if (vm()->typeProfiler() || vm()->controlFlowProfiler())
- vm()->functionHasExecutedCache()->insertUnexecutedRange(ownerExecutable->sourceID(), unlinkedExecutable->typeProfilingStartOffset(), unlinkedExecutable->typeProfilingEndOffset());
- m_functionExprs[i].set(*m_vm, ownerExecutable, unlinkedExecutable->link(*m_vm, ownerExecutable->source()));
</del><ins>+ if (vm.typeProfiler() || vm.controlFlowProfiler())
+ vm.functionHasExecutedCache()->insertUnexecutedRange(ownerExecutable->sourceID(), unlinkedExecutable->typeProfilingStartOffset(), unlinkedExecutable->typeProfilingEndOffset());
+ m_functionExprs[i].set(*m_vm, this, unlinkedExecutable->link(*m_vm, ownerExecutable->source()));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (unlinkedCodeBlock->hasRareData()) {
</span><span class="lines">@@ -1821,7 +1897,7 @@
</span><span class="cx">
</span><span class="cx"> unsigned opLength = opcodeLength(pc[0].u.opcode);
</span><span class="cx">
</span><del>- instructions[i] = vm()->interpreter->getOpcode(pc[0].u.opcode);
</del><ins>+ instructions[i] = vm.interpreter->getOpcode(pc[0].u.opcode);
</ins><span class="cx"> for (size_t j = 1; j < opLength; ++j) {
</span><span class="cx"> if (sizeof(int32_t) != sizeof(intptr_t))
</span><span class="cx"> instructions[i + j].u.pointer = 0;
</span><span class="lines">@@ -1880,7 +1956,7 @@
</span><span class="cx"> int inferredInlineCapacity = pc[opLength - 2].u.operand;
</span><span class="cx">
</span><span class="cx"> instructions[i + opLength - 1] = objectAllocationProfile;
</span><del>- objectAllocationProfile->initialize(*vm(),
</del><ins>+ objectAllocationProfile->initialize(vm,
</ins><span class="cx"> ownerExecutable, m_globalObject->objectPrototype(), inferredInlineCapacity);
</span><span class="cx"> break;
</span><span class="cx"> }
</span><span class="lines">@@ -1929,11 +2005,11 @@
</span><span class="cx"> // Keep the linked module environment strongly referenced.
</span><span class="cx"> if (stronglyReferencedModuleEnvironments.add(jsCast<JSModuleEnvironment*>(op.lexicalEnvironment)).isNewEntry)
</span><span class="cx"> addConstant(op.lexicalEnvironment);
</span><del>- instructions[i + 6].u.jsCell.set(*vm(), ownerExecutable, op.lexicalEnvironment);
</del><ins>+ instructions[i + 6].u.jsCell.set(vm, this, op.lexicalEnvironment);
</ins><span class="cx"> } else
</span><del>- instructions[i + 6].u.symbolTable.set(*vm(), ownerExecutable, op.lexicalEnvironment->symbolTable());
</del><ins>+ instructions[i + 6].u.symbolTable.set(vm, this, op.lexicalEnvironment->symbolTable());
</ins><span class="cx"> } else if (JSScope* constantScope = JSScope::constantScopeForCodeBlock(op.type, this))
</span><del>- instructions[i + 6].u.jsCell.set(*vm(), ownerExecutable, constantScope);
</del><ins>+ instructions[i + 6].u.jsCell.set(vm, this, constantScope);
</ins><span class="cx"> else
</span><span class="cx"> instructions[i + 6].u.pointer = nullptr;
</span><span class="cx"> break;
</span><span class="lines">@@ -1966,7 +2042,7 @@
</span><span class="cx"> if (op.type == GlobalVar || op.type == GlobalVarWithVarInjectionChecks || op.type == GlobalLexicalVar || op.type == GlobalLexicalVarWithVarInjectionChecks)
</span><span class="cx"> instructions[i + 5].u.watchpointSet = op.watchpointSet;
</span><span class="cx"> else if (op.structure)
</span><del>- instructions[i + 5].u.structure.set(*vm(), ownerExecutable, op.structure);
</del><ins>+ instructions[i + 5].u.structure.set(vm, this, op.structure);
</ins><span class="cx"> instructions[i + 6].u.pointer = reinterpret_cast<void*>(op.operand);
</span><span class="cx"> break;
</span><span class="cx"> }
</span><span class="lines">@@ -2003,14 +2079,14 @@
</span><span class="cx"> if (op.watchpointSet)
</span><span class="cx"> op.watchpointSet->invalidate(PutToScopeFireDetail(this, ident));
</span><span class="cx"> } else if (op.structure)
</span><del>- instructions[i + 5].u.structure.set(*vm(), ownerExecutable, op.structure);
</del><ins>+ instructions[i + 5].u.structure.set(vm, this, op.structure);
</ins><span class="cx"> instructions[i + 6].u.pointer = reinterpret_cast<void*>(op.operand);
</span><span class="cx">
</span><span class="cx"> break;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> case op_profile_type: {
</span><del>- RELEASE_ASSERT(vm()->typeProfiler());
</del><ins>+ RELEASE_ASSERT(vm.typeProfiler());
</ins><span class="cx"> // The format of this instruction is: op_profile_type regToProfile, TypeLocation*, flag, identifier?, resolveType?
</span><span class="cx"> size_t instructionOffset = i + opLength - 1;
</span><span class="cx"> unsigned divotStart, divotEnd;
</span><span class="lines">@@ -2040,8 +2116,8 @@
</span><span class="cx"> ConcurrentJITLocker locker(symbolTable->m_lock);
</span><span class="cx"> // If our parent scope was created while profiling was disabled, it will not have prepared for profiling yet.
</span><span class="cx"> symbolTable->prepareForTypeProfiling(locker);
</span><del>- globalVariableID = symbolTable->uniqueIDForVariable(locker, impl, *vm());
- globalTypeSet = symbolTable->globalTypeSetForVariable(locker, impl, *vm());
</del><ins>+ globalVariableID = symbolTable->uniqueIDForVariable(locker, impl, vm);
+ globalTypeSet = symbolTable->globalTypeSetForVariable(locker, impl, vm);
</ins><span class="cx"> } else
</span><span class="cx"> globalVariableID = TypeProfilerNoGlobalIDExists;
</span><span class="cx">
</span><span class="lines">@@ -2054,8 +2130,8 @@
</span><span class="cx"> const Identifier& ident = identifier(pc[4].u.operand);
</span><span class="cx"> ConcurrentJITLocker locker(symbolTable->m_lock);
</span><span class="cx"> // If our parent scope was created while profiling was disabled, it will not have prepared for profiling yet.
</span><del>- globalVariableID = symbolTable->uniqueIDForVariable(locker, ident.impl(), *vm());
- globalTypeSet = symbolTable->globalTypeSetForVariable(locker, ident.impl(), *vm());
</del><ins>+ globalVariableID = symbolTable->uniqueIDForVariable(locker, ident.impl(), vm);
+ globalTypeSet = symbolTable->globalTypeSetForVariable(locker, ident.impl(), vm);
</ins><span class="cx">
</span><span class="cx"> break;
</span><span class="cx"> }
</span><span class="lines">@@ -2081,8 +2157,8 @@
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><del>- std::pair<TypeLocation*, bool> locationPair = vm()->typeProfiler()->typeLocationCache()->getTypeLocation(globalVariableID,
- ownerExecutable->sourceID(), divotStart, divotEnd, globalTypeSet, vm());
</del><ins>+ std::pair<TypeLocation*, bool> locationPair = vm.typeProfiler()->typeLocationCache()->getTypeLocation(globalVariableID,
+ ownerExecutable->sourceID(), divotStart, divotEnd, globalTypeSet, &vm);
</ins><span class="cx"> TypeLocation* location = locationPair.first;
</span><span class="cx"> bool isNewLocation = locationPair.second;
</span><span class="cx">
</span><span class="lines">@@ -2090,7 +2166,7 @@
</span><span class="cx"> location->m_divotForFunctionOffsetIfReturnStatement = ownerExecutable->typeProfilingStartOffset();
</span><span class="cx">
</span><span class="cx"> if (shouldAnalyze && isNewLocation)
</span><del>- vm()->typeProfiler()->insertNewLocation(location);
</del><ins>+ vm.typeProfiler()->insertNewLocation(location);
</ins><span class="cx">
</span><span class="cx"> instructions[i + 2].u.location = location;
</span><span class="cx"> break;
</span><span class="lines">@@ -2108,7 +2184,7 @@
</span><span class="cx"> i += opLength;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- if (vm()->controlFlowProfiler())
</del><ins>+ if (vm.controlFlowProfiler())
</ins><span class="cx"> insertBasicBlockBoundariesForControlFlowProfiler(instructions);
</span><span class="cx">
</span><span class="cx"> m_instructions = WTF::RefCountedArray<Instruction>(instructions);
</span><span class="lines">@@ -2128,12 +2204,13 @@
</span><span class="cx"> dumpBytecode();
</span><span class="cx">
</span><span class="cx"> m_heap->m_codeBlocks.add(this);
</span><del>- m_heap->reportExtraMemoryAllocated(sizeof(CodeBlock) + m_instructions.size() * sizeof(Instruction));
</del><ins>+ m_heap->reportExtraMemoryAllocated(m_instructions.size() * sizeof(Instruction));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> #if ENABLE(WEBASSEMBLY)
</span><del>-CodeBlock::CodeBlock(WebAssemblyExecutable* ownerExecutable, VM& vm, JSGlobalObject* globalObject)
- : m_globalObject(globalObject->vm(), ownerExecutable, globalObject)
</del><ins>+CodeBlock::CodeBlock(VM* vm, Structure* structure, WebAssemblyExecutable* ownerExecutable, VM& vm, JSGlobalObject* globalObject)
+ : JSCell(vm, structure)
+ , m_globalObject(globalObject->vm(), this, globalObject)
</ins><span class="cx"> , m_heap(&m_globalObject->vm().heap)
</span><span class="cx"> , m_numCalleeRegisters(0)
</span><span class="cx"> , m_numVars(0)
</span><span class="lines">@@ -2144,7 +2221,7 @@
</span><span class="cx"> , m_hasDebuggerStatement(false)
</span><span class="cx"> , m_steppingMode(SteppingModeDisabled)
</span><span class="cx"> , m_numBreakpoints(0)
</span><del>- , m_ownerExecutable(m_globalObject->vm(), ownerExecutable, ownerExecutable)
</del><ins>+ , m_ownerExecutable(m_globalObject->vm(), this, ownerExecutable)
</ins><span class="cx"> , m_vm(&vm)
</span><span class="cx"> , m_isStrictMode(false)
</span><span class="cx"> , m_needsActivation(false)
</span><span class="lines">@@ -2158,9 +2235,13 @@
</span><span class="cx"> #endif
</span><span class="cx"> {
</span><span class="cx"> ASSERT(m_heap->isDeferred());
</span><ins>+}
</ins><span class="cx">
</span><ins>+void CodeBlock::finishCreation(VM& vm, WebAssemblyExecutable*, JSGlobalObject*)
+{
+ Base::finishCreation(vm);
+
</ins><span class="cx"> m_heap->m_codeBlocks.add(this);
</span><del>- m_heap->reportExtraMemoryAllocated(sizeof(CodeBlock));
</del><span class="cx"> }
</span><span class="cx"> #endif
</span><span class="cx">
</span><span class="lines">@@ -2172,29 +2253,30 @@
</span><span class="cx"> #if ENABLE(VERBOSE_VALUE_PROFILE)
</span><span class="cx"> dumpValueProfiles();
</span><span class="cx"> #endif
</span><del>- while (m_incomingLLIntCalls.begin() != m_incomingLLIntCalls.end())
- m_incomingLLIntCalls.begin()->remove();
-#if ENABLE(JIT)
</del><ins>+
</ins><span class="cx"> // We may be destroyed before any CodeBlocks that refer to us are destroyed.
</span><span class="cx"> // Consider that two CodeBlocks become unreachable at the same time. There
</span><span class="cx"> // is no guarantee about the order in which the CodeBlocks are destroyed.
</span><span class="cx"> // So, if we don't remove incoming calls, and get destroyed before the
</span><span class="cx"> // CodeBlock(s) that have calls into us, then the CallLinkInfo vector's
</span><span class="cx"> // destructor will try to remove nodes from our (no longer valid) linked list.
</span><del>- while (m_incomingCalls.begin() != m_incomingCalls.end())
- m_incomingCalls.begin()->remove();
- while (m_incomingPolymorphicCalls.begin() != m_incomingPolymorphicCalls.end())
- m_incomingPolymorphicCalls.begin()->remove();
</del><ins>+ unlinkIncomingCalls();
</ins><span class="cx">
</span><span class="cx"> // Note that our outgoing calls will be removed from other CodeBlocks'
</span><span class="cx"> // m_incomingCalls linked lists through the execution of the ~CallLinkInfo
</span><span class="cx"> // destructors.
</span><span class="cx">
</span><ins>+#if ENABLE(JIT)
</ins><span class="cx"> for (Bag<StructureStubInfo>::iterator iter = m_stubInfos.begin(); !!iter; ++iter)
</span><span class="cx"> (*iter)->deref();
</span><span class="cx"> #endif // ENABLE(JIT)
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+void CodeBlock::setAlternative(VM& vm, CodeBlock* alternative)
+{
+ m_alternative.set(vm, this, alternative);
+}
+
</ins><span class="cx"> void CodeBlock::setNumParameters(int newValue)
</span><span class="cx"> {
</span><span class="cx"> m_numParameters = newValue;
</span><span class="lines">@@ -2215,73 +2297,43 @@
</span><span class="cx"> if (jitType() != JITCode::DFGJIT)
</span><span class="cx"> return 0;
</span><span class="cx"> DFG::JITCode* jitCode = m_jitCode->dfg();
</span><del>- return jitCode->osrEntryBlock.get();
</del><ins>+ return jitCode->osrEntryBlock();
</ins><span class="cx"> #else // ENABLE(FTL_JIT)
</span><span class="cx"> return 0;
</span><span class="cx"> #endif // ENABLE(FTL_JIT)
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void CodeBlock::visitStrongly(SlotVisitor& visitor)
</del><ins>+void CodeBlock::visitWeakly(SlotVisitor& visitor)
</ins><span class="cx"> {
</span><del>- bool setByMe = m_visitStronglyHasBeenCalled.compareExchangeStrong(false, true);
</del><ins>+ bool setByMe = m_visitWeaklyHasBeenCalled.compareExchangeStrong(false, true);
</ins><span class="cx"> if (!setByMe)
</span><span class="cx"> return;
</span><span class="cx">
</span><del>- visitAggregate(visitor);
</del><ins>+ if (Heap::isMarked(this))
+ return;
</ins><span class="cx">
</span><del>- stronglyVisitStrongReferences(visitor);
- stronglyVisitWeakReferences(visitor);
- propagateTransitions(visitor);
-}
-
-void CodeBlock::visitAggregate(SlotVisitor& visitor)
-{
- // I may be asked to scan myself more than once, and it may even happen concurrently.
- // To this end, use an atomic operation to check (and set) if I've been called already.
- // Only one thread may proceed past this point - whichever one wins the atomic set race.
- bool setByMe = m_visitAggregateHasBeenCalled.compareExchangeStrong(false, true);
- if (!setByMe)
</del><ins>+ if (shouldVisitStrongly()) {
+ visitor.appendUnbarrieredReadOnlyPointer(this);
</ins><span class="cx"> return;
</span><del>-
- if (!!m_alternative)
- m_alternative->visitAggregate(visitor);
-
- if (CodeBlock* otherBlock = specialOSREntryBlockOrNull())
- otherBlock->visitAggregate(visitor);
-
- visitor.reportExtraMemoryVisited(ownerExecutable(), sizeof(CodeBlock));
- if (m_jitCode)
- visitor.reportExtraMemoryVisited(ownerExecutable(), m_jitCode->size());
- if (m_instructions.size()) {
- // Divide by refCount() because m_instructions points to something that is shared
- // by multiple CodeBlocks, and we only want to count it towards the heap size once.
- // Having each CodeBlock report only its proportional share of the size is one way
- // of accomplishing this.
- visitor.reportExtraMemoryVisited(ownerExecutable(), m_instructions.size() * sizeof(Instruction) / m_instructions.refCount());
</del><span class="cx"> }
</span><span class="cx">
</span><del>- visitor.append(&m_unlinkedCode);
-
</del><span class="cx"> // There are two things that may use unconditional finalizers: inline cache clearing
</span><span class="cx"> // and jettisoning. The probability of us wanting to do at least one of those things
</span><span class="cx"> // is probably quite close to 1. So we add one no matter what and when it runs, it
</span><span class="cx"> // figures out whether it has any work to do.
</span><del>- visitor.addUnconditionalFinalizer(this);
-
- m_allTransitionsHaveBeenMarked = false;
-
- if (shouldVisitStrongly()) {
- visitStrongly(visitor);
- return;
- }
-
</del><ins>+ visitor.addUnconditionalFinalizer(&m_unconditionalFinalizer);
+
</ins><span class="cx"> if (!JITCode::isOptimizingJIT(jitType()))
</span><span class="cx"> return;
</span><span class="cx">
</span><ins>+ // If we jettison ourselves we'll install our alternative, so make sure that it
+ // survives GC even if we don't.
+ visitor.append(&m_alternative);
+
</ins><span class="cx"> // There are two things that we use weak reference harvesters for: DFG fixpoint for
</span><span class="cx"> // jettisoning, and trying to find structures that would be live based on some
</span><span class="cx"> // inline cache. So it makes sense to register them regardless.
</span><del>- visitor.addWeakReferenceHarvester(this);
</del><ins>+ visitor.addWeakReferenceHarvester(&m_weakReferenceHarvester);
</ins><span class="cx">
</span><span class="cx"> #if ENABLE(DFG_JIT)
</span><span class="cx"> // We get here if we're live in the sense that our owner executable is live,
</span><span class="lines">@@ -2292,14 +2344,48 @@
</span><span class="cx"> // either us marking additional objects, or by other objects being marked for
</span><span class="cx"> // other reasons, that this iteration should run again; it will notify us of this
</span><span class="cx"> // decision by calling harvestWeakReferences().
</span><del>-
</del><ins>+
+ m_allTransitionsHaveBeenMarked = false;
+ propagateTransitions(visitor);
+
</ins><span class="cx"> m_jitCode->dfgCommon()->livenessHasBeenProved = false;
</span><del>-
- propagateTransitions(visitor);
</del><span class="cx"> determineLiveness(visitor);
</span><span class="cx"> #endif // ENABLE(DFG_JIT)
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+void CodeBlock::visitChildren(JSCell* cell, SlotVisitor& visitor)
+{
+ CodeBlock* thisObject = jsCast<CodeBlock*>(cell);
+ ASSERT_GC_OBJECT_INHERITS(thisObject, info());
+ JSCell::visitChildren(thisObject, visitor);
+ thisObject->visitChildren(visitor);
+}
+
+void CodeBlock::visitChildren(SlotVisitor& visitor)
+{
+ // There are two things that may use unconditional finalizers: inline cache clearing
+ // and jettisoning. The probability of us wanting to do at least one of those things
+ // is probably quite close to 1. So we add one no matter what and when it runs, it
+ // figures out whether it has any work to do.
+ visitor.addUnconditionalFinalizer(&m_unconditionalFinalizer);
+
+ if (CodeBlock* otherBlock = specialOSREntryBlockOrNull())
+ visitor.appendUnbarrieredReadOnlyPointer(otherBlock);
+
+ if (m_jitCode)
+ visitor.reportExtraMemoryVisited(this, m_jitCode->size());
+ if (m_instructions.size())
+ visitor.reportExtraMemoryVisited(this, m_instructions.size() * sizeof(Instruction) / m_instructions.refCount());
+
+ visitor.append(&m_unlinkedCode);
+
+ stronglyVisitStrongReferences(visitor);
+ stronglyVisitWeakReferences(visitor);
+
+ m_allTransitionsHaveBeenMarked = false;
+ propagateTransitions(visitor);
+}
+
</ins><span class="cx"> bool CodeBlock::shouldVisitStrongly()
</span><span class="cx"> {
</span><span class="cx"> if (Options::forceCodeBlockLiveness())
</span><span class="lines">@@ -2327,17 +2413,7 @@
</span><span class="cx"> // because livenessHasBeenProved would have survived as true.
</span><span class="cx"> // - Code blocks that don't have any dead weak references.
</span><span class="cx">
</span><del>- if (m_visitStronglyHasBeenCalled.load(std::memory_order_relaxed))
- return true;
-
-#if ENABLE(DFG_JIT)
- if (JITCode::isOptimizingJIT(jitType())) {
- if (m_jitCode->dfgCommon()->livenessHasBeenProved)
- return true;
- }
-#endif
-
- return false;
</del><ins>+ return Heap::isMarked(this);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> bool CodeBlock::shouldJettisonDueToWeakReference()
</span><span class="lines">@@ -2347,12 +2423,34 @@
</span><span class="cx"> return !isKnownToBeLiveDuringGC();
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+static std::chrono::milliseconds timeToLive(JITCode::JITType jitType)
+{
+ switch (jitType) {
+ case JITCode::InterpreterThunk:
+ return std::chrono::duration_cast<std::chrono::milliseconds>(
+ std::chrono::seconds(5));
+ case JITCode::BaselineJIT:
+ // Effectively 10 additional seconds, since BaselineJIT and
+ // InterpreterThunk share a CodeBlock.
+ return std::chrono::duration_cast<std::chrono::milliseconds>(
+ std::chrono::seconds(15));
+ case JITCode::DFGJIT:
+ return std::chrono::duration_cast<std::chrono::milliseconds>(
+ std::chrono::seconds(20));
+ case JITCode::FTLJIT:
+ return std::chrono::duration_cast<std::chrono::milliseconds>(
+ std::chrono::seconds(60));
+ default:
+ return std::chrono::milliseconds::max();
+ }
+}
+
</ins><span class="cx"> bool CodeBlock::shouldJettisonDueToOldAge()
</span><span class="cx"> {
</span><del>- if (m_visitStronglyHasBeenCalled.load(std::memory_order_relaxed))
</del><ins>+ if (Heap::isMarked(this))
</ins><span class="cx"> return false;
</span><span class="cx">
</span><del>- if (timeSinceCreation() < JITCode::timeToLive(jitType()))
</del><ins>+ if (timeSinceCreation() < timeToLive(jitType()))
</ins><span class="cx"> return false;
</span><span class="cx">
</span><span class="cx"> return true;
</span><span class="lines">@@ -2505,14 +2603,18 @@
</span><span class="cx"> // All weak references are live. Record this information so we don't
</span><span class="cx"> // come back here again, and scan the strong references.
</span><span class="cx"> dfgCommon->livenessHasBeenProved = true;
</span><del>- stronglyVisitStrongReferences(visitor);
</del><ins>+ visitor.appendUnbarrieredReadOnlyPointer(this);
</ins><span class="cx"> #endif // ENABLE(DFG_JIT)
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void CodeBlock::visitWeakReferences(SlotVisitor& visitor)
</del><ins>+void CodeBlock::WeakReferenceHarvester::visitWeakReferences(SlotVisitor& visitor)
</ins><span class="cx"> {
</span><del>- propagateTransitions(visitor);
- determineLiveness(visitor);
</del><ins>+ CodeBlock* codeBlock =
+ bitwise_cast<CodeBlock*>(
+ bitwise_cast<char*>(this) - OBJECT_OFFSETOF(CodeBlock, m_weakReferenceHarvester));
+
+ codeBlock->propagateTransitions(visitor);
+ codeBlock->determineLiveness(visitor);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void CodeBlock::finalizeLLIntInlineCaches()
</span><span class="lines">@@ -2632,26 +2734,29 @@
</span><span class="cx"> #endif
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void CodeBlock::finalizeUnconditionally()
</del><ins>+void CodeBlock::UnconditionalFinalizer::finalizeUnconditionally()
</ins><span class="cx"> {
</span><ins>+ CodeBlock* codeBlock = bitwise_cast<CodeBlock*>(
+ bitwise_cast<char*>(this) - OBJECT_OFFSETOF(CodeBlock, m_unconditionalFinalizer));
+
</ins><span class="cx"> #if ENABLE(DFG_JIT)
</span><del>- if (shouldJettisonDueToWeakReference()) {
- jettison(Profiler::JettisonDueToWeakReference);
</del><ins>+ if (codeBlock->shouldJettisonDueToWeakReference()) {
+ codeBlock->jettison(Profiler::JettisonDueToWeakReference);
</ins><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx"> #endif // ENABLE(DFG_JIT)
</span><span class="cx">
</span><del>- if (shouldJettisonDueToOldAge()) {
- jettison(Profiler::JettisonDueToOldAge);
</del><ins>+ if (codeBlock->shouldJettisonDueToOldAge()) {
+ codeBlock->jettison(Profiler::JettisonDueToOldAge);
</ins><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- if (JITCode::couldBeInterpreted(jitType()))
- finalizeLLIntInlineCaches();
</del><ins>+ if (JITCode::couldBeInterpreted(codeBlock->jitType()))
+ codeBlock->finalizeLLIntInlineCaches();
</ins><span class="cx">
</span><span class="cx"> #if ENABLE(JIT)
</span><del>- if (!!jitCode())
- finalizeBaselineJITInlineCaches();
</del><ins>+ if (!!codeBlock->jitCode())
+ codeBlock->finalizeBaselineJITInlineCaches();
</ins><span class="cx"> #endif
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -2746,14 +2851,14 @@
</span><span class="cx"> // guaranteeing that it matches the details of the CodeBlock we compiled
</span><span class="cx"> // the OSR exit against.
