<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[214531] trunk/Source/JavaScriptCore</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/214531">214531</a></dd>
<dt>Author</dt> <dd>sbarati@apple.com</dd>
<dt>Date</dt> <dd>2017-03-28 23:15:23 -0700 (Tue, 28 Mar 2017)</dd>
</dl>
<h3>Log Message</h3>
<pre>AssemblyHelpers should not have a VM field
https://bugs.webkit.org/show_bug.cgi?id=170207
Reviewed by Yusuke Suzuki.
APIs that need VM should take one as a parameter. When doing position
independent code for Wasm, we can't tie code generation to a VM.
* b3/B3Compile.cpp:
(JSC::B3::compile):
* b3/air/testair.cpp:
* b3/testb3.cpp:
(JSC::B3::testEntrySwitchSimple):
(JSC::B3::testEntrySwitchNoEntrySwitch):
(JSC::B3::testEntrySwitchWithCommonPaths):
(JSC::B3::testEntrySwitchWithCommonPathsAndNonTrivialEntrypoint):
(JSC::B3::testEntrySwitchLoop):
* bytecode/AccessCase.cpp:
(JSC::AccessCase::generateWithGuard):
(JSC::AccessCase::generateImpl):
* bytecode/DOMJITAccessCasePatchpointParams.cpp:
(JSC::SlowPathCallGeneratorWithArguments::generateImpl):
* bytecode/InlineAccess.cpp:
(JSC::InlineAccess::dumpCacheSizesAndCrash):
(JSC::InlineAccess::generateSelfPropertyAccess):
(JSC::InlineAccess::generateSelfPropertyReplace):
(JSC::InlineAccess::generateArrayLength):
(JSC::InlineAccess::rewireStubAsJump):
* bytecode/InlineAccess.h:
* bytecode/PolymorphicAccess.cpp:
(JSC::AccessGenerationState::emitExplicitExceptionHandler):
(JSC::PolymorphicAccess::regenerate):
* bytecode/PolymorphicAccess.h:
(JSC::AccessGenerationState::AccessGenerationState):
* dfg/DFGJITCompiler.cpp:
(JSC::DFG::JITCompiler::JITCompiler):
(JSC::DFG::JITCompiler::compileExceptionHandlers):
(JSC::DFG::JITCompiler::link):
(JSC::DFG::JITCompiler::compile):
(JSC::DFG::JITCompiler::compileFunction):
(JSC::DFG::JITCompiler::exceptionCheck):
* dfg/DFGJITCompiler.h:
(JSC::DFG::JITCompiler::exceptionCheckWithCallFrameRollback):
(JSC::DFG::JITCompiler::fastExceptionCheck):
(JSC::DFG::JITCompiler::vm):
* dfg/DFGOSRExitCompiler.cpp:
* dfg/DFGOSRExitCompiler.h:
* dfg/DFGOSRExitCompiler32_64.cpp:
(JSC::DFG::OSRExitCompiler::compileExit):
* dfg/DFGOSRExitCompiler64.cpp:
(JSC::DFG::OSRExitCompiler::compileExit):
* dfg/DFGOSRExitCompilerCommon.cpp:
(JSC::DFG::adjustAndJumpToTarget):
* dfg/DFGOSRExitCompilerCommon.h:
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::emitAllocateRawObject):
(JSC::DFG::SpeculativeJIT::checkArray):
(JSC::DFG::SpeculativeJIT::compileCurrentBlock):
(JSC::DFG::SpeculativeJIT::compileInstanceOfForObject):
(JSC::DFG::SpeculativeJIT::compileMakeRope):
(JSC::DFG::SpeculativeJIT::compileGetGlobalObject):
(JSC::DFG::SpeculativeJIT::compileNewFunctionCommon):
(JSC::DFG::SpeculativeJIT::compileCreateActivation):
(JSC::DFG::SpeculativeJIT::compileCreateDirectArguments):
(JSC::DFG::SpeculativeJIT::compileSpread):
(JSC::DFG::SpeculativeJIT::compileArraySlice):
(JSC::DFG::SpeculativeJIT::compileNukeStructureAndSetButterfly):
(JSC::DFG::SpeculativeJIT::compileNewStringObject):
(JSC::DFG::SpeculativeJIT::compileNewTypedArray):
(JSC::DFG::SpeculativeJIT::compileStoreBarrier):
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::emitAllocateJSObjectWithKnownSize):
(JSC::DFG::SpeculativeJIT::emitAllocateJSObject):
(JSC::DFG::SpeculativeJIT::emitAllocateVariableSizedJSObject):
(JSC::DFG::SpeculativeJIT::emitAllocateDestructibleObject):
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::emitCall):
(JSC::DFG::SpeculativeJIT::compileLogicalNot):
(JSC::DFG::SpeculativeJIT::emitBranch):
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNullOrUndefined):
(JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNullOrUndefined):
(JSC::DFG::SpeculativeJIT::emitCall):
(JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
(JSC::DFG::SpeculativeJIT::compileLogicalNot):
(JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
(JSC::DFG::SpeculativeJIT::emitBranch):
(JSC::DFG::SpeculativeJIT::compile):
(JSC::DFG::SpeculativeJIT::compileAllocateNewArrayWithSize):
* dfg/DFGThunks.cpp:
(JSC::DFG::osrEntryThunkGenerator):
* ftl/FTLCompile.cpp:
(JSC::FTL::compile):
* ftl/FTLJITFinalizer.h:
* ftl/FTLLazySlowPath.cpp:
(JSC::FTL::LazySlowPath::generate):
* ftl/FTLLazySlowPathCall.h:
(JSC::FTL::createLazyCallGenerator):
* ftl/FTLLink.cpp:
(JSC::FTL::link):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::lower):
(JSC::FTL::DFG::LowerDFGToB3::compileCreateActivation):
(JSC::FTL::DFG::LowerDFGToB3::compileNewFunction):
(JSC::FTL::DFG::LowerDFGToB3::compileCreateDirectArguments):
(JSC::FTL::DFG::LowerDFGToB3::compileNewTypedArray):
(JSC::FTL::DFG::LowerDFGToB3::compileMakeRope):
(JSC::FTL::DFG::LowerDFGToB3::compileNotifyWrite):
(JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargsSpread):
(JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargs):
(JSC::FTL::DFG::LowerDFGToB3::compileCallEval):
(JSC::FTL::DFG::LowerDFGToB3::compileIsObjectOrNull):
(JSC::FTL::DFG::LowerDFGToB3::compileIsFunction):
(JSC::FTL::DFG::LowerDFGToB3::compileMaterializeNewObject):
(JSC::FTL::DFG::LowerDFGToB3::compileMaterializeCreateActivation):
(JSC::FTL::DFG::LowerDFGToB3::compileCheckTraps):
(JSC::FTL::DFG::LowerDFGToB3::allocatePropertyStorageWithSizeImpl):
(JSC::FTL::DFG::LowerDFGToB3::allocateObject):
(JSC::FTL::DFG::LowerDFGToB3::allocateJSArray):
(JSC::FTL::DFG::LowerDFGToB3::buildTypeOf):
* ftl/FTLOSRExitCompiler.cpp:
(JSC::FTL::compileStub):
* ftl/FTLSlowPathCall.h:
(JSC::FTL::callOperation):
* ftl/FTLState.h:
(JSC::FTL::State::vm):
* ftl/FTLThunks.cpp:
(JSC::FTL::genericGenerationThunkGenerator):
(JSC::FTL::slowPathCallThunkGenerator):
* jit/AssemblyHelpers.cpp:
(JSC::AssemblyHelpers::jitReleaseAssertNoException):
(JSC::AssemblyHelpers::callExceptionFuzz):
(JSC::AssemblyHelpers::emitJumpIfException):
(JSC::AssemblyHelpers::emitExceptionCheck):
(JSC::AssemblyHelpers::emitNonPatchableExceptionCheck):
(JSC::AssemblyHelpers::emitLoadStructure):
(JSC::AssemblyHelpers::emitRandomThunk):
(JSC::AssemblyHelpers::restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer):
(JSC::AssemblyHelpers::emitConvertValueToBoolean):
(JSC::AssemblyHelpers::debugCall):
* jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::AssemblyHelpers):
(JSC::AssemblyHelpers::codeBlock):
(JSC::AssemblyHelpers::copyCalleeSavesToVMEntryFrameCalleeSavesBuffer):
(JSC::AssemblyHelpers::copyCalleeSavesFromFrameOrRegisterToVMEntryFrameCalleeSavesBuffer):
(JSC::AssemblyHelpers::barrierBranch):
(JSC::AssemblyHelpers::barrierStoreLoadFence):
(JSC::AssemblyHelpers::mutatorFence):
(JSC::AssemblyHelpers::storeButterfly):
(JSC::AssemblyHelpers::nukeStructureAndStoreButterfly):
(JSC::AssemblyHelpers::jumpIfMutatorFenceNotNeeded):
(JSC::AssemblyHelpers::emitAllocateJSObjectWithKnownSize):
(JSC::AssemblyHelpers::emitAllocateJSObject):
(JSC::AssemblyHelpers::emitAllocateVariableSizedCell):
(JSC::AssemblyHelpers::emitAllocateVariableSizedJSObject):
(JSC::AssemblyHelpers::emitAllocateDestructibleObject):
(JSC::AssemblyHelpers::vm): Deleted.
(JSC::AssemblyHelpers::debugCall): Deleted.
* jit/CCallHelpers.cpp:
(JSC::CCallHelpers::ensureShadowChickenPacket):
* jit/CCallHelpers.h:
(JSC::CCallHelpers::CCallHelpers):
(JSC::CCallHelpers::jumpToExceptionHandler):
* jit/JIT.cpp:
(JSC::JIT::emitEnterOptimizationCheck):
(JSC::JIT::privateCompileExceptionHandlers):
* jit/JIT.h:
(JSC::JIT::exceptionCheck):
(JSC::JIT::exceptionCheckWithCallFrameRollback):
* jit/JITMathIC.h:
(JSC::JITMathIC::generateOutOfLine):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emit_op_is_undefined):
(JSC::JIT::emit_op_jfalse):
(JSC::JIT::emit_op_jeq_null):
(JSC::JIT::emit_op_jneq_null):
(JSC::JIT::emit_op_jtrue):
(JSC::JIT::emit_op_throw):
(JSC::JIT::emit_op_catch):
(JSC::JIT::emit_op_eq_null):
(JSC::JIT::emit_op_neq_null):
(JSC::JIT::emitSlow_op_loop_hint):
(JSC::JIT::emit_op_log_shadow_chicken_prologue):
(JSC::JIT::emit_op_log_shadow_chicken_tail):
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::privateCompileCTINativeCall):
(JSC::JIT::emit_op_new_object):
(JSC::JIT::emit_op_jfalse):
(JSC::JIT::emit_op_jtrue):
(JSC::JIT::emit_op_throw):
(JSC::JIT::emit_op_catch):
(JSC::JIT::emit_op_create_this):
(JSC::JIT::emit_op_log_shadow_chicken_prologue):
(JSC::JIT::emit_op_log_shadow_chicken_tail):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emitWriteBarrier):
* jit/JSInterfaceJIT.h:
(JSC::JSInterfaceJIT::JSInterfaceJIT):
(JSC::JSInterfaceJIT::vm):
* jit/Repatch.cpp:
(JSC::tryCacheGetByID):
(JSC::tryCachePutByID):
(JSC::linkPolymorphicCall):
(JSC::resetGetByID):
(JSC::resetPutByID):
* jit/SetupVarargsFrame.cpp:
(JSC::emitSetupVarargsFrameFastCase):
* jit/SetupVarargsFrame.h:
* jit/SpecializedThunkJIT.h:
(JSC::SpecializedThunkJIT::loadArgumentWithSpecificClass):
* jit/ThunkGenerators.cpp:
(JSC::throwExceptionFromCallSlowPathGenerator):
(JSC::linkCallThunkGenerator):
(JSC::linkPolymorphicCallThunkGenerator):
(JSC::virtualThunkFor):
(JSC::nativeForGenerator):
(JSC::randomThunkGenerator):
(JSC::boundThisNoArgsFunctionCallGenerator):
(JSC::throwExceptionFromWasmThunkGenerator):
* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::parseAndCompile):
* wasm/WasmBinding.cpp:
(JSC::Wasm::wasmToJs):
(JSC::Wasm::wasmToWasm):</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCoreChangeLog">trunk/Source/JavaScriptCore/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCoreb3B3Compilecpp">trunk/Source/JavaScriptCore/b3/B3Compile.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreb3airtestaircpp">trunk/Source/JavaScriptCore/b3/air/testair.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreb3testb3cpp">trunk/Source/JavaScriptCore/b3/testb3.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeAccessCasecpp">trunk/Source/JavaScriptCore/bytecode/AccessCase.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeDOMJITAccessCasePatchpointParamscpp">trunk/Source/JavaScriptCore/bytecode/DOMJITAccessCasePatchpointParams.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeInlineAccesscpp">trunk/Source/JavaScriptCore/bytecode/InlineAccess.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeInlineAccessh">trunk/Source/JavaScriptCore/bytecode/InlineAccess.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodePolymorphicAccesscpp">trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodePolymorphicAccessh">trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.h</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGJITCompilercpp">trunk/Source/JavaScriptCore/dfg/DFGJITCompiler.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGJITCompilerh">trunk/Source/JavaScriptCore/dfg/DFGJITCompiler.h</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGOSRExitCompilercpp">trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGOSRExitCompilerh">trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler.h</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGOSRExitCompiler32_64cpp">trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler32_64.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGOSRExitCompiler64cpp">trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler64.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGOSRExitCompilerCommoncpp">trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGOSRExitCompilerCommonh">trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.h</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGSpeculativeJITcpp">trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGSpeculativeJITh">trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGSpeculativeJIT32_64cpp">trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGSpeculativeJIT64cpp">trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGThunkscpp">trunk/Source/JavaScriptCore/dfg/DFGThunks.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLCompilecpp">trunk/Source/JavaScriptCore/ftl/FTLCompile.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLJITFinalizerh">trunk/Source/JavaScriptCore/ftl/FTLJITFinalizer.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLLazySlowPathcpp">trunk/Source/JavaScriptCore/ftl/FTLLazySlowPath.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLLazySlowPathCallh">trunk/Source/JavaScriptCore/ftl/FTLLazySlowPathCall.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLLinkcpp">trunk/Source/JavaScriptCore/ftl/FTLLink.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLLowerDFGToB3cpp">trunk/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLOSRExitCompilercpp">trunk/Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLSlowPathCallh">trunk/Source/JavaScriptCore/ftl/FTLSlowPathCall.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLStateh">trunk/Source/JavaScriptCore/ftl/FTLState.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLThunkscpp">trunk/Source/JavaScriptCore/ftl/FTLThunks.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitAssemblyHelperscpp">trunk/Source/JavaScriptCore/jit/AssemblyHelpers.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitAssemblyHelpersh">trunk/Source/JavaScriptCore/jit/AssemblyHelpers.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitCCallHelperscpp">trunk/Source/JavaScriptCore/jit/CCallHelpers.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitCCallHelpersh">trunk/Source/JavaScriptCore/jit/CCallHelpers.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITcpp">trunk/Source/JavaScriptCore/jit/JIT.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITh">trunk/Source/JavaScriptCore/jit/JIT.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITMathICh">trunk/Source/JavaScriptCore/jit/JITMathIC.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITOpcodescpp">trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITOpcodes32_64cpp">trunk/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITPropertyAccesscpp">trunk/Source/JavaScriptCore/jit/JITPropertyAccess.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJSInterfaceJITh">trunk/Source/JavaScriptCore/jit/JSInterfaceJIT.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitRepatchcpp">trunk/Source/JavaScriptCore/jit/Repatch.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitSetupVarargsFramecpp">trunk/Source/JavaScriptCore/jit/SetupVarargsFrame.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitSetupVarargsFrameh">trunk/Source/JavaScriptCore/jit/SetupVarargsFrame.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitSpecializedThunkJITh">trunk/Source/JavaScriptCore/jit/SpecializedThunkJIT.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitThunkGeneratorscpp">trunk/Source/JavaScriptCore/jit/ThunkGenerators.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorewasmWasmB3IRGeneratorcpp">trunk/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorewasmWasmBindingcpp">trunk/Source/JavaScriptCore/wasm/WasmBinding.cpp</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ChangeLog (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ChangeLog 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/ChangeLog 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -1,3 +1,232 @@
</span><ins>+2017-03-28 Saam Barati <sbarati@apple.com>
+
+ AssemblyHelpers should not have a VM field
+ https://bugs.webkit.org/show_bug.cgi?id=170207
+
+ Reviewed by Yusuke Suzuki.
+
+ APIs that need VM should take one as a parameter. When doing position
+ independent code for Wasm, we can't tie code generation to a VM.