</span><span class="cx">
</span><del>- alternative()->visitStrongly(visitor);
</del><ins>+ visitor.append(&m_alternative);
</ins><span class="cx">
</span><span class="cx"> #if ENABLE(DFG_JIT)
</span><span class="cx"> DFG::CommonData* dfgCommon = m_jitCode->dfgCommon();
</span><span class="cx"> if (dfgCommon->inlineCallFrames) {
</span><span class="cx"> for (auto* inlineCallFrame : *dfgCommon->inlineCallFrames) {
</span><del>- ASSERT(inlineCallFrame->baselineCodeBlock());
- inlineCallFrame->baselineCodeBlock()->visitStrongly(visitor);
</del><ins>+ ASSERT(inlineCallFrame->baselineCodeBlock);
+ visitor.append(&inlineCallFrame->baselineCodeBlock);
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx"> #endif
</span><span class="lines">@@ -2962,8 +3067,6 @@
</span><span class="cx"> while (m_incomingLLIntCalls.begin() != m_incomingLLIntCalls.end())
</span><span class="cx"> m_incomingLLIntCalls.begin()->unlink();
</span><span class="cx"> #if ENABLE(JIT)
</span><del>- if (m_incomingCalls.isEmpty() && m_incomingPolymorphicCalls.isEmpty())
- return;
</del><span class="cx"> while (m_incomingCalls.begin() != m_incomingCalls.end())
</span><span class="cx"> m_incomingCalls.begin()->unlink(*vm());
</span><span class="cx"> while (m_incomingPolymorphicCalls.begin() != m_incomingPolymorphicCalls.end())
</span><span class="lines">@@ -2977,67 +3080,67 @@
</span><span class="cx"> m_incomingLLIntCalls.push(incoming);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-PassRefPtr<CodeBlock> CodeBlock::newReplacement()
</del><ins>+CodeBlock* CodeBlock::newReplacement()
</ins><span class="cx"> {
</span><span class="cx"> return ownerScriptExecutable()->newReplacementCodeBlockFor(specializationKind());
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> #if ENABLE(JIT)
</span><del>-CodeBlock* ProgramCodeBlock::replacement()
</del><ins>+CodeBlock* CodeBlock::replacement()
</ins><span class="cx"> {
</span><del>- return jsCast<ProgramExecutable*>(ownerExecutable())->codeBlock();
-}
</del><ins>+ const ClassInfo* classInfo = this->classInfo();
</ins><span class="cx">
</span><del>-CodeBlock* ModuleProgramCodeBlock::replacement()
-{
- return jsCast<ModuleProgramExecutable*>(ownerExecutable())->codeBlock();
-}
</del><ins>+ if (classInfo == FunctionCodeBlock::info())
+ return jsCast<FunctionExecutable*>(ownerExecutable())->codeBlockFor(m_isConstructor ? CodeForConstruct : CodeForCall);
</ins><span class="cx">
</span><del>-CodeBlock* EvalCodeBlock::replacement()
-{
- return jsCast<EvalExecutable*>(ownerExecutable())->codeBlock();
-}
</del><ins>+ if (classInfo == EvalCodeBlock::info())
+ return jsCast<EvalExecutable*>(ownerExecutable())->codeBlock();
</ins><span class="cx">
</span><del>-CodeBlock* FunctionCodeBlock::replacement()
-{
- return jsCast<FunctionExecutable*>(ownerExecutable())->codeBlockFor(m_isConstructor ? CodeForConstruct : CodeForCall);
-}
</del><ins>+ if (classInfo == ProgramCodeBlock::info())
+ return jsCast<ProgramExecutable*>(ownerExecutable())->codeBlock();
</ins><span class="cx">
</span><del>-DFG::CapabilityLevel ProgramCodeBlock::capabilityLevelInternal()
-{
- return DFG::programCapabilityLevel(this);
-}
</del><ins>+ if (classInfo == ModuleProgramCodeBlock::info())
+ return jsCast<ModuleProgramExecutable*>(ownerExecutable())->codeBlock();
</ins><span class="cx">
</span><del>-DFG::CapabilityLevel ModuleProgramCodeBlock::capabilityLevelInternal()
-{
- return DFG::programCapabilityLevel(this);
-}
</del><ins>+#if ENABLE(WEBASSEMBLY)
+ if (classInfo == WebAssemblyCodeBlock::info())
+ return nullptr
+#endif
</ins><span class="cx">
</span><del>-DFG::CapabilityLevel EvalCodeBlock::capabilityLevelInternal()
-{
- return DFG::evalCapabilityLevel(this);
</del><ins>+ RELEASE_ASSERT_NOT_REACHED();
+ return nullptr;
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-DFG::CapabilityLevel FunctionCodeBlock::capabilityLevelInternal()
</del><ins>+DFG::CapabilityLevel CodeBlock::computeCapabilityLevel()
</ins><span class="cx"> {
</span><del>- if (m_isConstructor)
- return DFG::functionForConstructCapabilityLevel(this);
- return DFG::functionForCallCapabilityLevel(this);
-}
</del><ins>+ const ClassInfo* classInfo = this->classInfo();
</ins><span class="cx">
</span><ins>+ if (classInfo == FunctionCodeBlock::info()) {
+ if (m_isConstructor)
+ return DFG::functionForConstructCapabilityLevel(this);
+ return DFG::functionForCallCapabilityLevel(this);
+ }
+
+ if (classInfo == EvalCodeBlock::info())
+ return DFG::evalCapabilityLevel(this);
+
+ if (classInfo == ProgramCodeBlock::info())
+ return DFG::programCapabilityLevel(this);
+
+ if (classInfo == ModuleProgramCodeBlock::info())
+ return DFG::programCapabilityLevel(this);
+
</ins><span class="cx"> #if ENABLE(WEBASSEMBLY)
</span><del>-CodeBlock* WebAssemblyCodeBlock::replacement()
-{
- return nullptr;
-}
</del><ins>+ if (classInfo == WebAssemblyCodeBlock::info())
+ return DFG::CannotCompile;
+#endif
</ins><span class="cx">
</span><del>-DFG::CapabilityLevel WebAssemblyCodeBlock::capabilityLevelInternal()
-{
</del><ins>+ RELEASE_ASSERT_NOT_REACHED();
</ins><span class="cx"> return DFG::CannotCompile;
</span><span class="cx"> }
</span><del>-#endif
-#endif
</del><span class="cx">
</span><ins>+#endif // ENABLE(JIT)
+
</ins><span class="cx"> void CodeBlock::jettison(Profiler::JettisonReason reason, ReoptimizationMode mode, const FireDetail* detail)
</span><span class="cx"> {
</span><span class="cx"> #if !ENABLE(DFG_JIT)
</span><span class="lines">@@ -3140,7 +3243,7 @@
</span><span class="cx"> {
</span><span class="cx"> if (!codeOrigin.inlineCallFrame)
</span><span class="cx"> return globalObject();
</span><del>- return jsCast<FunctionExecutable*>(codeOrigin.inlineCallFrame->executable.get())->eitherCodeBlock()->globalObject();
</del><ins>+ return codeOrigin.inlineCallFrame->baselineCodeBlock->globalObject();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> class RecursionCheckFunctor {
</span><span class="lines">@@ -3980,7 +4083,7 @@
</span><span class="cx"> #if ENABLE(JIT)
</span><span class="cx"> DFG::CapabilityLevel CodeBlock::capabilityLevel()
</span><span class="cx"> {
</span><del>- DFG::CapabilityLevel result = capabilityLevelInternal();
</del><ins>+ DFG::CapabilityLevel result = computeCapabilityLevel();
</ins><span class="cx"> m_capabilityLevelState = result;
</span><span class="cx"> return result;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeCodeBlockh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/CodeBlock.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/CodeBlock.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/bytecode/CodeBlock.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -38,10 +38,10 @@
</span><span class="cx"> #include "CallReturnOffsetToBytecodeOffset.h"
</span><span class="cx"> #include "CodeBlockHash.h"
</span><span class="cx"> #include "CodeBlockSet.h"
</span><del>-#include "ConcurrentJITLock.h"
</del><span class="cx"> #include "CodeOrigin.h"
</span><span class="cx"> #include "CodeType.h"
</span><span class="cx"> #include "CompactJITCodeMap.h"
</span><ins>+#include "ConcurrentJITLock.h"
</ins><span class="cx"> #include "DFGCommon.h"
</span><span class="cx"> #include "DFGExitProfile.h"
</span><span class="cx"> #include "DeferredCompilationCallback.h"
</span><span class="lines">@@ -49,18 +49,19 @@
</span><span class="cx"> #include "ExecutionCounter.h"
</span><span class="cx"> #include "ExpressionRangeInfo.h"
</span><span class="cx"> #include "HandlerInfo.h"
</span><del>-#include "ObjectAllocationProfile.h"
-#include "Options.h"
-#include "PutPropertySlot.h"
</del><span class="cx"> #include "Instruction.h"
</span><span class="cx"> #include "JITCode.h"
</span><span class="cx"> #include "JITWriteBarrier.h"
</span><ins>+#include "JSCell.h"
</ins><span class="cx"> #include "JSGlobalObject.h"
</span><span class="cx"> #include "JumpTable.h"
</span><span class="cx"> #include "LLIntCallLinkInfo.h"
</span><span class="cx"> #include "LazyOperandValueProfile.h"
</span><ins>+#include "ObjectAllocationProfile.h"
+#include "Options.h"
</ins><span class="cx"> #include "ProfilerCompilation.h"
</span><span class="cx"> #include "ProfilerJettisonReason.h"
</span><ins>+#include "PutPropertySlot.h"
</ins><span class="cx"> #include "RegExpObject.h"
</span><span class="cx"> #include "StructureStubInfo.h"
</span><span class="cx"> #include "UnconditionalFinalizer.h"
</span><span class="lines">@@ -85,26 +86,45 @@
</span><span class="cx">
</span><span class="cx"> enum ReoptimizationMode { DontCountReoptimization, CountReoptimization };
</span><span class="cx">
</span><del>-class CodeBlock : public ThreadSafeRefCounted<CodeBlock>, public UnconditionalFinalizer, public WeakReferenceHarvester {
- WTF_MAKE_FAST_ALLOCATED;
</del><ins>+class CodeBlock : public JSCell {
+ typedef JSCell Base;
</ins><span class="cx"> friend class BytecodeLivenessAnalysis;
</span><span class="cx"> friend class JIT;
</span><span class="cx"> friend class LLIntOffsetsExtractor;
</span><ins>+
+ class UnconditionalFinalizer : public JSC::UnconditionalFinalizer {
+ virtual void finalizeUnconditionally() override;
+ };
+
+ class WeakReferenceHarvester : public JSC::WeakReferenceHarvester {
+ virtual void visitWeakReferences(SlotVisitor&) override;
+ };
+
</ins><span class="cx"> public:
</span><span class="cx"> enum CopyParsedBlockTag { CopyParsedBlock };
</span><ins>+
+ static const unsigned StructureFlags = Base::StructureFlags | StructureIsImmortal;
+
+ DECLARE_INFO;
+
</ins><span class="cx"> protected:
</span><del>- CodeBlock(CopyParsedBlockTag, CodeBlock& other);
-
- CodeBlock(ScriptExecutable* ownerExecutable, UnlinkedCodeBlock*, JSScope*, PassRefPtr<SourceProvider>, unsigned sourceOffset, unsigned firstLineColumnOffset);
</del><ins>+ CodeBlock(VM*, Structure*, CopyParsedBlockTag, CodeBlock& other);
+ CodeBlock(VM*, Structure*, ScriptExecutable* ownerExecutable, UnlinkedCodeBlock*, JSScope*, PassRefPtr<SourceProvider>, unsigned sourceOffset, unsigned firstLineColumnOffset);
</ins><span class="cx"> #if ENABLE(WEBASSEMBLY)
</span><del>- CodeBlock(WebAssemblyExecutable* ownerExecutable, VM&, JSGlobalObject*);
</del><ins>+ CodeBlock(VM*, Structure*, WebAssemblyExecutable* ownerExecutable, VM&, JSGlobalObject*);
</ins><span class="cx"> #endif
</span><span class="cx">
</span><ins>+ void finishCreation(VM&, CopyParsedBlockTag, CodeBlock& other);
+ void finishCreation(VM&, ScriptExecutable* ownerExecutable, UnlinkedCodeBlock*, JSScope*);
+#if ENABLE(WEBASSEMBLY)
+ void finishCreation(VM&, WebAssemblyExecutable* ownerExecutable, JSGlobalObject*);
+#endif
+
</ins><span class="cx"> WriteBarrier<JSGlobalObject> m_globalObject;
</span><span class="cx"> Heap* m_heap;
</span><span class="cx">
</span><span class="cx"> public:
</span><del>- JS_EXPORT_PRIVATE virtual ~CodeBlock();
</del><ins>+ JS_EXPORT_PRIVATE ~CodeBlock();
</ins><span class="cx">
</span><span class="cx"> UnlinkedCodeBlock* unlinkedCodeBlock() const { return m_unlinkedCode.get(); }
</span><span class="cx">
</span><span class="lines">@@ -124,8 +144,8 @@
</span><span class="cx"> int* addressOfNumParameters() { return &m_numParameters; }
</span><span class="cx"> static ptrdiff_t offsetOfNumParameters() { return OBJECT_OFFSETOF(CodeBlock, m_numParameters); }
</span><span class="cx">
</span><del>- CodeBlock* alternative() { return m_alternative.get(); }
- void setAlternative(PassRefPtr<CodeBlock> alternative) { m_alternative = alternative; }
</del><ins>+ CodeBlock* alternative() const { return static_cast<CodeBlock*>(m_alternative.get()); }
+ void setAlternative(VM&, CodeBlock*);
</ins><span class="cx">
</span><span class="cx"> template <typename Functor> void forEachRelatedCodeBlock(Functor&& functor)
</span><span class="cx"> {
</span><span class="lines">@@ -148,16 +168,18 @@
</span><span class="cx"> {
</span><span class="cx"> return specializationFromIsConstruct(m_isConstructor);
</span><span class="cx"> }
</span><del>-
</del><ins>+
+ CodeBlock* alternativeForJettison();
</ins><span class="cx"> CodeBlock* baselineAlternative();
</span><span class="cx">
</span><span class="cx"> // FIXME: Get rid of this.
</span><span class="cx"> // https://bugs.webkit.org/show_bug.cgi?id=123677
</span><span class="cx"> CodeBlock* baselineVersion();
</span><span class="cx">
</span><del>- void clearMarks();
- void visitAggregate(SlotVisitor&);
- void visitStrongly(SlotVisitor&);
</del><ins>+ static void visitChildren(JSCell*, SlotVisitor&);
+ void visitChildren(SlotVisitor&);
+ void visitWeakly(SlotVisitor&);
+ void clearVisitWeaklyHasBeenCalled();
</ins><span class="cx">
</span><span class="cx"> void dumpSource();
</span><span class="cx"> void dumpSource(PrintStream&);
</span><span class="lines">@@ -265,7 +287,7 @@
</span><span class="cx"> unsigned instructionCount() const { return m_instructions.size(); }
</span><span class="cx">
</span><span class="cx"> // Exactly equivalent to codeBlock->ownerExecutable()->newReplacementCodeBlockFor(codeBlock->specializationKind())
</span><del>- PassRefPtr<CodeBlock> newReplacement();
</del><ins>+ CodeBlock* newReplacement();
</ins><span class="cx">
</span><span class="cx"> void setJITCode(PassRefPtr<JITCode> code)
</span><span class="cx"> {
</span><span class="lines">@@ -291,9 +313,9 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> #if ENABLE(JIT)
</span><del>- virtual CodeBlock* replacement() = 0;
</del><ins>+ CodeBlock* replacement();
</ins><span class="cx">
</span><del>- virtual DFG::CapabilityLevel capabilityLevelInternal() = 0;
</del><ins>+ DFG::CapabilityLevel computeCapabilityLevel();
</ins><span class="cx"> DFG::CapabilityLevel capabilityLevel();
</span><span class="cx"> DFG::CapabilityLevel capabilityLevelState() { return m_capabilityLevelState; }
</span><span class="cx">
</span><span class="lines">@@ -543,7 +565,7 @@
</span><span class="cx"> {
</span><span class="cx"> unsigned result = m_constantRegisters.size();
</span><span class="cx"> m_constantRegisters.append(WriteBarrier<Unknown>());
</span><del>- m_constantRegisters.last().set(m_globalObject->vm(), m_ownerExecutable.get(), v);
</del><ins>+ m_constantRegisters.last().set(m_globalObject->vm(), this, v);
</ins><span class="cx"> m_constantsSourceCodeRepresentation.append(SourceCodeRepresentation::Other);
</span><span class="cx"> return result;
</span><span class="cx"> }
</span><span class="lines">@@ -895,8 +917,6 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> protected:
</span><del>- virtual void visitWeakReferences(SlotVisitor&) override;
- virtual void finalizeUnconditionally() override;
</del><span class="cx"> void finalizeLLIntInlineCaches();
</span><span class="cx"> void finalizeBaselineJITInlineCaches();
</span><span class="cx">
</span><span class="lines">@@ -923,14 +943,14 @@
</span><span class="cx"> size_t count = constants.size();
</span><span class="cx"> m_constantRegisters.resizeToFit(count);
</span><span class="cx"> for (size_t i = 0; i < count; i++)
</span><del>- m_constantRegisters[i].set(*m_vm, ownerExecutable(), constants[i].get());
</del><ins>+ m_constantRegisters[i].set(*m_vm, this, constants[i].get());
</ins><span class="cx"> m_constantsSourceCodeRepresentation = constantsSourceCodeRepresentation;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void replaceConstant(int index, JSValue value)
</span><span class="cx"> {
</span><span class="cx"> ASSERT(isConstantRegisterIndex(index) && static_cast<size_t>(index - FirstConstantRegisterIndex) < m_constantRegisters.size());
</span><del>- m_constantRegisters[index - FirstConstantRegisterIndex].set(m_globalObject->vm(), m_ownerExecutable.get(), value);
</del><ins>+ m_constantRegisters[index - FirstConstantRegisterIndex].set(m_globalObject->vm(), this, value);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void dumpBytecode(
</span><span class="lines">@@ -1002,8 +1022,7 @@
</span><span class="cx"> bool m_isStrictMode;
</span><span class="cx"> bool m_needsActivation;
</span><span class="cx">
</span><del>- Atomic<bool> m_visitAggregateHasBeenCalled;
- Atomic<bool> m_visitStronglyHasBeenCalled;
</del><ins>+ Atomic<bool> m_visitWeaklyHasBeenCalled;
</ins><span class="cx">
</span><span class="cx"> RefPtr<SourceProvider> m_source;
</span><span class="cx"> unsigned m_sourceOffset;
</span><span class="lines">@@ -1045,7 +1064,7 @@
</span><span class="cx"> Vector<WriteBarrier<FunctionExecutable>> m_functionDecls;
</span><span class="cx"> Vector<WriteBarrier<FunctionExecutable>> m_functionExprs;
</span><span class="cx">
</span><del>- RefPtr<CodeBlock> m_alternative;
</del><ins>+ WriteBarrier<CodeBlock> m_alternative;
</ins><span class="cx">
</span><span class="cx"> BaselineExecutionCounter m_llintExecuteCounter;
</span><span class="cx">
</span><span class="lines">@@ -1065,124 +1084,242 @@
</span><span class="cx"> #if ENABLE(JIT)
</span><span class="cx"> DFG::CapabilityLevel m_capabilityLevelState;
</span><span class="cx"> #endif
</span><ins>+
+ UnconditionalFinalizer m_unconditionalFinalizer;
+ WeakReferenceHarvester m_weakReferenceHarvester;
</ins><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> // Program code is not marked by any function, so we make the global object
</span><span class="cx"> // responsible for marking it.