+
+ * b3/B3Compile.cpp:
+ (JSC::B3::compile):
+ * b3/air/testair.cpp:
+ * b3/testb3.cpp:
+ (JSC::B3::testEntrySwitchSimple):
+ (JSC::B3::testEntrySwitchNoEntrySwitch):
+ (JSC::B3::testEntrySwitchWithCommonPaths):
+ (JSC::B3::testEntrySwitchWithCommonPathsAndNonTrivialEntrypoint):
+ (JSC::B3::testEntrySwitchLoop):
+ * bytecode/AccessCase.cpp:
+ (JSC::AccessCase::generateWithGuard):
+ (JSC::AccessCase::generateImpl):
+ * bytecode/DOMJITAccessCasePatchpointParams.cpp:
+ (JSC::SlowPathCallGeneratorWithArguments::generateImpl):
+ * bytecode/InlineAccess.cpp:
+ (JSC::InlineAccess::dumpCacheSizesAndCrash):
+ (JSC::InlineAccess::generateSelfPropertyAccess):
+ (JSC::InlineAccess::generateSelfPropertyReplace):
+ (JSC::InlineAccess::generateArrayLength):
+ (JSC::InlineAccess::rewireStubAsJump):
+ * bytecode/InlineAccess.h:
+ * bytecode/PolymorphicAccess.cpp:
+ (JSC::AccessGenerationState::emitExplicitExceptionHandler):
+ (JSC::PolymorphicAccess::regenerate):
+ * bytecode/PolymorphicAccess.h:
+ (JSC::AccessGenerationState::AccessGenerationState):
+ * dfg/DFGJITCompiler.cpp:
+ (JSC::DFG::JITCompiler::JITCompiler):
+ (JSC::DFG::JITCompiler::compileExceptionHandlers):
+ (JSC::DFG::JITCompiler::link):
+ (JSC::DFG::JITCompiler::compile):
+ (JSC::DFG::JITCompiler::compileFunction):
+ (JSC::DFG::JITCompiler::exceptionCheck):
+ * dfg/DFGJITCompiler.h:
+ (JSC::DFG::JITCompiler::exceptionCheckWithCallFrameRollback):
+ (JSC::DFG::JITCompiler::fastExceptionCheck):
+ (JSC::DFG::JITCompiler::vm):
+ * dfg/DFGOSRExitCompiler.cpp:
+ * dfg/DFGOSRExitCompiler.h:
+ * dfg/DFGOSRExitCompiler32_64.cpp:
+ (JSC::DFG::OSRExitCompiler::compileExit):
+ * dfg/DFGOSRExitCompiler64.cpp:
+ (JSC::DFG::OSRExitCompiler::compileExit):
+ * dfg/DFGOSRExitCompilerCommon.cpp:
+ (JSC::DFG::adjustAndJumpToTarget):
+ * dfg/DFGOSRExitCompilerCommon.h:
+ * dfg/DFGSpeculativeJIT.cpp:
+ (JSC::DFG::SpeculativeJIT::emitAllocateRawObject):
+ (JSC::DFG::SpeculativeJIT::checkArray):
+ (JSC::DFG::SpeculativeJIT::compileCurrentBlock):
+ (JSC::DFG::SpeculativeJIT::compileInstanceOfForObject):
+ (JSC::DFG::SpeculativeJIT::compileMakeRope):
+ (JSC::DFG::SpeculativeJIT::compileGetGlobalObject):
+ (JSC::DFG::SpeculativeJIT::compileNewFunctionCommon):
+ (JSC::DFG::SpeculativeJIT::compileCreateActivation):
+ (JSC::DFG::SpeculativeJIT::compileCreateDirectArguments):
+ (JSC::DFG::SpeculativeJIT::compileSpread):
+ (JSC::DFG::SpeculativeJIT::compileArraySlice):
+ (JSC::DFG::SpeculativeJIT::compileNukeStructureAndSetButterfly):
+ (JSC::DFG::SpeculativeJIT::compileNewStringObject):
+ (JSC::DFG::SpeculativeJIT::compileNewTypedArray):
+ (JSC::DFG::SpeculativeJIT::compileStoreBarrier):
+ * dfg/DFGSpeculativeJIT.h:
+ (JSC::DFG::SpeculativeJIT::emitAllocateJSObjectWithKnownSize):
+ (JSC::DFG::SpeculativeJIT::emitAllocateJSObject):
+ (JSC::DFG::SpeculativeJIT::emitAllocateVariableSizedJSObject):
+ (JSC::DFG::SpeculativeJIT::emitAllocateDestructibleObject):
+ * dfg/DFGSpeculativeJIT32_64.cpp:
+ (JSC::DFG::SpeculativeJIT::emitCall):
+ (JSC::DFG::SpeculativeJIT::compileLogicalNot):
+ (JSC::DFG::SpeculativeJIT::emitBranch):
+ (JSC::DFG::SpeculativeJIT::compile):
+ * dfg/DFGSpeculativeJIT64.cpp:
+ (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNullOrUndefined):
+ (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNullOrUndefined):
+ (JSC::DFG::SpeculativeJIT::emitCall):
+ (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
+ (JSC::DFG::SpeculativeJIT::compileLogicalNot):
+ (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
+ (JSC::DFG::SpeculativeJIT::emitBranch):
+ (JSC::DFG::SpeculativeJIT::compile):
+ (JSC::DFG::SpeculativeJIT::compileAllocateNewArrayWithSize):
+ * dfg/DFGThunks.cpp:
+ (JSC::DFG::osrEntryThunkGenerator):
+ * ftl/FTLCompile.cpp:
+ (JSC::FTL::compile):
+ * ftl/FTLJITFinalizer.h:
+ * ftl/FTLLazySlowPath.cpp:
+ (JSC::FTL::LazySlowPath::generate):
+ * ftl/FTLLazySlowPathCall.h:
+ (JSC::FTL::createLazyCallGenerator):
+ * ftl/FTLLink.cpp:
+ (JSC::FTL::link):
+ * ftl/FTLLowerDFGToB3.cpp:
+ (JSC::FTL::DFG::LowerDFGToB3::lower):
+ (JSC::FTL::DFG::LowerDFGToB3::compileCreateActivation):
+ (JSC::FTL::DFG::LowerDFGToB3::compileNewFunction):
+ (JSC::FTL::DFG::LowerDFGToB3::compileCreateDirectArguments):
+ (JSC::FTL::DFG::LowerDFGToB3::compileNewTypedArray):
+ (JSC::FTL::DFG::LowerDFGToB3::compileMakeRope):
+ (JSC::FTL::DFG::LowerDFGToB3::compileNotifyWrite):
+ (JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargsSpread):
+ (JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargs):
+ (JSC::FTL::DFG::LowerDFGToB3::compileCallEval):
+ (JSC::FTL::DFG::LowerDFGToB3::compileIsObjectOrNull):
+ (JSC::FTL::DFG::LowerDFGToB3::compileIsFunction):
+ (JSC::FTL::DFG::LowerDFGToB3::compileMaterializeNewObject):
+ (JSC::FTL::DFG::LowerDFGToB3::compileMaterializeCreateActivation):
+ (JSC::FTL::DFG::LowerDFGToB3::compileCheckTraps):
+ (JSC::FTL::DFG::LowerDFGToB3::allocatePropertyStorageWithSizeImpl):
+ (JSC::FTL::DFG::LowerDFGToB3::allocateObject):
+ (JSC::FTL::DFG::LowerDFGToB3::allocateJSArray):
+ (JSC::FTL::DFG::LowerDFGToB3::buildTypeOf):
+ * ftl/FTLOSRExitCompiler.cpp:
+ (JSC::FTL::compileStub):
+ * ftl/FTLSlowPathCall.h:
+ (JSC::FTL::callOperation):
+ * ftl/FTLState.h:
+ (JSC::FTL::State::vm):
+ * ftl/FTLThunks.cpp:
+ (JSC::FTL::genericGenerationThunkGenerator):
+ (JSC::FTL::slowPathCallThunkGenerator):
+ * jit/AssemblyHelpers.cpp:
+ (JSC::AssemblyHelpers::jitReleaseAssertNoException):
+ (JSC::AssemblyHelpers::callExceptionFuzz):
+ (JSC::AssemblyHelpers::emitJumpIfException):
+ (JSC::AssemblyHelpers::emitExceptionCheck):
+ (JSC::AssemblyHelpers::emitNonPatchableExceptionCheck):
+ (JSC::AssemblyHelpers::emitLoadStructure):
+ (JSC::AssemblyHelpers::emitRandomThunk):
+ (JSC::AssemblyHelpers::restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer):
+ (JSC::AssemblyHelpers::emitConvertValueToBoolean):
+ (JSC::AssemblyHelpers::debugCall):
+ * jit/AssemblyHelpers.h:
+ (JSC::AssemblyHelpers::AssemblyHelpers):
+ (JSC::AssemblyHelpers::codeBlock):
+ (JSC::AssemblyHelpers::copyCalleeSavesToVMEntryFrameCalleeSavesBuffer):
+ (JSC::AssemblyHelpers::copyCalleeSavesFromFrameOrRegisterToVMEntryFrameCalleeSavesBuffer):
+ (JSC::AssemblyHelpers::barrierBranch):
+ (JSC::AssemblyHelpers::barrierStoreLoadFence):
+ (JSC::AssemblyHelpers::mutatorFence):
+ (JSC::AssemblyHelpers::storeButterfly):
+ (JSC::AssemblyHelpers::nukeStructureAndStoreButterfly):
+ (JSC::AssemblyHelpers::jumpIfMutatorFenceNotNeeded):
+ (JSC::AssemblyHelpers::emitAllocateJSObjectWithKnownSize):
+ (JSC::AssemblyHelpers::emitAllocateJSObject):
+ (JSC::AssemblyHelpers::emitAllocateVariableSizedCell):
+ (JSC::AssemblyHelpers::emitAllocateVariableSizedJSObject):
+ (JSC::AssemblyHelpers::emitAllocateDestructibleObject):
+ (JSC::AssemblyHelpers::vm): Deleted.
+ (JSC::AssemblyHelpers::debugCall): Deleted.
+ * jit/CCallHelpers.cpp:
+ (JSC::CCallHelpers::ensureShadowChickenPacket):
+ * jit/CCallHelpers.h:
+ (JSC::CCallHelpers::CCallHelpers):
+ (JSC::CCallHelpers::jumpToExceptionHandler):
+ * jit/JIT.cpp:
+ (JSC::JIT::emitEnterOptimizationCheck):
+ (JSC::JIT::privateCompileExceptionHandlers):
+ * jit/JIT.h:
+ (JSC::JIT::exceptionCheck):
+ (JSC::JIT::exceptionCheckWithCallFrameRollback):
+ * jit/JITMathIC.h:
+ (JSC::JITMathIC::generateOutOfLine):
+ * jit/JITOpcodes.cpp:
+ (JSC::JIT::emit_op_instanceof):
+ (JSC::JIT::emit_op_is_undefined):
+ (JSC::JIT::emit_op_jfalse):
+ (JSC::JIT::emit_op_jeq_null):
+ (JSC::JIT::emit_op_jneq_null):
+ (JSC::JIT::emit_op_jtrue):
+ (JSC::JIT::emit_op_throw):
+ (JSC::JIT::emit_op_catch):
+ (JSC::JIT::emit_op_eq_null):
+ (JSC::JIT::emit_op_neq_null):
+ (JSC::JIT::emitSlow_op_loop_hint):
+ (JSC::JIT::emit_op_log_shadow_chicken_prologue):
+ (JSC::JIT::emit_op_log_shadow_chicken_tail):
+ * jit/JITOpcodes32_64.cpp:
+ (JSC::JIT::privateCompileCTINativeCall):
+ (JSC::JIT::emit_op_new_object):
+ (JSC::JIT::emit_op_jfalse):
+ (JSC::JIT::emit_op_jtrue):
+ (JSC::JIT::emit_op_throw):
+ (JSC::JIT::emit_op_catch):
+ (JSC::JIT::emit_op_create_this):
+ (JSC::JIT::emit_op_log_shadow_chicken_prologue):
+ (JSC::JIT::emit_op_log_shadow_chicken_tail):
+ * jit/JITPropertyAccess.cpp:
+ (JSC::JIT::emitWriteBarrier):
+ * jit/JSInterfaceJIT.h:
+ (JSC::JSInterfaceJIT::JSInterfaceJIT):
+ (JSC::JSInterfaceJIT::vm):
+ * jit/Repatch.cpp:
+ (JSC::tryCacheGetByID):
+ (JSC::tryCachePutByID):
+ (JSC::linkPolymorphicCall):
+ (JSC::resetGetByID):
+ (JSC::resetPutByID):
+ * jit/SetupVarargsFrame.cpp:
+ (JSC::emitSetupVarargsFrameFastCase):
+ * jit/SetupVarargsFrame.h:
+ * jit/SpecializedThunkJIT.h:
+ (JSC::SpecializedThunkJIT::loadArgumentWithSpecificClass):
+ * jit/ThunkGenerators.cpp:
+ (JSC::throwExceptionFromCallSlowPathGenerator):
+ (JSC::linkCallThunkGenerator):
+ (JSC::linkPolymorphicCallThunkGenerator):
+ (JSC::virtualThunkFor):
+ (JSC::nativeForGenerator):
+ (JSC::randomThunkGenerator):
+ (JSC::boundThisNoArgsFunctionCallGenerator):
+ (JSC::throwExceptionFromWasmThunkGenerator):
+ * wasm/WasmB3IRGenerator.cpp:
+ (JSC::Wasm::parseAndCompile):
+ * wasm/WasmBinding.cpp:
+ (JSC::Wasm::wasmToJs):
+ (JSC::Wasm::wasmToWasm):
+
</ins><span class="cx"> 2017-03-28 Keith Miller <keith_miller@apple.com>
</span><span class="cx">
</span><span class="cx"> WebAssembly: We should have Origins
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreb3B3Compilecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/b3/B3Compile.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/b3/B3Compile.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/b3/B3Compile.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -44,7 +44,7 @@
</span><span class="cx">
</span><span class="cx"> prepareForGeneration(proc, optLevel);
</span><span class="cx">
</span><del>- CCallHelpers jit(&vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx"> generate(proc, jit);
</span><span class="cx"> LinkBuffer linkBuffer(vm, jit, nullptr);
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreb3airtestaircpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/b3/air/testair.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/b3/air/testair.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/b3/air/testair.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -85,7 +85,7 @@
</span><span class="cx"> std::unique_ptr<B3::Compilation> compile(B3::Procedure& proc)
</span><span class="cx"> {
</span><span class="cx"> prepareForGeneration(proc.code());
</span><del>- CCallHelpers jit(vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx"> generate(proc.code(), jit);
</span><span class="cx"> LinkBuffer linkBuffer(*vm, jit, nullptr);
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreb3testb3cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/b3/testb3.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/b3/testb3.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/b3/testb3.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -13134,7 +13134,7 @@
</span><span class="cx">
</span><span class="cx"> prepareForGeneration(proc);
</span><span class="cx">
</span><del>- CCallHelpers jit(vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx"> generate(proc, jit);
</span><span class="cx"> LinkBuffer linkBuffer(*vm, jit, nullptr);
</span><span class="cx"> CodeLocationLabel labelOne = linkBuffer.locationOf(proc.entrypointLabel(0));
</span><span class="lines">@@ -13167,7 +13167,7 @@
</span><span class="cx">
</span><span class="cx"> prepareForGeneration(proc);
</span><span class="cx">
</span><del>- CCallHelpers jit(vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx"> generate(proc, jit);
</span><span class="cx"> LinkBuffer linkBuffer(*vm, jit, nullptr);
</span><span class="cx"> CodeLocationLabel labelOne = linkBuffer.locationOf(proc.entrypointLabel(0));
</span><span class="lines">@@ -13254,7 +13254,7 @@
</span><span class="cx">
</span><span class="cx"> prepareForGeneration(proc);
</span><span class="cx">
</span><del>- CCallHelpers jit(vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx"> generate(proc, jit);
</span><span class="cx"> LinkBuffer linkBuffer(*vm, jit, nullptr);
</span><span class="cx"> CodeLocationLabel labelOne = linkBuffer.locationOf(proc.entrypointLabel(0));
</span><span class="lines">@@ -13371,7 +13371,7 @@
</span><span class="cx">
</span><span class="cx"> prepareForGeneration(proc);
</span><span class="cx">
</span><del>- CCallHelpers jit(vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx"> generate(proc, jit);
</span><span class="cx"> LinkBuffer linkBuffer(*vm, jit, nullptr);
</span><span class="cx"> CodeLocationLabel labelOne = linkBuffer.locationOf(proc.entrypointLabel(0));
</span><span class="lines">@@ -13449,7 +13449,7 @@
</span><span class="cx">
</span><span class="cx"> prepareForGeneration(proc);
</span><span class="cx">
</span><del>- CCallHelpers jit(vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx"> generate(proc, jit);
</span><span class="cx"> LinkBuffer linkBuffer(*vm, jit, nullptr);
</span><span class="cx"> CodeLocationLabel labelOne = linkBuffer.locationOf(proc.entrypointLabel(0));
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeAccessCasecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/AccessCase.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/AccessCase.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/bytecode/AccessCase.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -292,7 +292,7 @@
</span><span class="cx"> m_state = Generated;
</span><span class="cx">
</span><span class="cx"> CCallHelpers& jit = *state.jit;
</span><del>- VM& vm = *jit.vm();
</del><ins>+ VM& vm = state.m_vm;
</ins><span class="cx"> JSValueRegs valueRegs = state.valueRegs;
</span><span class="cx"> GPRReg baseGPR = state.baseGPR;
</span><span class="cx"> GPRReg scratchGPR = state.scratchGPR;
</span><span class="lines">@@ -412,7 +412,7 @@
</span><span class="cx"> ASSERT(m_state == Generated); // We rely on the callers setting this for us.
</span><span class="cx">
</span><span class="cx"> CCallHelpers& jit = *state.jit;
</span><del>- VM& vm = *jit.vm();
</del><ins>+ VM& vm = state.m_vm;
</ins><span class="cx"> CodeBlock* codeBlock = jit.codeBlock();
</span><span class="cx"> StructureStubInfo& stubInfo = *state.stubInfo;
</span><span class="cx"> const Identifier& ident = *state.ident;
</span><span class="lines">@@ -767,7 +767,7 @@
</span><span class="cx"> jit.reclaimSpaceOnStackForCCall();
</span><span class="cx">
</span><span class="cx"> CCallHelpers::Jump noException =
</span><del>- jit.emitExceptionCheck(CCallHelpers::InvertedExceptionCheck);
</del><ins>+ jit.emitExceptionCheck(vm, CCallHelpers::InvertedExceptionCheck);
</ins><span class="cx">
</span><span class="cx"> state.restoreLiveRegistersFromStackForCallWithThrownException(spillState);
</span><span class="cx"> state.emitExplicitExceptionHandler();
</span><span class="lines">@@ -930,7 +930,7 @@
</span><span class="cx"> jit.reclaimSpaceOnStackForCCall();
</span><span class="cx"> jit.move(GPRInfo::returnValueGPR, scratchGPR);
</span><span class="cx">
</span><del>- CCallHelpers::Jump noException = jit.emitExceptionCheck(CCallHelpers::InvertedExceptionCheck);
</del><ins>+ CCallHelpers::Jump noException = jit.emitExceptionCheck(vm, CCallHelpers::InvertedExceptionCheck);
</ins><span class="cx">
</span><span class="cx"> state.restoreLiveRegistersFromStackForCallWithThrownException(spillState);
</span><span class="cx"> state.emitExplicitExceptionHandler();
</span><span class="lines">@@ -959,7 +959,7 @@
</span><span class="cx"> // We set the new butterfly and the structure last. Doing it this way ensures that
</span><span class="cx"> // whatever we had done up to this point is forgotten if we choose to branch to slow
</span><span class="cx"> // path.
</span><del>- jit.nukeStructureAndStoreButterfly(scratchGPR, baseGPR);
</del><ins>+ jit.nukeStructureAndStoreButterfly(vm, scratchGPR, baseGPR);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> uint32_t structureBits = bitwise_cast<uint32_t>(newStructure()->id());
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeDOMJITAccessCasePatchpointParamscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/DOMJITAccessCasePatchpointParams.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/DOMJITAccessCasePatchpointParams.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/bytecode/DOMJITAccessCasePatchpointParams.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -73,7 +73,7 @@
</span><span class="cx"> jit.setupResults(m_result);
</span><span class="cx"> jit.reclaimSpaceOnStackForCCall();
</span><span class="cx">
</span><del>- CCallHelpers::Jump noException = jit.emitExceptionCheck(CCallHelpers::InvertedExceptionCheck);
</del><ins>+ CCallHelpers::Jump noException = jit.emitExceptionCheck(state.m_vm, CCallHelpers::InvertedExceptionCheck);
</ins><span class="cx">
</span><span class="cx"> state.restoreLiveRegistersFromStackForCallWithThrownException(spillState);
</span><span class="cx"> exceptions.append(jit.jump());
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeInlineAccesscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/InlineAccess.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/InlineAccess.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/bytecode/InlineAccess.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -35,11 +35,10 @@
</span><span class="cx"> #include "ScratchRegisterAllocator.h"
</span><span class="cx"> #include "Structure.h"
</span><span class="cx"> #include "StructureStubInfo.h"
</span><del>-#include "VM.h"
</del><span class="cx">
</span><span class="cx"> namespace JSC {
</span><span class="cx">
</span><del>-void InlineAccess::dumpCacheSizesAndCrash(VM& vm)
</del><ins>+void InlineAccess::dumpCacheSizesAndCrash()
</ins><span class="cx"> {
</span><span class="cx"> GPRReg base = GPRInfo::regT0;
</span><span class="cx"> GPRReg value = GPRInfo::regT1;
</span><span class="lines">@@ -50,7 +49,7 @@
</span><span class="cx"> #endif
</span><span class="cx">
</span><span class="cx"> {
</span><del>- CCallHelpers jit(&vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx">
</span><span class="cx"> GPRReg scratchGPR = value;
</span><span class="cx"> jit.load8(CCallHelpers::Address(base, JSCell::indexingTypeAndMiscOffset()), value);
</span><span class="lines">@@ -65,7 +64,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> {
</span><del>- CCallHelpers jit(&vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx">
</span><span class="cx"> jit.patchableBranch32(
</span><span class="cx"> MacroAssembler::NotEqual,
</span><span class="lines">@@ -82,7 +81,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> {
</span><del>- CCallHelpers jit(&vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx">
</span><span class="cx"> jit.patchableBranch32(
</span><span class="cx"> MacroAssembler::NotEqual,
</span><span class="lines">@@ -95,7 +94,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> {
</span><del>- CCallHelpers jit(&vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx">
</span><span class="cx"> jit.patchableBranch32(
</span><span class="cx"> MacroAssembler::NotEqual,
</span><span class="lines">@@ -109,7 +108,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> {
</span><del>- CCallHelpers jit(&vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx">
</span><span class="cx"> jit.patchableBranch32(
</span><span class="cx"> MacroAssembler::NotEqual,
</span><span class="lines">@@ -155,9 +154,9 @@
</span><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-bool InlineAccess::generateSelfPropertyAccess(VM& vm, StructureStubInfo& stubInfo, Structure* structure, PropertyOffset offset)
</del><ins>+bool InlineAccess::generateSelfPropertyAccess(StructureStubInfo& stubInfo, Structure* structure, PropertyOffset offset)
</ins><span class="cx"> {
</span><del>- CCallHelpers jit(&vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx">
</span><span class="cx"> GPRReg base = static_cast<GPRReg>(stubInfo.patch.baseGPR);
</span><span class="cx"> JSValueRegs value = stubInfo.valueRegs();
</span><span class="lines">@@ -211,11 +210,11 @@
</span><span class="cx"> return hasFreeRegister(stubInfo);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-bool InlineAccess::generateSelfPropertyReplace(VM& vm, StructureStubInfo& stubInfo, Structure* structure, PropertyOffset offset)
</del><ins>+bool InlineAccess::generateSelfPropertyReplace(StructureStubInfo& stubInfo, Structure* structure, PropertyOffset offset)
</ins><span class="cx"> {
</span><span class="cx"> ASSERT(canGenerateSelfPropertyReplace(stubInfo, offset));
</span><span class="cx">
</span><del>- CCallHelpers jit(&vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx">
</span><span class="cx"> GPRReg base = static_cast<GPRReg>(stubInfo.patch.baseGPR);
</span><span class="cx"> JSValueRegs value = stubInfo.valueRegs();
</span><span class="lines">@@ -255,11 +254,11 @@
</span><span class="cx"> || array->indexingType() == ArrayWithContiguous;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-bool InlineAccess::generateArrayLength(VM& vm, StructureStubInfo& stubInfo, JSArray* array)
</del><ins>+bool InlineAccess::generateArrayLength(StructureStubInfo& stubInfo, JSArray* array)
</ins><span class="cx"> {
</span><span class="cx"> ASSERT(isCacheableArrayLength(stubInfo, array));
</span><span class="cx">
</span><del>- CCallHelpers jit(&vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx">
</span><span class="cx"> GPRReg base = static_cast<GPRReg>(stubInfo.patch.baseGPR);
</span><span class="cx"> JSValueRegs value = stubInfo.valueRegs();
</span><span class="lines">@@ -279,9 +278,9 @@
</span><span class="cx"> return linkedCodeInline;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void InlineAccess::rewireStubAsJump(VM& vm, StructureStubInfo& stubInfo, CodeLocationLabel target)
</del><ins>+void InlineAccess::rewireStubAsJump(StructureStubInfo& stubInfo, CodeLocationLabel target)
</ins><span class="cx"> {
</span><del>- CCallHelpers jit(&vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx">
</span><span class="cx"> auto jump = jit.jump();
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeInlineAccessh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/InlineAccess.h (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/InlineAccess.h 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/bytecode/InlineAccess.h 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -110,18 +110,18 @@
</span><span class="cx"> return std::max(size, sizeForPropertyAccess());
</span><span class="cx"> }
</span><span class="cx">
</span><del>- static bool generateSelfPropertyAccess(VM&, StructureStubInfo&, Structure*, PropertyOffset);
</del><ins>+ static bool generateSelfPropertyAccess(StructureStubInfo&, Structure*, PropertyOffset);
</ins><span class="cx"> static bool canGenerateSelfPropertyReplace(StructureStubInfo&, PropertyOffset);
</span><del>- static bool generateSelfPropertyReplace(VM&, StructureStubInfo&, Structure*, PropertyOffset);
</del><ins>+ static bool generateSelfPropertyReplace(StructureStubInfo&, Structure*, PropertyOffset);
</ins><span class="cx"> static bool isCacheableArrayLength(StructureStubInfo&, JSArray*);
</span><del>- static bool generateArrayLength(VM&, StructureStubInfo&, JSArray*);
- static void rewireStubAsJump(VM&, StructureStubInfo&, CodeLocationLabel);
</del><ins>+ static bool generateArrayLength(StructureStubInfo&, JSArray*);
+ static void rewireStubAsJump(StructureStubInfo&, CodeLocationLabel);
</ins><span class="cx">
</span><span class="cx"> // This is helpful when determining the size of an IC on
</span><span class="cx"> // various platforms. When adding a new type of IC, implement
</span><span class="cx"> // its placeholder code here, and log the size. That way we
</span><span class="cx"> // can intelligently choose sizes on various platforms.
</span><del>- NO_RETURN_DUE_TO_CRASH static void dumpCacheSizesAndCrash(VM&);
</del><ins>+ NO_RETURN_DUE_TO_CRASH static void dumpCacheSizesAndCrash();
</ins><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> } // namespace JSC
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodePolymorphicAccesscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -176,7 +176,7 @@
</span><span class="cx"> void AccessGenerationState::emitExplicitExceptionHandler()
</span><span class="cx"> {
</span><span class="cx"> restoreScratch();
</span><del>- jit->copyCalleeSavesToVMEntryFrameCalleeSavesBuffer();
</del><ins>+ jit->copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(m_vm);
</ins><span class="cx"> if (needsToRestoreRegistersIfException()) {
</span><span class="cx"> // To the JIT that produces the original exception handling
</span><span class="cx"> // call site, they will expect the OSR exit to be arrived
</span><span class="lines">@@ -183,7 +183,7 @@
</span><span class="cx"> // at from genericUnwind. Therefore we must model what genericUnwind
</span><span class="cx"> // does here. I.e, set callFrameForCatch and copy callee saves.
</span><span class="cx">
</span><del>- jit->storePtr(GPRInfo::callFrameRegister, jit->vm()->addressOfCallFrameForCatch());
</del><ins>+ jit->storePtr(GPRInfo::callFrameRegister, m_vm.addressOfCallFrameForCatch());
</ins><span class="cx"> CCallHelpers::Jump jumpToOSRExitExceptionHandler = jit->jump();
</span><span class="cx">
</span><span class="cx"> // We don't need to insert a new exception handler in the table
</span><span class="lines">@@ -195,13 +195,13 @@
</span><span class="cx"> linkBuffer.link(jumpToOSRExitExceptionHandler, originalHandler.nativeCode);
</span><span class="cx"> });
</span><span class="cx"> } else {
</span><del>- jit->setupArguments(CCallHelpers::TrustedImmPtr(jit->vm()), GPRInfo::callFrameRegister);
</del><ins>+ jit->setupArguments(CCallHelpers::TrustedImmPtr(&m_vm), GPRInfo::callFrameRegister);
</ins><span class="cx"> CCallHelpers::Call lookupExceptionHandlerCall = jit->call();
</span><span class="cx"> jit->addLinkTask(
</span><span class="cx"> [=] (LinkBuffer& linkBuffer) {
</span><span class="cx"> linkBuffer.link(lookupExceptionHandlerCall, lookupExceptionHandler);
</span><span class="cx"> });
</span><del>- jit->jumpToExceptionHandler();
</del><ins>+ jit->jumpToExceptionHandler(m_vm);
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -336,7 +336,7 @@
</span><span class="cx"> if (verbose)
</span><span class="cx"> dataLog("Regenerate with m_list: ", listDump(m_list), "\n");
</span><span class="cx">
</span><del>- AccessGenerationState state;
</del><ins>+ AccessGenerationState state(vm);
</ins><span class="cx">
</span><span class="cx"> state.access = this;
</span><span class="cx"> state.stubInfo = &stubInfo;
</span><span class="lines">@@ -358,7 +358,7 @@
</span><span class="cx">
</span><span class="cx"> state.scratchGPR = allocator.allocateScratchGPR();
</span><span class="cx">
</span><del>- CCallHelpers jit(&vm, codeBlock);
</del><ins>+ CCallHelpers jit(codeBlock);
</ins><span class="cx"> state.jit = &jit;
</span><span class="cx">
</span><span class="cx"> state.preservedReusedRegisterState =
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodePolymorphicAccessh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.h (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.h 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.h 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -177,12 +177,14 @@
</span><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> struct AccessGenerationState {
</span><del>- AccessGenerationState()
- : m_calculatedRegistersForCallAndExceptionHandling(false)
</del><ins>+ AccessGenerationState(VM& vm)
+ : m_vm(vm)
+ , m_calculatedRegistersForCallAndExceptionHandling(false)
</ins><span class="cx"> , m_needsToRestoreRegistersIfException(false)
</span><span class="cx"> , m_calculatedCallSiteIndex(false)
</span><span class="cx"> {
</span><span class="cx"> }
</span><ins>+ VM& m_vm;
</ins><span class="cx"> CCallHelpers* jit { nullptr };
</span><span class="cx"> ScratchRegisterAllocator* allocator;
</span><span class="cx"> ScratchRegisterAllocator::PreservedState preservedReusedRegisterState;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGJITCompilercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGJITCompiler.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGJITCompiler.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/dfg/DFGJITCompiler.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -49,7 +49,7 @@
</span><span class="cx"> namespace JSC { namespace DFG {
</span><span class="cx">
</span><span class="cx"> JITCompiler::JITCompiler(Graph& dfg)
</span><del>- : CCallHelpers(&dfg.m_vm, dfg.m_codeBlock)
</del><ins>+ : CCallHelpers(dfg.m_codeBlock)
</ins><span class="cx"> , m_graph(dfg)
</span><span class="cx"> , m_jitCode(adoptRef(new JITCode()))
</span><span class="cx"> , m_blockHeads(dfg.numBlocks())
</span><span class="lines">@@ -139,7 +139,7 @@
</span><span class="cx"> if (!m_exceptionChecksWithCallFrameRollback.empty()) {
</span><span class="cx"> m_exceptionChecksWithCallFrameRollback.link(this);
</span><span class="cx">
</span><del>- copyCalleeSavesToVMEntryFrameCalleeSavesBuffer();
</del><ins>+ copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(*vm());
</ins><span class="cx">
</span><span class="cx"> // lookupExceptionHandlerFromCallerFrame is passed two arguments, the VM and the exec (the CallFrame*).
</span><span class="cx"> move(TrustedImmPtr(vm()), GPRInfo::argumentGPR0);
</span><span class="lines">@@ -153,13 +153,13 @@
</span><span class="cx"> #endif
</span><span class="cx"> m_calls.append(CallLinkRecord(call(), lookupExceptionHandlerFromCallerFrame));
</span><span class="cx">
</span><del>- jumpToExceptionHandler();
</del><ins>+ jumpToExceptionHandler(*vm());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (!m_exceptionChecks.empty()) {
</span><span class="cx"> m_exceptionChecks.link(this);
</span><span class="cx">
</span><del>- copyCalleeSavesToVMEntryFrameCalleeSavesBuffer();
</del><ins>+ copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(*vm());
</ins><span class="cx">
</span><span class="cx"> // lookupExceptionHandler is passed two arguments, the VM and the exec (the CallFrame*).
</span><span class="cx"> move(TrustedImmPtr(vm()), GPRInfo::argumentGPR0);
</span><span class="lines">@@ -172,7 +172,7 @@
</span><span class="cx"> #endif
</span><span class="cx"> m_calls.append(CallLinkRecord(call(), lookupExceptionHandler));
</span><span class="cx">
</span><del>- jumpToExceptionHandler();
</del><ins>+ jumpToExceptionHandler(*vm());
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -278,7 +278,7 @@
</span><span class="cx">
</span><span class="cx"> for (auto& record : m_jsCalls) {
</span><span class="cx"> CallLinkInfo& info = *record.info;
</span><del>- linkBuffer.link(record.slowCall, FunctionPtr(m_vm->getCTIStub(linkCallThunkGenerator).code().executableAddress()));
</del><ins>+ linkBuffer.link(record.slowCall, FunctionPtr(vm()->getCTIStub(linkCallThunkGenerator).code().executableAddress()));
</ins><span class="cx"> info.setCallLocations(
</span><span class="cx"> CodeLocationLabel(linkBuffer.locationOfNearCall(record.slowCall)),
</span><span class="cx"> CodeLocationLabel(linkBuffer.locationOf(record.targetToCheck)),
</span><span class="lines">@@ -361,7 +361,7 @@
</span><span class="cx">
</span><span class="cx"> // Plant a check that sufficient space is available in the JSStack.
</span><span class="cx"> addPtr(TrustedImm32(virtualRegisterForLocal(m_graph.requiredRegisterCountForExecutionAndExit() - 1).offset() * sizeof(Register)), GPRInfo::callFrameRegister, GPRInfo::regT1);
</span><del>- Jump stackOverflow = branchPtr(Above, AbsoluteAddress(m_vm->addressOfSoftStackLimit()), GPRInfo::regT1);
</del><ins>+ Jump stackOverflow = branchPtr(Above, AbsoluteAddress(vm()->addressOfSoftStackLimit()), GPRInfo::regT1);
</ins><span class="cx">
</span><span class="cx"> addPtr(TrustedImm32(m_graph.stackPointerOffset() * sizeof(Register)), GPRInfo::callFrameRegister, stackPointerRegister);
</span><span class="cx"> checkStackPointerAlignment();
</span><span class="lines">@@ -394,7 +394,7 @@
</span><span class="cx"> m_speculative->createOSREntries();
</span><span class="cx"> setEndOfCode();
</span><span class="cx">
</span><del>- auto linkBuffer = std::make_unique<LinkBuffer>(*m_vm, *this, m_codeBlock, JITCompilationCanFail);
</del><ins>+ auto linkBuffer = std::make_unique<LinkBuffer>(*vm(), *this, m_codeBlock, JITCompilationCanFail);
</ins><span class="cx"> if (linkBuffer->didFailToAllocate()) {
</span><span class="cx"> m_graph.m_plan.finalizer = std::make_unique<FailedFinalizer>(m_graph.m_plan);
</span><span class="cx"> return;
</span><span class="lines">@@ -424,7 +424,7 @@
</span><span class="cx"> Label fromArityCheck(this);
</span><span class="cx"> // Plant a check that sufficient space is available in the JSStack.
</span><span class="cx"> addPtr(TrustedImm32(virtualRegisterForLocal(m_graph.requiredRegisterCountForExecutionAndExit() - 1).offset() * sizeof(Register)), GPRInfo::callFrameRegister, GPRInfo::regT1);
</span><del>- Jump stackOverflow = branchPtr(Above, AbsoluteAddress(m_vm->addressOfSoftStackLimit()), GPRInfo::regT1);
</del><ins>+ Jump stackOverflow = branchPtr(Above, AbsoluteAddress(vm()->addressOfSoftStackLimit()), GPRInfo::regT1);
</ins><span class="cx">
</span><span class="cx"> // Move the stack pointer down to accommodate locals
</span><span class="cx"> addPtr(TrustedImm32(m_graph.stackPointerOffset() * sizeof(Register)), GPRInfo::callFrameRegister, stackPointerRegister);
</span><span class="lines">@@ -488,7 +488,7 @@
</span><span class="cx"> setEndOfCode();
</span><span class="cx">
</span><span class="cx"> // === Link ===
</span><del>- auto linkBuffer = std::make_unique<LinkBuffer>(*m_vm, *this, m_codeBlock, JITCompilationCanFail);
</del><ins>+ auto linkBuffer = std::make_unique<LinkBuffer>(*vm(), *this, m_codeBlock, JITCompilationCanFail);
</ins><span class="cx"> if (linkBuffer->didFailToAllocate()) {
</span><span class="cx"> m_graph.m_plan.finalizer = std::make_unique<FailedFinalizer>(m_graph.m_plan);
</span><span class="cx"> return;
</span><span class="lines">@@ -499,7 +499,7 @@
</span><span class="cx"> m_jitCode->shrinkToFit();
</span><span class="cx"> codeBlock()->shrinkToFit(CodeBlock::LateShrink);
</span><span class="cx">
</span><del>- linkBuffer->link(m_callArityFixup, FunctionPtr((m_vm->getCTIStub(arityFixupGenerator)).code().executableAddress()));
</del><ins>+ linkBuffer->link(m_callArityFixup, FunctionPtr((vm()->getCTIStub(arityFixupGenerator)).code().executableAddress()));
</ins><span class="cx">
</span><span class="cx"> disassemble(*linkBuffer);
</span><span class="cx">
</span><span class="lines">@@ -624,11 +624,11 @@
</span><span class="cx"> bool willCatchException = m_graph.willCatchExceptionInMachineFrame(m_speculative->m_currentNode->origin.forExit, opCatchOrigin, exceptionHandler);
</span><span class="cx"> if (willCatchException) {
</span><span class="cx"> unsigned streamIndex = m_speculative->m_outOfLineStreamIndex ? *m_speculative->m_outOfLineStreamIndex : m_speculative->m_stream->size();
</span><del>- MacroAssembler::Jump hadException = emitNonPatchableExceptionCheck();
</del><ins>+ MacroAssembler::Jump hadException = emitNonPatchableExceptionCheck(*vm());
</ins><span class="cx"> // We assume here that this is called after callOpeartion()/appendCall() is called.
</span><span class="cx"> appendExceptionHandlingOSRExit(ExceptionCheck, streamIndex, opCatchOrigin, exceptionHandler, m_jitCode->common.lastCallSite(), hadException);
</span><span class="cx"> } else
</span><del>- m_exceptionChecks.append(emitExceptionCheck());
</del><ins>+ m_exceptionChecks.append(emitExceptionCheck(*vm()));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> CallSiteIndex JITCompiler::recordCallSiteAndGenerateExceptionHandlingOSRExitIfNeeded(const CodeOrigin& callSiteCodeOrigin, unsigned eventStreamIndex)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGJITCompilerh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGJITCompiler.h (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGJITCompiler.h 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/dfg/DFGJITCompiler.h 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -170,13 +170,13 @@
</span><span class="cx">
</span><span class="cx"> void exceptionCheckWithCallFrameRollback()
</span><span class="cx"> {
</span><del>- m_exceptionChecksWithCallFrameRollback.append(emitExceptionCheck());
</del><ins>+ m_exceptionChecksWithCallFrameRollback.append(emitExceptionCheck(*vm()));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // Add a call out from JIT code, with a fast exception check that tests if the return value is zero.
</span><span class="cx"> void fastExceptionCheck()
</span><span class="cx"> {
</span><del>- callExceptionFuzz();
</del><ins>+ callExceptionFuzz(*vm());
</ins><span class="cx"> m_exceptionChecks.append(branchTestPtr(Zero, GPRInfo::returnValueGPR));
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -268,6 +268,8 @@
</span><span class="cx">
</span><span class="cx"> PCToCodeOriginMapBuilder& pcToCodeOriginMapBuilder() { return m_pcToCodeOriginMapBuilder; }
</span><span class="cx">
</span><ins>+ VM* vm() { return &m_graph.m_vm; }
+
</ins><span class="cx"> private:
</span><span class="cx"> friend class OSRExitJumpPlaceholder;
</span><span class="cx">
</span><span class="lines">@@ -300,6 +302,7 @@
</span><span class="cx">
</span><span class="cx"> Vector<Label> m_blockHeads;
</span><span class="cx">
</span><ins>+
</ins><span class="cx"> struct JSCallRecord {
</span><span class="cx"> JSCallRecord(Call fastCall, Call slowCall, DataLabelPtr targetToCheck, CallLinkInfo* info)
</span><span class="cx"> : fastCall(fastCall)
</span><span class="lines">@@ -342,6 +345,7 @@
</span><span class="cx"> Label slowPath;
</span><span class="cx"> CallLinkInfo* info;
</span><span class="cx"> };
</span><ins>+
</ins><span class="cx">
</span><span class="cx"> Vector<InlineCacheWrapper<JITGetByIdGenerator>, 4> m_getByIds;
</span><span class="cx"> Vector<InlineCacheWrapper<JITGetByIdWithThisGenerator>, 4> m_getByIdsWithThis;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGOSRExitCompilercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -146,13 +146,13 @@
</span><span class="cx"> recovery = &codeBlock->jitCode()->dfg()->speculationRecovery[exit.m_recoveryIndex];
</span><span class="cx">
</span><span class="cx"> {
</span><del>- CCallHelpers jit(vm, codeBlock);
</del><ins>+ CCallHelpers jit(codeBlock);
</ins><span class="cx"> OSRExitCompiler exitCompiler(jit);
</span><span class="cx">
</span><span class="cx"> if (exit.m_kind == GenericUnwind) {
</span><span class="cx"> // We are acting as a defacto op_catch because we arrive here from genericUnwind().
</span><span class="cx"> // So, we must restore our call frame and stack pointer.
</span><del>- jit.restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer();
</del><ins>+ jit.restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer(*vm);
</ins><span class="cx"> jit.loadPtr(vm->addressOfCallFrameForCatch(), GPRInfo::callFrameRegister);
</span><span class="cx"> }
</span><span class="cx"> jit.addPtr(
</span><span class="lines">@@ -171,7 +171,7 @@
</span><span class="cx"> jit.add64(CCallHelpers::TrustedImm32(1), CCallHelpers::AbsoluteAddress(profilerExit->counterAddress()));
</span><span class="cx"> }
</span><span class="cx">
</span><del>- exitCompiler.compileExit(exit, operands, recovery);
</del><ins>+ exitCompiler.compileExit(*vm, exit, operands, recovery);
</ins><span class="cx">
</span><span class="cx"> LinkBuffer patchBuffer(*vm, jit, codeBlock);
</span><span class="cx"> exit.m_code = FINALIZE_CODE_IF(
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGOSRExitCompilerh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler.h (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler.h 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler.h 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -45,7 +45,7 @@
</span><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx">
</span><del>- void compileExit(const OSRExit&, const Operands<ValueRecovery>&, SpeculationRecovery*);
</del><ins>+ void compileExit(VM&, const OSRExit&, const Operands<ValueRecovery>&, SpeculationRecovery*);
</ins><span class="cx">
</span><span class="cx"> private:
</span><span class="cx"> void emitRestoreArguments(const Operands<ValueRecovery>&);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGOSRExitCompiler32_64cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler32_64.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler32_64.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler32_64.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -36,7 +36,7 @@
</span><span class="cx">
</span><span class="cx"> namespace JSC { namespace DFG {
</span><span class="cx">
</span><del>-void OSRExitCompiler::compileExit(const OSRExit& exit, const Operands<ValueRecovery>& operands, SpeculationRecovery* recovery)
</del><ins>+void OSRExitCompiler::compileExit(VM& vm, const OSRExit& exit, const Operands<ValueRecovery>& operands, SpeculationRecovery* recovery)
</ins><span class="cx"> {
</span><span class="cx"> // Pro-forma stuff.
</span><span class="cx"> if (Options::printEachOSRExit()) {
</span><span class="lines">@@ -45,9 +45,9 @@
</span><span class="cx"> debugInfo->kind = exit.m_kind;
</span><span class="cx"> debugInfo->bytecodeOffset = exit.m_codeOrigin.bytecodeIndex;
</span><span class="cx">
</span><del>- m_jit.debugCall(debugOperationPrintSpeculationFailure, debugInfo);
</del><ins>+ m_jit.debugCall(vm, debugOperationPrintSpeculationFailure, debugInfo);
</ins><span class="cx"> }
</span><del>-
</del><ins>+
</ins><span class="cx"> // Perform speculation recovery. This only comes into play when an operation
</span><span class="cx"> // starts mutating state before verifying the speculation it has already made.
</span><span class="cx">
</span><span class="lines">@@ -160,7 +160,7 @@
</span><span class="cx">
</span><span class="cx"> // Save all state from GPRs into the scratch buffer.
</span><span class="cx">
</span><del>- ScratchBuffer* scratchBuffer = m_jit.vm()->scratchBufferForSize(sizeof(EncodedJSValue) * operands.size());
</del><ins>+ ScratchBuffer* scratchBuffer = vm.scratchBufferForSize(sizeof(EncodedJSValue) * operands.size());
</ins><span class="cx"> EncodedJSValue* scratch = scratchBuffer ? static_cast<EncodedJSValue*>(scratchBuffer->dataBuffer()) : 0;
</span><span class="cx">
</span><span class="cx"> for (size_t index = 0; index < operands.size(); ++index) {
</span><span class="lines">@@ -255,7 +255,7 @@
</span><span class="cx"> m_jit.emitSaveCalleeSavesFor(m_jit.baselineCodeBlock());
</span><span class="cx">
</span><span class="cx"> if (exit.isExceptionHandler())
</span><del>- m_jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer();
</del><ins>+ m_jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(vm);
</ins><span class="cx">
</span><span class="cx"> // Do all data format conversions and store the results into the stack.