</span><span class="cx">
</span><span class="cx"> class GlobalCodeBlock : public CodeBlock {
</span><ins>+ typedef CodeBlock Base;
+ DECLARE_INFO;
+
</ins><span class="cx"> protected:
</span><del>- GlobalCodeBlock(CopyParsedBlockTag, GlobalCodeBlock& other)
- : CodeBlock(CopyParsedBlock, other)
</del><ins>+ GlobalCodeBlock(VM* vm, Structure* structure, CopyParsedBlockTag, GlobalCodeBlock& other)
+ : CodeBlock(vm, structure, CopyParsedBlock, other)
</ins><span class="cx"> {
</span><span class="cx"> }
</span><del>-
- GlobalCodeBlock(ScriptExecutable* ownerExecutable, UnlinkedCodeBlock* unlinkedCodeBlock, JSScope* scope, PassRefPtr<SourceProvider> sourceProvider, unsigned sourceOffset, unsigned firstLineColumnOffset)
- : CodeBlock(ownerExecutable, unlinkedCodeBlock, scope, sourceProvider, sourceOffset, firstLineColumnOffset)
</del><ins>+
+ GlobalCodeBlock(VM* vm, Structure* structure, ScriptExecutable* ownerExecutable, UnlinkedCodeBlock* unlinkedCodeBlock, JSScope* scope, PassRefPtr<SourceProvider> sourceProvider, unsigned sourceOffset, unsigned firstLineColumnOffset)
+ : CodeBlock(vm, structure, ownerExecutable, unlinkedCodeBlock, scope, sourceProvider, sourceOffset, firstLineColumnOffset)
</ins><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> class ProgramCodeBlock : public GlobalCodeBlock {
</span><span class="cx"> public:
</span><del>- ProgramCodeBlock(CopyParsedBlockTag, ProgramCodeBlock& other)
- : GlobalCodeBlock(CopyParsedBlock, other)
</del><ins>+ typedef GlobalCodeBlock Base;
+ DECLARE_INFO;
+
+ static ProgramCodeBlock* create(VM* vm, CopyParsedBlockTag, ProgramCodeBlock& other)
</ins><span class="cx"> {
</span><ins>+ ProgramCodeBlock* instance = new (NotNull, allocateCell<ProgramCodeBlock>(vm->heap))
+ ProgramCodeBlock(vm, vm->programCodeBlockStructure.get(), CopyParsedBlock, other);
+ instance->finishCreation(*vm, CopyParsedBlock, other);
+ return instance;
</ins><span class="cx"> }
</span><span class="cx">
</span><del>- ProgramCodeBlock(ProgramExecutable* ownerExecutable, UnlinkedProgramCodeBlock* unlinkedCodeBlock, JSScope* scope, PassRefPtr<SourceProvider> sourceProvider, unsigned firstLineColumnOffset)
- : GlobalCodeBlock(ownerExecutable, unlinkedCodeBlock, scope, sourceProvider, 0, firstLineColumnOffset)
</del><ins>+ static ProgramCodeBlock* create(VM* vm, ProgramExecutable* ownerExecutable, UnlinkedProgramCodeBlock* unlinkedCodeBlock,
+ JSScope* scope, PassRefPtr<SourceProvider> sourceProvider, unsigned firstLineColumnOffset)
</ins><span class="cx"> {
</span><ins>+ ProgramCodeBlock* instance = new (NotNull, allocateCell<ProgramCodeBlock>(vm->heap))
+ ProgramCodeBlock(vm, vm->programCodeBlockStructure.get(), ownerExecutable, unlinkedCodeBlock, scope, sourceProvider, firstLineColumnOffset);
+ instance->finishCreation(*vm, ownerExecutable, unlinkedCodeBlock, scope);
+ return instance;
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-#if ENABLE(JIT)
-protected:
- virtual CodeBlock* replacement() override;
- virtual DFG::CapabilityLevel capabilityLevelInternal() override;
-#endif
</del><ins>+ static Structure* createStructure(VM& vm, JSGlobalObject* globalObject, JSValue prototype)
+ {
+ return Structure::create(vm, globalObject, prototype, TypeInfo(CellType, StructureFlags), info());
+ }
+
+private:
+ ProgramCodeBlock(VM* vm, Structure* structure, CopyParsedBlockTag, ProgramCodeBlock& other)
+ : GlobalCodeBlock(vm, structure, CopyParsedBlock, other)
+ {
+ }
+
+ ProgramCodeBlock(VM* vm, Structure* structure, ProgramExecutable* ownerExecutable, UnlinkedProgramCodeBlock* unlinkedCodeBlock,
+ JSScope* scope, PassRefPtr<SourceProvider> sourceProvider, unsigned firstLineColumnOffset)
+ : GlobalCodeBlock(vm, structure, ownerExecutable, unlinkedCodeBlock, scope, sourceProvider, 0, firstLineColumnOffset)
+ {
+ }
+
+ static void destroy(JSCell*);
</ins><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> class ModuleProgramCodeBlock : public GlobalCodeBlock {
</span><span class="cx"> public:
</span><del>- ModuleProgramCodeBlock(CopyParsedBlockTag, ModuleProgramCodeBlock& other)
- : GlobalCodeBlock(CopyParsedBlock, other)
</del><ins>+ typedef GlobalCodeBlock Base;
+ DECLARE_INFO;
+
+ static ModuleProgramCodeBlock* create(VM* vm, CopyParsedBlockTag, ModuleProgramCodeBlock& other)
</ins><span class="cx"> {
</span><ins>+ ModuleProgramCodeBlock* instance = new (NotNull, allocateCell<ModuleProgramCodeBlock>(vm->heap))
+ ModuleProgramCodeBlock(vm, vm->moduleProgramCodeBlockStructure.get(), CopyParsedBlock, other);
+ instance->finishCreation(*vm, CopyParsedBlock, other);
+ return instance;
</ins><span class="cx"> }
</span><span class="cx">
</span><del>- ModuleProgramCodeBlock(ModuleProgramExecutable* ownerExecutable, UnlinkedModuleProgramCodeBlock* unlinkedCodeBlock, JSScope* scope, PassRefPtr<SourceProvider> sourceProvider, unsigned firstLineColumnOffset)
- : GlobalCodeBlock(ownerExecutable, unlinkedCodeBlock, scope, sourceProvider, 0, firstLineColumnOffset)
</del><ins>+ static ModuleProgramCodeBlock* create(VM* vm, ModuleProgramExecutable* ownerExecutable, UnlinkedModuleProgramCodeBlock* unlinkedCodeBlock,
+ JSScope* scope, PassRefPtr<SourceProvider> sourceProvider, unsigned firstLineColumnOffset)
</ins><span class="cx"> {
</span><ins>+ ModuleProgramCodeBlock* instance = new (NotNull, allocateCell<ModuleProgramCodeBlock>(vm->heap))
+ ModuleProgramCodeBlock(vm, vm->moduleProgramCodeBlockStructure.get(), ownerExecutable, unlinkedCodeBlock, scope, sourceProvider, firstLineColumnOffset);
+ instance->finishCreation(*vm, ownerExecutable, unlinkedCodeBlock, scope);
+ return instance;
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-#if ENABLE(JIT)
-protected:
- virtual CodeBlock* replacement() override;
- virtual DFG::CapabilityLevel capabilityLevelInternal() override;
-#endif
</del><ins>+ static Structure* createStructure(VM& vm, JSGlobalObject* globalObject, JSValue prototype)
+ {
+ return Structure::create(vm, globalObject, prototype, TypeInfo(CellType, StructureFlags), info());
+ }
+
+private:
+ ModuleProgramCodeBlock(VM* vm, Structure* structure, CopyParsedBlockTag, ModuleProgramCodeBlock& other)
+ : GlobalCodeBlock(vm, structure, CopyParsedBlock, other)
+ {
+ }
+
+ ModuleProgramCodeBlock(VM* vm, Structure* structure, ModuleProgramExecutable* ownerExecutable, UnlinkedModuleProgramCodeBlock* unlinkedCodeBlock,
+ JSScope* scope, PassRefPtr<SourceProvider> sourceProvider, unsigned firstLineColumnOffset)
+ : GlobalCodeBlock(vm, structure, ownerExecutable, unlinkedCodeBlock, scope, sourceProvider, 0, firstLineColumnOffset)
+ {
+ }
+
+ static void destroy(JSCell*);
</ins><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> class EvalCodeBlock : public GlobalCodeBlock {
</span><span class="cx"> public:
</span><del>- EvalCodeBlock(CopyParsedBlockTag, EvalCodeBlock& other)
- : GlobalCodeBlock(CopyParsedBlock, other)
</del><ins>+ typedef GlobalCodeBlock Base;
+ DECLARE_INFO;
+
+ static EvalCodeBlock* create(VM* vm, CopyParsedBlockTag, EvalCodeBlock& other)
</ins><span class="cx"> {
</span><ins>+ EvalCodeBlock* instance = new (NotNull, allocateCell<EvalCodeBlock>(vm->heap))
+ EvalCodeBlock(vm, vm->evalCodeBlockStructure.get(), CopyParsedBlock, other);
+ instance->finishCreation(*vm, CopyParsedBlock, other);
+ return instance;
</ins><span class="cx"> }
</span><del>-
- EvalCodeBlock(EvalExecutable* ownerExecutable, UnlinkedEvalCodeBlock* unlinkedCodeBlock, JSScope* scope, PassRefPtr<SourceProvider> sourceProvider)
- : GlobalCodeBlock(ownerExecutable, unlinkedCodeBlock, scope, sourceProvider, 0, 1)
</del><ins>+
+ static EvalCodeBlock* create(VM* vm, EvalExecutable* ownerExecutable, UnlinkedEvalCodeBlock* unlinkedCodeBlock,
+ JSScope* scope, PassRefPtr<SourceProvider> sourceProvider)
</ins><span class="cx"> {
</span><ins>+ EvalCodeBlock* instance = new (NotNull, allocateCell<EvalCodeBlock>(vm->heap))
+ EvalCodeBlock(vm, vm->evalCodeBlockStructure.get(), ownerExecutable, unlinkedCodeBlock, scope, sourceProvider);
+ instance->finishCreation(*vm, ownerExecutable, unlinkedCodeBlock, scope);
+ return instance;
</ins><span class="cx"> }
</span><del>-
</del><ins>+
+ static Structure* createStructure(VM& vm, JSGlobalObject* globalObject, JSValue prototype)
+ {
+ return Structure::create(vm, globalObject, prototype, TypeInfo(CellType, StructureFlags), info());
+ }
+
</ins><span class="cx"> const Identifier& variable(unsigned index) { return unlinkedEvalCodeBlock()->variable(index); }
</span><span class="cx"> unsigned numVariables() { return unlinkedEvalCodeBlock()->numVariables(); }
</span><span class="cx">
</span><del>-#if ENABLE(JIT)
-protected:
- virtual CodeBlock* replacement() override;
- virtual DFG::CapabilityLevel capabilityLevelInternal() override;
-#endif
</del><ins>+private:
+ EvalCodeBlock(VM* vm, Structure* structure, CopyParsedBlockTag, EvalCodeBlock& other)
+ : GlobalCodeBlock(vm, structure, CopyParsedBlock, other)
+ {
+ }
+
+ EvalCodeBlock(VM* vm, Structure* structure, EvalExecutable* ownerExecutable, UnlinkedEvalCodeBlock* unlinkedCodeBlock,
+ JSScope* scope, PassRefPtr<SourceProvider> sourceProvider)
+ : GlobalCodeBlock(vm, structure, ownerExecutable, unlinkedCodeBlock, scope, sourceProvider, 0, 1)
+ {
+ }
</ins><span class="cx">
</span><ins>+ static void destroy(JSCell*);
+
</ins><span class="cx"> private:
</span><span class="cx"> UnlinkedEvalCodeBlock* unlinkedEvalCodeBlock() const { return jsCast<UnlinkedEvalCodeBlock*>(unlinkedCodeBlock()); }
</span><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> class FunctionCodeBlock : public CodeBlock {
</span><span class="cx"> public:
</span><del>- FunctionCodeBlock(CopyParsedBlockTag, FunctionCodeBlock& other)
- : CodeBlock(CopyParsedBlock, other)
</del><ins>+ typedef CodeBlock Base;
+ DECLARE_INFO;
+
+ static FunctionCodeBlock* create(VM* vm, CopyParsedBlockTag, FunctionCodeBlock& other)
</ins><span class="cx"> {
</span><ins>+ FunctionCodeBlock* instance = new (NotNull, allocateCell<FunctionCodeBlock>(vm->heap))
+ FunctionCodeBlock(vm, vm->functionCodeBlockStructure.get(), CopyParsedBlock, other);
+ instance->finishCreation(*vm, CopyParsedBlock, other);
+ return instance;
</ins><span class="cx"> }
</span><span class="cx">
</span><del>- FunctionCodeBlock(FunctionExecutable* ownerExecutable, UnlinkedFunctionCodeBlock* unlinkedCodeBlock, JSScope* scope, PassRefPtr<SourceProvider> sourceProvider, unsigned sourceOffset, unsigned firstLineColumnOffset)
- : CodeBlock(ownerExecutable, unlinkedCodeBlock, scope, sourceProvider, sourceOffset, firstLineColumnOffset)
</del><ins>+ static FunctionCodeBlock* create(VM* vm, FunctionExecutable* ownerExecutable, UnlinkedFunctionCodeBlock* unlinkedCodeBlock, JSScope* scope,
+ PassRefPtr<SourceProvider> sourceProvider, unsigned sourceOffset, unsigned firstLineColumnOffset)
</ins><span class="cx"> {
</span><ins>+ FunctionCodeBlock* instance = new (NotNull, allocateCell<FunctionCodeBlock>(vm->heap))
+ FunctionCodeBlock(vm, vm->functionCodeBlockStructure.get(), ownerExecutable, unlinkedCodeBlock, scope, sourceProvider, sourceOffset, firstLineColumnOffset);
+ instance->finishCreation(*vm, ownerExecutable, unlinkedCodeBlock, scope);
+ return instance;
</ins><span class="cx"> }
</span><ins>+
+ static Structure* createStructure(VM& vm, JSGlobalObject* globalObject, JSValue prototype)
+ {
+ return Structure::create(vm, globalObject, prototype, TypeInfo(CellType, StructureFlags), info());
+ }
+
+private:
+ FunctionCodeBlock(VM* vm, Structure* structure, CopyParsedBlockTag, FunctionCodeBlock& other)
+ : CodeBlock(vm, structure, CopyParsedBlock, other)
+ {
+ }
+
+ FunctionCodeBlock(VM* vm, Structure* structure, FunctionExecutable* ownerExecutable, UnlinkedFunctionCodeBlock* unlinkedCodeBlock, JSScope* scope,
+ PassRefPtr<SourceProvider> sourceProvider, unsigned sourceOffset, unsigned firstLineColumnOffset)
+ : CodeBlock(vm, structure, ownerExecutable, unlinkedCodeBlock, scope, sourceProvider, sourceOffset, firstLineColumnOffset)
+ {
+ }
</ins><span class="cx">
</span><del>-#if ENABLE(JIT)
-protected:
- virtual CodeBlock* replacement() override;
- virtual DFG::CapabilityLevel capabilityLevelInternal() override;
-#endif
</del><ins>+ static void destroy(JSCell*);
</ins><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> #if ENABLE(WEBASSEMBLY)
</span><span class="cx"> class WebAssemblyCodeBlock : public CodeBlock {
</span><span class="cx"> public:
</span><del>- WebAssemblyCodeBlock(CopyParsedBlockTag, WebAssemblyCodeBlock& other)
- : CodeBlock(CopyParsedBlock, other)
</del><ins>+ DECLARE_INFO;
+
+ static WebAssemblyCodeBlock* create(VM* vm, CopyParsedBlockTag, WebAssemblyCodeBlock& other)
</ins><span class="cx"> {
</span><ins>+ WebAssemblyCodeBlock* instance = new (NotNull, allocateCell<WebAssemblyCodeBlock>(vm->heap))
+ WebAssemblyCodeBlock(vm, vm->webAssemblyCodeBlockStructure.get(), CopyParsedBlock, other);
+ instance->finishCreation(*vm);
+ return instance;
</ins><span class="cx"> }
</span><span class="cx">
</span><del>- WebAssemblyCodeBlock(WebAssemblyExecutable* ownerExecutable, VM& vm, JSGlobalObject* globalObject)
- : CodeBlock(ownerExecutable, vm, globalObject)
</del><ins>+ static WebAssemblyCodeBlock* create(VM* vm, WebAssemblyExecutable* ownerExecutable, JSGlobalObject* globalObject)
</ins><span class="cx"> {
</span><ins>+ WebAssemblyCodeBlock* instance = new (NotNull, allocateCell<WebAssemblyCodeBlock>(vm->heap))
+ WebAssemblyCodeBlock(vm, vm->webAssemblyCodeBlockStructure.get(), ownerExecutable, globalObject);
+ instance->finishCreation(*vm);
+ return instance;
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-#if ENABLE(JIT)
-protected:
- virtual CodeBlock* replacement() override;
- virtual DFG::CapabilityLevel capabilityLevelInternal() override;
-#endif
</del><ins>+ static Structure* createStructure(VM& vm, JSGlobalObject* globalObject, JSValue prototype)
+ {
+ return Structure::create(vm, globalObject, prototype, TypeInfo(CellType, StructureFlags), info());
+ }
+
+private:
+ WebAssemblyCodeBlock(VM& vm, Structure* structure, CopyParsedBlockTag, WebAssemblyCodeBlock& other)
+ : CodeBlock(vm, structure, CopyParsedBlock, other)
+ {
+ }
+
+ WebAssemblyCodeBlock(VM& vm, Structure* structure, WebAssemblyExecutable* ownerExecutable, JSGlobalObject* globalObject)
+ : CodeBlock(vm, structure, ownerExecutable, vm, globalObject)
+ {
+ }
+
+ static void destroy(JSCell*);
</ins><span class="cx"> };
</span><span class="cx"> #endif
</span><span class="cx">
</span><span class="lines">@@ -1210,10 +1347,9 @@
</span><span class="cx"> return uncheckedR(reg.offset());
</span><span class="cx"> }
</span><span class="cx">
</span><del>-inline void CodeBlock::clearMarks()
</del><ins>+inline void CodeBlock::clearVisitWeaklyHasBeenCalled()
</ins><span class="cx"> {
</span><del>- m_visitStronglyHasBeenCalled.store(false, std::memory_order_relaxed);
- m_visitAggregateHasBeenCalled.store(false, std::memory_order_relaxed);
</del><ins>+ m_visitWeaklyHasBeenCalled.store(false, std::memory_order_relaxed);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> inline void CodeBlockSet::mark(void* candidateCodeBlock)
</span><span class="lines">@@ -1238,13 +1374,12 @@
</span><span class="cx"> {
</span><span class="cx"> if (!codeBlock)
</span><span class="cx"> return;
</span><del>-
- // Force GC to visit all CodeBlocks on the stack, including old CodeBlocks
- // that have not executed a barrier. This is overkill, but we have always
- // done this, and it might help us recover gracefully if we forget to execute
- // a barrier when a CodeBlock needs it.
- codeBlock->clearMarks();
</del><span class="cx">
</span><ins>+ // Try to recover gracefully if we forget to execute a barrier for a
+ // CodeBlock that does value profiling. This is probably overkill, but we
+ // have always done it.
+ Heap::heap(codeBlock)->writeBarrier(codeBlock);
+
</ins><span class="cx"> m_currentlyExecuting.add(codeBlock);
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -1252,13 +1387,13 @@
</span><span class="cx"> {
</span><span class="cx"> switch (type()) {
</span><span class="cx"> case ProgramExecutableType: {
</span><del>- if (CodeBlock* codeBlock = jsCast<ProgramExecutable*>(this)->m_programCodeBlock.get())
</del><ins>+ if (CodeBlock* codeBlock = static_cast<CodeBlock*>(jsCast<ProgramExecutable*>(this)->m_programCodeBlock.get()))
</ins><span class="cx"> codeBlock->forEachRelatedCodeBlock(std::forward<Functor>(functor));
</span><span class="cx"> break;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> case EvalExecutableType: {
</span><del>- if (CodeBlock* codeBlock = jsCast<EvalExecutable*>(this)->m_evalCodeBlock.get())
</del><ins>+ if (CodeBlock* codeBlock = static_cast<CodeBlock*>(jsCast<EvalExecutable*>(this)->m_evalCodeBlock.get()))
</ins><span class="cx"> codeBlock->forEachRelatedCodeBlock(std::forward<Functor>(functor));
</span><span class="cx"> break;
</span><span class="cx"> }
</span><span class="lines">@@ -1266,15 +1401,15 @@
</span><span class="cx"> case FunctionExecutableType: {
</span><span class="cx"> Functor f(std::forward<Functor>(functor));
</span><span class="cx"> FunctionExecutable* executable = jsCast<FunctionExecutable*>(this);
</span><del>- if (CodeBlock* codeBlock = executable->m_codeBlockForCall.get())
</del><ins>+ if (CodeBlock* codeBlock = static_cast<CodeBlock*>(executable->m_codeBlockForCall.get()))
</ins><span class="cx"> codeBlock->forEachRelatedCodeBlock(f);
</span><del>- if (CodeBlock* codeBlock = executable->m_codeBlockForConstruct.get())
</del><ins>+ if (CodeBlock* codeBlock = static_cast<CodeBlock*>(executable->m_codeBlockForConstruct.get()))
</ins><span class="cx"> codeBlock->forEachRelatedCodeBlock(f);
</span><span class="cx"> break;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> case ModuleProgramExecutableType: {
</span><del>- if (CodeBlock* codeBlock = jsCast<ModuleProgramExecutable*>(this)->m_moduleProgramCodeBlock.get())
</del><ins>+ if (CodeBlock* codeBlock = static_cast<CodeBlock*>(jsCast<ModuleProgramExecutable*>(this)->m_moduleProgramCodeBlock.get()))
</ins><span class="cx"> codeBlock->forEachRelatedCodeBlock(std::forward<Functor>(functor));
</span><span class="cx"> break;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeCodeOrigincpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/CodeOrigin.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/CodeOrigin.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/bytecode/CodeOrigin.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -75,7 +75,7 @@
</span><span class="cx"> if (!a.inlineCallFrame)
</span><span class="cx"> return true;
</span><span class="cx">
</span><del>- if (a.inlineCallFrame->executable.get() != b.inlineCallFrame->executable.get())
</del><ins>+ if (a.inlineCallFrame->baselineCodeBlock.get() != b.inlineCallFrame->baselineCodeBlock.get())
</ins><span class="cx"> return false;
</span><span class="cx">
</span><span class="cx"> a = a.inlineCallFrame->directCaller;
</span><span class="lines">@@ -98,7 +98,7 @@
</span><span class="cx"> if (!codeOrigin.inlineCallFrame)
</span><span class="cx"> return result;
</span><span class="cx">
</span><del>- result += WTF::PtrHash<JSCell*>::hash(codeOrigin.inlineCallFrame->executable.get());
</del><ins>+ result += WTF::PtrHash<JSCell*>::hash(codeOrigin.inlineCallFrame->baselineCodeBlock.get());
</ins><span class="cx">
</span><span class="cx"> codeOrigin = codeOrigin.inlineCallFrame->directCaller;
</span><span class="cx"> }
</span><span class="lines">@@ -115,11 +115,11 @@
</span><span class="cx"> return result;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-ScriptExecutable* CodeOrigin::codeOriginOwner() const
</del><ins>+CodeBlock* CodeOrigin::codeOriginOwner() const
</ins><span class="cx"> {
</span><span class="cx"> if (!inlineCallFrame)
</span><span class="cx"> return 0;
</span><del>- return inlineCallFrame->executable.get();
</del><ins>+ return inlineCallFrame->baselineCodeBlock.get();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> int CodeOrigin::stackOffset() const
</span><span class="lines">@@ -143,7 +143,7 @@
</span><span class="cx"> out.print(" --> ");
</span><span class="cx">
</span><span class="cx"> if (InlineCallFrame* frame = stack[i].inlineCallFrame) {
</span><del>- out.print(frame->briefFunctionInformation(), ":<", RawPointer(frame->executable.get()), "> ");
</del><ins>+ out.print(frame->briefFunctionInformation(), ":<", RawPointer(frame->baselineCodeBlock.get()), "> ");
</ins><span class="cx"> if (frame->isClosureCall)
</span><span class="cx"> out.print("(closure) ");
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeCodeOriginh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/CodeOrigin.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/CodeOrigin.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/bytecode/CodeOrigin.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -87,7 +87,7 @@
</span><span class="cx">
</span><span class="cx"> // If the code origin corresponds to inlined code, gives you the heap object that
</span><span class="cx"> // would have owned the code if it had not been inlined. Otherwise returns 0.
</span><del>- ScriptExecutable* codeOriginOwner() const;
</del><ins>+ CodeBlock* codeOriginOwner() const;
</ins><span class="cx">
</span><span class="cx"> int stackOffset() const;
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeDeferredCompilationCallbackcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/DeferredCompilationCallback.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/DeferredCompilationCallback.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/bytecode/DeferredCompilationCallback.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -33,7 +33,7 @@
</span><span class="cx"> DeferredCompilationCallback::DeferredCompilationCallback() { }
</span><span class="cx"> DeferredCompilationCallback::~DeferredCompilationCallback() { }
</span><span class="cx">
</span><del>-void DeferredCompilationCallback::compilationDidComplete(CodeBlock* codeBlock, CompilationResult result)
</del><ins>+void DeferredCompilationCallback::compilationDidComplete(CodeBlock* codeBlock, CodeBlock*, CompilationResult result)
</ins><span class="cx"> {
</span><span class="cx"> dumpCompiledSourcesIfNeeded();
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeDeferredCompilationCallbackh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/DeferredCompilationCallback.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/DeferredCompilationCallback.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/bytecode/DeferredCompilationCallback.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -42,8 +42,8 @@
</span><span class="cx"> public:
</span><span class="cx"> virtual ~DeferredCompilationCallback();
</span><span class="cx">
</span><del>- virtual void compilationDidBecomeReadyAsynchronously(CodeBlock*) = 0;
- virtual void compilationDidComplete(CodeBlock*, CompilationResult);
</del><ins>+ virtual void compilationDidBecomeReadyAsynchronously(CodeBlock*, CodeBlock* profiledDFGCodeBlock) = 0;
+ virtual void compilationDidComplete(CodeBlock*, CodeBlock* profiledDFGCodeBlock, CompilationResult);
</ins><span class="cx">
</span><span class="cx"> Vector<DeferredSourceDump>& ensureDeferredSourceDump();
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeEvalCodeCacheh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/EvalCodeCache.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/EvalCodeCache.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/bytecode/EvalCodeCache.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -51,7 +51,7 @@
</span><span class="cx"> return 0;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- EvalExecutable* getSlow(ExecState* exec, ScriptExecutable* owner, bool inStrictContext, ThisTDZMode thisTDZMode, const String& evalSource, JSScope* scope)
</del><ins>+ EvalExecutable* getSlow(ExecState* exec, JSCell* owner, bool inStrictContext, ThisTDZMode thisTDZMode, const String& evalSource, JSScope* scope)
</ins><span class="cx"> {
</span><span class="cx"> VariableEnvironment variablesUnderTDZ;
</span><span class="cx"> JSScope::collectVariablesUnderTDZ(scope, variablesUnderTDZ);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeInlineCallFramecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/InlineCallFrame.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/InlineCallFrame.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/bytecode/InlineCallFrame.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -47,26 +47,19 @@
</span><span class="cx">
</span><span class="cx"> CodeBlockHash InlineCallFrame::hash() const
</span><span class="cx"> {
</span><del>- return jsCast<FunctionExecutable*>(executable.get())->codeBlockFor(
- specializationKind())->hash();
</del><ins>+ return baselineCodeBlock->hash();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> CString InlineCallFrame::hashAsStringIfPossible() const
</span><span class="cx"> {
</span><del>- return jsCast<FunctionExecutable*>(executable.get())->codeBlockFor(
- specializationKind())->hashAsStringIfPossible();
</del><ins>+ return baselineCodeBlock->hashAsStringIfPossible();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> CString InlineCallFrame::inferredName() const
</span><span class="cx"> {
</span><del>- return jsCast<FunctionExecutable*>(executable.get())->inferredName().utf8();
</del><ins>+ return jsCast<FunctionExecutable*>(baselineCodeBlock->ownerExecutable())->inferredName().utf8();
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-CodeBlock* InlineCallFrame::baselineCodeBlock() const
-{
- return jsCast<FunctionExecutable*>(executable.get())->baselineCodeBlockFor(specializationKind());
-}
-
</del><span class="cx"> void InlineCallFrame::dumpBriefFunctionInformation(PrintStream& out) const
</span><span class="cx"> {
</span><span class="cx"> out.print(inferredName(), "#", hashAsStringIfPossible());
</span><span class="lines">@@ -74,8 +67,8 @@
</span><span class="cx">
</span><span class="cx"> void InlineCallFrame::dumpInContext(PrintStream& out, DumpContext* context) const
</span><span class="cx"> {
</span><del>- out.print(briefFunctionInformation(), ":<", RawPointer(executable.get()));
- if (executable->isStrictMode())
</del><ins>+ out.print(briefFunctionInformation(), ":<", RawPointer(baselineCodeBlock.get()));
+ if (isStrictMode())
</ins><span class="cx"> out.print(" (StrictMode)");
</span><span class="cx"> out.print(", bc#", directCaller.bytecodeIndex, ", ", static_cast<Kind>(kind));
</span><span class="cx"> if (isClosureCall)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeInlineCallFrameh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/InlineCallFrame.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/InlineCallFrame.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/bytecode/InlineCallFrame.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -29,7 +29,6 @@
</span><span class="cx"> #include "CodeBlock.h"
</span><span class="cx"> #include "CodeBlockHash.h"
</span><span class="cx"> #include "CodeOrigin.h"
</span><del>-#include "Executable.h"
</del><span class="cx"> #include "ValueRecovery.h"
</span><span class="cx"> #include "WriteBarrier.h"
</span><span class="cx"> #include <wtf/BitVector.h>
</span><span class="lines">@@ -42,7 +41,6 @@
</span><span class="cx">
</span><span class="cx"> struct InlineCallFrame;
</span><span class="cx"> class ExecState;
</span><del>-class ScriptExecutable;
</del><span class="cx"> class JSFunction;
</span><span class="cx">
</span><span class="cx"> struct InlineCallFrame {
</span><span class="lines">@@ -174,7 +172,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> Vector<ValueRecovery> arguments; // Includes 'this'.