</span><span class="cx">
</span><span class="lines">@@ -403,7 +403,7 @@
</span><span class="cx"> reifyInlinedCallFrames(m_jit, exit);
</span><span class="cx">
</span><span class="cx"> // And finish.
</span><del>- adjustAndJumpToTarget(m_jit, exit);
</del><ins>+ adjustAndJumpToTarget(vm, m_jit, exit);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> } } // namespace JSC::DFG
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGOSRExitCompiler64cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler64.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler64.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompiler64.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -38,7 +38,7 @@
</span><span class="cx">
</span><span class="cx"> namespace JSC { namespace DFG {
</span><span class="cx">
</span><del>-void OSRExitCompiler::compileExit(const OSRExit& exit, const Operands<ValueRecovery>& operands, SpeculationRecovery* recovery)
</del><ins>+void OSRExitCompiler::compileExit(VM& vm, const OSRExit& exit, const Operands<ValueRecovery>& operands, SpeculationRecovery* recovery)
</ins><span class="cx"> {
</span><span class="cx"> m_jit.jitAssertTagsInPlace();
</span><span class="cx">
</span><span class="lines">@@ -49,9 +49,9 @@
</span><span class="cx"> debugInfo->kind = exit.m_kind;
</span><span class="cx"> debugInfo->bytecodeOffset = exit.m_codeOrigin.bytecodeIndex;
</span><span class="cx">
</span><del>- m_jit.debugCall(debugOperationPrintSpeculationFailure, debugInfo);
</del><ins>+ m_jit.debugCall(vm, debugOperationPrintSpeculationFailure, debugInfo);
</ins><span class="cx"> }
</span><del>-
</del><ins>+
</ins><span class="cx"> // Perform speculation recovery. This only comes into play when an operation
</span><span class="cx"> // starts mutating state before verifying the speculation it has already made.
</span><span class="cx">
</span><span class="lines">@@ -184,7 +184,7 @@
</span><span class="cx">
</span><span class="cx"> // Save all state from GPRs into the scratch buffer.
</span><span class="cx">
</span><del>- ScratchBuffer* scratchBuffer = m_jit.vm()->scratchBufferForSize(sizeof(EncodedJSValue) * operands.size());
</del><ins>+ ScratchBuffer* scratchBuffer = vm.scratchBufferForSize(sizeof(EncodedJSValue) * operands.size());
</ins><span class="cx"> EncodedJSValue* scratch = scratchBuffer ? static_cast<EncodedJSValue*>(scratchBuffer->dataBuffer()) : 0;
</span><span class="cx">
</span><span class="cx"> for (size_t index = 0; index < operands.size(); ++index) {
</span><span class="lines">@@ -265,7 +265,7 @@
</span><span class="cx"> m_jit.emitMaterializeTagCheckRegisters();
</span><span class="cx">
</span><span class="cx"> if (exit.isExceptionHandler())
</span><del>- m_jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer();
</del><ins>+ m_jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(vm);
</ins><span class="cx">
</span><span class="cx"> // Do all data format conversions and store the results into the stack.
</span><span class="cx">
</span><span class="lines">@@ -390,7 +390,7 @@
</span><span class="cx"> reifyInlinedCallFrames(m_jit, exit);
</span><span class="cx">
</span><span class="cx"> // And finish.
</span><del>- adjustAndJumpToTarget(m_jit, exit);
</del><ins>+ adjustAndJumpToTarget(vm, m_jit, exit);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> } } // namespace JSC::DFG
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGOSRExitCompilerCommoncpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -267,7 +267,7 @@
</span><span class="cx"> ownerIsRememberedOrInEden.link(&jit);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void adjustAndJumpToTarget(CCallHelpers& jit, const OSRExitBase& exit)
</del><ins>+void adjustAndJumpToTarget(VM& vm, CCallHelpers& jit, const OSRExitBase& exit)
</ins><span class="cx"> {
</span><span class="cx"> jit.memoryFence();
</span><span class="cx">
</span><span class="lines">@@ -309,7 +309,7 @@
</span><span class="cx"> jit.addPtr(AssemblyHelpers::TrustedImm32(JIT::stackPointerOffsetFor(codeBlockForExit) * sizeof(Register)), GPRInfo::callFrameRegister, AssemblyHelpers::stackPointerRegister);
</span><span class="cx"> if (exit.isExceptionHandler()) {
</span><span class="cx"> // Since we're jumping to op_catch, we need to set callFrameForCatch.
</span><del>- jit.storePtr(GPRInfo::callFrameRegister, jit.vm()->addressOfCallFrameForCatch());
</del><ins>+ jit.storePtr(GPRInfo::callFrameRegister, vm.addressOfCallFrameForCatch());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> jit.move(AssemblyHelpers::TrustedImmPtr(jumpTarget), GPRInfo::regT2);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGOSRExitCompilerCommonh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.h (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.h 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.h 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -38,7 +38,7 @@
</span><span class="cx">
</span><span class="cx"> void handleExitCounts(CCallHelpers&, const OSRExitBase&);
</span><span class="cx"> void reifyInlinedCallFrames(CCallHelpers&, const OSRExitBase&);
</span><del>-void adjustAndJumpToTarget(CCallHelpers&, const OSRExitBase&);
</del><ins>+void adjustAndJumpToTarget(VM&, CCallHelpers&, const OSRExitBase&);
</ins><span class="cx">
</span><span class="cx"> template <typename JITCodeType>
</span><span class="cx"> void adjustFrameAndStackInOSRExitCompilerThunk(MacroAssembler& jit, VM* vm, JITCode::JITType jitType)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGSpeculativeJITcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -166,7 +166,7 @@
</span><span class="cx">
</span><span class="cx"> m_jit.emitInitializeOutOfLineStorage(storageGPR, structure->outOfLineCapacity());
</span><span class="cx">
</span><del>- m_jit.mutatorFence();
</del><ins>+ m_jit.mutatorFence(*m_jit.vm());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void SpeculativeJIT::emitGetLength(InlineCallFrame* inlineCallFrame, GPRReg lengthGPR, bool includeThis)
</span><span class="lines">@@ -872,7 +872,7 @@
</span><span class="cx">
</span><span class="cx"> GPRTemporary temp(this);
</span><span class="cx"> GPRTemporary temp2(this);
</span><del>- m_jit.emitLoadStructure(baseReg, temp.gpr(), temp2.gpr());
</del><ins>+ m_jit.emitLoadStructure(*m_jit.vm(), baseReg, temp.gpr(), temp2.gpr());
</ins><span class="cx"> speculationCheck(
</span><span class="cx"> BadType, JSValueSource::unboxedCell(baseReg), node,
</span><span class="cx"> m_jit.branchPtr(
</span><span class="lines">@@ -1745,7 +1745,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (Options::validateDFGExceptionHandling() && (mayExit(m_jit.graph(), m_currentNode) != DoesNotExit || m_currentNode->isTerminal()))
</span><del>- m_jit.jitReleaseAssertNoException();
</del><ins>+ m_jit.jitReleaseAssertNoException(*m_jit.vm());
</ins><span class="cx">
</span><span class="cx"> m_jit.pcToCodeOriginMapBuilder().appendItem(m_jit.labelIgnoringWatchpoints(), m_origin.semantic);
</span><span class="cx">
</span><span class="lines">@@ -3085,7 +3085,7 @@
</span><span class="cx"> MacroAssembler::Label loop(&m_jit);
</span><span class="cx"> MacroAssembler::Jump performDefaultHasInstance = m_jit.branch8(MacroAssembler::Equal,
</span><span class="cx"> MacroAssembler::Address(scratchReg, JSCell::typeInfoTypeOffset()), TrustedImm32(ProxyObjectType));
</span><del>- m_jit.emitLoadStructure(scratchReg, scratchReg, scratch2Reg);
</del><ins>+ m_jit.emitLoadStructure(*m_jit.vm(), scratchReg, scratchReg, scratch2Reg);
</ins><span class="cx"> m_jit.loadPtr(MacroAssembler::Address(scratchReg, Structure::prototypeOffset() + CellPayloadOffset), scratchReg);
</span><span class="cx"> MacroAssembler::Jump isInstance = m_jit.branchPtr(MacroAssembler::Equal, scratchReg, prototypeReg);
</span><span class="cx"> #if USE(JSVALUE64)
</span><span class="lines">@@ -4022,7 +4022,7 @@
</span><span class="cx"> }
</span><span class="cx"> m_jit.store32(allocatorGPR, JITCompiler::Address(resultGPR, JSString::offsetOfLength()));
</span><span class="cx">
</span><del>- m_jit.mutatorFence();
</del><ins>+ m_jit.mutatorFence(*m_jit.vm());
</ins><span class="cx">
</span><span class="cx"> switch (numOpGPRs) {
</span><span class="cx"> case 2:
</span><span class="lines">@@ -6321,7 +6321,7 @@
</span><span class="cx"> SpeculateCellOperand object(this, node->child1());
</span><span class="cx"> GPRTemporary result(this);
</span><span class="cx"> GPRTemporary scratch(this);
</span><del>- m_jit.emitLoadStructure(object.gpr(), result.gpr(), scratch.gpr());
</del><ins>+ m_jit.emitLoadStructure(*m_jit.vm(), object.gpr(), result.gpr(), scratch.gpr());
</ins><span class="cx"> m_jit.loadPtr(JITCompiler::Address(result.gpr(), Structure::globalObjectOffset()), result.gpr());
</span><span class="cx"> cellResult(result.gpr(), node);
</span><span class="cx"> }
</span><span class="lines">@@ -6450,7 +6450,7 @@
</span><span class="cx"> m_jit.storePtr(TrustedImmPtr::weakPointer(m_jit.graph(), executable), JITCompiler::Address(resultGPR, offsetOfExecutable));
</span><span class="cx"> m_jit.storePtr(TrustedImmPtr(0), JITCompiler::Address(resultGPR, offsetOfRareData));
</span><span class="cx">
</span><del>- m_jit.mutatorFence();
</del><ins>+ m_jit.mutatorFence(*m_jit.vm());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void SpeculativeJIT::compileNewFunction(Node* node)
</span><span class="lines">@@ -6652,7 +6652,7 @@
</span><span class="cx"> resultGPR, JSLexicalEnvironment::offsetOfVariable(ScopeOffset(i))));
</span><span class="cx"> }
</span><span class="cx">
</span><del>- m_jit.mutatorFence();
</del><ins>+ m_jit.mutatorFence(*m_jit.vm());
</ins><span class="cx">
</span><span class="cx"> #if USE(JSVALUE64)
</span><span class="cx"> addSlowPathGenerator(
</span><span class="lines">@@ -6815,7 +6815,7 @@
</span><span class="cx"> done.link(&m_jit);
</span><span class="cx"> }
</span><span class="cx">
</span><del>- m_jit.mutatorFence();
</del><ins>+ m_jit.mutatorFence(*m_jit.vm());
</ins><span class="cx">
</span><span class="cx"> cellResult(resultGPR, node);
</span><span class="cx"> }
</span><span class="lines">@@ -7038,7 +7038,7 @@
</span><span class="cx"> m_jit.lshift32(TrustedImm32(3), scratch1GPR);
</span><span class="cx"> m_jit.add32(TrustedImm32(JSFixedArray::offsetOfData()), scratch1GPR);
</span><span class="cx">
</span><del>- m_jit.emitAllocateVariableSizedCell<JSFixedArray>(resultGPR, TrustedImmPtr(m_jit.graph().registerStructure(m_jit.graph().m_vm.fixedArrayStructure.get())), scratch1GPR, scratch1GPR, scratch2GPR, slowPath);
</del><ins>+ m_jit.emitAllocateVariableSizedCell<JSFixedArray>(*m_jit.vm(), resultGPR, TrustedImmPtr(m_jit.graph().registerStructure(m_jit.graph().m_vm.fixedArrayStructure.get())), scratch1GPR, scratch1GPR, scratch2GPR, slowPath);
</ins><span class="cx"> m_jit.store32(lengthGPR, MacroAssembler::Address(resultGPR, JSFixedArray::offsetOfSize()));
</span><span class="cx">
</span><span class="cx"> m_jit.loadPtr(MacroAssembler::Address(argument, JSObject::butterflyOffset()), scratch1GPR);
</span><span class="lines">@@ -7080,7 +7080,7 @@
</span><span class="cx"> done.append(m_jit.jump());
</span><span class="cx"> }
</span><span class="cx">
</span><del>- m_jit.mutatorFence();
</del><ins>+ m_jit.mutatorFence(*m_jit.vm());
</ins><span class="cx">
</span><span class="cx"> slowPath.link(&m_jit);
</span><span class="cx"> addSlowPathGenerator(slowPathCall(m_jit.jump(), this, operationSpreadFastArray, resultGPR, argument));
</span><span class="lines">@@ -7382,7 +7382,7 @@
</span><span class="cx"> emitAllocateButterfly(storageResultGPR, sizeGPR, scratchGPR, scratch2GPR, resultGPR, slowCases);
</span><span class="cx"> emitInitializeButterfly(storageResultGPR, sizeGPR, emptyValueRegs, scratchGPR);
</span><span class="cx"> emitAllocateJSObject<JSArray>(resultGPR, tempValue, storageResultGPR, scratchGPR, scratch2GPR, slowCases);
</span><del>- m_jit.mutatorFence();
</del><ins>+ m_jit.mutatorFence(*m_jit.vm());
</ins><span class="cx">
</span><span class="cx"> addSlowPathGenerator(std::make_unique<CallArrayAllocatorWithVariableStructureVariableSizeSlowPathGenerator>(
</span><span class="cx"> slowCases, this, operationNewArrayWithSize, resultGPR, tempValue, sizeGPR, storageResultGPR, scratchGPR));
</span><span class="lines">@@ -7745,7 +7745,7 @@
</span><span class="cx"> GPRReg baseGPR = base.gpr();
</span><span class="cx"> GPRReg storageGPR = storage.gpr();
</span><span class="cx">
</span><del>- m_jit.nukeStructureAndStoreButterfly(storageGPR, baseGPR);
</del><ins>+ m_jit.nukeStructureAndStoreButterfly(*m_jit.vm(), storageGPR, baseGPR);
</ins><span class="cx">
</span><span class="cx"> noResult(node);
</span><span class="cx"> }
</span><span class="lines">@@ -8184,7 +8184,7 @@
</span><span class="cx"> JITCompiler::Address(resultGPR, JSWrapperObject::internalValueOffset() + OBJECT_OFFSETOF(JSValue, u.asBits.payload)));
</span><span class="cx"> #endif
</span><span class="cx">
</span><del>- m_jit.mutatorFence();
</del><ins>+ m_jit.mutatorFence(*m_jit.vm());
</ins><span class="cx">
</span><span class="cx"> addSlowPathGenerator(slowPathCall(
</span><span class="cx"> slowPath, this, operationNewStringObject, resultGPR, operandGPR, node->structure()));
</span><span class="lines">@@ -8263,7 +8263,7 @@
</span><span class="cx"> TrustedImm32(FastTypedArray),
</span><span class="cx"> MacroAssembler::Address(resultGPR, JSArrayBufferView::offsetOfMode()));
</span><span class="cx">
</span><del>- m_jit.mutatorFence();
</del><ins>+ m_jit.mutatorFence(*m_jit.vm());
</ins><span class="cx">
</span><span class="cx"> addSlowPathGenerator(slowPathCall(
</span><span class="cx"> slowCases, this, operationNewTypedArrayWithSizeForType(type),
</span><span class="lines">@@ -9332,9 +9332,9 @@
</span><span class="cx"> JITCompiler::JumpList ok;
</span><span class="cx">
</span><span class="cx"> if (isFenced) {
</span><del>- ok.append(m_jit.barrierBranch(baseGPR, scratch1GPR));
</del><ins>+ ok.append(m_jit.barrierBranch(*m_jit.vm(), baseGPR, scratch1GPR));
</ins><span class="cx">
</span><del>- JITCompiler::Jump noFence = m_jit.jumpIfMutatorFenceNotNeeded();
</del><ins>+ JITCompiler::Jump noFence = m_jit.jumpIfMutatorFenceNotNeeded(*m_jit.vm());
</ins><span class="cx"> m_jit.memoryFence();
</span><span class="cx"> ok.append(m_jit.barrierBranchWithoutFence(baseGPR));
</span><span class="cx"> noFence.link(&m_jit);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGSpeculativeJITh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -2889,7 +2889,7 @@
</span><span class="cx"> GPRReg resultGPR, StructureType structure, StorageType storage, GPRReg scratchGPR1,
</span><span class="cx"> GPRReg scratchGPR2, MacroAssembler::JumpList& slowPath, size_t size)
</span><span class="cx"> {
</span><del>- m_jit.emitAllocateJSObjectWithKnownSize<ClassType>(resultGPR, structure, storage, scratchGPR1, scratchGPR2, slowPath, size);
</del><ins>+ m_jit.emitAllocateJSObjectWithKnownSize<ClassType>(*m_jit.vm(), resultGPR, structure, storage, scratchGPR1, scratchGPR2, slowPath, size);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // Convenience allocator for a built-in object.
</span><span class="lines">@@ -2897,13 +2897,13 @@
</span><span class="cx"> void emitAllocateJSObject(GPRReg resultGPR, StructureType structure, StorageType storage,
</span><span class="cx"> GPRReg scratchGPR1, GPRReg scratchGPR2, MacroAssembler::JumpList& slowPath)
</span><span class="cx"> {
</span><del>- m_jit.emitAllocateJSObject<ClassType>(resultGPR, structure, storage, scratchGPR1, scratchGPR2, slowPath);
</del><ins>+ m_jit.emitAllocateJSObject<ClassType>(*m_jit.vm(), resultGPR, structure, storage, scratchGPR1, scratchGPR2, slowPath);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> template <typename ClassType, typename StructureType> // StructureType and StorageType can be GPR or ImmPtr.
</span><span class="cx"> void emitAllocateVariableSizedJSObject(GPRReg resultGPR, StructureType structure, GPRReg allocationSize, GPRReg scratchGPR1, GPRReg scratchGPR2, MacroAssembler::JumpList& slowPath)
</span><span class="cx"> {
</span><del>- m_jit.emitAllocateVariableSizedJSObject<ClassType>(resultGPR, structure, allocationSize, scratchGPR1, scratchGPR2, slowPath);
</del><ins>+ m_jit.emitAllocateVariableSizedJSObject<ClassType>(*m_jit.vm(), resultGPR, structure, allocationSize, scratchGPR1, scratchGPR2, slowPath);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> template<typename ClassType>
</span><span class="lines">@@ -2910,7 +2910,7 @@
</span><span class="cx"> void emitAllocateDestructibleObject(GPRReg resultGPR, RegisteredStructure structure,
</span><span class="cx"> GPRReg scratchGPR1, GPRReg scratchGPR2, MacroAssembler::JumpList& slowPath)
</span><span class="cx"> {
</span><del>- m_jit.emitAllocateDestructibleObject<ClassType>(resultGPR, structure.get(), scratchGPR1, scratchGPR2, slowPath);
</del><ins>+ m_jit.emitAllocateDestructibleObject<ClassType>(*m_jit.vm(), resultGPR, structure.get(), scratchGPR1, scratchGPR2, slowPath);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void emitAllocateRawObject(GPRReg resultGPR, RegisteredStructure, GPRReg storageGPR, unsigned numElements, unsigned vectorLength);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGSpeculativeJIT32_64cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -816,7 +816,7 @@
</span><span class="cx"> else
</span><span class="cx"> inlineCallFrame = node->origin.semantic.inlineCallFrame;
</span><span class="cx"> // emitSetupVarargsFrameFastCase modifies the stack pointer if it succeeds.
</span><del>- emitSetupVarargsFrameFastCase(m_jit, scratchGPR2, scratchGPR1, scratchGPR2, scratchGPR3, inlineCallFrame, data->firstVarArgOffset, slowCase);
</del><ins>+ emitSetupVarargsFrameFastCase(*m_jit.vm(), m_jit, scratchGPR2, scratchGPR1, scratchGPR2, scratchGPR3, inlineCallFrame, data->firstVarArgOffset, slowCase);
</ins><span class="cx"> JITCompiler::Jump done = m_jit.jump();
</span><span class="cx"> slowCase.link(&m_jit);
</span><span class="cx"> callOperation(operationThrowStackOverflowForVarargs);
</span><span class="lines">@@ -1834,7 +1834,7 @@
</span><span class="cx"> bool shouldCheckMasqueradesAsUndefined = !masqueradesAsUndefinedWatchpointIsStillValid();
</span><span class="cx"> JSGlobalObject* globalObject = m_jit.graph().globalObjectFor(node->origin.semantic);
</span><span class="cx"> bool negateResult = true;
</span><del>- m_jit.emitConvertValueToBoolean(arg1.jsValueRegs(), resultGPR, temp.gpr(), valueFPR.fpr(), tempFPR.fpr(), shouldCheckMasqueradesAsUndefined, globalObject, negateResult);
</del><ins>+ m_jit.emitConvertValueToBoolean(*m_jit.vm(), arg1.jsValueRegs(), resultGPR, temp.gpr(), valueFPR.fpr(), tempFPR.fpr(), shouldCheckMasqueradesAsUndefined, globalObject, negateResult);
</ins><span class="cx"> booleanResult(resultGPR, node);
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="lines">@@ -1979,7 +1979,7 @@
</span><span class="cx">
</span><span class="cx"> bool shouldCheckMasqueradesAsUndefined = !masqueradesAsUndefinedWatchpointIsStillValid();
</span><span class="cx"> JSGlobalObject* globalObject = m_jit.graph().globalObjectFor(node->origin.semantic);
</span><del>- m_jit.emitConvertValueToBoolean(valueRegs, resultGPR, temp.gpr(), valueFPR.fpr(), tempFPR.fpr(), shouldCheckMasqueradesAsUndefined, globalObject);
</del><ins>+ m_jit.emitConvertValueToBoolean(*m_jit.vm(), valueRegs, resultGPR, temp.gpr(), valueFPR.fpr(), tempFPR.fpr(), shouldCheckMasqueradesAsUndefined, globalObject);
</ins><span class="cx"> branchTest32(JITCompiler::Zero, resultGPR, notTaken);
</span><span class="cx"> jump(taken, ForceJump);
</span><span class="cx">
</span><span class="lines">@@ -5530,7 +5530,7 @@
</span><span class="cx"> GPRTemporary scratch2(this);
</span><span class="cx"> GPRReg scratch2Reg = scratch2.gpr();
</span><span class="cx">
</span><del>- m_jit.ensureShadowChickenPacket(shadowPacketReg, scratch1Reg, scratch2Reg);
</del><ins>+ m_jit.ensureShadowChickenPacket(*m_jit.vm(), shadowPacketReg, scratch1Reg, scratch2Reg);
</ins><span class="cx">
</span><span class="cx"> SpeculateCellOperand scope(this, node->child1());
</span><span class="cx"> GPRReg scopeReg = scope.gpr();
</span><span class="lines">@@ -5552,7 +5552,7 @@
</span><span class="cx"> GPRTemporary scratch2(this);
</span><span class="cx"> GPRReg scratch2Reg = scratch2.gpr();
</span><span class="cx">
</span><del>- m_jit.ensureShadowChickenPacket(shadowPacketReg, scratch1Reg, scratch2Reg);
</del><ins>+ m_jit.ensureShadowChickenPacket(*m_jit.vm(), shadowPacketReg, scratch1Reg, scratch2Reg);
</ins><span class="cx">
</span><span class="cx"> JSValueOperand thisValue(this, node->child1());
</span><span class="cx"> JSValueRegs thisRegs = thisValue.jsValueRegs();
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGSpeculativeJIT64cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -279,7 +279,7 @@
</span><span class="cx"> GPRReg localGlobalObjectGPR = localGlobalObject.gpr();
</span><span class="cx"> GPRReg remoteGlobalObjectGPR = remoteGlobalObject.gpr();
</span><span class="cx"> m_jit.move(TrustedImmPtr::weakPointer(m_jit.graph(), m_jit.graph().globalObjectFor(m_currentNode->origin.semantic)), localGlobalObjectGPR);
</span><del>- m_jit.emitLoadStructure(argGPR, resultGPR, scratch.gpr());
</del><ins>+ m_jit.emitLoadStructure(*m_jit.vm(), argGPR, resultGPR, scratch.gpr());
</ins><span class="cx"> m_jit.loadPtr(JITCompiler::Address(resultGPR, Structure::globalObjectOffset()), remoteGlobalObjectGPR);
</span><span class="cx"> m_jit.comparePtr(JITCompiler::Equal, localGlobalObjectGPR, remoteGlobalObjectGPR, resultGPR);
</span><span class="cx"> done.append(m_jit.jump());
</span><span class="lines">@@ -334,7 +334,7 @@
</span><span class="cx"> GPRReg localGlobalObjectGPR = localGlobalObject.gpr();
</span><span class="cx"> GPRReg remoteGlobalObjectGPR = remoteGlobalObject.gpr();
</span><span class="cx"> m_jit.move(TrustedImmPtr::weakPointer(m_jit.graph(), m_jit.graph().globalObjectFor(m_currentNode->origin.semantic)), localGlobalObjectGPR);
</span><del>- m_jit.emitLoadStructure(argGPR, resultGPR, scratch.gpr());
</del><ins>+ m_jit.emitLoadStructure(*m_jit.vm(), argGPR, resultGPR, scratch.gpr());
</ins><span class="cx"> m_jit.loadPtr(JITCompiler::Address(resultGPR, Structure::globalObjectOffset()), remoteGlobalObjectGPR);
</span><span class="cx"> branchPtr(JITCompiler::Equal, localGlobalObjectGPR, remoteGlobalObjectGPR, taken);
</span><span class="cx">
</span><span class="lines">@@ -781,7 +781,7 @@
</span><span class="cx"> else
</span><span class="cx"> inlineCallFrame = node->origin.semantic.inlineCallFrame;
</span><span class="cx"> // emitSetupVarargsFrameFastCase modifies the stack pointer if it succeeds.
</span><del>- emitSetupVarargsFrameFastCase(m_jit, scratchGPR2, scratchGPR1, scratchGPR2, scratchGPR3, inlineCallFrame, data->firstVarArgOffset, slowCase);
</del><ins>+ emitSetupVarargsFrameFastCase(*m_jit.vm(), m_jit, scratchGPR2, scratchGPR1, scratchGPR2, scratchGPR3, inlineCallFrame, data->firstVarArgOffset, slowCase);
</ins><span class="cx"> JITCompiler::Jump done = m_jit.jump();
</span><span class="cx"> slowCase.link(&m_jit);
</span><span class="cx"> callOperation(operationThrowStackOverflowForVarargs);
</span><span class="lines">@@ -1876,7 +1876,7 @@
</span><span class="cx"> MacroAssembler::Address(valueGPR, JSCell::typeInfoFlagsOffset()),
</span><span class="cx"> MacroAssembler::TrustedImm32(MasqueradesAsUndefined));
</span><span class="cx">
</span><del>- m_jit.emitLoadStructure(valueGPR, structureGPR, scratchGPR);
</del><ins>+ m_jit.emitLoadStructure(*m_jit.vm(), valueGPR, structureGPR, scratchGPR);
</ins><span class="cx"> speculationCheck(BadType, JSValueRegs(valueGPR), nodeUse,
</span><span class="cx"> m_jit.branchPtr(
</span><span class="cx"> MacroAssembler::Equal,
</span><span class="lines">@@ -1982,7 +1982,7 @@
</span><span class="cx"> scratchGPR = scratch->gpr();
</span><span class="cx"> }
</span><span class="cx"> bool negateResult = true;
</span><del>- m_jit.emitConvertValueToBoolean(JSValueRegs(arg1GPR), resultGPR, scratchGPR, valueFPR.fpr(), tempFPR.fpr(), shouldCheckMasqueradesAsUndefined, globalObject, negateResult);
</del><ins>+ m_jit.emitConvertValueToBoolean(*m_jit.vm(), JSValueRegs(arg1GPR), resultGPR, scratchGPR, valueFPR.fpr(), tempFPR.fpr(), shouldCheckMasqueradesAsUndefined, globalObject, negateResult);
</ins><span class="cx"> m_jit.or32(TrustedImm32(ValueFalse), resultGPR);
</span><span class="cx"> jsValueResult(resultGPR, node, DataFormatJSBoolean);
</span><span class="cx"> return;
</span><span class="lines">@@ -2027,7 +2027,7 @@
</span><span class="cx"> MacroAssembler::Address(valueGPR, JSCell::typeInfoFlagsOffset()),
</span><span class="cx"> TrustedImm32(MasqueradesAsUndefined));
</span><span class="cx">
</span><del>- m_jit.emitLoadStructure(valueGPR, structureGPR, scratchGPR);
</del><ins>+ m_jit.emitLoadStructure(*m_jit.vm(), valueGPR, structureGPR, scratchGPR);
</ins><span class="cx"> speculationCheck(BadType, JSValueRegs(valueGPR), nodeUse,
</span><span class="cx"> m_jit.branchPtr(
</span><span class="cx"> MacroAssembler::Equal,
</span><span class="lines">@@ -2155,7 +2155,7 @@
</span><span class="cx"> value.use();
</span><span class="cx">
</span><span class="cx"> JSGlobalObject* globalObject = m_jit.graph().globalObjectFor(node->origin.semantic);
</span><del>- m_jit.emitConvertValueToBoolean(JSValueRegs(valueGPR), resultGPR, scratchGPR, valueFPR, tempFPR, shouldCheckMasqueradesAsUndefined, globalObject);
</del><ins>+ m_jit.emitConvertValueToBoolean(*m_jit.vm(), JSValueRegs(valueGPR), resultGPR, scratchGPR, valueFPR, tempFPR, shouldCheckMasqueradesAsUndefined, globalObject);
</ins><span class="cx">
</span><span class="cx"> branchTest32(MacroAssembler::NonZero, resultGPR, taken);
</span><span class="cx"> jump(notTaken);
</span><span class="lines">@@ -4118,7 +4118,7 @@
</span><span class="cx"> m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfRareData()), rareDataGPR);
</span><span class="cx"> m_jit.load32(JITCompiler::Address(rareDataGPR, FunctionRareData::offsetOfObjectAllocationProfile() + ObjectAllocationProfile::offsetOfInlineCapacity()), inlineCapacityGPR);
</span><span class="cx"> m_jit.emitInitializeInlineStorage(resultGPR, inlineCapacityGPR);
</span><del>- m_jit.mutatorFence();
</del><ins>+ m_jit.mutatorFence(*m_jit.vm());
</ins><span class="cx">
</span><span class="cx"> addSlowPathGenerator(slowPathCall(slowPath, this, operationCreateThis, resultGPR, calleeGPR, node->inlineCapacity()));
</span><span class="cx">
</span><span class="lines">@@ -4144,7 +4144,7 @@
</span><span class="cx"> m_jit.move(TrustedImmPtr(allocatorPtr), allocatorGPR);
</span><span class="cx"> emitAllocateJSObject(resultGPR, allocatorPtr, allocatorGPR, TrustedImmPtr(structure), TrustedImmPtr(0), scratchGPR, slowPath);
</span><span class="cx"> m_jit.emitInitializeInlineStorage(resultGPR, structure->inlineCapacity());
</span><del>- m_jit.mutatorFence();
</del><ins>+ m_jit.mutatorFence(*m_jit.vm());
</ins><span class="cx">
</span><span class="cx"> addSlowPathGenerator(slowPathCall(slowPath, this, operationNewObject, resultGPR, structure));
</span><span class="cx">
</span><span class="lines">@@ -4741,7 +4741,7 @@
</span><span class="cx"> GPRReg localGlobalObjectGPR = localGlobalObject.gpr();
</span><span class="cx"> GPRReg remoteGlobalObjectGPR = remoteGlobalObject.gpr();
</span><span class="cx"> m_jit.move(TrustedImmPtr::weakPointer(m_jit.graph(), m_jit.globalObjectFor(node->origin.semantic)), localGlobalObjectGPR);
</span><del>- m_jit.emitLoadStructure(value.gpr(), result.gpr(), scratch.gpr());
</del><ins>+ m_jit.emitLoadStructure(*m_jit.vm(), value.gpr(), result.gpr(), scratch.gpr());
</ins><span class="cx"> m_jit.loadPtr(JITCompiler::Address(result.gpr(), Structure::globalObjectOffset()), remoteGlobalObjectGPR);
</span><span class="cx"> m_jit.comparePtr(JITCompiler::Equal, localGlobalObjectGPR, remoteGlobalObjectGPR, result.gpr());
</span><span class="cx"> }
</span><span class="lines">@@ -5702,7 +5702,7 @@
</span><span class="cx"> GPRTemporary shadowPacket(this);
</span><span class="cx"> GPRReg shadowPacketReg = shadowPacket.gpr();
</span><span class="cx">
</span><del>- m_jit.ensureShadowChickenPacket(shadowPacketReg, scratch1Reg, scratch2Reg);
</del><ins>+ m_jit.ensureShadowChickenPacket(*m_jit.vm(), shadowPacketReg, scratch1Reg, scratch2Reg);
</ins><span class="cx">
</span><span class="cx"> SpeculateCellOperand scope(this, node->child1());
</span><span class="cx"> GPRReg scopeReg = scope.gpr();
</span><span class="lines">@@ -5724,7 +5724,7 @@
</span><span class="cx"> GPRTemporary shadowPacket(this);
</span><span class="cx"> GPRReg shadowPacketReg = shadowPacket.gpr();
</span><span class="cx">
</span><del>- m_jit.ensureShadowChickenPacket(shadowPacketReg, scratch1Reg, scratch2Reg);
</del><ins>+ m_jit.ensureShadowChickenPacket(*m_jit.vm(), shadowPacketReg, scratch1Reg, scratch2Reg);
</ins><span class="cx">
</span><span class="cx"> JSValueOperand thisValue(this, node->child1());
</span><span class="cx"> JSValueRegs thisRegs = JSValueRegs(thisValue.gpr());
</span><span class="lines">@@ -6007,7 +6007,7 @@
</span><span class="cx">
</span><span class="cx"> emitAllocateJSObject<JSArray>(resultGPR, TrustedImmPtr(structure), storageGPR, scratchGPR, scratch2GPR, slowCases);
</span><span class="cx">
</span><del>- m_jit.mutatorFence();
</del><ins>+ m_jit.mutatorFence(*m_jit.vm());
</ins><span class="cx">
</span><span class="cx"> addSlowPathGenerator(std::make_unique<CallArrayAllocatorWithVariableSizeSlowPathGenerator>(
</span><span class="cx"> slowCases, this, operationNewArrayWithSize, resultGPR,
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGThunkscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGThunks.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGThunks.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/dfg/DFGThunks.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -102,7 +102,7 @@
</span><span class="cx">
</span><span class="cx"> MacroAssemblerCodeRef osrEntryThunkGenerator(VM* vm)
</span><span class="cx"> {
</span><del>- AssemblyHelpers jit(vm, nullptr);
</del><ins>+ AssemblyHelpers jit(nullptr);
</ins><span class="cx">
</span><span class="cx"> // We get passed the address of a scratch buffer. The first 8-byte slot of the buffer
</span><span class="cx"> // is the frame size. The second 8-byte slot is the pointer to where we are supposed to
</span><span class="lines">@@ -135,7 +135,7 @@
</span><span class="cx"> jit.abortWithReason(DFGUnreasonableOSREntryJumpDestination);
</span><span class="cx">
</span><span class="cx"> ok.link(&jit);
</span><del>- jit.restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer();
</del><ins>+ jit.restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer(*vm);
</ins><span class="cx"> jit.emitMaterializeTagCheckRegisters();
</span><span class="cx">
</span><span class="cx"> jit.jump(GPRInfo::regT1);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLCompilecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLCompile.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLCompile.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/ftl/FTLCompile.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -126,16 +126,16 @@
</span><span class="cx"> // We will add exception handlers while generating.
</span><span class="cx"> codeBlock->clearExceptionHandlers();
</span><span class="cx">
</span><del>- CCallHelpers jit(&vm, codeBlock);
</del><ins>+ CCallHelpers jit(codeBlock);
</ins><span class="cx"> B3::generate(*state.proc, jit);
</span><span class="cx">
</span><span class="cx"> // Emit the exception handler.
</span><span class="cx"> *state.exceptionHandler = jit.label();
</span><del>- jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer();
- jit.move(MacroAssembler::TrustedImmPtr(jit.vm()), GPRInfo::argumentGPR0);
</del><ins>+ jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(vm);
+ jit.move(MacroAssembler::TrustedImmPtr(&vm), GPRInfo::argumentGPR0);
</ins><span class="cx"> jit.move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR1);
</span><span class="cx"> CCallHelpers::Call call = jit.call();
</span><del>- jit.jumpToExceptionHandler();
</del><ins>+ jit.jumpToExceptionHandler(vm);
</ins><span class="cx"> jit.addLinkTask(
</span><span class="cx"> [=] (LinkBuffer& linkBuffer) {
</span><span class="cx"> linkBuffer.link(call, FunctionPtr(lookupExceptionHandler));
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLJITFinalizerh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLJITFinalizer.h (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLJITFinalizer.h 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/ftl/FTLJITFinalizer.h 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -30,7 +30,6 @@
</span><span class="cx"> #include "DFGFinalizer.h"
</span><span class="cx"> #include "FTLGeneratedFunction.h"
</span><span class="cx"> #include "FTLJITCode.h"
</span><del>-#include "FTLSlowPathCall.h"
</del><span class="cx"> #include "LinkBuffer.h"
</span><span class="cx"> #include "MacroAssembler.h"
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLLazySlowPathcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLLazySlowPath.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLLazySlowPath.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/ftl/FTLLazySlowPath.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -57,7 +57,7 @@
</span><span class="cx">
</span><span class="cx"> VM& vm = *codeBlock->vm();
</span><span class="cx">
</span><del>- CCallHelpers jit(&vm, codeBlock);
</del><ins>+ CCallHelpers jit(codeBlock);
</ins><span class="cx"> GenerationParams params;
</span><span class="cx"> CCallHelpers::JumpList exceptionJumps;
</span><span class="cx"> params.exceptionJumps = m_exceptionTarget ? &exceptionJumps : nullptr;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLLazySlowPathCallh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLLazySlowPathCall.h (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLLazySlowPathCall.h 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/ftl/FTLLazySlowPathCall.h 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -38,12 +38,12 @@
</span><span class="cx">
</span><span class="cx"> template<typename ResultType, typename... ArgumentTypes>
</span><span class="cx"> RefPtr<LazySlowPath::Generator> createLazyCallGenerator(
</span><del>- FunctionPtr function, ResultType result, ArgumentTypes... arguments)
</del><ins>+ VM& vm, FunctionPtr function, ResultType result, ArgumentTypes... arguments)
</ins><span class="cx"> {
</span><span class="cx"> return LazySlowPath::createGenerator(
</span><del>- [=] (CCallHelpers& jit, LazySlowPath::GenerationParams& params) {
</del><ins>+ [=, &vm] (CCallHelpers& jit, LazySlowPath::GenerationParams& params) {
</ins><span class="cx"> callOperation(
</span><del>- params.lazySlowPath->usedRegisters(), jit, params.lazySlowPath->callSiteIndex(),
</del><ins>+ vm, params.lazySlowPath->usedRegisters(), jit, params.lazySlowPath->callSiteIndex(),
</ins><span class="cx"> params.exceptionJumps, function, result, arguments...);
</span><span class="cx"> params.doneJumps.append(jit.jump());
</span><span class="cx"> });
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLLinkcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLLink.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLLink.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/ftl/FTLLink.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -60,7 +60,7 @@
</span><span class="cx">
</span><span class="cx"> // Create the entrypoint. Note that we use this entrypoint totally differently
</span><span class="cx"> // depending on whether we're doing OSR entry or not.
</span><del>- CCallHelpers jit(&vm, codeBlock);
</del><ins>+ CCallHelpers jit(codeBlock);
</ins><span class="cx">
</span><span class="cx"> std::unique_ptr<LinkBuffer> linkBuffer;
</span><span class="cx">
</span><span class="lines">@@ -142,11 +142,11 @@
</span><span class="cx"> CCallHelpers::Call callArityCheck = jit.call();
</span><span class="cx">
</span><span class="cx"> auto noException = jit.branch32(CCallHelpers::GreaterThanOrEqual, GPRInfo::returnValueGPR, CCallHelpers::TrustedImm32(0));
</span><del>- jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer();
- jit.move(CCallHelpers::TrustedImmPtr(jit.vm()), GPRInfo::argumentGPR0);
</del><ins>+ jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(vm);
+ jit.move(CCallHelpers::TrustedImmPtr(&vm), GPRInfo::argumentGPR0);
</ins><span class="cx"> jit.move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR1);
</span><span class="cx"> CCallHelpers::Call callLookupExceptionHandlerFromCallerFrame = jit.call();
</span><del>- jit.jumpToExceptionHandler();
</del><ins>+ jit.jumpToExceptionHandler(vm);
</ins><span class="cx"> noException.link(&jit);
</span><span class="cx">
</span><span class="cx"> if (!ASSERT_DISABLED) {
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLLowerDFGToB3cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -200,9 +200,11 @@
</span><span class="cx"> // that would cause it to always get collected.
</span><span class="cx"> m_out.storePtr(m_out.constIntPtr(bitwise_cast<intptr_t>(codeBlock())), addressFor(CallFrameSlot::codeBlock));
</span><span class="cx">
</span><ins>+ VM* vm = &this->vm();
+
</ins><span class="cx"> // Stack Overflow Check.