</span><del>- WriteBarrier<ScriptExecutable> executable;
</del><ins>+ WriteBarrier<CodeBlock> baselineCodeBlock;
</ins><span class="cx"> ValueRecovery calleeRecovery;
</span><span class="cx"> CodeOrigin directCaller;
</span><span class="cx">
</span><span class="lines">@@ -209,8 +207,6 @@
</span><span class="cx"> CodeBlockHash hash() const;
</span><span class="cx"> CString hashAsStringIfPossible() const;
</span><span class="cx">
</span><del>- CodeBlock* baselineCodeBlock() const;
-
</del><span class="cx"> void setStackOffset(signed offset)
</span><span class="cx"> {
</span><span class="cx"> stackOffset = offset;
</span><span class="lines">@@ -220,6 +216,8 @@
</span><span class="cx"> ptrdiff_t callerFrameOffset() const { return stackOffset * sizeof(Register) + CallFrame::callerFrameOffset(); }
</span><span class="cx"> ptrdiff_t returnPCOffset() const { return stackOffset * sizeof(Register) + CallFrame::returnPCOffset(); }
</span><span class="cx">
</span><ins>+ bool isStrictMode() const { return baselineCodeBlock->isStrictMode(); }
+
</ins><span class="cx"> void dumpBriefFunctionInformation(PrintStream&) const;
</span><span class="cx"> void dump(PrintStream&) const;
</span><span class="cx"> void dumpInContext(PrintStream&, DumpContext*) const;
</span><span class="lines">@@ -231,9 +229,7 @@
</span><span class="cx"> inline CodeBlock* baselineCodeBlockForInlineCallFrame(InlineCallFrame* inlineCallFrame)
</span><span class="cx"> {
</span><span class="cx"> RELEASE_ASSERT(inlineCallFrame);
</span><del>- ScriptExecutable* executable = inlineCallFrame->executable.get();
- RELEASE_ASSERT(executable->structure()->classInfo() == FunctionExecutable::info());
- return static_cast<FunctionExecutable*>(executable)->baselineCodeBlockFor(inlineCallFrame->specializationKind());
</del><ins>+ return inlineCallFrame->baselineCodeBlock.get();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> inline CodeBlock* baselineCodeBlockForOriginAndBaselineCodeBlock(const CodeOrigin& codeOrigin, CodeBlock* baselineCodeBlock)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodePolymorphicAccesscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -411,7 +411,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // We will emit code that has a weak reference that isn't otherwise listed anywhere.
</span><del>- state.weakReferences.append(WriteBarrier<JSCell>(vm, codeBlock->ownerExecutable(), structure));
</del><ins>+ state.weakReferences.append(WriteBarrier<JSCell>(vm, codeBlock, structure));
</ins><span class="cx">
</span><span class="cx"> jit.move(CCallHelpers::TrustedImmPtr(condition.object()), scratchGPR);
</span><span class="cx"> state.failAndRepatch.append(
</span><span class="lines">@@ -1170,7 +1170,7 @@
</span><span class="cx"> for (auto& entry : cases)
</span><span class="cx"> doesCalls |= entry->doesCalls();
</span><span class="cx">
</span><del>- m_stubRoutine = createJITStubRoutine(code, vm, codeBlock->ownerExecutable(), doesCalls);
</del><ins>+ m_stubRoutine = createJITStubRoutine(code, vm, codeBlock, doesCalls);
</ins><span class="cx"> m_watchpoints = WTF::move(state.watchpoints);
</span><span class="cx"> if (!state.weakReferences.isEmpty())
</span><span class="cx"> m_weakReferences = std::make_unique<Vector<WriteBarrier<JSCell>>>(WTF::move(state.weakReferences));
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeStructureStubInfocpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/StructureStubInfo.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/StructureStubInfo.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/bytecode/StructureStubInfo.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -62,7 +62,7 @@
</span><span class="cx"> Vector<std::unique_ptr<AccessCase>> accessCases;
</span><span class="cx">
</span><span class="cx"> std::unique_ptr<AccessCase> previousCase =
</span><del>- AccessCase::fromStructureStubInfo(vm, codeBlock->ownerExecutable(), *this);
</del><ins>+ AccessCase::fromStructureStubInfo(vm, codeBlock, *this);
</ins><span class="cx"> if (previousCase)
</span><span class="cx"> accessCases.append(WTF::move(previousCase));
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGByteCodeParsercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -4633,10 +4633,10 @@
</span><span class="cx"> ASSERT(callsiteBlockHead);
</span><span class="cx">
</span><span class="cx"> m_inlineCallFrame = byteCodeParser->m_graph.m_plan.inlineCallFrames->add();
</span><del>- byteCodeParser->m_graph.freeze(codeBlock->ownerExecutable());
</del><ins>+ byteCodeParser->m_graph.freeze(codeBlock->baselineVersion());
</ins><span class="cx"> // The owner is the machine code block, and we already have a barrier on that when the
</span><span class="cx"> // plan finishes.
</span><del>- m_inlineCallFrame->executable.setWithoutWriteBarrier(codeBlock->ownerScriptExecutable());
</del><ins>+ m_inlineCallFrame->baselineCodeBlock.setWithoutWriteBarrier(codeBlock->baselineVersion());
</ins><span class="cx"> m_inlineCallFrame->setStackOffset(inlineCallFrameStart.offset() - JSStack::CallFrameHeaderSize);
</span><span class="cx"> if (callee) {
</span><span class="cx"> m_inlineCallFrame->calleeRecovery = ValueRecovery::constant(callee);
</span><span class="lines">@@ -4828,7 +4828,7 @@
</span><span class="cx"> if (Options::verboseDFGByteCodeParsing())
</span><span class="cx"> dataLog("Parsing ", *m_codeBlock, "\n");
</span><span class="cx">
</span><del>- m_dfgCodeBlock = m_graph.m_plan.profiledDFGCodeBlock.get();
</del><ins>+ m_dfgCodeBlock = m_graph.m_plan.profiledDFGCodeBlock;
</ins><span class="cx"> if (isFTL(m_graph.m_plan.mode) && m_dfgCodeBlock
</span><span class="cx"> && Options::enablePolyvariantDevirtualization()) {
</span><span class="cx"> if (Options::enablePolyvariantCallInlining())
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGCommonDatacpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGCommonData.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGCommonData.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGCommonData.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -89,8 +89,8 @@
</span><span class="cx"> trackedReferences.check(recovery.constant());
</span><span class="cx"> }
</span><span class="cx">
</span><del>- if (ScriptExecutable* executable = inlineCallFrame->executable.get())
- trackedReferences.check(executable);
</del><ins>+ if (CodeBlock* baselineCodeBlock = inlineCallFrame->baselineCodeBlock.get())
+ trackedReferences.check(baselineCodeBlock);
</ins><span class="cx">
</span><span class="cx"> if (inlineCallFrame->calleeRecovery.isConstant())
</span><span class="cx"> trackedReferences.check(inlineCallFrame->calleeRecovery.constant());
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGDesiredTransitionscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGDesiredTransitions.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGDesiredTransitions.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGDesiredTransitions.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -34,7 +34,7 @@
</span><span class="cx">
</span><span class="cx"> namespace JSC { namespace DFG {
</span><span class="cx">
</span><del>-DesiredTransition::DesiredTransition(CodeBlock* codeBlock, ScriptExecutable* codeOriginOwner, Structure* oldStructure, Structure* newStructure)
</del><ins>+DesiredTransition::DesiredTransition(CodeBlock* codeBlock, CodeBlock* codeOriginOwner, Structure* oldStructure, Structure* newStructure)
</ins><span class="cx"> : m_codeBlock(codeBlock)
</span><span class="cx"> , m_codeOriginOwner(codeOriginOwner)
</span><span class="cx"> , m_oldStructure(oldStructure)
</span><span class="lines">@@ -46,7 +46,7 @@
</span><span class="cx"> {
</span><span class="cx"> common->transitions.append(
</span><span class="cx"> WeakReferenceTransition(
</span><del>- vm, m_codeBlock->ownerExecutable(),
</del><ins>+ vm, m_codeBlock,
</ins><span class="cx"> m_codeOriginOwner,
</span><span class="cx"> m_oldStructure, m_newStructure));
</span><span class="cx"> }
</span><span class="lines">@@ -66,7 +66,7 @@
</span><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void DesiredTransitions::addLazily(CodeBlock* codeBlock, ScriptExecutable* codeOriginOwner, Structure* oldStructure, Structure* newStructure)
</del><ins>+void DesiredTransitions::addLazily(CodeBlock* codeBlock, CodeBlock* codeOriginOwner, Structure* oldStructure, Structure* newStructure)
</ins><span class="cx"> {
</span><span class="cx"> m_transitions.append(DesiredTransition(codeBlock, codeOriginOwner, oldStructure, newStructure));
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGDesiredTransitionsh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGDesiredTransitions.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGDesiredTransitions.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGDesiredTransitions.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -44,7 +44,7 @@
</span><span class="cx">
</span><span class="cx"> class DesiredTransition {
</span><span class="cx"> public:
</span><del>- DesiredTransition(CodeBlock*, ScriptExecutable*, Structure*, Structure*);
</del><ins>+ DesiredTransition(CodeBlock*, CodeBlock* codeOriginOwner, Structure*, Structure*);
</ins><span class="cx">
</span><span class="cx"> void reallyAdd(VM&, CommonData*);
</span><span class="cx">
</span><span class="lines">@@ -52,7 +52,7 @@
</span><span class="cx">
</span><span class="cx"> private:
</span><span class="cx"> CodeBlock* m_codeBlock;
</span><del>- ScriptExecutable* m_codeOriginOwner;
</del><ins>+ CodeBlock* m_codeOriginOwner;
</ins><span class="cx"> Structure* m_oldStructure;
</span><span class="cx"> Structure* m_newStructure;
</span><span class="cx"> };
</span><span class="lines">@@ -62,7 +62,7 @@
</span><span class="cx"> DesiredTransitions();
</span><span class="cx"> ~DesiredTransitions();
</span><span class="cx">
</span><del>- void addLazily(CodeBlock*, ScriptExecutable*, Structure*, Structure*);
</del><ins>+ void addLazily(CodeBlock*, CodeBlock* codeOriginOwner, Structure*, Structure*);
</ins><span class="cx"> void reallyAdd(VM&, CommonData*);
</span><span class="cx"> void visitChildren(SlotVisitor&);
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGDesiredWeakReferencescpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGDesiredWeakReferences.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGDesiredWeakReferences.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGDesiredWeakReferences.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -70,10 +70,10 @@
</span><span class="cx"> for (JSCell* target : m_references) {
</span><span class="cx"> if (Structure* structure = jsDynamicCast<Structure*>(target)) {
</span><span class="cx"> common->weakStructureReferences.append(
</span><del>- WriteBarrier<Structure>(vm, m_codeBlock->ownerExecutable(), structure));
</del><ins>+ WriteBarrier<Structure>(vm, m_codeBlock, structure));
</ins><span class="cx"> } else {
</span><span class="cx"> common->weakReferences.append(
</span><del>- WriteBarrier<JSCell>(vm, m_codeBlock->ownerExecutable(), target));
</del><ins>+ WriteBarrier<JSCell>(vm, m_codeBlock, target));
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGDrivercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGDriver.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGDriver.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGDriver.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -121,7 +121,7 @@
</span><span class="cx"> vm, codeBlock, profiledDFGCodeBlock, mode, osrEntryBytecodeIndex, mustHandleValues,
</span><span class="cx"> callback);
</span><span class="cx"> if (result != CompilationDeferred)
</span><del>- callback->compilationDidComplete(codeBlock, result);
</del><ins>+ callback->compilationDidComplete(codeBlock, profiledDFGCodeBlock, result);
</ins><span class="cx"> return result;
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGGraphcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGGraph.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGGraph.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGGraph.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -61,7 +61,7 @@
</span><span class="cx"> Graph::Graph(VM& vm, Plan& plan, LongLivedState& longLivedState)
</span><span class="cx"> : m_vm(vm)
</span><span class="cx"> , m_plan(plan)
</span><del>- , m_codeBlock(m_plan.codeBlock.get())
</del><ins>+ , m_codeBlock(m_plan.codeBlock)
</ins><span class="cx"> , m_profiledBlock(m_codeBlock->alternative())
</span><span class="cx"> , m_allocator(longLivedState.m_allocator)
</span><span class="cx"> , m_nextMachineLocal(0)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGGraphh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGGraph.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGGraph.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGGraph.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -348,7 +348,7 @@
</span><span class="cx"> if (!inlineCallFrame)
</span><span class="cx"> return m_codeBlock->ownerScriptExecutable();
</span><span class="cx">
</span><del>- return inlineCallFrame->executable.get();
</del><ins>+ return inlineCallFrame->baselineCodeBlock->ownerScriptExecutable();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> ScriptExecutable* executableFor(const CodeOrigin& codeOrigin)
</span><span class="lines">@@ -372,7 +372,7 @@
</span><span class="cx"> {
</span><span class="cx"> if (!codeOrigin.inlineCallFrame)
</span><span class="cx"> return m_codeBlock->isStrictMode();
</span><del>- return jsCast<FunctionExecutable*>(codeOrigin.inlineCallFrame->executable.get())->isStrictMode();
</del><ins>+ return codeOrigin.inlineCallFrame->isStrictMode();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> ECMAMode ecmaModeFor(CodeOrigin codeOrigin)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGJITCodeh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGJITCode.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGJITCode.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGJITCode.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -28,6 +28,7 @@
</span><span class="cx">
</span><span class="cx"> #if ENABLE(DFG_JIT)
</span><span class="cx">
</span><ins>+#include "CodeBlock.h"
</ins><span class="cx"> #include "CompilationResult.h"
</span><span class="cx"> #include "DFGCommonData.h"
</span><span class="cx"> #include "DFGMinifiedGraph.h"
</span><span class="lines">@@ -114,6 +115,12 @@
</span><span class="cx"> void validateReferences(const TrackedReferences&) override;
</span><span class="cx">
</span><span class="cx"> void shrinkToFit();
</span><ins>+
+#if ENABLE(FTL_JIT)
+ CodeBlock* osrEntryBlock() { return m_osrEntryBlock.get(); }
+ void setOSREntryBlock(VM& vm, const JSCell* owner, CodeBlock* osrEntryBlock) { m_osrEntryBlock.set(vm, owner, osrEntryBlock); }
+ void clearOSREntryBlock() { m_osrEntryBlock.clear(); }
+#endif
</ins><span class="cx">
</span><span class="cx"> private:
</span><span class="cx"> friend class JITCompiler; // Allow JITCompiler to call setCodeRef().
</span><span class="lines">@@ -128,7 +135,7 @@
</span><span class="cx"> #if ENABLE(FTL_JIT)
</span><span class="cx"> uint8_t nestedTriggerIsSet { 0 };
</span><span class="cx"> UpperTierExecutionCounter tierUpCounter;
</span><del>- RefPtr<CodeBlock> osrEntryBlock;
</del><ins>+ WriteBarrier<CodeBlock> m_osrEntryBlock;
</ins><span class="cx"> unsigned osrEntryRetry;
</span><span class="cx"> bool abandonOSREntry;
</span><span class="cx"> #endif // ENABLE(FTL_JIT)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGJITFinalizercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGJITFinalizer.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGJITFinalizer.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGJITFinalizer.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -57,7 +57,7 @@
</span><span class="cx"> bool JITFinalizer::finalize()
</span><span class="cx"> {
</span><span class="cx"> m_jitCode->initializeCodeRef(
</span><del>- FINALIZE_DFG_CODE(*m_linkBuffer, ("DFG JIT code for %s", toCString(CodeBlockWithJITType(m_plan.codeBlock.get(), JITCode::DFGJIT)).data())),
</del><ins>+ FINALIZE_DFG_CODE(*m_linkBuffer, ("DFG JIT code for %s", toCString(CodeBlockWithJITType(m_plan.codeBlock, JITCode::DFGJIT)).data())),
</ins><span class="cx"> MacroAssemblerCodePtr());
</span><span class="cx">
</span><span class="cx"> m_plan.codeBlock->setJITCode(m_jitCode);
</span><span class="lines">@@ -71,7 +71,7 @@
</span><span class="cx"> {
</span><span class="cx"> RELEASE_ASSERT(!m_withArityCheck.isEmptyValue());
</span><span class="cx"> m_jitCode->initializeCodeRef(
</span><del>- FINALIZE_DFG_CODE(*m_linkBuffer, ("DFG JIT code for %s", toCString(CodeBlockWithJITType(m_plan.codeBlock.get(), JITCode::DFGJIT)).data())),
</del><ins>+ FINALIZE_DFG_CODE(*m_linkBuffer, ("DFG JIT code for %s", toCString(CodeBlockWithJITType(m_plan.codeBlock, JITCode::DFGJIT)).data())),
</ins><span class="cx"> m_withArityCheck);
</span><span class="cx"> m_plan.codeBlock->setJITCode(m_jitCode);
</span><span class="cx">
</span><span class="lines">@@ -83,7 +83,7 @@
</span><span class="cx"> void JITFinalizer::finalizeCommon()
</span><span class="cx"> {
</span><span class="cx"> #if ENABLE(FTL_JIT)
</span><del>- m_jitCode->optimizeAfterWarmUp(m_plan.codeBlock.get());
</del><ins>+ m_jitCode->optimizeAfterWarmUp(m_plan.codeBlock);
</ins><span class="cx"> #endif // ENABLE(FTL_JIT)
</span><span class="cx">
</span><span class="cx"> if (m_plan.compilation)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGOSRExitCompilerCommoncpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -69,7 +69,7 @@
</span><span class="cx"> jit.branchTest8(
</span><span class="cx"> AssemblyHelpers::NonZero,
</span><span class="cx"> AssemblyHelpers::AbsoluteAddress(
</span><del>- inlineCallFrame->executable->addressOfDidTryToEnterInLoop())));
</del><ins>+ inlineCallFrame->baselineCodeBlock->ownerScriptExecutable()->addressOfDidTryToEnterInLoop())));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> jit.move(
</span><span class="lines">@@ -268,13 +268,14 @@
</span><span class="cx">
</span><span class="cx"> void adjustAndJumpToTarget(CCallHelpers& jit, const OSRExitBase& exit, bool isExitingToOpCatch)
</span><span class="cx"> {
</span><del>- jit.move(AssemblyHelpers::TrustedImmPtr(jit.codeBlock()->ownerExecutable()), GPRInfo::argumentGPR1);
</del><ins>+ CodeBlock* baselineCodeBlock = jit.baselineCodeBlockFor(exit.m_codeOrigin);
+ jit.move(AssemblyHelpers::TrustedImmPtr(baselineCodeBlock), GPRInfo::argumentGPR1);
</ins><span class="cx"> osrWriteBarrier(jit, GPRInfo::argumentGPR1, GPRInfo::nonArgGPR0);
</span><span class="cx"> InlineCallFrameSet* inlineCallFrames = jit.codeBlock()->jitCode()->dfgCommon()->inlineCallFrames.get();
</span><span class="cx"> if (inlineCallFrames) {
</span><span class="cx"> for (InlineCallFrame* inlineCallFrame : *inlineCallFrames) {
</span><del>- ScriptExecutable* ownerExecutable = inlineCallFrame->executable.get();
- jit.move(AssemblyHelpers::TrustedImmPtr(ownerExecutable), GPRInfo::argumentGPR1);
</del><ins>+ CodeBlock* baselineCodeBlock = inlineCallFrame->baselineCodeBlock.get();
+ jit.move(AssemblyHelpers::TrustedImmPtr(baselineCodeBlock), GPRInfo::argumentGPR1);
</ins><span class="cx"> osrWriteBarrier(jit, GPRInfo::argumentGPR1, GPRInfo::nonArgGPR0);
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="lines">@@ -282,7 +283,6 @@
</span><span class="cx"> if (exit.m_codeOrigin.inlineCallFrame)
</span><span class="cx"> jit.addPtr(AssemblyHelpers::TrustedImm32(exit.m_codeOrigin.inlineCallFrame->stackOffset * sizeof(EncodedJSValue)), GPRInfo::callFrameRegister);
</span><span class="cx">
</span><del>- CodeBlock* baselineCodeBlock = jit.baselineCodeBlockFor(exit.m_codeOrigin);
</del><span class="cx"> Vector<BytecodeAndMachineOffset>& decodedCodeMap = jit.decodedCodeMapFor(baselineCodeBlock);
</span><span class="cx">
</span><span class="cx"> BytecodeAndMachineOffset* mapping = binarySearch<BytecodeAndMachineOffset, unsigned>(decodedCodeMap, decodedCodeMap.size(), exit.m_codeOrigin.bytecodeIndex, BytecodeAndMachineOffset::getBytecodeIndex);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGOSRExitPreparationcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGOSRExitPreparation.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGOSRExitPreparation.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGOSRExitPreparation.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -42,7 +42,7 @@
</span><span class="cx"> DeferGC deferGC(vm.heap);
</span><span class="cx">
</span><span class="cx"> for (; codeOrigin.inlineCallFrame; codeOrigin = codeOrigin.inlineCallFrame->directCaller) {
</span><del>- CodeBlock* codeBlock = codeOrigin.inlineCallFrame->baselineCodeBlock();
</del><ins>+ CodeBlock* codeBlock = codeOrigin.inlineCallFrame->baselineCodeBlock.get();
</ins><span class="cx"> if (codeBlock->jitType() == JSC::JITCode::BaselineJIT)
</span><span class="cx"> continue;
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGOperationscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGOperations.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGOperations.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGOperations.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -1307,7 +1307,7 @@
</span><span class="cx">
</span><span class="cx"> bool didTryToEnterIntoInlinedLoops = false;
</span><span class="cx"> for (InlineCallFrame* inlineCallFrame = exit->m_codeOrigin.inlineCallFrame; inlineCallFrame; inlineCallFrame = inlineCallFrame->directCaller.inlineCallFrame) {
</span><del>- if (inlineCallFrame->executable->didTryToEnterInLoop()) {
</del><ins>+ if (inlineCallFrame->baselineCodeBlock->ownerScriptExecutable()->didTryToEnterInLoop()) {
</ins><span class="cx"> didTryToEnterIntoInlinedLoops = true;
</span><span class="cx"> break;
</span><span class="cx"> }
</span><span class="lines">@@ -1377,8 +1377,8 @@
</span><span class="cx">
</span><span class="cx"> // We need to compile the code.
</span><span class="cx"> compile(
</span><del>- *vm, codeBlock->newReplacement().get(), codeBlock, FTLMode, UINT_MAX,
- Operands<JSValue>(), ToFTLDeferredCompilationCallback::create(codeBlock));
</del><ins>+ *vm, codeBlock->newReplacement(), codeBlock, FTLMode, UINT_MAX,
+ Operands<JSValue>(), ToFTLDeferredCompilationCallback::create());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> static void triggerTierUpNowCommon(ExecState* exec, bool inLoop)
</span><span class="lines">@@ -1463,7 +1463,7 @@
</span><span class="cx"> if (worklistState == Worklist::Compiling)
</span><span class="cx"> return 0;
</span><span class="cx">
</span><del>- if (CodeBlock* entryBlock = jitCode->osrEntryBlock.get()) {
</del><ins>+ if (CodeBlock* entryBlock = jitCode->osrEntryBlock()) {
</ins><span class="cx"> void* address = FTL::prepareOSREntry(
</span><span class="cx"> exec, codeBlock, entryBlock, bytecodeIndex, streamIndex);
</span><span class="cx"> if (address)
</span><span class="lines">@@ -1477,7 +1477,7 @@
</span><span class="cx">
</span><span class="cx"> // OSR entry failed. Oh no! This implies that we need to retry. We retry
</span><span class="cx"> // without exponential backoff and we only do this for the entry code block.
</span><del>- jitCode->osrEntryBlock = nullptr;
</del><ins>+ jitCode->clearOSREntryBlock();
</ins><span class="cx"> jitCode->osrEntryRetry = 0;
</span><span class="cx"> return 0;
</span><span class="cx"> }
</span><span class="lines">@@ -1494,21 +1494,19 @@
</span><span class="cx"> Operands<JSValue> mustHandleValues;
</span><span class="cx"> jitCode->reconstruct(
</span><span class="cx"> exec, codeBlock, CodeOrigin(bytecodeIndex), streamIndex, mustHandleValues);
</span><del>- RefPtr<CodeBlock> replacementCodeBlock = codeBlock->newReplacement();
</del><ins>+ CodeBlock* replacementCodeBlock = codeBlock->newReplacement();
</ins><span class="cx"> CompilationResult forEntryResult = compile(
</span><del>- *vm, replacementCodeBlock.get(), codeBlock, FTLForOSREntryMode, bytecodeIndex,
- mustHandleValues, ToFTLForOSREntryDeferredCompilationCallback::create(codeBlock));
</del><ins>+ *vm, replacementCodeBlock, codeBlock, FTLForOSREntryMode, bytecodeIndex,
+ mustHandleValues, ToFTLForOSREntryDeferredCompilationCallback::create());
</ins><span class="cx">
</span><del>- if (forEntryResult != CompilationSuccessful) {
- ASSERT(forEntryResult == CompilationDeferred || replacementCodeBlock->hasOneRef());
</del><ins>+ if (forEntryResult != CompilationSuccessful)
</ins><span class="cx"> return 0;
</span><del>- }
</del><span class="cx">
</span><span class="cx"> // It's possible that the for-entry compile already succeeded. In that case OSR
</span><span class="cx"> // entry will succeed unless we ran out of stack. It's not clear what we should do.