</span><span class="cx"> unsigned exitFrameSize = m_graph.requiredRegisterCountForExit() * sizeof(Register);
</span><del>- MacroAssembler::AbsoluteAddress addressOfStackLimit(vm().addressOfSoftStackLimit());
</del><ins>+ MacroAssembler::AbsoluteAddress addressOfStackLimit(vm->addressOfSoftStackLimit());
</ins><span class="cx"> PatchpointValue* stackOverflowHandler = m_out.patchpoint(Void);
</span><span class="cx"> CallSiteIndex callSiteIndex = callSiteIndexForCodeOrigin(m_ftlState, CodeOrigin(0));
</span><span class="cx"> stackOverflowHandler->appendSomeRegister(m_callFrame);
</span><span class="lines">@@ -226,16 +228,16 @@
</span><span class="cx"> jit.store32(
</span><span class="cx"> MacroAssembler::TrustedImm32(callSiteIndex.bits()),
</span><span class="cx"> CCallHelpers::tagFor(VirtualRegister(CallFrameSlot::argumentCount)));
</span><del>- jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer();
</del><ins>+ jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(*vm);
</ins><span class="cx">
</span><span class="cx"> jit.move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
</span><span class="cx"> jit.move(CCallHelpers::TrustedImmPtr(jit.codeBlock()), GPRInfo::argumentGPR1);
</span><span class="cx"> CCallHelpers::Call throwCall = jit.call();
</span><span class="cx">
</span><del>- jit.move(CCallHelpers::TrustedImmPtr(jit.vm()), GPRInfo::argumentGPR0);
</del><ins>+ jit.move(CCallHelpers::TrustedImmPtr(vm), GPRInfo::argumentGPR0);
</ins><span class="cx"> jit.move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR1);
</span><span class="cx"> CCallHelpers::Call lookupExceptionHandlerCall = jit.call();
</span><del>- jit.jumpToExceptionHandler();
</del><ins>+ jit.jumpToExceptionHandler(*vm);
</ins><span class="cx">
</span><span class="cx"> jit.addLinkTask(
</span><span class="cx"> [=] (LinkBuffer& linkBuffer) {
</span><span class="lines">@@ -4072,9 +4074,10 @@
</span><span class="cx"> m_out.jump(continuation);
</span><span class="cx">
</span><span class="cx"> m_out.appendTo(slowPath, continuation);
</span><ins>+ VM& vm = this->vm();
</ins><span class="cx"> LValue callResult = lazySlowPath(
</span><del>- [=] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
- return createLazyCallGenerator(
</del><ins>+ [=, &vm] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationCreateActivationDirect, locations[0].directGPR(),
</span><span class="cx"> CCallHelpers::TrustedImmPtr(structure.get()), locations[1].directGPR(),
</span><span class="cx"> CCallHelpers::TrustedImmPtr(table),
</span><span class="lines">@@ -4136,21 +4139,22 @@
</span><span class="cx">
</span><span class="cx"> Vector<LValue> slowPathArguments;
</span><span class="cx"> slowPathArguments.append(scope);
</span><ins>+ VM& vm = this->vm();
</ins><span class="cx"> LValue callResult = lazySlowPath(
</span><del>- [=] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
</del><ins>+ [=, &vm] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
</ins><span class="cx"> if (isGeneratorFunction) {
</span><del>- return createLazyCallGenerator(
</del><ins>+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationNewGeneratorFunctionWithInvalidatedReallocationWatchpoint,
</span><span class="cx"> locations[0].directGPR(), locations[1].directGPR(),
</span><span class="cx"> CCallHelpers::TrustedImmPtr(executable));
</span><span class="cx"> }
</span><span class="cx"> if (isAsyncFunction) {
</span><del>- return createLazyCallGenerator(
</del><ins>+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationNewAsyncFunctionWithInvalidatedReallocationWatchpoint,
</span><span class="cx"> locations[0].directGPR(), locations[1].directGPR(),
</span><span class="cx"> CCallHelpers::TrustedImmPtr(executable));
</span><span class="cx"> }
</span><del>- return createLazyCallGenerator(
</del><ins>+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationNewFunctionWithInvalidatedReallocationWatchpoint,
</span><span class="cx"> locations[0].directGPR(), locations[1].directGPR(),
</span><span class="cx"> CCallHelpers::TrustedImmPtr(executable));
</span><span class="lines">@@ -4208,9 +4212,10 @@
</span><span class="cx"> m_out.jump(continuation);
</span><span class="cx">
</span><span class="cx"> m_out.appendTo(slowPath, continuation);
</span><ins>+ VM& vm = this->vm();
</ins><span class="cx"> LValue callResult = lazySlowPath(
</span><del>- [=] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
- return createLazyCallGenerator(
</del><ins>+ [=, &vm] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationCreateDirectArguments, locations[0].directGPR(),
</span><span class="cx"> CCallHelpers::TrustedImmPtr(structure.get()), locations[1].directGPR(),
</span><span class="cx"> CCallHelpers::TrustedImm32(minCapacity));
</span><span class="lines">@@ -4820,9 +4825,10 @@
</span><span class="cx"> m_out.appendTo(slowCase, continuation);
</span><span class="cx"> LValue storageValue = m_out.phi(pointerType(), noStorage, haveStorage);
</span><span class="cx">
</span><ins>+ VM& vm = this->vm();
</ins><span class="cx"> LValue slowResultValue = lazySlowPath(
</span><del>- [=] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
- return createLazyCallGenerator(
</del><ins>+ [=, &vm] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationNewTypedArrayWithSizeForType(type), locations[0].directGPR(),
</span><span class="cx"> CCallHelpers::TrustedImmPtr(structure.get()), locations[1].directGPR(),
</span><span class="cx"> locations[2].directGPR());
</span><span class="lines">@@ -5083,11 +5089,12 @@
</span><span class="cx">
</span><span class="cx"> m_out.appendTo(slowPath, continuation);
</span><span class="cx"> LValue slowResultValue;
</span><ins>+ VM& vm = this->vm();
</ins><span class="cx"> switch (numKids) {
</span><span class="cx"> case 2:
</span><span class="cx"> slowResultValue = lazySlowPath(
</span><del>- [=] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
- return createLazyCallGenerator(
</del><ins>+ [=, &vm] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationMakeRope2, locations[0].directGPR(), locations[1].directGPR(),
</span><span class="cx"> locations[2].directGPR());
</span><span class="cx"> }, kids[0], kids[1]);
</span><span class="lines">@@ -5094,8 +5101,8 @@
</span><span class="cx"> break;
</span><span class="cx"> case 3:
</span><span class="cx"> slowResultValue = lazySlowPath(
</span><del>- [=] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
- return createLazyCallGenerator(
</del><ins>+ [=, &vm] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationMakeRope3, locations[0].directGPR(), locations[1].directGPR(),
</span><span class="cx"> locations[2].directGPR(), locations[3].directGPR());
</span><span class="cx"> }, kids[0], kids[1], kids[2]);
</span><span class="lines">@@ -5512,9 +5519,10 @@
</span><span class="cx">
</span><span class="cx"> LBasicBlock lastNext = m_out.appendTo(isNotInvalidated, continuation);
</span><span class="cx">
</span><ins>+ VM& vm = this->vm();
</ins><span class="cx"> lazySlowPath(
</span><del>- [=] (const Vector<Location>&) -> RefPtr<LazySlowPath::Generator> {
- return createLazyCallGenerator(
</del><ins>+ [=, &vm] (const Vector<Location>&) -> RefPtr<LazySlowPath::Generator> {
+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationNotifyWrite, InvalidGPRReg, CCallHelpers::TrustedImmPtr(set));
</span><span class="cx"> });
</span><span class="cx"> m_out.jump(continuation);
</span><span class="lines">@@ -6448,7 +6456,7 @@
</span><span class="cx"> auto callWithExceptionCheck = [&] (void* callee) {
</span><span class="cx"> jit.move(CCallHelpers::TrustedImmPtr(callee), GPRInfo::nonPreservedNonArgumentGPR);
</span><span class="cx"> jit.call(GPRInfo::nonPreservedNonArgumentGPR);
</span><del>- exceptions->append(jit.emitExceptionCheck(AssemblyHelpers::NormalExceptionCheck, AssemblyHelpers::FarJumpWidth));
</del><ins>+ exceptions->append(jit.emitExceptionCheck(state->vm(), AssemblyHelpers::NormalExceptionCheck, AssemblyHelpers::FarJumpWidth));
</ins><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> CCallHelpers::JumpList slowCase;
</span><span class="lines">@@ -6755,7 +6763,7 @@
</span><span class="cx"> auto callWithExceptionCheck = [&] (void* callee) {
</span><span class="cx"> jit.move(CCallHelpers::TrustedImmPtr(callee), GPRInfo::nonPreservedNonArgumentGPR);
</span><span class="cx"> jit.call(GPRInfo::nonPreservedNonArgumentGPR);
</span><del>- exceptions->append(jit.emitExceptionCheck(AssemblyHelpers::NormalExceptionCheck, AssemblyHelpers::FarJumpWidth));
</del><ins>+ exceptions->append(jit.emitExceptionCheck(state->vm(), AssemblyHelpers::NormalExceptionCheck, AssemblyHelpers::FarJumpWidth));
</ins><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> unsigned originalStackHeight = params.proc().frameSize();
</span><span class="lines">@@ -6771,7 +6779,7 @@
</span><span class="cx"> inlineCallFrame = node->origin.semantic.inlineCallFrame;
</span><span class="cx">
</span><span class="cx"> // emitSetupVarargsFrameFastCase modifies the stack pointer if it succeeds.
</span><del>- emitSetupVarargsFrameFastCase(jit, scratchGPR2, scratchGPR1, scratchGPR2, scratchGPR3, inlineCallFrame, data->firstVarArgOffset, slowCase);
</del><ins>+ emitSetupVarargsFrameFastCase(state->vm(), jit, scratchGPR2, scratchGPR1, scratchGPR2, scratchGPR3, inlineCallFrame, data->firstVarArgOffset, slowCase);
</ins><span class="cx">
</span><span class="cx"> CCallHelpers::Jump done = jit.jump();
</span><span class="cx"> slowCase.link(&jit);
</span><span class="lines">@@ -6942,7 +6950,7 @@
</span><span class="cx"> jit.setupArgumentsWithExecState(GPRInfo::regT1);
</span><span class="cx"> jit.move(CCallHelpers::TrustedImmPtr(bitwise_cast<void*>(operationCallEval)), GPRInfo::nonPreservedNonArgumentGPR);
</span><span class="cx"> jit.call(GPRInfo::nonPreservedNonArgumentGPR);
</span><del>- exceptions->append(jit.emitExceptionCheck(AssemblyHelpers::NormalExceptionCheck, AssemblyHelpers::FarJumpWidth));
</del><ins>+ exceptions->append(jit.emitExceptionCheck(state->vm(), AssemblyHelpers::NormalExceptionCheck, AssemblyHelpers::FarJumpWidth));
</ins><span class="cx">
</span><span class="cx"> CCallHelpers::Jump done = jit.branchTest64(CCallHelpers::NonZero, GPRInfo::returnValueGPR);
</span><span class="cx">
</span><span class="lines">@@ -7985,9 +7993,10 @@
</span><span class="cx"> rarely(slowPath), usually(continuation));
</span><span class="cx">
</span><span class="cx"> m_out.appendTo(slowPath, notCellCase);
</span><ins>+ VM& vm = this->vm();
</ins><span class="cx"> LValue slowResultValue = lazySlowPath(
</span><del>- [=] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
- return createLazyCallGenerator(
</del><ins>+ [=, &vm] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationObjectIsObject, locations[0].directGPR(),
</span><span class="cx"> CCallHelpers::TrustedImmPtr(globalObject), locations[1].directGPR());
</span><span class="cx"> }, value);
</span><span class="lines">@@ -8035,9 +8044,10 @@
</span><span class="cx"> rarely(slowPath), usually(continuation));
</span><span class="cx">
</span><span class="cx"> m_out.appendTo(slowPath, continuation);
</span><ins>+ VM& vm = this->vm();
</ins><span class="cx"> LValue slowResultValue = lazySlowPath(
</span><del>- [=] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
- return createLazyCallGenerator(
</del><ins>+ [=, &vm] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationObjectIsFunction, locations[0].directGPR(),
</span><span class="cx"> CCallHelpers::TrustedImmPtr(globalObject), locations[1].directGPR());
</span><span class="cx"> }, value);
</span><span class="lines">@@ -8779,11 +8789,12 @@
</span><span class="cx">
</span><span class="cx"> LValue butterflyValue = m_out.phi(pointerType(), noButterfly, haveButterfly);
</span><span class="cx">
</span><ins>+ VM& vm = this->vm();
</ins><span class="cx"> LValue slowObjectValue;
</span><span class="cx"> if (hasIndexingHeader) {
</span><span class="cx"> slowObjectValue = lazySlowPath(
</span><del>- [=] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
- return createLazyCallGenerator(
</del><ins>+ [=, &vm] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationNewObjectWithButterflyWithIndexingHeaderAndVectorLength,
</span><span class="cx"> locations[0].directGPR(), CCallHelpers::TrustedImmPtr(structure.get()),
</span><span class="cx"> locations[1].directGPR(), locations[2].directGPR());
</span><span class="lines">@@ -8791,8 +8802,8 @@
</span><span class="cx"> vectorLength, butterflyValue);
</span><span class="cx"> } else {
</span><span class="cx"> slowObjectValue = lazySlowPath(
</span><del>- [=] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
- return createLazyCallGenerator(
</del><ins>+ [=, &vm] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationNewObjectWithButterfly, locations[0].directGPR(),
</span><span class="cx"> CCallHelpers::TrustedImmPtr(structure.get()), locations[1].directGPR());
</span><span class="cx"> },
</span><span class="lines">@@ -8990,9 +9001,10 @@
</span><span class="cx"> // because all fields will be overwritten.
</span><span class="cx"> // FIXME: It may be worth creating an operation that calls a constructor on JSLexicalEnvironment that
</span><span class="cx"> // doesn't initialize every slot because we are guaranteed to do that here.
</span><ins>+ VM& vm = this->vm();
</ins><span class="cx"> LValue callResult = lazySlowPath(
</span><del>- [=] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
- return createLazyCallGenerator(
</del><ins>+ [=, &vm] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationCreateActivationDirect, locations[0].directGPR(),
</span><span class="cx"> CCallHelpers::TrustedImmPtr(structure.get()), locations[1].directGPR(),
</span><span class="cx"> CCallHelpers::TrustedImmPtr(table),
</span><span class="lines">@@ -9045,9 +9057,10 @@
</span><span class="cx">
</span><span class="cx"> LBasicBlock lastNext = m_out.appendTo(needTrapHandling, continuation);
</span><span class="cx">
</span><ins>+ VM& vm = this->vm();
</ins><span class="cx"> lazySlowPath(
</span><del>- [=] (const Vector<Location>&) -> RefPtr<LazySlowPath::Generator> {
- return createLazyCallGenerator(operationHandleTraps, InvalidGPRReg);
</del><ins>+ [=, &vm] (const Vector<Location>&) -> RefPtr<LazySlowPath::Generator> {
+ return createLazyCallGenerator(vm, operationHandleTraps, InvalidGPRReg);
</ins><span class="cx"> });
</span><span class="cx"> m_out.jump(continuation);
</span><span class="cx">
</span><span class="lines">@@ -9712,17 +9725,18 @@
</span><span class="cx"> m_out.appendTo(slowPath, continuation);
</span><span class="cx">
</span><span class="cx"> LValue slowButterflyValue;
</span><ins>+ VM& vm = this->vm();
</ins><span class="cx"> if (sizeInValues == initialOutOfLineCapacity) {
</span><span class="cx"> slowButterflyValue = lazySlowPath(
</span><del>- [=] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
- return createLazyCallGenerator(
</del><ins>+ [=, &vm] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationAllocateSimplePropertyStorageWithInitialCapacity,
</span><span class="cx"> locations[0].directGPR());
</span><span class="cx"> });
</span><span class="cx"> } else {
</span><span class="cx"> slowButterflyValue = lazySlowPath(
</span><del>- [=] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
- return createLazyCallGenerator(
</del><ins>+ [=, &vm] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationAllocateSimplePropertyStorage, locations[0].directGPR(),
</span><span class="cx"> CCallHelpers::TrustedImmPtr(sizeInValues));
</span><span class="cx"> });
</span><span class="lines">@@ -10801,9 +10815,10 @@
</span><span class="cx">
</span><span class="cx"> m_out.appendTo(slowPath, continuation);
</span><span class="cx">
</span><ins>+ VM& vm = this->vm();
</ins><span class="cx"> LValue slowResultValue = lazySlowPath(
</span><del>- [=] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
- return createLazyCallGenerator(
</del><ins>+ [=, &vm] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationNewObject, locations[0].directGPR(),
</span><span class="cx"> CCallHelpers::TrustedImmPtr(structure.get()));
</span><span class="cx"> });
</span><span class="lines">@@ -10919,9 +10934,10 @@
</span><span class="cx"> LValue structureValue = m_out.phi(pointerType(), largeStructure, failStructure);
</span><span class="cx"> LValue butterflyValue = m_out.phi(pointerType(), noButterfly, haveButterfly);
</span><span class="cx">
</span><ins>+ VM& vm = this->vm();
</ins><span class="cx"> LValue slowResultValue = lazySlowPath(
</span><del>- [=] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
- return createLazyCallGenerator(
</del><ins>+ [=, &vm] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationNewArrayWithSize, locations[0].directGPR(),
</span><span class="cx"> locations[1].directGPR(), locations[2].directGPR(), locations[3].directGPR());
</span><span class="cx"> },
</span><span class="lines">@@ -11667,9 +11683,10 @@
</span><span class="cx"> functor(TypeofType::Object);
</span><span class="cx">
</span><span class="cx"> m_out.appendTo(slowPath, unreachable);
</span><ins>+ VM& vm = this->vm();
</ins><span class="cx"> LValue result = lazySlowPath(
</span><del>- [=] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
- return createLazyCallGenerator(
</del><ins>+ [=, &vm] (const Vector<Location>& locations) -> RefPtr<LazySlowPath::Generator> {
+ return createLazyCallGenerator(vm,
</ins><span class="cx"> operationTypeOfObjectAsTypeofType, locations[0].directGPR(),
</span><span class="cx"> CCallHelpers::TrustedImmPtr(globalObject), locations[1].directGPR());
</span><span class="cx"> }, value);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLOSRExitCompilercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -181,12 +181,12 @@
</span><span class="cx"> // This code requires framePointerRegister is the same as callFrameRegister
</span><span class="cx"> static_assert(MacroAssembler::framePointerRegister == GPRInfo::callFrameRegister, "MacroAssembler::framePointerRegister and GPRInfo::callFrameRegister must be the same");
</span><span class="cx">
</span><del>- CCallHelpers jit(vm, codeBlock);
</del><ins>+ CCallHelpers jit(codeBlock);
</ins><span class="cx">
</span><span class="cx"> // The first thing we need to do is restablish our frame in the case of an exception.
</span><span class="cx"> if (exit.isGenericUnwindHandler()) {
</span><span class="cx"> RELEASE_ASSERT(vm->callFrameForCatch); // The first time we hit this exit, like at all other times, this field should be non-null.
</span><del>- jit.restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer();
</del><ins>+ jit.restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer(*vm);
</ins><span class="cx"> jit.loadPtr(vm->addressOfCallFrameForCatch(), MacroAssembler::framePointerRegister);
</span><span class="cx"> jit.addPtr(CCallHelpers::TrustedImm32(codeBlock->stackPointerOffset() * sizeof(Register)),
</span><span class="cx"> MacroAssembler::framePointerRegister, CCallHelpers::stackPointerRegister);
</span><span class="lines">@@ -489,7 +489,7 @@
</span><span class="cx">
</span><span class="cx"> handleExitCounts(jit, exit);
</span><span class="cx"> reifyInlinedCallFrames(jit, exit);
</span><del>- adjustAndJumpToTarget(jit, exit);
</del><ins>+ adjustAndJumpToTarget(*vm, jit, exit);
</ins><span class="cx">
</span><span class="cx"> LinkBuffer patchBuffer(*vm, jit, codeBlock);
</span><span class="cx"> exit.m_code = FINALIZE_CODE_IF(
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLSlowPathCallh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLSlowPathCall.h (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLSlowPathCall.h 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/ftl/FTLSlowPathCall.h 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -29,12 +29,10 @@
</span><span class="cx">
</span><span class="cx"> #include "CCallHelpers.h"
</span><span class="cx"> #include "FTLSlowPathCallKey.h"
</span><del>-#include "JITOperations.h"
</del><ins>+#include "FTLState.h"
</ins><span class="cx">
</span><span class="cx"> namespace JSC { namespace FTL {
</span><span class="cx">
</span><del>-class State;
-
</del><span class="cx"> class SlowPathCall {
</span><span class="cx"> public:
</span><span class="cx"> SlowPathCall() { }
</span><span class="lines">@@ -79,7 +77,7 @@
</span><span class="cx">
</span><span class="cx"> template<typename... ArgumentTypes>
</span><span class="cx"> SlowPathCall callOperation(
</span><del>- const RegisterSet& usedRegisters, CCallHelpers& jit, CCallHelpers::JumpList* exceptionTarget,
</del><ins>+ VM& vm, const RegisterSet& usedRegisters, CCallHelpers& jit, CCallHelpers::JumpList* exceptionTarget,
</ins><span class="cx"> FunctionPtr function, GPRReg resultGPR, ArgumentTypes... arguments)
</span><span class="cx"> {
</span><span class="cx"> SlowPathCall call;
</span><span class="lines">@@ -89,13 +87,13 @@
</span><span class="cx"> call = context.makeCall(function.value());
</span><span class="cx"> }
</span><span class="cx"> if (exceptionTarget)
</span><del>- exceptionTarget->append(jit.emitExceptionCheck());
</del><ins>+ exceptionTarget->append(jit.emitExceptionCheck(vm));
</ins><span class="cx"> return call;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> template<typename... ArgumentTypes>
</span><span class="cx"> SlowPathCall callOperation(
</span><del>- const RegisterSet& usedRegisters, CCallHelpers& jit, CallSiteIndex callSiteIndex,
</del><ins>+ VM& vm, const RegisterSet& usedRegisters, CCallHelpers& jit, CallSiteIndex callSiteIndex,
</ins><span class="cx"> CCallHelpers::JumpList* exceptionTarget, FunctionPtr function, GPRReg resultGPR,
</span><span class="cx"> ArgumentTypes... arguments)
</span><span class="cx"> {
</span><span class="lines">@@ -104,7 +102,7 @@
</span><span class="cx"> CCallHelpers::TrustedImm32(callSiteIndex.bits()),
</span><span class="cx"> CCallHelpers::tagFor(CallFrameSlot::argumentCount));
</span><span class="cx"> }
</span><del>- return callOperation(usedRegisters, jit, exceptionTarget, function, resultGPR, arguments...);
</del><ins>+ return callOperation(vm, usedRegisters, jit, exceptionTarget, function, resultGPR, arguments...);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> CallSiteIndex callSiteIndexForCodeOrigin(State&, CodeOrigin);
</span><span class="lines">@@ -115,7 +113,7 @@
</span><span class="cx"> CCallHelpers::JumpList* exceptionTarget, FunctionPtr function, GPRReg result, ArgumentTypes... arguments)
</span><span class="cx"> {
</span><span class="cx"> return callOperation(
</span><del>- usedRegisters, jit, callSiteIndexForCodeOrigin(state, codeOrigin), exceptionTarget, function,
</del><ins>+ state.vm(), usedRegisters, jit, callSiteIndexForCodeOrigin(state, codeOrigin), exceptionTarget, function,
</ins><span class="cx"> result, arguments...);
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLStateh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLState.h (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLState.h 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/ftl/FTLState.h 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -64,6 +64,8 @@
</span><span class="cx"> public:
</span><span class="cx"> State(DFG::Graph& graph);
</span><span class="cx"> ~State();
</span><ins>+
+ VM& vm() { return graph.m_vm; }
</ins><span class="cx">
</span><span class="cx"> // None of these things is owned by State. It is the responsibility of
</span><span class="cx"> // FTL phases to properly manage the lifecycle of the module and function.
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLThunkscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLThunks.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLThunks.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/ftl/FTLThunks.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -49,7 +49,7 @@
</span><span class="cx"> static MacroAssemblerCodeRef genericGenerationThunkGenerator(
</span><span class="cx"> VM* vm, FunctionPtr generationFunction, const char* name, unsigned extraPopsToRestore, FrameAndStackAdjustmentRequirement frameAndStackAdjustmentRequirement)
</span><span class="cx"> {
</span><del>- AssemblyHelpers jit(vm, 0);
</del><ins>+ AssemblyHelpers jit(nullptr);
</ins><span class="cx">
</span><span class="cx"> if (frameAndStackAdjustmentRequirement == FrameAndStackAdjustmentRequirement::Needed) {
</span><span class="cx"> // This needs to happen before we use the scratch buffer because this function also uses the scratch buffer.
</span><span class="lines">@@ -166,7 +166,7 @@
</span><span class="cx">
</span><span class="cx"> MacroAssemblerCodeRef slowPathCallThunkGenerator(VM& vm, const SlowPathCallKey& key)
</span><span class="cx"> {
</span><del>- AssemblyHelpers jit(&vm, 0);
</del><ins>+ AssemblyHelpers jit(nullptr);
</ins><span class="cx">
</span><span class="cx"> // We want to save the given registers at the given offset, then we want to save the
</span><span class="cx"> // old return address somewhere past that offset, and then finally we want to make the
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitAssemblyHelperscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/AssemblyHelpers.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/AssemblyHelpers.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/jit/AssemblyHelpers.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -305,24 +305,24 @@
</span><span class="cx">
</span><span class="cx"> #endif // !ASSERT_DISABLED
</span><span class="cx">
</span><del>-void AssemblyHelpers::jitReleaseAssertNoException()
</del><ins>+void AssemblyHelpers::jitReleaseAssertNoException(VM& vm)
</ins><span class="cx"> {
</span><span class="cx"> Jump noException;
</span><span class="cx"> #if USE(JSVALUE64)
</span><del>- noException = branchTest64(Zero, AbsoluteAddress(vm()->addressOfException()));
</del><ins>+ noException = branchTest64(Zero, AbsoluteAddress(vm.addressOfException()));
</ins><span class="cx"> #elif USE(JSVALUE32_64)
</span><del>- noException = branch32(Equal, AbsoluteAddress(vm()->addressOfException()), TrustedImm32(0));
</del><ins>+ noException = branch32(Equal, AbsoluteAddress(vm.addressOfException()), TrustedImm32(0));
</ins><span class="cx"> #endif
</span><span class="cx"> abortWithReason(JITUncoughtExceptionAfterCall);
</span><span class="cx"> noException.link(this);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void AssemblyHelpers::callExceptionFuzz()
</del><ins>+void AssemblyHelpers::callExceptionFuzz(VM& vm)
</ins><span class="cx"> {
</span><span class="cx"> if (!Options::useExceptionFuzz())
</span><span class="cx"> return;
</span><span class="cx">
</span><del>- EncodedJSValue* buffer = vm()->exceptionFuzzingBuffer(sizeof(EncodedJSValue) * (GPRInfo::numberOfRegisters + FPRInfo::numberOfRegisters));
</del><ins>+ EncodedJSValue* buffer = vm.exceptionFuzzingBuffer(sizeof(EncodedJSValue) * (GPRInfo::numberOfRegisters + FPRInfo::numberOfRegisters));
</ins><span class="cx">
</span><span class="cx"> for (unsigned i = 0; i < GPRInfo::numberOfRegisters; ++i) {
</span><span class="cx"> #if USE(JSVALUE64)
</span><span class="lines">@@ -358,14 +358,14 @@
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><del>-AssemblyHelpers::Jump AssemblyHelpers::emitJumpIfException()
</del><ins>+AssemblyHelpers::Jump AssemblyHelpers::emitJumpIfException(VM& vm)
</ins><span class="cx"> {
</span><del>- return emitExceptionCheck(NormalExceptionCheck);
</del><ins>+ return emitExceptionCheck(vm, NormalExceptionCheck);
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-AssemblyHelpers::Jump AssemblyHelpers::emitExceptionCheck(ExceptionCheckKind kind, ExceptionJumpWidth width)
</del><ins>+AssemblyHelpers::Jump AssemblyHelpers::emitExceptionCheck(VM& vm, ExceptionCheckKind kind, ExceptionJumpWidth width)
</ins><span class="cx"> {
</span><del>- callExceptionFuzz();
</del><ins>+ callExceptionFuzz(vm);
</ins><span class="cx">
</span><span class="cx"> if (width == FarJumpWidth)
</span><span class="cx"> kind = (kind == NormalExceptionCheck ? InvertedExceptionCheck : NormalExceptionCheck);
</span><span class="lines">@@ -372,9 +372,9 @@
</span><span class="cx">
</span><span class="cx"> Jump result;
</span><span class="cx"> #if USE(JSVALUE64)
</span><del>- result = branchTest64(kind == NormalExceptionCheck ? NonZero : Zero, AbsoluteAddress(vm()->addressOfException()));
</del><ins>+ result = branchTest64(kind == NormalExceptionCheck ? NonZero : Zero, AbsoluteAddress(vm.addressOfException()));
</ins><span class="cx"> #elif USE(JSVALUE32_64)
</span><del>- result = branch32(kind == NormalExceptionCheck ? NotEqual : Equal, AbsoluteAddress(vm()->addressOfException()), TrustedImm32(0));
</del><ins>+ result = branch32(kind == NormalExceptionCheck ? NotEqual : Equal, AbsoluteAddress(vm.addressOfException()), TrustedImm32(0));
</ins><span class="cx"> #endif
</span><span class="cx">
</span><span class="cx"> if (width == NormalJumpWidth)
</span><span class="lines">@@ -386,15 +386,15 @@
</span><span class="cx"> return realJump.m_jump;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-AssemblyHelpers::Jump AssemblyHelpers::emitNonPatchableExceptionCheck()
</del><ins>+AssemblyHelpers::Jump AssemblyHelpers::emitNonPatchableExceptionCheck(VM& vm)
</ins><span class="cx"> {
</span><del>- callExceptionFuzz();
</del><ins>+ callExceptionFuzz(vm);
</ins><span class="cx">
</span><span class="cx"> Jump result;
</span><span class="cx"> #if USE(JSVALUE64)
</span><del>- result = branchTest64(NonZero, AbsoluteAddress(vm()->addressOfException()));
</del><ins>+ result = branchTest64(NonZero, AbsoluteAddress(vm.addressOfException()));
</ins><span class="cx"> #elif USE(JSVALUE32_64)
</span><del>- result = branch32(NotEqual, AbsoluteAddress(vm()->addressOfException()), TrustedImm32(0));
</del><ins>+ result = branch32(NotEqual, AbsoluteAddress(vm.addressOfException()), TrustedImm32(0));
</ins><span class="cx"> #endif
</span><span class="cx">
</span><span class="cx"> return result;
</span><span class="lines">@@ -453,15 +453,16 @@
</span><span class="cx"> result);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void AssemblyHelpers::emitLoadStructure(RegisterID source, RegisterID dest, RegisterID scratch)
</del><ins>+void AssemblyHelpers::emitLoadStructure(VM& vm, RegisterID source, RegisterID dest, RegisterID scratch)
</ins><span class="cx"> {
</span><span class="cx"> #if USE(JSVALUE64)
</span><span class="cx"> ASSERT(dest != scratch);
</span><span class="cx"> load32(MacroAssembler::Address(source, JSCell::structureIDOffset()), dest);
</span><del>- loadPtr(vm()->heap.structureIDTable().base(), scratch);
</del><ins>+ loadPtr(vm.heap.structureIDTable().base(), scratch);
</ins><span class="cx"> loadPtr(MacroAssembler::BaseIndex(scratch, dest, MacroAssembler::TimesEight), dest);
</span><span class="cx"> #else
</span><span class="cx"> UNUSED_PARAM(scratch);
</span><ins>+ UNUSED_PARAM(vm);
</ins><span class="cx"> loadPtr(MacroAssembler::Address(source, JSCell::structureIDOffset()), dest);
</span><span class="cx"> #endif
</span><span class="cx"> }
</span><span class="lines">@@ -553,10 +554,10 @@
</span><span class="cx"> emitRandomThunkImpl(*this, scratch0, scratch1, scratch2, result, loadFromHigh, storeToHigh, loadFromLow, storeToLow);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void AssemblyHelpers::emitRandomThunk(GPRReg scratch0, GPRReg scratch1, GPRReg scratch2, GPRReg scratch3, FPRReg result)
</del><ins>+void AssemblyHelpers::emitRandomThunk(VM& vm, GPRReg scratch0, GPRReg scratch1, GPRReg scratch2, GPRReg scratch3, FPRReg result)
</ins><span class="cx"> {
</span><span class="cx"> emitGetFromCallFrameHeaderPtr(CallFrameSlot::callee, scratch3);
</span><del>- emitLoadStructure(scratch3, scratch3, scratch0);
</del><ins>+ emitLoadStructure(vm, scratch3, scratch3, scratch0);
</ins><span class="cx"> loadPtr(Address(scratch3, Structure::globalObjectOffset()), scratch3);
</span><span class="cx"> // Now, scratch3 holds JSGlobalObject*.
</span><span class="cx">
</span><span class="lines">@@ -577,10 +578,10 @@
</span><span class="cx"> }
</span><span class="cx"> #endif
</span><span class="cx">
</span><del>-void AssemblyHelpers::restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer()
</del><ins>+void AssemblyHelpers::restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer(VM& vm)
</ins><span class="cx"> {
</span><span class="cx"> #if NUMBER_OF_CALLEE_SAVES_REGISTERS > 0
</span><del>- RegisterAtOffsetList* allCalleeSaves = m_vm->getAllCalleeSaveRegisterOffsets();
</del><ins>+ RegisterAtOffsetList* allCalleeSaves = vm.getAllCalleeSaveRegisterOffsets();
</ins><span class="cx"> RegisterSet dontRestoreRegisters = RegisterSet::stackRegisters();
</span><span class="cx"> unsigned registerCount = allCalleeSaves->size();
</span><span class="cx">
</span><span class="lines">@@ -600,7 +601,7 @@
</span><span class="cx"> }
</span><span class="cx"> ASSERT(scratch != InvalidGPRReg);
</span><span class="cx">
</span><del>- loadPtr(&m_vm->topVMEntryFrame, scratch);
</del><ins>+ loadPtr(&vm.topVMEntryFrame, scratch);
</ins><span class="cx"> addPtr(TrustedImm32(VMEntryFrame::calleeSaveRegistersBufferOffset()), scratch);
</span><span class="cx">
</span><span class="cx"> // Restore all callee saves except for the scratch.
</span><span class="lines">@@ -621,6 +622,8 @@
</span><span class="cx"> ASSERT(entry.reg().isGPR());
</span><span class="cx"> ASSERT(scratch == entry.reg().gpr());
</span><span class="cx"> loadPtr(Address(scratch, entry.offset()), scratch);
</span><ins>+#else
+ UNUSED_PARAM(vm);
</ins><span class="cx"> #endif
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -682,7 +685,7 @@
</span><span class="cx"> }
</span><span class="cx"> #endif // USE(JSVALUE64)
</span><span class="cx">
</span><del>-void AssemblyHelpers::emitConvertValueToBoolean(JSValueRegs value, GPRReg result, GPRReg scratch, FPRReg valueAsFPR, FPRReg tempFPR, bool shouldCheckMasqueradesAsUndefined, JSGlobalObject* globalObject, bool negateResult)
</del><ins>+void AssemblyHelpers::emitConvertValueToBoolean(VM& vm, JSValueRegs value, GPRReg result, GPRReg scratch, FPRReg valueAsFPR, FPRReg tempFPR, bool shouldCheckMasqueradesAsUndefined, JSGlobalObject* globalObject, bool negateResult)
</ins><span class="cx"> {
</span><span class="cx"> // Implements the following control flow structure:
</span><span class="cx"> // if (value is boolean) {
</span><span class="lines">@@ -752,7 +755,7 @@
</span><span class="cx"> ASSERT(scratch != InvalidGPRReg);
</span><span class="cx"> JumpList isNotMasqueradesAsUndefined;
</span><span class="cx"> isNotMasqueradesAsUndefined.append(branchTest8(Zero, Address(value.payloadGPR(), JSCell::typeInfoFlagsOffset()), TrustedImm32(MasqueradesAsUndefined)));
</span><del>- emitLoadStructure(value.payloadGPR(), result, scratch);
</del><ins>+ emitLoadStructure(vm, value.payloadGPR(), result, scratch);
</ins><span class="cx"> move(TrustedImmPtr(globalObject), scratch);
</span><span class="cx"> isNotMasqueradesAsUndefined.append(branchPtr(NotEqual, Address(result, Structure::globalObjectOffset()), scratch));
</span><span class="cx"> // We act like we are "undefined" here.
</span><span class="lines">@@ -811,8 +814,63 @@
</span><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+#endif // ENABLE(WEBASSEMBLY)
+
+void AssemblyHelpers::debugCall(VM& vm, V_DebugOperation_EPP function, void* argument)
+{
+ size_t scratchSize = sizeof(EncodedJSValue) * (GPRInfo::numberOfRegisters + FPRInfo::numberOfRegisters);
+ ScratchBuffer* scratchBuffer = vm.scratchBufferForSize(scratchSize);
+ EncodedJSValue* buffer = static_cast<EncodedJSValue*>(scratchBuffer->dataBuffer());
+
+ for (unsigned i = 0; i < GPRInfo::numberOfRegisters; ++i) {
+#if USE(JSVALUE64)
+ store64(GPRInfo::toRegister(i), buffer + i);
+#else
+ store32(GPRInfo::toRegister(i), buffer + i);
</ins><span class="cx"> #endif
</span><ins>+ }
</ins><span class="cx">
</span><ins>+ for (unsigned i = 0; i < FPRInfo::numberOfRegisters; ++i) {
+ move(TrustedImmPtr(buffer + GPRInfo::numberOfRegisters + i), GPRInfo::regT0);
+ storeDouble(FPRInfo::toRegister(i), GPRInfo::regT0);
+ }
+
+ // Tell GC mark phase how much of the scratch buffer is active during call.
+ move(TrustedImmPtr(scratchBuffer->activeLengthPtr()), GPRInfo::regT0);
+ storePtr(TrustedImmPtr(scratchSize), GPRInfo::regT0);
+
+#if CPU(X86_64) || CPU(ARM) || CPU(ARM64) || CPU(MIPS)
+ move(TrustedImmPtr(buffer), GPRInfo::argumentGPR2);
+ move(TrustedImmPtr(argument), GPRInfo::argumentGPR1);
+ move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
+ GPRReg scratch = selectScratchGPR(GPRInfo::argumentGPR0, GPRInfo::argumentGPR1, GPRInfo::argumentGPR2);
+#elif CPU(X86)
+ poke(GPRInfo::callFrameRegister, 0);
+ poke(TrustedImmPtr(argument), 1);
+ poke(TrustedImmPtr(buffer), 2);
+ GPRReg scratch = GPRInfo::regT0;
+#else
+#error "JIT not supported on this platform."
+#endif
+ move(TrustedImmPtr(reinterpret_cast<void*>(function)), scratch);
+ call(scratch);
+
+ move(TrustedImmPtr(scratchBuffer->activeLengthPtr()), GPRInfo::regT0);
+ storePtr(TrustedImmPtr(0), GPRInfo::regT0);
+
+ for (unsigned i = 0; i < FPRInfo::numberOfRegisters; ++i) {
+ move(TrustedImmPtr(buffer + GPRInfo::numberOfRegisters + i), GPRInfo::regT0);
+ loadDouble(GPRInfo::regT0, FPRInfo::toRegister(i));
+ }
+ for (unsigned i = 0; i < GPRInfo::numberOfRegisters; ++i) {
+#if USE(JSVALUE64)
+ load64(buffer + i, GPRInfo::toRegister(i));
+#else
+ load32(buffer + i, GPRInfo::toRegister(i));
+#endif
+ }
+}
+
</ins><span class="cx"> } // namespace JSC
</span><span class="cx">
</span><span class="cx"> #endif // ENABLE(JIT)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitAssemblyHelpersh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/AssemblyHelpers.h (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/AssemblyHelpers.h 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/jit/AssemblyHelpers.h 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -49,9 +49,8 @@
</span><span class="cx">
</span><span class="cx"> class AssemblyHelpers : public MacroAssembler {
</span><span class="cx"> public:
</span><del>- AssemblyHelpers(VM* vm, CodeBlock* codeBlock)
- : m_vm(vm)
- , m_codeBlock(codeBlock)
</del><ins>+ AssemblyHelpers(CodeBlock* codeBlock)
+ : m_codeBlock(codeBlock)
</ins><span class="cx"> , m_baselineCodeBlock(codeBlock ? codeBlock->baselineAlternative() : 0)
</span><span class="cx"> {
</span><span class="cx"> if (m_codeBlock) {
</span><span class="lines">@@ -62,7 +61,6 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> CodeBlock* codeBlock() { return m_codeBlock; }
</span><del>- VM* vm() { return m_vm; }
</del><span class="cx"> AssemblerType_T& assembler() { return m_assembler; }
</span><span class="cx">
</span><span class="cx"> void checkStackPointerAlignment()
</span><span class="lines">@@ -335,15 +333,15 @@
</span><span class="cx"> #endif
</span><span class="cx"> }
</span><span class="cx">
</span><del>- void copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(const TempRegisterSet& usedRegisters = { RegisterSet::stubUnavailableRegisters() })
</del><ins>+ void copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(VM& vm, const TempRegisterSet& usedRegisters = { RegisterSet::stubUnavailableRegisters() })
</ins><span class="cx"> {
</span><span class="cx"> #if NUMBER_OF_CALLEE_SAVES_REGISTERS > 0
</span><span class="cx"> GPRReg temp1 = usedRegisters.getFreeGPR(0);
</span><span class="cx">
</span><del>- loadPtr(&m_vm->topVMEntryFrame, temp1);
</del><ins>+ loadPtr(&vm.topVMEntryFrame, temp1);
</ins><span class="cx"> addPtr(TrustedImm32(VMEntryFrame::calleeSaveRegistersBufferOffset()), temp1);
</span><span class="cx">
</span><del>- RegisterAtOffsetList* allCalleeSaves = m_vm->getAllCalleeSaveRegisterOffsets();
</del><ins>+ RegisterAtOffsetList* allCalleeSaves = vm.getAllCalleeSaveRegisterOffsets();
</ins><span class="cx"> RegisterSet dontCopyRegisters = RegisterSet::stackRegisters();
</span><span class="cx"> unsigned registerCount = allCalleeSaves->size();
</span><span class="cx">
</span><span class="lines">@@ -357,13 +355,14 @@
</span><span class="cx"> storeDouble(entry.reg().fpr(), Address(temp1, entry.offset()));
</span><span class="cx"> }
</span><span class="cx"> #else
</span><ins>+ UNUSED_PARAM(vm);
</ins><span class="cx"> UNUSED_PARAM(usedRegisters);
</span><span class="cx"> #endif
</span><span class="cx"> }
</span><span class="cx">
</span><del>- void restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer();
</del><ins>+ void restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer(VM&);
</ins><span class="cx">
</span><del>- void copyCalleeSavesFromFrameOrRegisterToVMEntryFrameCalleeSavesBuffer(const TempRegisterSet& usedRegisters = { RegisterSet::stubUnavailableRegisters() })
</del><ins>+ void copyCalleeSavesFromFrameOrRegisterToVMEntryFrameCalleeSavesBuffer(VM& vm, const TempRegisterSet& usedRegisters = { RegisterSet::stubUnavailableRegisters() })
</ins><span class="cx"> {
</span><span class="cx"> #if NUMBER_OF_CALLEE_SAVES_REGISTERS > 0
</span><span class="cx"> GPRReg temp1 = usedRegisters.getFreeGPR(0);
</span><span class="lines">@@ -374,10 +373,10 @@
</span><span class="cx"> ASSERT(codeBlock());
</span><span class="cx">
</span><span class="cx"> // Copy saved calleeSaves on stack or unsaved calleeSaves in register to vm calleeSave buffer
</span><del>- loadPtr(&m_vm->topVMEntryFrame, temp1);
</del><ins>+ loadPtr(&vm.topVMEntryFrame, temp1);
</ins><span class="cx"> addPtr(TrustedImm32(VMEntryFrame::calleeSaveRegistersBufferOffset()), temp1);
</span><span class="cx">
</span><del>- RegisterAtOffsetList* allCalleeSaves = m_vm->getAllCalleeSaveRegisterOffsets();
</del><ins>+ RegisterAtOffsetList* allCalleeSaves = vm.getAllCalleeSaveRegisterOffsets();
</ins><span class="cx"> RegisterAtOffsetList* currentCalleeSaves = codeBlock()->calleeSaveRegisters();
</span><span class="cx"> RegisterSet dontCopyRegisters = RegisterSet::stackRegisters();
</span><span class="cx"> unsigned registerCount = allCalleeSaves->size();
</span><span class="lines">@@ -413,6 +412,7 @@
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx"> #else
</span><ins>+ UNUSED_PARAM(vm);
</ins><span class="cx"> UNUSED_PARAM(usedRegisters);
</span><span class="cx"> #endif
</span><span class="cx"> }
</span><span class="lines">@@ -974,61 +974,8 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // Add a debug call. This call has no effect on JIT code execution state.