</span><span class="cx"> // We signal to try again after a while if that happens.
</span><span class="cx"> void* address = FTL::prepareOSREntry(
</span><del>- exec, codeBlock, jitCode->osrEntryBlock.get(), bytecodeIndex, streamIndex);
</del><ins>+ exec, codeBlock, jitCode->osrEntryBlock(), bytecodeIndex, streamIndex);
</ins><span class="cx"> return static_cast<char*>(address);
</span><span class="cx"> }
</span><span class="cx"> #endif // ENABLE(FTL_JIT)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGPlancpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGPlan.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGPlan.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGPlan.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -131,7 +131,7 @@
</span><span class="cx">
</span><span class="cx"> } // anonymous namespace
</span><span class="cx">
</span><del>-Plan::Plan(PassRefPtr<CodeBlock> passedCodeBlock, CodeBlock* profiledDFGCodeBlock,
</del><ins>+Plan::Plan(CodeBlock* passedCodeBlock, CodeBlock* profiledDFGCodeBlock,
</ins><span class="cx"> CompilationMode mode, unsigned osrEntryBytecodeIndex,
</span><span class="cx"> const Operands<JSValue>& mustHandleValues)
</span><span class="cx"> : vm(*passedCodeBlock->vm())
</span><span class="lines">@@ -140,10 +140,10 @@
</span><span class="cx"> , mode(mode)
</span><span class="cx"> , osrEntryBytecodeIndex(osrEntryBytecodeIndex)
</span><span class="cx"> , mustHandleValues(mustHandleValues)
</span><del>- , compilation(codeBlock->vm()->m_perBytecodeProfiler ? adoptRef(new Profiler::Compilation(codeBlock->vm()->m_perBytecodeProfiler->ensureBytecodesFor(codeBlock.get()), profilerCompilationKindForMode(mode))) : 0)
</del><ins>+ , compilation(codeBlock->vm()->m_perBytecodeProfiler ? adoptRef(new Profiler::Compilation(codeBlock->vm()->m_perBytecodeProfiler->ensureBytecodesFor(codeBlock), profilerCompilationKindForMode(mode))) : 0)
</ins><span class="cx"> , inlineCallFrames(adoptRef(new InlineCallFrameSet()))
</span><del>- , identifiers(codeBlock.get())
- , weakReferences(codeBlock.get())
</del><ins>+ , identifiers(codeBlock)
+ , weakReferences(codeBlock)
</ins><span class="cx"> , willTryToTierUp(false)
</span><span class="cx"> , stage(Preparing)
</span><span class="cx"> {
</span><span class="lines">@@ -535,7 +535,7 @@
</span><span class="cx">
</span><span class="cx"> void Plan::reallyAdd(CommonData* commonData)
</span><span class="cx"> {
</span><del>- watchpoints.reallyAdd(codeBlock.get(), *commonData);
</del><ins>+ watchpoints.reallyAdd(codeBlock, *commonData);
</ins><span class="cx"> identifiers.reallyAdd(vm, commonData);
</span><span class="cx"> weakReferences.reallyAdd(vm, commonData);
</span><span class="cx"> transitions.reallyAdd(vm, commonData);
</span><span class="lines">@@ -553,14 +553,14 @@
</span><span class="cx">
</span><span class="cx"> void Plan::notifyReady()
</span><span class="cx"> {
</span><del>- callback->compilationDidBecomeReadyAsynchronously(codeBlock.get());
</del><ins>+ callback->compilationDidBecomeReadyAsynchronously(codeBlock, profiledDFGCodeBlock);
</ins><span class="cx"> stage = Ready;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> CompilationResult Plan::finalizeWithoutNotifyingCallback()
</span><span class="cx"> {
</span><span class="cx"> // We will establish new references from the code block to things. So, we need a barrier.
</span><del>- vm.heap.writeBarrier(codeBlock->ownerExecutable());
</del><ins>+ vm.heap.writeBarrier(codeBlock);
</ins><span class="cx">
</span><span class="cx"> if (!isStillValid())
</span><span class="cx"> return CompilationInvalidated;
</span><span class="lines">@@ -596,7 +596,7 @@
</span><span class="cx">
</span><span class="cx"> void Plan::finalizeAndNotifyCallback()
</span><span class="cx"> {
</span><del>- callback->compilationDidComplete(codeBlock.get(), finalizeWithoutNotifyingCallback());
</del><ins>+ callback->compilationDidComplete(codeBlock, profiledDFGCodeBlock, finalizeWithoutNotifyingCallback());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> CompilationKey Plan::key()
</span><span class="lines">@@ -604,16 +604,15 @@
</span><span class="cx"> return CompilationKey(codeBlock->alternative(), mode);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void Plan::clearCodeBlockMarks()
</del><ins>+void Plan::rememberCodeBlocks()
</ins><span class="cx"> {
</span><span class="cx"> // Compilation writes lots of values to a CodeBlock without performing
</span><span class="cx"> // an explicit barrier. So, we need to be pessimistic and assume that
</span><span class="cx"> // all our CodeBlocks must be visited during GC.
</span><span class="cx">
</span><del>- codeBlock->clearMarks();
- codeBlock->alternative()->clearMarks();
</del><ins>+ Heap::heap(codeBlock)->writeBarrier(codeBlock);
</ins><span class="cx"> if (profiledDFGCodeBlock)
</span><del>- profiledDFGCodeBlock->clearMarks();
</del><ins>+ Heap::heap(profiledDFGCodeBlock)->writeBarrier(profiledDFGCodeBlock);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void Plan::checkLivenessAndVisitChildren(SlotVisitor& visitor)
</span><span class="lines">@@ -624,15 +623,13 @@
</span><span class="cx"> for (unsigned i = mustHandleValues.size(); i--;)
</span><span class="cx"> visitor.appendUnbarrieredValue(&mustHandleValues[i]);
</span><span class="cx">
</span><del>- codeBlock->visitStrongly(visitor);
- codeBlock->alternative()->visitStrongly(visitor);
- if (profiledDFGCodeBlock)
- profiledDFGCodeBlock->visitStrongly(visitor);
</del><ins>+ visitor.appendUnbarrieredReadOnlyPointer(codeBlock);
+ visitor.appendUnbarrieredReadOnlyPointer(profiledDFGCodeBlock);
</ins><span class="cx">
</span><span class="cx"> if (inlineCallFrames) {
</span><span class="cx"> for (auto* inlineCallFrame : *inlineCallFrames) {
</span><del>- ASSERT(inlineCallFrame->baselineCodeBlock());
- inlineCallFrame->baselineCodeBlock()->visitStrongly(visitor);
</del><ins>+ ASSERT(inlineCallFrame->baselineCodeBlock.get());
+ visitor.appendUnbarrieredReadOnlyPointer(inlineCallFrame->baselineCodeBlock.get());
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGPlanh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGPlan.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGPlan.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGPlan.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -55,7 +55,7 @@
</span><span class="cx">
</span><span class="cx"> struct Plan : public ThreadSafeRefCounted<Plan> {
</span><span class="cx"> Plan(
</span><del>- PassRefPtr<CodeBlock> codeBlockToCompile, CodeBlock* profiledDFGCodeBlock,
</del><ins>+ CodeBlock* codeBlockToCompile, CodeBlock* profiledDFGCodeBlock,
</ins><span class="cx"> CompilationMode, unsigned osrEntryBytecodeIndex,
</span><span class="cx"> const Operands<JSValue>& mustHandleValues);
</span><span class="cx"> ~Plan();
</span><span class="lines">@@ -71,14 +71,17 @@
</span><span class="cx">
</span><span class="cx"> CompilationKey key();
</span><span class="cx">
</span><del>- void clearCodeBlockMarks();
</del><ins>+ void rememberCodeBlocks();
</ins><span class="cx"> void checkLivenessAndVisitChildren(SlotVisitor&);
</span><span class="cx"> bool isKnownToBeLiveDuringGC();
</span><span class="cx"> void cancel();
</span><span class="cx">
</span><span class="cx"> VM& vm;
</span><del>- RefPtr<CodeBlock> codeBlock;
- RefPtr<CodeBlock> profiledDFGCodeBlock;
</del><ins>+
+ // These can be raw pointers because we visit them during every GC in checkLivenessAndVisitChildren.
+ CodeBlock* codeBlock;
+ CodeBlock* profiledDFGCodeBlock;
+
</ins><span class="cx"> CompilationMode mode;
</span><span class="cx"> const unsigned osrEntryBytecodeIndex;
</span><span class="cx"> Operands<JSValue> mustHandleValues;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGToFTLDeferredCompilationCallbackcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGToFTLDeferredCompilationCallback.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGToFTLDeferredCompilationCallback.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGToFTLDeferredCompilationCallback.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -35,46 +35,44 @@
</span><span class="cx">
</span><span class="cx"> namespace JSC { namespace DFG {
</span><span class="cx">
</span><del>-ToFTLDeferredCompilationCallback::ToFTLDeferredCompilationCallback(
- PassRefPtr<CodeBlock> dfgCodeBlock)
- : m_dfgCodeBlock(dfgCodeBlock)
</del><ins>+ToFTLDeferredCompilationCallback::ToFTLDeferredCompilationCallback()
</ins><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> ToFTLDeferredCompilationCallback::~ToFTLDeferredCompilationCallback() { }
</span><span class="cx">
</span><del>-Ref<ToFTLDeferredCompilationCallback> ToFTLDeferredCompilationCallback::create(PassRefPtr<CodeBlock> dfgCodeBlock)
</del><ins>+Ref<ToFTLDeferredCompilationCallback> ToFTLDeferredCompilationCallback::create()
</ins><span class="cx"> {
</span><del>- return adoptRef(*new ToFTLDeferredCompilationCallback(dfgCodeBlock));
</del><ins>+ return adoptRef(*new ToFTLDeferredCompilationCallback());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void ToFTLDeferredCompilationCallback::compilationDidBecomeReadyAsynchronously(
</span><del>- CodeBlock* codeBlock)
</del><ins>+ CodeBlock* codeBlock, CodeBlock* profiledDFGCodeBlock)
</ins><span class="cx"> {
</span><span class="cx"> if (Options::verboseOSR()) {
</span><span class="cx"> dataLog(
</span><del>- "Optimizing compilation of ", *codeBlock, " (for ", *m_dfgCodeBlock,
</del><ins>+ "Optimizing compilation of ", *codeBlock, " (for ", *profiledDFGCodeBlock,
</ins><span class="cx"> ") did become ready.\n");
</span><span class="cx"> }
</span><span class="cx">
</span><del>- m_dfgCodeBlock->jitCode()->dfg()->forceOptimizationSlowPathConcurrently(
- m_dfgCodeBlock.get());
</del><ins>+ profiledDFGCodeBlock->jitCode()->dfg()->forceOptimizationSlowPathConcurrently(
+ profiledDFGCodeBlock);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void ToFTLDeferredCompilationCallback::compilationDidComplete(
</span><del>- CodeBlock* codeBlock, CompilationResult result)
</del><ins>+ CodeBlock* codeBlock, CodeBlock* profiledDFGCodeBlock, CompilationResult result)
</ins><span class="cx"> {
</span><span class="cx"> if (Options::verboseOSR()) {
</span><span class="cx"> dataLog(
</span><del>- "Optimizing compilation of ", *codeBlock, " (for ", *m_dfgCodeBlock,
</del><ins>+ "Optimizing compilation of ", *codeBlock, " (for ", *profiledDFGCodeBlock,
</ins><span class="cx"> ") result: ", result, "\n");
</span><span class="cx"> }
</span><span class="cx">
</span><del>- if (m_dfgCodeBlock->replacement() != m_dfgCodeBlock) {
</del><ins>+ if (profiledDFGCodeBlock->replacement() != profiledDFGCodeBlock) {
</ins><span class="cx"> if (Options::verboseOSR()) {
</span><span class="cx"> dataLog(
</span><span class="cx"> "Dropping FTL code block ", *codeBlock, " on the floor because the "
</span><del>- "DFG code block ", *m_dfgCodeBlock, " was jettisoned.\n");
</del><ins>+ "DFG code block ", *profiledDFGCodeBlock, " was jettisoned.\n");
</ins><span class="cx"> }
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="lines">@@ -82,10 +80,10 @@
</span><span class="cx"> if (result == CompilationSuccessful)
</span><span class="cx"> codeBlock->ownerScriptExecutable()->installCode(codeBlock);
</span><span class="cx">
</span><del>- m_dfgCodeBlock->jitCode()->dfg()->setOptimizationThresholdBasedOnCompilationResult(
- m_dfgCodeBlock.get(), result);
</del><ins>+ profiledDFGCodeBlock->jitCode()->dfg()->setOptimizationThresholdBasedOnCompilationResult(
+ profiledDFGCodeBlock, result);
</ins><span class="cx">
</span><del>- DeferredCompilationCallback::compilationDidComplete(codeBlock, result);
</del><ins>+ DeferredCompilationCallback::compilationDidComplete(codeBlock, profiledDFGCodeBlock, result);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> } } // JSC::DFG
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGToFTLDeferredCompilationCallbackh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGToFTLDeferredCompilationCallback.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGToFTLDeferredCompilationCallback.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGToFTLDeferredCompilationCallback.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -40,18 +40,15 @@
</span><span class="cx">
</span><span class="cx"> class ToFTLDeferredCompilationCallback : public DeferredCompilationCallback {
</span><span class="cx"> protected:
</span><del>- ToFTLDeferredCompilationCallback(PassRefPtr<CodeBlock> dfgCodeBlock);
</del><ins>+ ToFTLDeferredCompilationCallback();
</ins><span class="cx">
</span><span class="cx"> public:
</span><span class="cx"> virtual ~ToFTLDeferredCompilationCallback();
</span><span class="cx">
</span><del>- static Ref<ToFTLDeferredCompilationCallback> create(PassRefPtr<CodeBlock> dfgCodeBlock);
</del><ins>+ static Ref<ToFTLDeferredCompilationCallback> create();
</ins><span class="cx">
</span><del>- virtual void compilationDidBecomeReadyAsynchronously(CodeBlock*);
- virtual void compilationDidComplete(CodeBlock*, CompilationResult);
-
-private:
- RefPtr<CodeBlock> m_dfgCodeBlock;
</del><ins>+ virtual void compilationDidBecomeReadyAsynchronously(CodeBlock*, CodeBlock* profiledDFGCodeBlock);
+ virtual void compilationDidComplete(CodeBlock*, CodeBlock* profiledDFGCodeBlock, CompilationResult);
</ins><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> } } // namespace JSC::DFG
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGToFTLForOSREntryDeferredCompilationCallbackcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGToFTLForOSREntryDeferredCompilationCallback.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGToFTLForOSREntryDeferredCompilationCallback.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGToFTLForOSREntryDeferredCompilationCallback.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -35,9 +35,7 @@
</span><span class="cx">
</span><span class="cx"> namespace JSC { namespace DFG {
</span><span class="cx">
</span><del>-ToFTLForOSREntryDeferredCompilationCallback::ToFTLForOSREntryDeferredCompilationCallback(
- PassRefPtr<CodeBlock> dfgCodeBlock)
- : m_dfgCodeBlock(dfgCodeBlock)
</del><ins>+ToFTLForOSREntryDeferredCompilationCallback::ToFTLForOSREntryDeferredCompilationCallback()
</ins><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -45,39 +43,38 @@
</span><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx">
</span><del>-Ref<ToFTLForOSREntryDeferredCompilationCallback>ToFTLForOSREntryDeferredCompilationCallback::create(
- PassRefPtr<CodeBlock> dfgCodeBlock)
</del><ins>+Ref<ToFTLForOSREntryDeferredCompilationCallback>ToFTLForOSREntryDeferredCompilationCallback::create()
</ins><span class="cx"> {
</span><del>- return adoptRef(*new ToFTLForOSREntryDeferredCompilationCallback(dfgCodeBlock));
</del><ins>+ return adoptRef(*new ToFTLForOSREntryDeferredCompilationCallback());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void ToFTLForOSREntryDeferredCompilationCallback::compilationDidBecomeReadyAsynchronously(
</span><del>- CodeBlock* codeBlock)
</del><ins>+ CodeBlock* codeBlock, CodeBlock* profiledDFGCodeBlock)
</ins><span class="cx"> {
</span><span class="cx"> if (Options::verboseOSR()) {
</span><span class="cx"> dataLog(
</span><del>- "Optimizing compilation of ", *codeBlock, " (for ", *m_dfgCodeBlock,
</del><ins>+ "Optimizing compilation of ", *codeBlock, " (for ", *profiledDFGCodeBlock,
</ins><span class="cx"> ") did become ready.\n");
</span><span class="cx"> }
</span><span class="cx">
</span><del>- m_dfgCodeBlock->jitCode()->dfg()->forceOptimizationSlowPathConcurrently(
- m_dfgCodeBlock.get());
</del><ins>+ profiledDFGCodeBlock->jitCode()->dfg()->forceOptimizationSlowPathConcurrently(
+ profiledDFGCodeBlock);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void ToFTLForOSREntryDeferredCompilationCallback::compilationDidComplete(
</span><del>- CodeBlock* codeBlock, CompilationResult result)
</del><ins>+ CodeBlock* codeBlock, CodeBlock* profiledDFGCodeBlock, CompilationResult result)
</ins><span class="cx"> {
</span><span class="cx"> if (Options::verboseOSR()) {
</span><span class="cx"> dataLog(
</span><del>- "Optimizing compilation of ", *codeBlock, " (for ", *m_dfgCodeBlock,
</del><ins>+ "Optimizing compilation of ", *codeBlock, " (for ", *profiledDFGCodeBlock,
</ins><span class="cx"> ") result: ", result, "\n");
</span><span class="cx"> }
</span><span class="cx">
</span><del>- JITCode* jitCode = m_dfgCodeBlock->jitCode()->dfg();
</del><ins>+ JITCode* jitCode = profiledDFGCodeBlock->jitCode()->dfg();
</ins><span class="cx">
</span><span class="cx"> switch (result) {
</span><span class="cx"> case CompilationSuccessful:
</span><del>- jitCode->osrEntryBlock = codeBlock;
</del><ins>+ jitCode->setOSREntryBlock(*codeBlock->vm(), profiledDFGCodeBlock, codeBlock);
</ins><span class="cx"> break;
</span><span class="cx"> case CompilationFailed:
</span><span class="cx"> jitCode->osrEntryRetry = 0;
</span><span class="lines">@@ -90,7 +87,7 @@
</span><span class="cx"> break;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- DeferredCompilationCallback::compilationDidComplete(codeBlock, result);
</del><ins>+ DeferredCompilationCallback::compilationDidComplete(codeBlock, profiledDFGCodeBlock, result);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> } } // JSC::DFG
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGToFTLForOSREntryDeferredCompilationCallbackh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGToFTLForOSREntryDeferredCompilationCallback.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGToFTLForOSREntryDeferredCompilationCallback.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGToFTLForOSREntryDeferredCompilationCallback.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -40,18 +40,15 @@
</span><span class="cx">
</span><span class="cx"> class ToFTLForOSREntryDeferredCompilationCallback : public DeferredCompilationCallback {
</span><span class="cx"> protected:
</span><del>- ToFTLForOSREntryDeferredCompilationCallback(PassRefPtr<CodeBlock> dfgCodeBlock);
</del><ins>+ ToFTLForOSREntryDeferredCompilationCallback();
</ins><span class="cx">
</span><span class="cx"> public:
</span><span class="cx"> virtual ~ToFTLForOSREntryDeferredCompilationCallback();
</span><span class="cx">
</span><del>- static Ref<ToFTLForOSREntryDeferredCompilationCallback> create(PassRefPtr<CodeBlock> dfgCodeBlock);
</del><ins>+ static Ref<ToFTLForOSREntryDeferredCompilationCallback> create();
</ins><span class="cx">
</span><del>- virtual void compilationDidBecomeReadyAsynchronously(CodeBlock*);
- virtual void compilationDidComplete(CodeBlock*, CompilationResult);
-
-private:
- RefPtr<CodeBlock> m_dfgCodeBlock;
</del><ins>+ virtual void compilationDidBecomeReadyAsynchronously(CodeBlock*, CodeBlock* profiledDFGCodeBlock);
+ virtual void compilationDidComplete(CodeBlock*, CodeBlock* profiledDFGCodeBlock, CompilationResult);
</ins><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> } } // namespace JSC::DFG
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGWorklistcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGWorklist.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGWorklist.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGWorklist.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -207,14 +207,14 @@
</span><span class="cx"> completeAllReadyPlansForVM(vm);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void Worklist::clearCodeBlockMarks(VM& vm)
</del><ins>+void Worklist::rememberCodeBlocks(VM& vm)
</ins><span class="cx"> {
</span><span class="cx"> LockHolder locker(m_lock);
</span><span class="cx"> for (PlanMap::iterator iter = m_plans.begin(); iter != m_plans.end(); ++iter) {
</span><span class="cx"> Plan* plan = iter->value.get();
</span><span class="cx"> if (&plan->vm != &vm)
</span><span class="cx"> continue;
</span><del>- plan->clearCodeBlockMarks();
</del><ins>+ plan->rememberCodeBlocks();
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -467,11 +467,11 @@
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void clearCodeBlockMarks(VM& vm)
</del><ins>+void rememberCodeBlocks(VM& vm)
</ins><span class="cx"> {
</span><span class="cx"> for (unsigned i = DFG::numberOfWorklists(); i--;) {
</span><span class="cx"> if (DFG::Worklist* worklist = DFG::worklistForIndexOrNull(i))
</span><del>- worklist->clearCodeBlockMarks(vm);
</del><ins>+ worklist->rememberCodeBlocks(vm);
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGWorklisth"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGWorklist.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGWorklist.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/dfg/DFGWorklist.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -57,7 +57,7 @@
</span><span class="cx"> // worklist->completeAllReadyPlansForVM(vm);
</span><span class="cx"> void completeAllPlansForVM(VM&);
</span><span class="cx">
</span><del>- void clearCodeBlockMarks(VM&);
</del><ins>+ void rememberCodeBlocks(VM&);
</ins><span class="cx">
</span><span class="cx"> void waitUntilAllPlansForVMAreReady(VM&);
</span><span class="cx"> State completeAllReadyPlansForVM(VM&, CompilationKey = CompilationKey());
</span><span class="lines">@@ -141,7 +141,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void completeAllPlansForVM(VM&);
</span><del>-void clearCodeBlockMarks(VM&);
</del><ins>+void rememberCodeBlocks(VM&);
</ins><span class="cx">
</span><span class="cx"> } } // namespace JSC::DFG
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLJITFinalizercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLJITFinalizer.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLJITFinalizer.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/ftl/FTLJITFinalizer.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -99,7 +99,7 @@
</span><span class="cx"> jitCode->initializeExitThunks(
</span><span class="cx"> FINALIZE_DFG_CODE(
</span><span class="cx"> *exitThunksLinkBuffer,
</span><del>- ("FTL exit thunks for %s", toCString(CodeBlockWithJITType(m_plan.codeBlock.get(), JITCode::FTLJIT)).data())));
</del><ins>+ ("FTL exit thunks for %s", toCString(CodeBlockWithJITType(m_plan.codeBlock, JITCode::FTLJIT)).data())));
</ins><span class="cx"> } // else this function had no OSR exits, so no exit thunks.
</span><span class="cx">
</span><span class="cx"> if (sideCodeLinkBuffer) {
</span><span class="lines">@@ -116,7 +116,7 @@
</span><span class="cx"> jitCode->addHandle(FINALIZE_DFG_CODE(
</span><span class="cx"> *sideCodeLinkBuffer,
</span><span class="cx"> ("FTL side code for %s",
</span><del>- toCString(CodeBlockWithJITType(m_plan.codeBlock.get(), JITCode::FTLJIT)).data()))
</del><ins>+ toCString(CodeBlockWithJITType(m_plan.codeBlock, JITCode::FTLJIT)).data()))
</ins><span class="cx"> .executableMemory());
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -124,7 +124,7 @@
</span><span class="cx"> jitCode->addHandle(FINALIZE_DFG_CODE(
</span><span class="cx"> *handleExceptionsLinkBuffer,
</span><span class="cx"> ("FTL exception handler for %s",
</span><del>- toCString(CodeBlockWithJITType(m_plan.codeBlock.get(), JITCode::FTLJIT)).data()))
</del><ins>+ toCString(CodeBlockWithJITType(m_plan.codeBlock, JITCode::FTLJIT)).data()))
</ins><span class="cx"> .executableMemory());
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -137,7 +137,7 @@
</span><span class="cx"> jitCode->initializeArityCheckEntrypoint(
</span><span class="cx"> FINALIZE_DFG_CODE(
</span><span class="cx"> *entrypointLinkBuffer,
</span><del>- ("FTL entrypoint thunk for %s with LLVM generated code at %p", toCString(CodeBlockWithJITType(m_plan.codeBlock.get(), JITCode::FTLJIT)).data(), function)));
</del><ins>+ ("FTL entrypoint thunk for %s with LLVM generated code at %p", toCString(CodeBlockWithJITType(m_plan.codeBlock, JITCode::FTLJIT)).data(), function)));
</ins><span class="cx">
</span><span class="cx"> m_plan.codeBlock->setJITCode(jitCode);
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreheapCodeBlockSetcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/heap/CodeBlockSet.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/heap/CodeBlockSet.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/heap/CodeBlockSet.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -41,17 +41,11 @@
</span><span class="cx">
</span><span class="cx"> CodeBlockSet::~CodeBlockSet()
</span><span class="cx"> {
</span><del>- for (CodeBlock* codeBlock : m_oldCodeBlocks)
- codeBlock->deref();
-
- for (CodeBlock* codeBlock : m_newCodeBlocks)
- codeBlock->deref();
</del><span class="cx"> }
</span><span class="cx">
</span><del>-void CodeBlockSet::add(PassRefPtr<CodeBlock> codeBlock)
</del><ins>+void CodeBlockSet::add(CodeBlock* codeBlock)
</ins><span class="cx"> {
</span><del>- CodeBlock* block = codeBlock.leakRef();
- bool isNewEntry = m_newCodeBlocks.add(block).isNewEntry;
</del><ins>+ bool isNewEntry = m_newCodeBlocks.add(codeBlock).isNewEntry;
</ins><span class="cx"> ASSERT_UNUSED(isNewEntry, isNewEntry);
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -64,52 +58,26 @@
</span><span class="cx"> void CodeBlockSet::clearMarksForFullCollection()
</span><span class="cx"> {
</span><span class="cx"> for (CodeBlock* codeBlock : m_oldCodeBlocks)
</span><del>- codeBlock->clearMarks();
</del><ins>+ codeBlock->clearVisitWeaklyHasBeenCalled();
</ins><span class="cx">
</span><span class="cx"> // We promote after we clear marks on the old generation CodeBlocks because
</span><span class="cx"> // none of the young generations CodeBlocks need to be cleared.
</span><span class="cx"> promoteYoungCodeBlocks();
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void CodeBlockSet::clearMarksForEdenCollection(const Vector<const JSCell*>& rememberedSet)
</del><ins>+void CodeBlockSet::deleteUnmarkedAndUnreferenced(HeapOperation collectionType)
</ins><span class="cx"> {
</span><del>- // This ensures that we will revisit CodeBlocks in remembered Executables even if they were previously marked.
- for (const JSCell* cell : rememberedSet) {
- ScriptExecutable* executable = const_cast<ScriptExecutable*>(jsDynamicCast<const ScriptExecutable*>(cell));
- if (!executable)
</del><ins>+ HashSet<CodeBlock*>& set = collectionType == EdenCollection ? m_newCodeBlocks : m_oldCodeBlocks;
+ Vector<CodeBlock*> unmarked;
+ for (CodeBlock* codeBlock : set) {
+ if (Heap::isMarked(codeBlock))
</ins><span class="cx"> continue;
</span><del>- executable->forEachCodeBlock([this](CodeBlock* codeBlock) {
- codeBlock->clearMarks();
- m_remembered.add(codeBlock);
- });
</del><ins>+ unmarked.append(codeBlock);
</ins><span class="cx"> }
</span><del>-}
</del><span class="cx">
</span><del>-void CodeBlockSet::deleteUnmarkedAndUnreferenced(HeapOperation collectionType)
-{
- HashSet<CodeBlock*>& set = collectionType == EdenCollection ? m_newCodeBlocks : m_oldCodeBlocks;
-
- // This needs to be a fixpoint because code blocks that are unmarked may
- // refer to each other. For example, a DFG code block that is owned by
- // the GC may refer to an FTL for-entry code block that is also owned by
- // the GC.
- Vector<CodeBlock*, 16> toRemove;
- if (verbose)
- dataLog("Fixpointing over unmarked, set size = ", set.size(), "...\n");
- for (;;) {
- for (CodeBlock* codeBlock : set) {
- if (!codeBlock->hasOneRef())
- continue;
- codeBlock->deref();
- toRemove.append(codeBlock);
- }
- if (verbose)
- dataLog(" Removing ", toRemove.size(), " blocks.\n");
- if (toRemove.isEmpty())
- break;
- for (CodeBlock* codeBlock : toRemove)
- set.remove(codeBlock);
- toRemove.resize(0);
</del><ins>+ for (CodeBlock* codeBlock : unmarked) {
+ codeBlock->classInfo()->methodTable.destroy(codeBlock);
+ set.remove(codeBlock);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // Any remaining young CodeBlocks are live and need to be promoted to the set of old CodeBlocks.
</span><span class="lines">@@ -119,7 +87,6 @@
</span><span class="cx">
</span><span class="cx"> void CodeBlockSet::remove(CodeBlock* codeBlock)
</span><span class="cx"> {
</span><del>- codeBlock->deref();
</del><span class="cx"> if (m_oldCodeBlocks.contains(codeBlock)) {
</span><span class="cx"> m_oldCodeBlocks.remove(codeBlock);
</span><span class="cx"> return;
</span><span class="lines">@@ -128,35 +95,13 @@
</span><span class="cx"> m_newCodeBlocks.remove(codeBlock);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void CodeBlockSet::traceMarked(SlotVisitor& visitor)
-{
- if (verbose)
- dataLog("Tracing ", m_currentlyExecuting.size(), " code blocks.\n");
-
- // We strongly visit the currently executing set because jettisoning code
- // is not valuable once it's on the stack. We're past the point where
- // jettisoning would avoid the cost of OSR exit.
- for (const RefPtr<CodeBlock>& codeBlock : m_currentlyExecuting)
- codeBlock->visitStrongly(visitor);
-
- // We strongly visit the remembered set because jettisoning old code during
- // Eden GC is unsound. There might be an old object with a strong reference
- // to the code.
- for (const RefPtr<CodeBlock>& codeBlock : m_remembered)
- codeBlock->visitStrongly(visitor);
-}
-
</del><span class="cx"> void CodeBlockSet::rememberCurrentlyExecutingCodeBlocks(Heap* heap)
</span><span class="cx"> {
</span><span class="cx"> if (verbose)
</span><span class="cx"> dataLog("Remembering ", m_currentlyExecuting.size(), " code blocks.\n");
</span><del>- for (const RefPtr<CodeBlock>& codeBlock : m_currentlyExecuting)
- heap->addToRememberedSet(codeBlock->ownerExecutable());
-
- // It's safe to clear these RefPtr sets because we won't delete the CodeBlocks
- // in them until the next GC, and we'll recompute them at that time.
</del><ins>+ for (CodeBlock* codeBlock : m_currentlyExecuting)
+ heap->addToRememberedSet(codeBlock);
</ins><span class="cx"> m_currentlyExecuting.clear();
</span><del>- m_remembered.clear();
</del><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void CodeBlockSet::dump(PrintStream& out) const
</span><span class="lines">@@ -171,8 +116,8 @@
</span><span class="cx"> out.print(comma, pointerDump(codeBlock));
</span><span class="cx"> out.print("], currentlyExecuting = [");
</span><span class="cx"> comma = CommaPrinter();
</span><del>- for (const RefPtr<CodeBlock>& codeBlock : m_currentlyExecuting)
- out.print(comma, pointerDump(codeBlock.get()));
</del><ins>+ for (CodeBlock* codeBlock : m_currentlyExecuting)
+ out.print(comma, pointerDump(codeBlock));
</ins><span class="cx"> out.print("]}");
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreheapCodeBlockSeth"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/heap/CodeBlockSet.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/heap/CodeBlockSet.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/heap/CodeBlockSet.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -53,11 +53,8 @@
</span><span class="cx"> ~CodeBlockSet();
</span><span class="cx">
</span><span class="cx"> // Add a CodeBlock. This is only called by CodeBlock constructors.
</span><del>- void add(PassRefPtr<CodeBlock>);
</del><ins>+ void add(CodeBlock*);
</ins><span class="cx">
</span><del>- // Clear mark bits for certain CodeBlocks depending on the type of collection.
- void clearMarksForEdenCollection(const Vector<const JSCell*>&);
-
</del><span class="cx"> // Clear all mark bits for all CodeBlocks.
</span><span class="cx"> void clearMarksForFullCollection();
</span><span class="cx">
</span><span class="lines">@@ -72,10 +69,6 @@
</span><span class="cx">
</span><span class="cx"> void remove(CodeBlock*);
</span><span class="cx">
</span><del>- // Trace all marked code blocks. The CodeBlock is free to make use of
- // mayBeExecuting.
- void traceMarked(SlotVisitor&);
-
</del><span class="cx"> // Add all currently executing CodeBlocks to the remembered set to be
</span><span class="cx"> // re-scanned during the next collection.
</span><span class="cx"> void rememberCurrentlyExecutingCodeBlocks(Heap*);
</span><span class="lines">@@ -104,13 +97,9 @@
</span><span class="cx"> void clearMarksForCodeBlocksInRememberedExecutables(const Vector<const JSCell*>&);
</span><span class="cx"> void promoteYoungCodeBlocks();
</span><span class="cx">
</span><del>- // This is not a set of RefPtr<CodeBlock> because we need to be able to find
- // arbitrary bogus pointers. I could have written a thingy that had peek types
- // and all, but that seemed like overkill.
</del><span class="cx"> HashSet<CodeBlock*> m_oldCodeBlocks;
</span><span class="cx"> HashSet<CodeBlock*> m_newCodeBlocks;
</span><del>- HashSet<RefPtr<CodeBlock>> m_currentlyExecuting;
- HashSet<RefPtr<CodeBlock>> m_remembered;
</del><ins>+ HashSet<CodeBlock*> m_currentlyExecuting;
</ins><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> } // namespace JSC
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreheapHeapcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/heap/Heap.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/heap/Heap.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/heap/Heap.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -519,17 +519,6 @@
</span><span class="cx"> GCPHASE(MarkRoots);
</span><span class="cx"> ASSERT(isValidThreadState(m_vm));
</span><span class="cx">
</span><del>- Vector<const JSCell*> rememberedSet(m_slotVisitor.markStack().size());
- m_slotVisitor.markStack().fillVector(rememberedSet);
-
-#if ENABLE(DFG_JIT)
- DFG::clearCodeBlockMarks(*m_vm);
-#endif
- if (m_operationInProgress == EdenCollection)
- m_codeBlocks.clearMarksForEdenCollection(rememberedSet);
- else
- m_codeBlocks.clearMarksForFullCollection();
-
</del><span class="cx"> // We gather conservative roots before clearing mark bits because conservative
</span><span class="cx"> // gathering uses the mark bits to determine whether a reference is valid.
</span><span class="cx"> ConservativeRoots conservativeRoots(&m_objectSpace.blocks(), &m_storageSpace);
</span><span class="lines">@@ -537,11 +526,21 @@
</span><span class="cx"> gatherJSStackRoots(conservativeRoots);
</span><span class="cx"> gatherScratchBufferRoots(conservativeRoots);
</span><span class="cx">
</span><del>- clearLivenessData();
</del><ins>+#if ENABLE(DFG_JIT)
+ DFG::rememberCodeBlocks(*m_vm);
+#endif
</ins><span class="cx">
</span><del>- if (m_operationInProgress == FullCollection)
</del><ins>+ if (m_operationInProgress == FullCollection) {
</ins><span class="cx"> m_opaqueRoots.clear();
</span><ins>+ m_slotVisitor.clearMarkStack();
+ }
</ins><span class="cx">
</span><ins>+ Vector<const JSCell*> rememberedSet(m_slotVisitor.markStack().size());
+ m_slotVisitor.markStack().fillVector(rememberedSet);
+
+ clearLivenessData();
+
+
</ins><span class="cx"> m_shouldHashCons = m_vm->haveEnoughNewStringsToHashCons();
</span><span class="cx">
</span><span class="cx"> m_parallelMarkersShouldExit = false;
</span><span class="lines">@@ -581,6 +580,7 @@
</span><span class="cx"> {
</span><span class="cx"> ParallelModeEnabler enabler(m_slotVisitor);
</span><span class="cx">
</span><ins>+ m_slotVisitor.donateAndDrain();
</ins><span class="cx"> visitExternalRememberedSet();
</span><span class="cx"> visitSmallStrings();
</span><span class="cx"> visitConservativeRoots(conservativeRoots);
</span><span class="lines">@@ -696,6 +696,9 @@
</span><span class="cx"> void Heap::clearLivenessData()
</span><span class="cx"> {
</span><span class="cx"> GCPHASE(ClearLivenessData);
</span><ins>+ if (m_operationInProgress == FullCollection)
+ m_codeBlocks.clearMarksForFullCollection();
+
</ins><span class="cx"> m_objectSpace.clearNewlyAllocated();
</span><span class="cx"> m_objectSpace.clearMarks();
</span><span class="cx"> }
</span><span class="lines">@@ -817,7 +820,6 @@
</span><span class="cx"> void Heap::traceCodeBlocksAndJITStubRoutines()
</span><span class="cx"> {
</span><span class="cx"> GCPHASE(TraceCodeBlocksAndJITStubRoutines);
</span><del>- m_codeBlocks.traceMarked(m_slotVisitor);
</del><span class="cx"> m_jitStubRoutines.traceMarkedStubRoutines(m_slotVisitor);
</span><span class="cx">
</span><span class="cx"> if (Options::logGC() == GCLogging::Verbose)
</span><span class="lines">@@ -962,18 +964,12 @@
</span><span class="cx"> // If JavaScript is running, it's not safe to delete all JavaScript code, since
</span><span class="cx"> // we'll end up returning to deleted code.
</span><span class="cx"> RELEASE_ASSERT(!m_vm->entryScope);
</span><ins>+ ASSERT(m_operationInProgress == NoOperation);
</ins><span class="cx">
</span><span class="cx"> completeAllDFGPlans();
</span><span class="cx">
</span><del>- for (ExecutableBase* current : m_executables) {
- if (!current->isFunctionExecutable())
- continue;
- static_cast<FunctionExecutable*>(current)->clearCode();
- }
-
- ASSERT(m_operationInProgress == FullCollection || m_operationInProgress == NoOperation);
- m_codeBlocks.clearMarksForFullCollection();
- m_codeBlocks.deleteUnmarkedAndUnreferenced(FullCollection);
</del><ins>+ for (ExecutableBase* executable : m_executables)
+ executable->clearCode();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void Heap::deleteAllUnlinkedCodeBlocks()
</span><span class="lines">@@ -993,9 +989,9 @@
</span><span class="cx"> if (isMarked(current))
</span><span class="cx"> continue;
</span><span class="cx">
</span><del>- // We do this because executable memory is limited on some platforms and because
- // CodeBlock requires eager finalization.
- ExecutableBase::clearCodeVirtual(current);
</del><ins>+ // Eagerly dereference the Executable's JITCode in order to run watchpoint
+ // destructors. Otherwise, watchpoints might fire for deleted CodeBlocks.
+ current->clearCode();
</ins><span class="cx"> std::swap(m_executables[i], m_executables.last());
</span><span class="cx"> m_executables.removeLast();
</span><span class="cx"> }
</span><span class="lines">@@ -1149,7 +1145,6 @@
</span><span class="cx"> GCPHASE(StartingCollection);
</span><span class="cx"> if (shouldDoFullCollection(collectionType)) {
</span><span class="cx"> m_operationInProgress = FullCollection;
</span><del>- m_slotVisitor.clearMarkStack();
</del><span class="cx"> m_shouldDoFullCollection = false;
</span><span class="cx"> if (Options::logGC())
</span><span class="cx"> dataLog("FullCollection, ");
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreinterpreterInterpretercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -173,7 +173,7 @@
</span><span class="cx"> ASSERT(!callFrame->vm().exception());
</span><span class="cx">
</span><span class="cx"> ThisTDZMode thisTDZMode = callerCodeBlock->unlinkedCodeBlock()->constructorKind() == ConstructorKind::Derived ? ThisTDZMode::AlwaysCheck : ThisTDZMode::CheckIfNeeded;
</span><del>- eval = callerCodeBlock->evalCodeCache().getSlow(callFrame, callerCodeBlock->ownerScriptExecutable(), callerCodeBlock->isStrictMode(), thisTDZMode, programSource, callerScopeChain);
</del><ins>+ eval = callerCodeBlock->evalCodeCache().getSlow(callFrame, callerCodeBlock, callerCodeBlock->isStrictMode(), thisTDZMode, programSource, callerScopeChain);
</ins><span class="cx"> if (!eval)
</span><span class="cx"> return jsUndefined();
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreinterpreterStackVisitorcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/interpreter/StackVisitor.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/interpreter/StackVisitor.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/interpreter/StackVisitor.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -170,7 +170,7 @@
</span><span class="cx"> m_frame.m_argumentCountIncludingThis = callFrame->r(inlineCallFrame->argumentCountRegister.offset()).unboxedInt32();
</span><span class="cx"> else
</span><span class="cx"> m_frame.m_argumentCountIncludingThis = inlineCallFrame->arguments.size();
</span><del>- m_frame.m_codeBlock = inlineCallFrame->baselineCodeBlock();
</del><ins>+ m_frame.m_codeBlock = inlineCallFrame->baselineCodeBlock.get();
</ins><span class="cx"> m_frame.m_bytecodeOffset = codeOrigin->bytecodeIndex;
</span><span class="cx">
</span><span class="cx"> JSFunction* callee = inlineCallFrame->calleeForCallFrame(callFrame);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitAssemblyHelperscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/AssemblyHelpers.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/AssemblyHelpers.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/jit/AssemblyHelpers.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -38,7 +38,7 @@
</span><span class="cx"> if (!codeOrigin.inlineCallFrame)
</span><span class="cx"> return m_codeBlock->ownerExecutable();
</span><span class="cx">
</span><del>- return codeOrigin.inlineCallFrame->executable.get();
</del><ins>+ return codeOrigin.inlineCallFrame->baselineCodeBlock->ownerExecutable();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> Vector<BytecodeAndMachineOffset>& AssemblyHelpers::decodedCodeMapFor(CodeBlock* codeBlock)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitAssemblyHelpersh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/AssemblyHelpers.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/AssemblyHelpers.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/jit/AssemblyHelpers.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -1074,7 +1074,7 @@
</span><span class="cx"> {
</span><span class="cx"> if (!codeOrigin.inlineCallFrame)
</span><span class="cx"> return codeBlock()->isStrictMode();
</span><del>- return jsCast<FunctionExecutable*>(codeOrigin.inlineCallFrame->executable.get())->isStrictMode();
</del><ins>+ return codeOrigin.inlineCallFrame->isStrictMode();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> ECMAMode ecmaModeFor(CodeOrigin codeOrigin)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitGCAwareJITStubRoutineh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/GCAwareJITStubRoutine.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/GCAwareJITStubRoutine.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/jit/GCAwareJITStubRoutine.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -115,7 +115,7 @@
</span><span class="cx"> // Helper for the creation of simple stub routines that need no help from the GC. Note
</span><span class="cx"> // that codeBlock gets "executed" more than once.
</span><span class="cx"> #define FINALIZE_CODE_FOR_GC_AWARE_STUB(codeBlock, patchBuffer, makesCalls, cell, dataLogFArguments) \
</span><del>- (createJITStubRoutine(FINALIZE_CODE_FOR((codeBlock), (patchBuffer), dataLogFArguments), *(codeBlock)->vm(), (codeBlock)->ownerExecutable(), (makesCalls), (cell)))
</del><ins>+ (createJITStubRoutine(FINALIZE_CODE_FOR((codeBlock), (patchBuffer), dataLogFArguments), *(codeBlock)->vm(), (codeBlock), (makesCalls), (cell)))
</ins><span class="cx">
</span><span class="cx"> } // namespace JSC
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITCodeh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITCode.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITCode.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/jit/JITCode.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -121,28 +121,6 @@
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><del>- static std::chrono::milliseconds timeToLive(JITType jitType)
- {
- switch (jitType) {
- case InterpreterThunk:
- return std::chrono::duration_cast<std::chrono::milliseconds>(
- std::chrono::seconds(5));
- case BaselineJIT:
- // Effectively 10 additional seconds, since BaselineJIT and
- // InterpreterThunk share a CodeBlock.
- return std::chrono::duration_cast<std::chrono::milliseconds>(
- std::chrono::seconds(15));
- case DFGJIT:
- return std::chrono::duration_cast<std::chrono::milliseconds>(
- std::chrono::seconds(20));
- case FTLJIT:
- return std::chrono::duration_cast<std::chrono::milliseconds>(
- std::chrono::seconds(60));
- default:
- return std::chrono::milliseconds::max();
- }
- }
-
</del><span class="cx"> static bool isLowerTier(JITType expectedLower, JITType expectedHigher)
</span><span class="cx"> {
</span><span class="cx"> RELEASE_ASSERT(isExecutableScript(expectedLower));
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITOpcodescpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -666,7 +666,7 @@
</span><span class="cx"> for (size_t j = CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters(); j < count; ++j)
</span><span class="cx"> emitInitRegister(virtualRegisterForLocal(j).offset());
</span><span class="cx">
</span><del>- emitWriteBarrier(m_codeBlock->ownerExecutable());
</del><ins>+ emitWriteBarrier(m_codeBlock);
</ins><span class="cx">
</span><span class="cx"> emitEnterOptimizationCheck();
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITOperationscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITOperations.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITOperations.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/jit/JITOperations.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -1273,15 +1273,13 @@
</span><span class="cx"> mustHandleValues[i] = exec->uncheckedR(operand).jsValue();
</span><span class="cx"> }
</span><span class="cx">
</span><del>- RefPtr<CodeBlock> replacementCodeBlock = codeBlock->newReplacement();
</del><ins>+ CodeBlock* replacementCodeBlock = codeBlock->newReplacement();
</ins><span class="cx"> CompilationResult result = DFG::compile(
</span><del>- vm, replacementCodeBlock.get(), 0, DFG::DFGMode, bytecodeIndex,
</del><ins>+ vm, replacementCodeBlock, nullptr, DFG::DFGMode, bytecodeIndex,
</ins><span class="cx"> mustHandleValues, JITToDFGDeferredCompilationCallback::create());
</span><span class="cx">
</span><del>- if (result != CompilationSuccessful) {
- ASSERT(result == CompilationDeferred || replacementCodeBlock->hasOneRef());
</del><ins>+ if (result != CompilationSuccessful)
</ins><span class="cx"> return encodeResult(0, 0);
</span><del>- }
</del><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> CodeBlock* optimizedCodeBlock = codeBlock->replacement();
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITToDFGDeferredCompilationCallbackcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITToDFGDeferredCompilationCallback.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITToDFGDeferredCompilationCallback.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/jit/JITToDFGDeferredCompilationCallback.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -43,8 +43,9 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void JITToDFGDeferredCompilationCallback::compilationDidBecomeReadyAsynchronously(
</span><del>- CodeBlock* codeBlock)
</del><ins>+ CodeBlock* codeBlock, CodeBlock* profiledDFGCodeBlock)
</ins><span class="cx"> {
</span><ins>+ ASSERT_UNUSED(profiledDFGCodeBlock, !profiledDFGCodeBlock);
</ins><span class="cx"> ASSERT(codeBlock->alternative()->jitType() == JITCode::BaselineJIT);
</span><span class="cx">
</span><span class="cx"> if (Options::verboseOSR())
</span><span class="lines">@@ -54,8 +55,9 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void JITToDFGDeferredCompilationCallback::compilationDidComplete(
</span><del>- CodeBlock* codeBlock, CompilationResult result)
</del><ins>+ CodeBlock* codeBlock, CodeBlock* profiledDFGCodeBlock, CompilationResult result)
</ins><span class="cx"> {
</span><ins>+ ASSERT(!profiledDFGCodeBlock);
</ins><span class="cx"> ASSERT(codeBlock->alternative()->jitType() == JITCode::BaselineJIT);
</span><span class="cx">
</span><span class="cx"> if (Options::verboseOSR())
</span><span class="lines">@@ -66,7 +68,7 @@
</span><span class="cx">
</span><span class="cx"> codeBlock->alternative()->setOptimizationThresholdBasedOnCompilationResult(result);
</span><span class="cx">
</span><del>- DeferredCompilationCallback::compilationDidComplete(codeBlock, result);
</del><ins>+ DeferredCompilationCallback::compilationDidComplete(codeBlock, profiledDFGCodeBlock, result);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> } // JSC
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITToDFGDeferredCompilationCallbackh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITToDFGDeferredCompilationCallback.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITToDFGDeferredCompilationCallback.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/jit/JITToDFGDeferredCompilationCallback.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -44,8 +44,8 @@
</span><span class="cx">
</span><span class="cx"> static Ref<JITToDFGDeferredCompilationCallback> create();
</span><span class="cx">
</span><del>- virtual void compilationDidBecomeReadyAsynchronously(CodeBlock*) override;
- virtual void compilationDidComplete(CodeBlock*, CompilationResult) override;
</del><ins>+ virtual void compilationDidBecomeReadyAsynchronously(CodeBlock*, CodeBlock* profiledDFGCodeBlock) override;
+ virtual void compilationDidComplete(CodeBlock*, CodeBlock* profiledDFGCodeBlock, CompilationResult) override;
</ins><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> } // namespace JSC
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitRepatchcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/Repatch.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/Repatch.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/jit/Repatch.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -227,15 +227,14 @@
</span><span class="cx"> return GiveUpOnCache;
</span><span class="cx">
</span><span class="cx"> CodeBlock* codeBlock = exec->codeBlock();
</span><del>- ScriptExecutable* owner = codeBlock->ownerScriptExecutable();
</del><span class="cx"> VM& vm = exec->vm();
</span><span class="cx">
</span><span class="cx"> std::unique_ptr<AccessCase> newCase;
</span><span class="cx">
</span><span class="cx"> if (isJSArray(baseValue) && propertyName == exec->propertyNames().length)
</span><del>- newCase = AccessCase::getLength(vm, owner, AccessCase::ArrayLength);
</del><ins>+ newCase = AccessCase::getLength(vm, codeBlock, AccessCase::ArrayLength);
</ins><span class="cx"> else if (isJSString(baseValue) && propertyName == exec->propertyNames().length)
</span><del>- newCase = AccessCase::getLength(vm, owner, AccessCase::StringLength);
</del><ins>+ newCase = AccessCase::getLength(vm, codeBlock, AccessCase::StringLength);
</ins><span class="cx"> else {
</span><span class="cx"> if (!slot.isCacheable() && !slot.isUnset())
</span><span class="cx"> return GiveUpOnCache;
</span><span class="lines">@@ -266,7 +265,7 @@
</span><span class="cx"> && !loadTargetFromProxy) {
</span><span class="cx"> structure->startWatchingPropertyForReplacements(vm, slot.cachedOffset());
</span><span class="cx"> repatchByIdSelfAccess(codeBlock, stubInfo, structure, slot.cachedOffset(), operationGetByIdOptimize, true);
</span><del>- stubInfo.initGetByIdSelf(vm, codeBlock->ownerExecutable(), structure, slot.cachedOffset());
</del><ins>+ stubInfo.initGetByIdSelf(vm, codeBlock, structure, slot.cachedOffset());
</ins><span class="cx"> return RetryCacheLater;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -279,10 +278,10 @@
</span><span class="cx">
</span><span class="cx"> if (slot.isUnset()) {
</span><span class="cx"> conditionSet = generateConditionsForPropertyMiss(
</span><del>- vm, codeBlock->ownerExecutable(), exec, structure, propertyName.impl());
</del><ins>+ vm, codeBlock, exec, structure, propertyName.impl());
</ins><span class="cx"> } else {
</span><span class="cx"> conditionSet = generateConditionsForPrototypePropertyHit(
</span><del>- vm, codeBlock->ownerExecutable(), exec, structure, slot.slotBase(),
</del><ins>+ vm, codeBlock, exec, structure, slot.slotBase(),
</ins><span class="cx"> propertyName.impl());
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -303,7 +302,7 @@
</span><span class="cx"> type = AccessCase::CustomGetter;
</span><span class="cx">
</span><span class="cx"> newCase = AccessCase::get(
</span><del>- vm, owner, type, offset, structure, conditionSet, loadTargetFromProxy,
</del><ins>+ vm, codeBlock, type, offset, structure, conditionSet, loadTargetFromProxy,
</ins><span class="cx"> slot.watchpointSet(), slot.isCacheableCustom() ? slot.customGetter() : nullptr,
</span><span class="cx"> slot.isCacheableCustom() ? slot.slotBase() : nullptr);
</span><span class="cx"> }
</span><span class="lines">@@ -357,7 +356,6 @@
</span><span class="cx"> return GiveUpOnCache;
</span><span class="cx">
</span><span class="cx"> CodeBlock* codeBlock = exec->codeBlock();
</span><del>- ScriptExecutable* owner = codeBlock->ownerScriptExecutable();
</del><span class="cx"> VM& vm = exec->vm();
</span><span class="cx">
</span><span class="cx"> if (!baseValue.isCell())
</span><span class="lines">@@ -385,11 +383,11 @@
</span><span class="cx"> codeBlock, stubInfo, structure, slot.cachedOffset(),
</span><span class="cx"> appropriateOptimizingPutByIdFunction(slot, putKind), false);
</span><span class="cx"> stubInfo.initPutByIdReplace(
</span><del>- vm, codeBlock->ownerExecutable(), structure, slot.cachedOffset());
</del><ins>+ vm, codeBlock, structure, slot.cachedOffset());
</ins><span class="cx"> return RetryCacheLater;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- newCase = AccessCase::replace(vm, owner, structure, slot.cachedOffset());
</del><ins>+ newCase = AccessCase::replace(vm, codeBlock, structure, slot.cachedOffset());
</ins><span class="cx"> } else {
</span><span class="cx"> ASSERT(slot.type() == PutPropertySlot::NewProperty);
</span><span class="cx">
</span><span class="lines">@@ -411,12 +409,12 @@
</span><span class="cx"> if (putKind == NotDirect) {
</span><span class="cx"> conditionSet =
</span><span class="cx"> generateConditionsForPropertySetterMiss(
</span><del>- vm, owner, exec, newStructure, ident.impl());
</del><ins>+ vm, codeBlock, exec, newStructure, ident.impl());
</ins><span class="cx"> if (!conditionSet.isValid())
</span><span class="cx"> return GiveUpOnCache;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- newCase = AccessCase::transition(vm, owner, structure, newStructure, offset, conditionSet);
</del><ins>+ newCase = AccessCase::transition(vm, codeBlock, structure, newStructure, offset, conditionSet);
</ins><span class="cx"> }
</span><span class="cx"> } else if (slot.isCacheableCustom() || slot.isCacheableSetter()) {
</span><span class="cx"> if (slot.isCacheableCustom()) {
</span><span class="lines">@@ -425,13 +423,13 @@
</span><span class="cx"> if (slot.base() != baseValue) {
</span><span class="cx"> conditionSet =
</span><span class="cx"> generateConditionsForPrototypePropertyHitCustom(
</span><del>- vm, owner, exec, structure, slot.base(), ident.impl());
</del><ins>+ vm, codeBlock, exec, structure, slot.base(), ident.impl());
</ins><span class="cx"> if (!conditionSet.isValid())
</span><span class="cx"> return GiveUpOnCache;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> newCase = AccessCase::setter(
</span><del>- vm, owner, AccessCase::CustomSetter, structure, invalidOffset, conditionSet,
</del><ins>+ vm, codeBlock, AccessCase::CustomSetter, structure, invalidOffset, conditionSet,
</ins><span class="cx"> slot.customSetter(), slot.base());
</span><span class="cx"> } else {
</span><span class="cx"> ObjectPropertyConditionSet conditionSet;
</span><span class="lines">@@ -440,7 +438,7 @@
</span><span class="cx"> if (slot.base() != baseValue) {
</span><span class="cx"> conditionSet =
</span><span class="cx"> generateConditionsForPrototypePropertyHit(
</span><del>- vm, owner, exec, structure, slot.base(), ident.impl());
</del><ins>+ vm, codeBlock, exec, structure, slot.base(), ident.impl());
</ins><span class="cx"> if (!conditionSet.isValid())
</span><span class="cx"> return GiveUpOnCache;
</span><span class="cx"> offset = conditionSet.slotBaseCondition().offset();
</span><span class="lines">@@ -448,7 +446,7 @@
</span><span class="cx"> offset = slot.cachedOffset();
</span><span class="cx">
</span><span class="cx"> newCase = AccessCase::setter(
</span><del>- vm, owner, AccessCase::Setter, structure, offset, conditionSet);
</del><ins>+ vm, codeBlock, AccessCase::Setter, structure, offset, conditionSet);
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -491,7 +489,6 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> CodeBlock* codeBlock = exec->codeBlock();
</span><del>- ScriptExecutable* owner = codeBlock->ownerScriptExecutable();
</del><span class="cx"> VM& vm = exec->vm();
</span><span class="cx"> Structure* structure = base->structure(vm);
</span><span class="cx">
</span><span class="lines">@@ -499,17 +496,17 @@
</span><span class="cx"> if (wasFound) {
</span><span class="cx"> if (slot.slotBase() != base) {
</span><span class="cx"> conditionSet = generateConditionsForPrototypePropertyHit(
</span><del>- vm, codeBlock->ownerExecutable(), exec, structure, slot.slotBase(), ident.impl());
</del><ins>+ vm, codeBlock, exec, structure, slot.slotBase(), ident.impl());
</ins><span class="cx"> }
</span><span class="cx"> } else {
</span><span class="cx"> conditionSet = generateConditionsForPropertyMiss(
</span><del>- vm, codeBlock->ownerExecutable(), exec, structure, ident.impl());
</del><ins>+ vm, codeBlock, exec, structure, ident.impl());
</ins><span class="cx"> }
</span><span class="cx"> if (!conditionSet.isValid())
</span><span class="cx"> return GiveUpOnCache;
</span><span class="cx">
</span><span class="cx"> std::unique_ptr<AccessCase> newCase = AccessCase::in(
</span><del>- vm, owner, wasFound ? AccessCase::InHit : AccessCase::InMiss, structure, conditionSet);
</del><ins>+ vm, codeBlock, wasFound ? AccessCase::InHit : AccessCase::InMiss, structure, conditionSet);
</ins><span class="cx">
</span><span class="cx"> MacroAssemblerCodePtr codePtr = stubInfo.addAccessCase(vm, codeBlock, ident, WTF::move(newCase));
</span><span class="cx"> if (!codePtr)
</span><span class="lines">@@ -558,8 +555,8 @@
</span><span class="cx"> VM* vm = callerCodeBlock->vm();
</span><span class="cx">
</span><span class="cx"> ASSERT(!callLinkInfo.isLinked());
</span><del>- callLinkInfo.setCallee(exec->callerFrame()->vm(), callLinkInfo.hotPathBegin(), callerCodeBlock->ownerExecutable(), callee);
- callLinkInfo.setLastSeenCallee(exec->callerFrame()->vm(), callerCodeBlock->ownerExecutable(), callee);
</del><ins>+ callLinkInfo.setCallee(exec->callerFrame()->vm(), callLinkInfo.hotPathBegin(), callerCodeBlock, callee);
+ callLinkInfo.setLastSeenCallee(exec->callerFrame()->vm(), callerCodeBlock, callee);
</ins><span class="cx"> if (shouldShowDisassemblyFor(callerCodeBlock))
</span><span class="cx"> dataLog("Linking call in ", *callerCodeBlock, " at ", callLinkInfo.codeOrigin(), " to ", pointerDump(calleeCodeBlock), ", entrypoint at ", codePtr, "\n");
</span><span class="cx"> MacroAssembler::repatchNearCall(callLinkInfo.hotPathOther(), CodeLocationLabel(codePtr));
</span><span class="lines">@@ -876,7 +873,7 @@
</span><span class="cx"> ("Polymorphic call stub for %s, return point %p, targets %s",
</span><span class="cx"> toCString(*callerCodeBlock).data(), callLinkInfo.callReturnLocation().labelAtOffset(0).executableAddress(),
</span><span class="cx"> toCString(listDump(callCases)).data())),
</span><del>- *vm, callerCodeBlock->ownerExecutable(), exec->callerFrame(), callLinkInfo, callCases,
</del><ins>+ *vm, callerCodeBlock, exec->callerFrame(), callLinkInfo, callCases,
</ins><span class="cx"> WTF::move(fastCounts)));
</span><span class="cx">
</span><span class="cx"> MacroAssembler::replaceWithJump(
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorellintLLIntSlowPathscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -576,7 +576,7 @@
</span><span class="cx"> if (!structure->isUncacheableDictionary()
</span><span class="cx"> && !structure->typeInfo().prohibitsPropertyCaching()
</span><span class="cx"> && !structure->typeInfo().newImpurePropertyFiresWatchpoints()) {
</span><del>- vm.heap.writeBarrier(codeBlock->ownerExecutable());
</del><ins>+ vm.heap.writeBarrier(codeBlock);
</ins><span class="cx">
</span><span class="cx"> ConcurrentJITLocker locker(codeBlock->m_lock);
</span><span class="cx">
</span><span class="lines">@@ -641,7 +641,7 @@
</span><span class="cx"> && !structure->typeInfo().prohibitsPropertyCaching()
</span><span class="cx"> && baseCell == slot.base()) {
</span><span class="cx">
</span><del>- vm.heap.writeBarrier(codeBlock->ownerExecutable());
</del><ins>+ vm.heap.writeBarrier(codeBlock);
</ins><span class="cx">
</span><span class="cx"> if (slot.type() == PutPropertySlot::NewProperty) {
</span><span class="cx"> GCSafeConcurrentJITLocker locker(codeBlock->m_lock, vm.heap);
</span><span class="lines">@@ -658,7 +658,7 @@
</span><span class="cx"> StructureChain* chain = structure->prototypeChain(exec);
</span><span class="cx"> ASSERT(chain);
</span><span class="cx"> pc[7].u.structureChain.set(
</span><del>- vm, codeBlock->ownerExecutable(), chain);
</del><ins>+ vm, codeBlock, chain);
</ins><span class="cx"> }
</span><span class="cx"> pc[8].u.putByIdFlags = static_cast<PutByIdFlags>(
</span><span class="cx"> pc[8].u.putByIdFlags |
</span><span class="lines">@@ -1190,8 +1190,8 @@
</span><span class="cx">
</span><span class="cx"> if (callLinkInfo->isOnList())
</span><span class="cx"> callLinkInfo->remove();
</span><del>- callLinkInfo->callee.set(vm, callerCodeBlock->ownerExecutable(), callee);
- callLinkInfo->lastSeenCallee.set(vm, callerCodeBlock->ownerExecutable(), callee);
</del><ins>+ callLinkInfo->callee.set(vm, callerCodeBlock, callee);
+ callLinkInfo->lastSeenCallee.set(vm, callerCodeBlock, callee);
</ins><span class="cx"> callLinkInfo->machineCodeTarget = codePtr;
</span><span class="cx"> if (codeBlock)
</span><span class="cx"> codeBlock->linkIncomingCall(exec, callLinkInfo);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreprofilerProfilerOriginStackcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/profiler/ProfilerOriginStack.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/profiler/ProfilerOriginStack.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/profiler/ProfilerOriginStack.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -52,7 +52,7 @@
</span><span class="cx">
</span><span class="cx"> for (unsigned i = 1; i < stack.size(); ++i) {
</span><span class="cx"> append(Origin(
</span><del>- database.ensureBytecodesFor(stack[i].inlineCallFrame->baselineCodeBlock()),
</del><ins>+ database.ensureBytecodesFor(stack[i].inlineCallFrame->baselineCodeBlock.get()),
</ins><span class="cx"> stack[i].bytecodeIndex));
</span><span class="cx"> }
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeCommonSlowPathscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -231,7 +231,7 @@
</span><span class="cx">
</span><span class="cx"> auto& cacheWriteBarrier = pc[4].u.jsCell;
</span><span class="cx"> if (!cacheWriteBarrier)
</span><del>- cacheWriteBarrier.set(exec->vm(), exec->codeBlock()->ownerExecutable(), constructor);
</del><ins>+ cacheWriteBarrier.set(exec->vm(), exec->codeBlock(), constructor);
</ins><span class="cx"> else if (cacheWriteBarrier.unvalidatedGet() != JSCell::seenMultipleCalleeObjects() && cacheWriteBarrier.get() != constructor)
</span><span class="cx"> cacheWriteBarrier.setWithoutWriteBarrier(JSCell::seenMultipleCalleeObjects());
</span><span class="cx">
</span><span class="lines">@@ -250,7 +250,7 @@
</span><span class="cx"> if (myStructure != otherStructure) {
</span><span class="cx"> if (otherStructure)
</span><span class="cx"> pc[3].u.toThisStatus = ToThisConflicted;
</span><del>- pc[2].u.structure.set(vm, exec->codeBlock()->ownerExecutable(), myStructure);
</del><ins>+ pc[2].u.structure.set(vm, exec->codeBlock(), myStructure);
</ins><span class="cx"> }
</span><span class="cx"> } else {
</span><span class="cx"> pc[3].u.toThisStatus = ToThisConflicted;
</span><span class="lines">@@ -526,8 +526,8 @@
</span><span class="cx"> SLOW_PATH_DECL(slow_path_enter)
</span><span class="cx"> {
</span><span class="cx"> BEGIN();
</span><del>- ExecutableBase* ownerExecutable = exec->codeBlock()->ownerExecutable();
- Heap::heap(ownerExecutable)->writeBarrier(ownerExecutable);
</del><ins>+ CodeBlock* codeBlock = exec->codeBlock();
+ Heap::heap(codeBlock)->writeBarrier(codeBlock);
</ins><span class="cx"> END();
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeCommonSlowPathsh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -129,7 +129,7 @@
</span><span class="cx"> scope->structure()->didCachePropertyReplacement(exec->vm(), slot.cachedOffset());
</span><span class="cx">
</span><span class="cx"> ConcurrentJITLocker locker(codeBlock->m_lock);
</span><del>- pc[5].u.structure.set(exec->vm(), codeBlock->ownerExecutable(), scope->structure());
</del><ins>+ pc[5].u.structure.set(exec->vm(), codeBlock, scope->structure());
</ins><span class="cx"> pc[6].u.operand = slot.cachedOffset();
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="lines">@@ -162,7 +162,7 @@
</span><span class="cx"> Structure* structure = scope->structure(vm);
</span><span class="cx"> {
</span><span class="cx"> ConcurrentJITLocker locker(codeBlock->m_lock);
</span><del>- pc[5].u.structure.set(exec->vm(), codeBlock->ownerExecutable(), structure);
</del><ins>+ pc[5].u.structure.set(exec->vm(), codeBlock, structure);
</ins><span class="cx"> pc[6].u.operand = slot.cachedOffset();
</span><span class="cx"> }
</span><span class="cx"> structure->startWatchingPropertyForReplacements(vm, slot.cachedOffset());
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeExecutablecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/Executable.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/Executable.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/runtime/Executable.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -60,6 +60,45 @@
</span><span class="cx"> #endif
</span><span class="cx"> m_numParametersForCall = NUM_PARAMETERS_NOT_COMPILED;
</span><span class="cx"> m_numParametersForConstruct = NUM_PARAMETERS_NOT_COMPILED;
</span><ins>+
+ if (classInfo() == FunctionExecutable::info()) {
+ FunctionExecutable* executable = jsCast<FunctionExecutable*>(this);
+ executable->m_codeBlockForCall.clear();
+ executable->m_codeBlockForConstruct.clear();
+ return;
+ }
+
+ if (classInfo() == EvalExecutable::info()) {
+ EvalExecutable* executable = jsCast<EvalExecutable*>(this);
+ executable->m_evalCodeBlock.clear();
+ executable->m_unlinkedEvalCodeBlock.clear();
+ return;
+ }
+
+ if (classInfo() == ProgramExecutable::info()) {
+ ProgramExecutable* executable = jsCast<ProgramExecutable*>(this);
+ executable->m_programCodeBlock.clear();
+ executable->m_unlinkedProgramCodeBlock.clear();
+ return;
+ }
+
+ if (classInfo() == ModuleProgramExecutable::info()) {
+ ModuleProgramExecutable* executable = jsCast<ModuleProgramExecutable*>(this);
+ executable->m_moduleProgramCodeBlock.clear();
+ executable->m_unlinkedModuleProgramCodeBlock.clear();
+ executable->m_moduleEnvironmentSymbolTable.clear();
+ return;
+ }
+
+#if ENABLE(WEBASSEMBLY)
+ if (classInfo() == WebAssemblyExecutable::info()) {
+ WebAssemblyExecutable* executable = jsCast<WebAssemblyExecutable*>(this);
+ executable->m_codeBlockForCall.clear();
+ return;
+ }
+#endif
+
+ ASSERT(classInfo() == NativeExecutable::info());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> #if ENABLE(DFG_JIT)
</span><span class="lines">@@ -123,7 +162,7 @@
</span><span class="cx"> {
</span><span class="cx"> ASSERT(vm.heap.isDeferred());
</span><span class="cx">
</span><del>- RefPtr<CodeBlock> oldCodeBlock;
</del><ins>+ CodeBlock* oldCodeBlock = nullptr;
</ins><span class="cx">
</span><span class="cx"> switch (codeType) {
</span><span class="cx"> case GlobalCode: {
</span><span class="lines">@@ -132,8 +171,8 @@
</span><span class="cx">
</span><span class="cx"> ASSERT(kind == CodeForCall);
</span><span class="cx">
</span><del>- oldCodeBlock = executable->m_programCodeBlock;
- executable->m_programCodeBlock = codeBlock;
</del><ins>+ oldCodeBlock = executable->m_programCodeBlock.get();
+ executable->m_programCodeBlock.setMayBeNull(vm, this, codeBlock);
</ins><span class="cx"> break;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -143,8 +182,8 @@
</span><span class="cx">
</span><span class="cx"> ASSERT(kind == CodeForCall);
</span><span class="cx">
</span><del>- oldCodeBlock = executable->m_moduleProgramCodeBlock;
- executable->m_moduleProgramCodeBlock = codeBlock;
</del><ins>+ oldCodeBlock = executable->m_moduleProgramCodeBlock.get();
+ executable->m_moduleProgramCodeBlock.setMayBeNull(vm, this, codeBlock);
</ins><span class="cx"> break;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -154,8 +193,8 @@
</span><span class="cx">
</span><span class="cx"> ASSERT(kind == CodeForCall);
</span><span class="cx">
</span><del>- oldCodeBlock = executable->m_evalCodeBlock;
- executable->m_evalCodeBlock = codeBlock;
</del><ins>+ oldCodeBlock = executable->m_evalCodeBlock.get();
+ executable->m_evalCodeBlock.setMayBeNull(vm, this, codeBlock);
</ins><span class="cx"> break;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -165,12 +204,12 @@
</span><span class="cx">
</span><span class="cx"> switch (kind) {
</span><span class="cx"> case CodeForCall:
</span><del>- oldCodeBlock = executable->m_codeBlockForCall;
- executable->m_codeBlockForCall = codeBlock;
</del><ins>+ oldCodeBlock = executable->m_codeBlockForCall.get();
+ executable->m_codeBlockForCall.setMayBeNull(vm, this, codeBlock);
</ins><span class="cx"> break;
</span><span class="cx"> case CodeForConstruct:
</span><del>- oldCodeBlock = executable->m_codeBlockForConstruct;
- executable->m_codeBlockForConstruct = codeBlock;
</del><ins>+ oldCodeBlock = executable->m_codeBlockForConstruct.get();
+ executable->m_codeBlockForConstruct.setMayBeNull(vm, this, codeBlock);
</ins><span class="cx"> break;
</span><span class="cx"> }
</span><span class="cx"> break;
</span><span class="lines">@@ -210,7 +249,7 @@
</span><span class="cx"> vm.heap.writeBarrier(this);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-RefPtr<CodeBlock> ScriptExecutable::newCodeBlockFor(
</del><ins>+CodeBlock* ScriptExecutable::newCodeBlockFor(
</ins><span class="cx"> CodeSpecializationKind kind, JSFunction* function, JSScope* scope, JSObject*& exception)
</span><span class="cx"> {
</span><span class="cx"> VM* vm = scope->vm();
</span><span class="lines">@@ -224,9 +263,9 @@
</span><span class="cx"> RELEASE_ASSERT(kind == CodeForCall);
</span><span class="cx"> RELEASE_ASSERT(!executable->m_evalCodeBlock);
</span><span class="cx"> RELEASE_ASSERT(!function);
</span><del>- return adoptRef(new EvalCodeBlock(
</del><ins>+ return EvalCodeBlock::create(vm,
</ins><span class="cx"> executable, executable->m_unlinkedEvalCodeBlock.get(), scope,
</span><del>- executable->source().provider()));
</del><ins>+ executable->source().provider());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (classInfo() == ProgramExecutable::info()) {
</span><span class="lines">@@ -234,9 +273,9 @@
</span><span class="cx"> RELEASE_ASSERT(kind == CodeForCall);
</span><span class="cx"> RELEASE_ASSERT(!executable->m_programCodeBlock);
</span><span class="cx"> RELEASE_ASSERT(!function);
</span><del>- return adoptRef(new ProgramCodeBlock(
</del><ins>+ return ProgramCodeBlock::create(vm,
</ins><span class="cx"> executable, executable->m_unlinkedProgramCodeBlock.get(), scope,
</span><del>- executable->source().provider(), executable->source().startColumn()));
</del><ins>+ executable->source().provider(), executable->source().startColumn());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (classInfo() == ModuleProgramExecutable::info()) {
</span><span class="lines">@@ -244,9 +283,9 @@
</span><span class="cx"> RELEASE_ASSERT(kind == CodeForCall);
</span><span class="cx"> RELEASE_ASSERT(!executable->m_moduleProgramCodeBlock);
</span><span class="cx"> RELEASE_ASSERT(!function);
</span><del>- return adoptRef(new ModuleProgramCodeBlock(
</del><ins>+ return ModuleProgramCodeBlock::create(vm,
</ins><span class="cx"> executable, executable->m_unlinkedModuleProgramCodeBlock.get(), scope,
</span><del>- executable->source().provider(), executable->source().startColumn()));
</del><ins>+ executable->source().provider(), executable->source().startColumn());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> RELEASE_ASSERT(classInfo() == FunctionExecutable::info());
</span><span class="lines">@@ -276,11 +315,11 @@
</span><span class="cx"> unsigned sourceOffset = executable->source().startOffset();
</span><span class="cx"> unsigned startColumn = executable->source().startColumn();
</span><span class="cx">
</span><del>- return adoptRef(new FunctionCodeBlock(
- executable, unlinkedCodeBlock, scope, provider, sourceOffset, startColumn));
</del><ins>+ return FunctionCodeBlock::create(vm,
+ executable, unlinkedCodeBlock, scope, provider, sourceOffset, startColumn);
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-PassRefPtr<CodeBlock> ScriptExecutable::newReplacementCodeBlockFor(
</del><ins>+CodeBlock* ScriptExecutable::newReplacementCodeBlockFor(
</ins><span class="cx"> CodeSpecializationKind kind)
</span><span class="cx"> {
</span><span class="cx"> if (classInfo() == EvalExecutable::info()) {
</span><span class="lines">@@ -288,9 +327,9 @@
</span><span class="cx"> EvalExecutable* executable = jsCast<EvalExecutable*>(this);
</span><span class="cx"> EvalCodeBlock* baseline = static_cast<EvalCodeBlock*>(
</span><span class="cx"> executable->m_evalCodeBlock->baselineVersion());
</span><del>- RefPtr<EvalCodeBlock> result = adoptRef(new EvalCodeBlock(
- CodeBlock::CopyParsedBlock, *baseline));
- result->setAlternative(baseline);
</del><ins>+ EvalCodeBlock* result = EvalCodeBlock::create(vm(),
+ CodeBlock::CopyParsedBlock, *baseline);
+ result->setAlternative(*vm(), baseline);
</ins><span class="cx"> return result;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -299,9 +338,9 @@
</span><span class="cx"> ProgramExecutable* executable = jsCast<ProgramExecutable*>(this);
</span><span class="cx"> ProgramCodeBlock* baseline = static_cast<ProgramCodeBlock*>(
</span><span class="cx"> executable->m_programCodeBlock->baselineVersion());
</span><del>- RefPtr<ProgramCodeBlock> result = adoptRef(new ProgramCodeBlock(
- CodeBlock::CopyParsedBlock, *baseline));
- result->setAlternative(baseline);
</del><ins>+ ProgramCodeBlock* result = ProgramCodeBlock::create(vm(),
+ CodeBlock::CopyParsedBlock, *baseline);
+ result->setAlternative(*vm(), baseline);
</ins><span class="cx"> return result;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -310,9 +349,9 @@
</span><span class="cx"> ModuleProgramExecutable* executable = jsCast<ModuleProgramExecutable*>(this);
</span><span class="cx"> ModuleProgramCodeBlock* baseline = static_cast<ModuleProgramCodeBlock*>(
</span><span class="cx"> executable->m_moduleProgramCodeBlock->baselineVersion());
</span><del>- RefPtr<ModuleProgramCodeBlock> result = adoptRef(new ModuleProgramCodeBlock(
- CodeBlock::CopyParsedBlock, *baseline));
- result->setAlternative(baseline);
</del><ins>+ ModuleProgramCodeBlock* result = ModuleProgramCodeBlock::create(vm(),
+ CodeBlock::CopyParsedBlock, *baseline);
+ result->setAlternative(*vm(), baseline);
</ins><span class="cx"> return result;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -320,9 +359,9 @@
</span><span class="cx"> FunctionExecutable* executable = jsCast<FunctionExecutable*>(this);
</span><span class="cx"> FunctionCodeBlock* baseline = static_cast<FunctionCodeBlock*>(
</span><span class="cx"> executable->codeBlockFor(kind)->baselineVersion());
</span><del>- RefPtr<FunctionCodeBlock> result = adoptRef(new FunctionCodeBlock(
- CodeBlock::CopyParsedBlock, *baseline));
- result->setAlternative(baseline);
</del><ins>+ FunctionCodeBlock* result = FunctionCodeBlock::create(vm(),
+ CodeBlock::CopyParsedBlock, *baseline);
+ result->setAlternative(*vm(), baseline);
</ins><span class="cx"> return result;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -350,7 +389,7 @@
</span><span class="cx"> DeferGC deferGC(vm.heap);
</span><span class="cx">
</span><span class="cx"> JSObject* exception = 0;
</span><del>- RefPtr<CodeBlock> codeBlock = newCodeBlockFor(kind, function, scope, exception);
</del><ins>+ CodeBlock* codeBlock = newCodeBlockFor(kind, function, scope, exception);
</ins><span class="cx"> if (!codeBlock) {
</span><span class="cx"> RELEASE_ASSERT(exception);
</span><span class="cx"> return exception;
</span><span class="lines">@@ -360,11 +399,11 @@
</span><span class="cx"> codeBlock->validate();
</span><span class="cx">
</span><span class="cx"> if (Options::useLLInt())
</span><del>- setupLLInt(vm, codeBlock.get());
</del><ins>+ setupLLInt(vm, codeBlock);
</ins><span class="cx"> else
</span><del>- setupJIT(vm, codeBlock.get());
</del><ins>+ setupJIT(vm, codeBlock);
</ins><span class="cx">
</span><del>- installCode(*codeBlock->vm(), codeBlock.get(), codeBlock->codeType(), codeBlock->specializationKind());
</del><ins>+ installCode(*codeBlock->vm(), codeBlock, codeBlock->codeType(), codeBlock->specializationKind());
</ins><span class="cx"> return 0;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -502,18 +541,11 @@
</span><span class="cx"> EvalExecutable* thisObject = jsCast<EvalExecutable*>(cell);
</span><span class="cx"> ASSERT_GC_OBJECT_INHERITS(thisObject, info());
</span><span class="cx"> ScriptExecutable::visitChildren(thisObject, visitor);
</span><ins>+ visitor.append(&thisObject->m_unlinkedEvalCodeBlock);
</ins><span class="cx"> if (thisObject->m_evalCodeBlock)
</span><del>- thisObject->m_evalCodeBlock->visitAggregate(visitor);
- visitor.append(&thisObject->m_unlinkedEvalCodeBlock);
</del><ins>+ thisObject->m_evalCodeBlock->visitWeakly(visitor);
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-void EvalExecutable::clearCode()
-{
- m_evalCodeBlock = nullptr;
- m_unlinkedEvalCodeBlock.clear();
- Base::clearCode();
-}
-
</del><span class="cx"> JSObject* ProgramExecutable::checkSyntax(ExecState* exec)
</span><span class="cx"> {
</span><span class="cx"> ParserError error;
</span><span class="lines">@@ -618,16 +650,9 @@
</span><span class="cx"> ScriptExecutable::visitChildren(thisObject, visitor);
</span><span class="cx"> visitor.append(&thisObject->m_unlinkedProgramCodeBlock);
</span><span class="cx"> if (thisObject->m_programCodeBlock)
</span><del>- thisObject->m_programCodeBlock->visitAggregate(visitor);
</del><ins>+ thisObject->m_programCodeBlock->visitWeakly(visitor);
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-void ProgramExecutable::clearCode()
-{
- m_programCodeBlock = nullptr;
- m_unlinkedProgramCodeBlock.clear();
- Base::clearCode();
-}
-
</del><span class="cx"> void ModuleProgramExecutable::visitChildren(JSCell* cell, SlotVisitor& visitor)
</span><span class="cx"> {
</span><span class="cx"> ModuleProgramExecutable* thisObject = jsCast<ModuleProgramExecutable*>(cell);
</span><span class="lines">@@ -636,17 +661,9 @@
</span><span class="cx"> visitor.append(&thisObject->m_unlinkedModuleProgramCodeBlock);
</span><span class="cx"> visitor.append(&thisObject->m_moduleEnvironmentSymbolTable);
</span><span class="cx"> if (thisObject->m_moduleProgramCodeBlock)
</span><del>- thisObject->m_moduleProgramCodeBlock->visitAggregate(visitor);
</del><ins>+ thisObject->m_moduleProgramCodeBlock->visitWeakly(visitor);
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-void ModuleProgramExecutable::clearCode()
-{
- m_moduleProgramCodeBlock = nullptr;
- m_unlinkedModuleProgramCodeBlock.clear();
- m_moduleEnvironmentSymbolTable.clear();
- Base::clearCode();
-}
-
</del><span class="cx"> FunctionCodeBlock* FunctionExecutable::baselineCodeBlockFor(CodeSpecializationKind kind)
</span><span class="cx"> {
</span><span class="cx"> FunctionCodeBlock* result;
</span><span class="lines">@@ -667,20 +684,13 @@
</span><span class="cx"> ASSERT_GC_OBJECT_INHERITS(thisObject, info());
</span><span class="cx"> ScriptExecutable::visitChildren(thisObject, visitor);
</span><span class="cx"> if (thisObject->m_codeBlockForCall)
</span><del>- thisObject->m_codeBlockForCall->visitAggregate(visitor);
</del><ins>+ thisObject->m_codeBlockForCall->visitWeakly(visitor);
</ins><span class="cx"> if (thisObject->m_codeBlockForConstruct)
</span><del>- thisObject->m_codeBlockForConstruct->visitAggregate(visitor);
</del><ins>+ thisObject->m_codeBlockForConstruct->visitWeakly(visitor);
</ins><span class="cx"> visitor.append(&thisObject->m_unlinkedExecutable);
</span><span class="cx"> visitor.append(&thisObject->m_singletonFunction);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void FunctionExecutable::clearCode()
-{
- m_codeBlockForCall = nullptr;
- m_codeBlockForConstruct = nullptr;
- Base::clearCode();
-}
-
</del><span class="cx"> FunctionExecutable* FunctionExecutable::fromGlobalCode(
</span><span class="cx"> const Identifier& name, ExecState& exec, const SourceCode& source,
</span><span class="cx"> JSObject*& exception, int overrideLineNumber)
</span><span class="lines">@@ -716,16 +726,10 @@
</span><span class="cx"> ASSERT_GC_OBJECT_INHERITS(thisObject, info());
</span><span class="cx"> ExecutableBase::visitChildren(thisObject, visitor);
</span><span class="cx"> if (thisObject->m_codeBlockForCall)
</span><del>- thisObject->m_codeBlockForCall->visitAggregate(visitor);
</del><ins>+ thisObject->m_codeBlockForCall->visitWeakly(visitor);
</ins><span class="cx"> visitor.append(&thisObject->m_module);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void WebAssemblyExecutable::clearCode()
-{
- m_codeBlockForCall = nullptr;
- Base::clearCode();
-}
-
</del><span class="cx"> void WebAssemblyExecutable::prepareForExecution(ExecState* exec)
</span><span class="cx"> {
</span><span class="cx"> if (hasJITCodeForCall())
</span><span class="lines">@@ -734,16 +738,16 @@
</span><span class="cx"> VM& vm = exec->vm();
</span><span class="cx"> DeferGC deferGC(vm.heap);
</span><span class="cx">
</span><del>- RefPtr<WebAssemblyCodeBlock> codeBlock = adoptRef(new WebAssemblyCodeBlock(
- this, vm, exec->lexicalGlobalObject()));
</del><ins>+ WebAssemblyCodeBlock* codeBlock = WebAssemblyCodeBlock::create(vm,
+ this, exec->lexicalGlobalObject()));
</ins><span class="cx">
</span><del>- WASMFunctionParser::compile(vm, codeBlock.get(), m_module.get(), m_source, m_functionIndex);
</del><ins>+ WASMFunctionParser::compile(vm, codeBlock, m_module.get(), m_source, m_functionIndex);
</ins><span class="cx">
</span><span class="cx"> m_jitCodeForCall = codeBlock->jitCode();
</span><span class="cx"> m_jitCodeForCallWithArityCheck = MacroAssemblerCodePtr();
</span><span class="cx"> m_numParametersForCall = codeBlock->numParameters();
</span><span class="cx">
</span><del>- m_codeBlockForCall = codeBlock;
</del><ins>+ m_codeBlockForCall.set(vm, this, codeBlock);
</ins><span class="cx">
</span><span class="cx"> Heap::heap(this)->writeBarrier(this);
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeExecutableh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/Executable.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/Executable.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/runtime/Executable.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -139,8 +139,6 @@
</span><span class="cx"> int m_numParametersForConstruct;
</span><span class="cx">
</span><span class="cx"> public:
</span><del>- static void clearCodeVirtual(ExecutableBase*);
-
</del><span class="cx"> PassRefPtr<JITCode> generatedJITCodeForCall()
</span><span class="cx"> {
</span><span class="cx"> ASSERT(m_jitCodeForCall);
</span><span class="lines">@@ -306,6 +304,8 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> private:
</span><ins>+ friend class ExecutableBase;
+
</ins><span class="cx"> NativeExecutable(VM& vm, NativeFunction function, NativeFunction constructor)
</span><span class="cx"> : ExecutableBase(vm, vm.nativeExecutableStructure.get(), NUM_PARAMETERS_IS_HOST)
</span><span class="cx"> , m_function(function)
</span><span class="lines">@@ -376,8 +376,8 @@
</span><span class="cx">
</span><span class="cx"> void installCode(CodeBlock*);
</span><span class="cx"> void installCode(VM&, CodeBlock*, CodeType, CodeSpecializationKind);
</span><del>- RefPtr<CodeBlock> newCodeBlockFor(CodeSpecializationKind, JSFunction*, JSScope*, JSObject*& exception);
- PassRefPtr<CodeBlock> newReplacementCodeBlockFor(CodeSpecializationKind);
</del><ins>+ CodeBlock* newCodeBlockFor(CodeSpecializationKind, JSFunction*, JSScope*, JSObject*& exception);
+ CodeBlock* newReplacementCodeBlockFor(CodeSpecializationKind);
</ins><span class="cx">
</span><span class="cx"> JSObject* prepareForExecution(ExecState* exec, JSFunction* function, JSScope* scope, CodeSpecializationKind kind)
</span><span class="cx"> {
</span><span class="lines">@@ -389,6 +389,7 @@
</span><span class="cx"> template <typename Functor> void forEachCodeBlock(Functor&&);
</span><span class="cx">
</span><span class="cx"> private:
</span><ins>+ friend class ExecutableBase;
</ins><span class="cx"> JSObject* prepareForExecutionImpl(ExecState*, JSFunction*, JSScope*, CodeSpecializationKind);
</span><span class="cx">
</span><span class="cx"> protected:
</span><span class="lines">@@ -447,20 +448,19 @@
</span><span class="cx">
</span><span class="cx"> DECLARE_INFO;
</span><span class="cx">
</span><del>- void clearCode();
-
</del><span class="cx"> ExecutableInfo executableInfo() const { return ExecutableInfo(needsActivation(), usesEval(), isStrictMode(), false, false, ConstructorKind::None, false); }
</span><span class="cx">
</span><span class="cx"> unsigned numVariables() { return m_unlinkedEvalCodeBlock->numVariables(); }
</span><span class="cx"> unsigned numberOfFunctionDecls() { return m_unlinkedEvalCodeBlock->numberOfFunctionDecls(); }
</span><span class="cx">
</span><span class="cx"> private:
</span><ins>+ friend class ExecutableBase;
</ins><span class="cx"> friend class ScriptExecutable;
</span><span class="cx"> EvalExecutable(ExecState*, const SourceCode&, bool);
</span><span class="cx">
</span><span class="cx"> static void visitChildren(JSCell*, SlotVisitor&);
</span><span class="cx">
</span><del>- RefPtr<EvalCodeBlock> m_evalCodeBlock;
</del><ins>+ WriteBarrier<EvalCodeBlock> m_evalCodeBlock;
</ins><span class="cx"> WriteBarrier<UnlinkedEvalCodeBlock> m_unlinkedEvalCodeBlock;
</span><span class="cx"> };
</span><span class="cx">
</span><span class="lines">@@ -501,11 +501,10 @@
</span><span class="cx">
</span><span class="cx"> DECLARE_INFO;
</span><span class="cx">
</span><del>- void clearCode();
-
</del><span class="cx"> ExecutableInfo executableInfo() const { return ExecutableInfo(needsActivation(), usesEval(), isStrictMode(), false, false, ConstructorKind::None, false); }
</span><span class="cx">
</span><span class="cx"> private:
</span><ins>+ friend class ExecutableBase;
</ins><span class="cx"> friend class ScriptExecutable;
</span><span class="cx">
</span><span class="cx"> ProgramExecutable(ExecState*, const SourceCode&);
</span><span class="lines">@@ -513,7 +512,7 @@
</span><span class="cx"> static void visitChildren(JSCell*, SlotVisitor&);
</span><span class="cx">
</span><span class="cx"> WriteBarrier<UnlinkedProgramCodeBlock> m_unlinkedProgramCodeBlock;
</span><del>- RefPtr<ProgramCodeBlock> m_programCodeBlock;
</del><ins>+ WriteBarrier<ProgramCodeBlock> m_programCodeBlock;
</ins><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> class ModuleProgramExecutable final : public ScriptExecutable {
</span><span class="lines">@@ -543,14 +542,13 @@
</span><span class="cx">
</span><span class="cx"> DECLARE_INFO;
</span><span class="cx">
</span><del>- void clearCode();
-
</del><span class="cx"> ExecutableInfo executableInfo() const { return ExecutableInfo(needsActivation(), usesEval(), isStrictMode(), false, false, ConstructorKind::None, false); }
</span><span class="cx"> UnlinkedModuleProgramCodeBlock* unlinkedModuleProgramCodeBlock() { return m_unlinkedModuleProgramCodeBlock.get(); }
</span><span class="cx">
</span><span class="cx"> SymbolTable* moduleEnvironmentSymbolTable() { return m_moduleEnvironmentSymbolTable.get(); }
</span><span class="cx">
</span><span class="cx"> private:
</span><ins>+ friend class ExecutableBase;
</ins><span class="cx"> friend class ScriptExecutable;
</span><span class="cx">
</span><span class="cx"> ModuleProgramExecutable(ExecState*, const SourceCode&);
</span><span class="lines">@@ -559,7 +557,7 @@
</span><span class="cx">
</span><span class="cx"> WriteBarrier<UnlinkedModuleProgramCodeBlock> m_unlinkedModuleProgramCodeBlock;
</span><span class="cx"> WriteBarrier<SymbolTable> m_moduleEnvironmentSymbolTable;
</span><del>- RefPtr<ModuleProgramCodeBlock> m_moduleProgramCodeBlock;
</del><ins>+ WriteBarrier<ModuleProgramCodeBlock> m_moduleProgramCodeBlock;
</ins><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> class FunctionExecutable final : public ScriptExecutable {
</span><span class="lines">@@ -600,7 +598,7 @@
</span><span class="cx">
</span><span class="cx"> bool isGeneratedForCall() const
</span><span class="cx"> {
</span><del>- return m_codeBlockForCall;
</del><ins>+ return !!m_codeBlockForCall;
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> FunctionCodeBlock* codeBlockForCall()
</span><span class="lines">@@ -610,7 +608,7 @@
</span><span class="cx">
</span><span class="cx"> bool isGeneratedForConstruct() const
</span><span class="cx"> {
</span><del>- return m_codeBlockForConstruct;
</del><ins>+ return m_codeBlockForConstruct.get();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> FunctionCodeBlock* codeBlockForConstruct()
</span><span class="lines">@@ -676,11 +674,10 @@
</span><span class="cx">
</span><span class="cx"> DECLARE_INFO;
</span><span class="cx">
</span><del>- void clearCode();
-
</del><span class="cx"> InferredValue* singletonFunction() { return m_singletonFunction.get(); }
</span><span class="cx">
</span><span class="cx"> private:
</span><ins>+ friend class ExecutableBase;
</ins><span class="cx"> FunctionExecutable(
</span><span class="cx"> VM&, const SourceCode&, UnlinkedFunctionExecutable*, unsigned firstLine,
</span><span class="cx"> unsigned lastLine, unsigned startColumn, unsigned endColumn);
</span><span class="lines">@@ -690,8 +687,8 @@
</span><span class="cx"> friend class ScriptExecutable;
</span><span class="cx">
</span><span class="cx"> WriteBarrier<UnlinkedFunctionExecutable> m_unlinkedExecutable;
</span><del>- RefPtr<FunctionCodeBlock> m_codeBlockForCall;
- RefPtr<FunctionCodeBlock> m_codeBlockForConstruct;
</del><ins>+ WriteBarrier<FunctionCodeBlock> m_codeBlockForCall;
+ WriteBarrier<FunctionCodeBlock> m_codeBlockForConstruct;
</ins><span class="cx"> RefPtr<TypeSet> m_returnStatementTypeSet;
</span><span class="cx"> unsigned m_parametersStartOffset;
</span><span class="cx"> WriteBarrier<InferredValue> m_singletonFunction;
</span><span class="lines">@@ -719,8 +716,6 @@
</span><span class="cx">
</span><span class="cx"> DECLARE_INFO;
</span><span class="cx">
</span><del>- void clearCode();
-
</del><span class="cx"> void prepareForExecution(ExecState*);
</span><span class="cx">
</span><span class="cx"> WebAssemblyCodeBlock* codeBlockForCall()
</span><span class="lines">@@ -729,6 +724,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> private:
</span><ins>+ friend class ExecutableBase;
</ins><span class="cx"> WebAssemblyExecutable(VM&, const SourceCode&, JSWASMModule*, unsigned functionIndex);
</span><span class="cx">
</span><span class="cx"> static void visitChildren(JSCell*, SlotVisitor&);
</span><span class="lines">@@ -737,30 +733,10 @@
</span><span class="cx"> WriteBarrier<JSWASMModule> m_module;
</span><span class="cx"> unsigned m_functionIndex;
</span><span class="cx">
</span><del>- RefPtr<WebAssemblyCodeBlock> m_codeBlockForCall;
</del><ins>+ WriteBarrier<WebAssemblyCodeBlock> m_codeBlockForCall;
</ins><span class="cx"> };
</span><span class="cx"> #endif
</span><span class="cx">
</span><del>-inline void ExecutableBase::clearCodeVirtual(ExecutableBase* executable)
-{
- switch (executable->type()) {
- case EvalExecutableType:
- return jsCast<EvalExecutable*>(executable)->clearCode();
- case ProgramExecutableType:
- return jsCast<ProgramExecutable*>(executable)->clearCode();
- case FunctionExecutableType:
- return jsCast<FunctionExecutable*>(executable)->clearCode();
-#if ENABLE(WEBASSEMBLY)
- case WebAssemblyExecutableType:
- return jsCast<WebAssemblyExecutable*>(executable)->clearCode();
-#endif
- case ModuleProgramExecutableType:
- return jsCast<ModuleProgramExecutable*>(executable)->clearCode();
- default:
- return jsCast<NativeExecutable*>(executable)->clearCode();
- }
-}
</del><ins>+} // namespace JSC
</ins><span class="cx">
</span><del>-}
-
-#endif
</del><ins>+#endif // Executable_h
</ins></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeVMcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/VM.cpp (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/VM.cpp 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/runtime/VM.cpp 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -248,6 +248,14 @@
</span><span class="cx"> exceptionStructure.set(*this, Exception::createStructure(*this, 0, jsNull()));
</span><span class="cx"> promiseDeferredStructure.set(*this, JSPromiseDeferred::createStructure(*this, 0, jsNull()));
</span><span class="cx"> internalPromiseDeferredStructure.set(*this, JSInternalPromiseDeferred::createStructure(*this, 0, jsNull()));
</span><ins>+ programCodeBlockStructure.set(*this, ProgramCodeBlock::createStructure(*this, 0, jsNull()));
+ moduleProgramCodeBlockStructure.set(*this, ModuleProgramCodeBlock::createStructure(*this, 0, jsNull()));
+ evalCodeBlockStructure.set(*this, EvalCodeBlock::createStructure(*this, 0, jsNull()));
+ functionCodeBlockStructure.set(*this, FunctionCodeBlock::createStructure(*this, 0, jsNull()));
+#if ENABLE(WEBASSEMBLY)
+ webAssemblyCodeBlockStructure.set(*this, WebAssemblyCodeBlock::createStructure(*this, 0, jsNull()));
+#endif
+
</ins><span class="cx"> iterationTerminator.set(*this, JSFinalObject::create(*this, JSFinalObject::createStructure(*this, 0, jsNull(), 1)));
</span><span class="cx"> nativeStdFunctionCellStructure.set(*this, NativeStdFunctionCell::createStructure(*this, 0, jsNull()));
</span><span class="cx"> smallStrings.initializeCommonStrings(*this);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeVMh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/VM.h (190521 => 190522)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/VM.h 2015-10-02 21:11:47 UTC (rev 190521)
+++ trunk/Source/JavaScriptCore/runtime/VM.h 2015-10-02 21:16:20 UTC (rev 190522)
</span><span class="lines">@@ -309,6 +309,12 @@
</span><span class="cx"> Strong<Structure> promiseDeferredStructure;
</span><span class="cx"> Strong<Structure> internalPromiseDeferredStructure;
</span><span class="cx"> Strong<Structure> nativeStdFunctionCellStructure;
</span><ins>+ Strong<Structure> programCodeBlockStructure;
+ Strong<Structure> moduleProgramCodeBlockStructure;
+ Strong<Structure> evalCodeBlockStructure;
+ Strong<Structure> functionCodeBlockStructure;
+ Strong<Structure> webAssemblyCodeBlockStructure;
+
</ins><span class="cx"> Strong<JSCell> iterationTerminator;
</span><span class="cx"> Strong<JSCell> emptyPropertyNameEnumerator;
</span><span class="cx">
</span></span></pre>
</div>
</div>
</body>
</html>