</span><del>- void debugCall(V_DebugOperation_EPP function, void* argument)
- {
- size_t scratchSize = sizeof(EncodedJSValue) * (GPRInfo::numberOfRegisters + FPRInfo::numberOfRegisters);
- ScratchBuffer* scratchBuffer = m_vm->scratchBufferForSize(scratchSize);
- EncodedJSValue* buffer = static_cast<EncodedJSValue*>(scratchBuffer->dataBuffer());
</del><ins>+ void debugCall(VM&, V_DebugOperation_EPP function, void* argument);
</ins><span class="cx">
</span><del>- for (unsigned i = 0; i < GPRInfo::numberOfRegisters; ++i) {
-#if USE(JSVALUE64)
- store64(GPRInfo::toRegister(i), buffer + i);
-#else
- store32(GPRInfo::toRegister(i), buffer + i);
-#endif
- }
-
- for (unsigned i = 0; i < FPRInfo::numberOfRegisters; ++i) {
- move(TrustedImmPtr(buffer + GPRInfo::numberOfRegisters + i), GPRInfo::regT0);
- storeDouble(FPRInfo::toRegister(i), GPRInfo::regT0);
- }
-
- // Tell GC mark phase how much of the scratch buffer is active during call.
- move(TrustedImmPtr(scratchBuffer->activeLengthPtr()), GPRInfo::regT0);
- storePtr(TrustedImmPtr(scratchSize), GPRInfo::regT0);
-
-#if CPU(X86_64) || CPU(ARM) || CPU(ARM64) || CPU(MIPS)
- move(TrustedImmPtr(buffer), GPRInfo::argumentGPR2);
- move(TrustedImmPtr(argument), GPRInfo::argumentGPR1);
- move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
- GPRReg scratch = selectScratchGPR(GPRInfo::argumentGPR0, GPRInfo::argumentGPR1, GPRInfo::argumentGPR2);
-#elif CPU(X86)
- poke(GPRInfo::callFrameRegister, 0);
- poke(TrustedImmPtr(argument), 1);
- poke(TrustedImmPtr(buffer), 2);
- GPRReg scratch = GPRInfo::regT0;
-#else
-#error "JIT not supported on this platform."
-#endif
- move(TrustedImmPtr(reinterpret_cast<void*>(function)), scratch);
- call(scratch);
-
- move(TrustedImmPtr(scratchBuffer->activeLengthPtr()), GPRInfo::regT0);
- storePtr(TrustedImmPtr(0), GPRInfo::regT0);
-
- for (unsigned i = 0; i < FPRInfo::numberOfRegisters; ++i) {
- move(TrustedImmPtr(buffer + GPRInfo::numberOfRegisters + i), GPRInfo::regT0);
- loadDouble(GPRInfo::regT0, FPRInfo::toRegister(i));
- }
- for (unsigned i = 0; i < GPRInfo::numberOfRegisters; ++i) {
-#if USE(JSVALUE64)
- load64(buffer + i, GPRInfo::toRegister(i));
-#else
- load32(buffer + i, GPRInfo::toRegister(i));
-#endif
- }
- }
-
</del><span class="cx"> // These methods JIT generate dynamic, debug-only checks - akin to ASSERTs.
</span><span class="cx"> #if !ASSERT_DISABLED
</span><span class="cx"> void jitAssertIsInt32(GPRReg);
</span><span class="lines">@@ -1052,7 +999,7 @@
</span><span class="cx"> void jitAssertArgumentCountSane() { }
</span><span class="cx"> #endif
</span><span class="cx">
</span><del>- void jitReleaseAssertNoException();
</del><ins>+ void jitReleaseAssertNoException(VM&);
</ins><span class="cx">
</span><span class="cx"> void incrementSuperSamplerCount();
</span><span class="cx"> void decrementSuperSamplerCount();
</span><span class="lines">@@ -1189,14 +1136,14 @@
</span><span class="cx"> #endif
</span><span class="cx"> }
</span><span class="cx">
</span><del>- void callExceptionFuzz();
</del><ins>+ void callExceptionFuzz(VM&);
</ins><span class="cx">
</span><span class="cx"> enum ExceptionCheckKind { NormalExceptionCheck, InvertedExceptionCheck };
</span><span class="cx"> enum ExceptionJumpWidth { NormalJumpWidth, FarJumpWidth };
</span><span class="cx"> JS_EXPORT_PRIVATE Jump emitExceptionCheck(
</span><del>- ExceptionCheckKind = NormalExceptionCheck, ExceptionJumpWidth = NormalJumpWidth);
- JS_EXPORT_PRIVATE Jump emitNonPatchableExceptionCheck();
- Jump emitJumpIfException();
</del><ins>+ VM&, ExceptionCheckKind = NormalExceptionCheck, ExceptionJumpWidth = NormalJumpWidth);
+ JS_EXPORT_PRIVATE Jump emitNonPatchableExceptionCheck(VM&);
+ Jump emitJumpIfException(VM&);
</ins><span class="cx">
</span><span class="cx"> #if ENABLE(SAMPLING_COUNTERS)
</span><span class="cx"> static void emitCount(MacroAssembler& jit, AbstractSamplingCounter& counter, int32_t increment = 1)
</span><span class="lines">@@ -1279,7 +1226,7 @@
</span><span class="cx"> return argumentCount(codeOrigin.inlineCallFrame);
</span><span class="cx"> }
</span><span class="cx">
</span><del>- void emitLoadStructure(RegisterID source, RegisterID dest, RegisterID scratch);
</del><ins>+ void emitLoadStructure(VM&, RegisterID source, RegisterID dest, RegisterID scratch);
</ins><span class="cx">
</span><span class="cx"> void emitStoreStructureWithTypeInfo(TrustedImmPtr structure, RegisterID dest, RegisterID)
</span><span class="cx"> {
</span><span class="lines">@@ -1314,38 +1261,38 @@
</span><span class="cx"> return branch8(Above, AbsoluteAddress(address), TrustedImm32(blackThreshold));
</span><span class="cx"> }
</span><span class="cx">
</span><del>- Jump barrierBranch(GPRReg cell, GPRReg scratchGPR)
</del><ins>+ Jump barrierBranch(VM& vm, GPRReg cell, GPRReg scratchGPR)
</ins><span class="cx"> {
</span><span class="cx"> load8(Address(cell, JSCell::cellStateOffset()), scratchGPR);
</span><del>- return branch32(Above, scratchGPR, AbsoluteAddress(vm()->heap.addressOfBarrierThreshold()));
</del><ins>+ return branch32(Above, scratchGPR, AbsoluteAddress(vm.heap.addressOfBarrierThreshold()));
</ins><span class="cx"> }
</span><span class="cx">
</span><del>- Jump barrierBranch(JSCell* cell, GPRReg scratchGPR)
</del><ins>+ Jump barrierBranch(VM& vm, JSCell* cell, GPRReg scratchGPR)
</ins><span class="cx"> {
</span><span class="cx"> uint8_t* address = reinterpret_cast<uint8_t*>(cell) + JSCell::cellStateOffset();
</span><span class="cx"> load8(address, scratchGPR);
</span><del>- return branch32(Above, scratchGPR, AbsoluteAddress(vm()->heap.addressOfBarrierThreshold()));
</del><ins>+ return branch32(Above, scratchGPR, AbsoluteAddress(vm.heap.addressOfBarrierThreshold()));
</ins><span class="cx"> }
</span><span class="cx">
</span><del>- void barrierStoreLoadFence()
</del><ins>+ void barrierStoreLoadFence(VM& vm)
</ins><span class="cx"> {
</span><span class="cx"> if (!Options::useConcurrentBarriers())
</span><span class="cx"> return;
</span><del>- Jump ok = jumpIfMutatorFenceNotNeeded();
</del><ins>+ Jump ok = jumpIfMutatorFenceNotNeeded(vm);
</ins><span class="cx"> memoryFence();
</span><span class="cx"> ok.link(this);
</span><span class="cx"> }
</span><span class="cx">
</span><del>- void mutatorFence()
</del><ins>+ void mutatorFence(VM& vm)
</ins><span class="cx"> {
</span><span class="cx"> if (isX86())
</span><span class="cx"> return;
</span><del>- Jump ok = jumpIfMutatorFenceNotNeeded();
</del><ins>+ Jump ok = jumpIfMutatorFenceNotNeeded(vm);
</ins><span class="cx"> storeFence();
</span><span class="cx"> ok.link(this);
</span><span class="cx"> }
</span><span class="cx">
</span><del>- void storeButterfly(GPRReg butterfly, GPRReg object)
</del><ins>+ void storeButterfly(VM& vm, GPRReg butterfly, GPRReg object)
</ins><span class="cx"> {
</span><span class="cx"> if (isX86()) {
</span><span class="cx"> storePtr(butterfly, Address(object, JSObject::butterflyOffset()));
</span><span class="lines">@@ -1352,7 +1299,7 @@
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- Jump ok = jumpIfMutatorFenceNotNeeded();
</del><ins>+ Jump ok = jumpIfMutatorFenceNotNeeded(vm);
</ins><span class="cx"> storeFence();
</span><span class="cx"> storePtr(butterfly, Address(object, JSObject::butterflyOffset()));
</span><span class="cx"> storeFence();
</span><span class="lines">@@ -1362,7 +1309,7 @@
</span><span class="cx"> done.link(this);
</span><span class="cx"> }
</span><span class="cx">
</span><del>- void nukeStructureAndStoreButterfly(GPRReg butterfly, GPRReg object)
</del><ins>+ void nukeStructureAndStoreButterfly(VM& vm, GPRReg butterfly, GPRReg object)
</ins><span class="cx"> {
</span><span class="cx"> if (isX86()) {
</span><span class="cx"> or32(TrustedImm32(bitwise_cast<int32_t>(nukedStructureIDBit())), Address(object, JSCell::structureIDOffset()));
</span><span class="lines">@@ -1370,7 +1317,7 @@
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- Jump ok = jumpIfMutatorFenceNotNeeded();
</del><ins>+ Jump ok = jumpIfMutatorFenceNotNeeded(vm);
</ins><span class="cx"> or32(TrustedImm32(bitwise_cast<int32_t>(nukedStructureIDBit())), Address(object, JSCell::structureIDOffset()));
</span><span class="cx"> storeFence();
</span><span class="cx"> storePtr(butterfly, Address(object, JSObject::butterflyOffset()));
</span><span class="lines">@@ -1381,9 +1328,9 @@
</span><span class="cx"> done.link(this);
</span><span class="cx"> }
</span><span class="cx">
</span><del>- Jump jumpIfMutatorFenceNotNeeded()
</del><ins>+ Jump jumpIfMutatorFenceNotNeeded(VM& vm)
</ins><span class="cx"> {
</span><del>- return branchTest8(Zero, AbsoluteAddress(vm()->heap.addressOfMutatorShouldBeFenced()));
</del><ins>+ return branchTest8(Zero, AbsoluteAddress(vm.heap.addressOfMutatorShouldBeFenced()));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // Emits the branch structure for typeof. The code emitted by this doesn't fall through. The
</span><span class="lines">@@ -1471,7 +1418,7 @@
</span><span class="cx">
</span><span class="cx"> #if USE(JSVALUE64)
</span><span class="cx"> void emitRandomThunk(JSGlobalObject*, GPRReg scratch0, GPRReg scratch1, GPRReg scratch2, FPRReg result);
</span><del>- void emitRandomThunk(GPRReg scratch0, GPRReg scratch1, GPRReg scratch2, GPRReg scratch3, FPRReg result);
</del><ins>+ void emitRandomThunk(VM&, GPRReg scratch0, GPRReg scratch1, GPRReg scratch2, GPRReg scratch3, FPRReg result);
</ins><span class="cx"> #endif
</span><span class="cx">
</span><span class="cx"> // Call this if you know that the value held in allocatorGPR is non-null. This DOES NOT mean
</span><span class="lines">@@ -1551,10 +1498,10 @@
</span><span class="cx">
</span><span class="cx"> template<typename ClassType, typename StructureType, typename StorageType>
</span><span class="cx"> void emitAllocateJSObjectWithKnownSize(
</span><del>- GPRReg resultGPR, StructureType structure, StorageType storage, GPRReg scratchGPR1,
</del><ins>+ VM& vm, GPRReg resultGPR, StructureType structure, StorageType storage, GPRReg scratchGPR1,
</ins><span class="cx"> GPRReg scratchGPR2, JumpList& slowPath, size_t size)
</span><span class="cx"> {
</span><del>- MarkedAllocator* allocator = subspaceFor<ClassType>(*vm())->allocatorFor(size);
</del><ins>+ MarkedAllocator* allocator = subspaceFor<ClassType>(vm)->allocatorFor(size);
</ins><span class="cx"> if (!allocator) {
</span><span class="cx"> slowPath.append(jump());
</span><span class="cx"> return;
</span><span class="lines">@@ -1564,9 +1511,9 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> template<typename ClassType, typename StructureType, typename StorageType>
</span><del>- void emitAllocateJSObject(GPRReg resultGPR, StructureType structure, StorageType storage, GPRReg scratchGPR1, GPRReg scratchGPR2, JumpList& slowPath)
</del><ins>+ void emitAllocateJSObject(VM& vm, GPRReg resultGPR, StructureType structure, StorageType storage, GPRReg scratchGPR1, GPRReg scratchGPR2, JumpList& slowPath)
</ins><span class="cx"> {
</span><del>- emitAllocateJSObjectWithKnownSize<ClassType>(resultGPR, structure, storage, scratchGPR1, scratchGPR2, slowPath, ClassType::allocationSize(0));
</del><ins>+ emitAllocateJSObjectWithKnownSize<ClassType>(vm, resultGPR, structure, storage, scratchGPR1, scratchGPR2, slowPath, ClassType::allocationSize(0));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // allocationSize can be aliased with any of the other input GPRs. If it's not aliased then it
</span><span class="lines">@@ -1587,26 +1534,26 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> template<typename ClassType, typename StructureType>
</span><del>- void emitAllocateVariableSizedCell(GPRReg resultGPR, StructureType structure, GPRReg allocationSize, GPRReg scratchGPR1, GPRReg scratchGPR2, JumpList& slowPath)
</del><ins>+ void emitAllocateVariableSizedCell(VM& vm, GPRReg resultGPR, StructureType structure, GPRReg allocationSize, GPRReg scratchGPR1, GPRReg scratchGPR2, JumpList& slowPath)
</ins><span class="cx"> {
</span><del>- Subspace& subspace = *subspaceFor<ClassType>(*vm());
</del><ins>+ Subspace& subspace = *subspaceFor<ClassType>(vm);
</ins><span class="cx"> emitAllocateVariableSized(resultGPR, subspace, allocationSize, scratchGPR1, scratchGPR2, slowPath);
</span><span class="cx"> emitStoreStructureWithTypeInfo(structure, resultGPR, scratchGPR2);
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> template<typename ClassType, typename StructureType>
</span><del>- void emitAllocateVariableSizedJSObject(GPRReg resultGPR, StructureType structure, GPRReg allocationSize, GPRReg scratchGPR1, GPRReg scratchGPR2, JumpList& slowPath)
</del><ins>+ void emitAllocateVariableSizedJSObject(VM& vm, GPRReg resultGPR, StructureType structure, GPRReg allocationSize, GPRReg scratchGPR1, GPRReg scratchGPR2, JumpList& slowPath)
</ins><span class="cx"> {
</span><del>- emitAllocateVariableSizedCell<ClassType>(resultGPR, structure, allocationSize, scratchGPR1, scratchGPR2, slowPath);
</del><ins>+ emitAllocateVariableSizedCell<ClassType>(vm, resultGPR, structure, allocationSize, scratchGPR1, scratchGPR2, slowPath);
</ins><span class="cx"> storePtr(TrustedImmPtr(0), Address(resultGPR, JSObject::butterflyOffset()));
</span><span class="cx"> }
</span><span class="cx">
</span><del>- void emitConvertValueToBoolean(JSValueRegs value, GPRReg result, GPRReg scratchIfShouldCheckMasqueradesAsUndefined, FPRReg, FPRReg, bool shouldCheckMasqueradesAsUndefined, JSGlobalObject*, bool negateResult = false);
</del><ins>+ void emitConvertValueToBoolean(VM&, JSValueRegs value, GPRReg result, GPRReg scratchIfShouldCheckMasqueradesAsUndefined, FPRReg, FPRReg, bool shouldCheckMasqueradesAsUndefined, JSGlobalObject*, bool negateResult = false);
</ins><span class="cx">
</span><span class="cx"> template<typename ClassType>
</span><del>- void emitAllocateDestructibleObject(GPRReg resultGPR, Structure* structure, GPRReg scratchGPR1, GPRReg scratchGPR2, JumpList& slowPath)
</del><ins>+ void emitAllocateDestructibleObject(VM& vm, GPRReg resultGPR, Structure* structure, GPRReg scratchGPR1, GPRReg scratchGPR2, JumpList& slowPath)
</ins><span class="cx"> {
</span><del>- emitAllocateJSObject<ClassType>(resultGPR, TrustedImmPtr(structure), TrustedImmPtr(0), scratchGPR1, scratchGPR2, slowPath);
</del><ins>+ emitAllocateJSObject<ClassType>(vm, resultGPR, TrustedImmPtr(structure), TrustedImmPtr(0), scratchGPR1, scratchGPR2, slowPath);
</ins><span class="cx"> storePtr(TrustedImmPtr(structure->classInfo()), Address(resultGPR, JSDestructibleObject::classInfoOffset()));
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -1644,7 +1591,6 @@
</span><span class="cx"> #endif
</span><span class="cx">
</span><span class="cx"> protected:
</span><del>- VM* m_vm;
</del><span class="cx"> CodeBlock* m_codeBlock;
</span><span class="cx"> CodeBlock* m_baselineCodeBlock;
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitCCallHelperscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/CCallHelpers.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/CCallHelpers.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/jit/CCallHelpers.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -52,16 +52,16 @@
</span><span class="cx"> store32(TrustedImm32(callSiteIndex.bits()), Address(shadowPacket, OBJECT_OFFSETOF(ShadowChicken::Packet, callSiteIndex)));
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void CCallHelpers::ensureShadowChickenPacket(GPRReg shadowPacket, GPRReg scratch1NonArgGPR, GPRReg scratch2)
</del><ins>+void CCallHelpers::ensureShadowChickenPacket(VM& vm, GPRReg shadowPacket, GPRReg scratch1NonArgGPR, GPRReg scratch2)
</ins><span class="cx"> {
</span><span class="cx"> ASSERT(!RegisterSet::argumentGPRS().get(scratch1NonArgGPR));
</span><del>- move(TrustedImmPtr(vm()->shadowChicken().addressOfLogCursor()), scratch1NonArgGPR);
</del><ins>+ move(TrustedImmPtr(vm.shadowChicken().addressOfLogCursor()), scratch1NonArgGPR);
</ins><span class="cx"> loadPtr(Address(scratch1NonArgGPR), shadowPacket);
</span><del>- Jump ok = branchPtr(Below, shadowPacket, TrustedImmPtr(vm()->shadowChicken().logEnd()));
</del><ins>+ Jump ok = branchPtr(Below, shadowPacket, TrustedImmPtr(vm.shadowChicken().logEnd()));
</ins><span class="cx"> setupArgumentsExecState();
</span><span class="cx"> move(TrustedImmPtr(bitwise_cast<void*>(operationProcessShadowChickenLog)), scratch1NonArgGPR);
</span><span class="cx"> call(scratch1NonArgGPR);
</span><del>- move(TrustedImmPtr(vm()->shadowChicken().addressOfLogCursor()), scratch1NonArgGPR);
</del><ins>+ move(TrustedImmPtr(vm.shadowChicken().addressOfLogCursor()), scratch1NonArgGPR);
</ins><span class="cx"> loadPtr(Address(scratch1NonArgGPR), shadowPacket);
</span><span class="cx"> ok.link(this);
</span><span class="cx"> addPtr(TrustedImm32(sizeof(ShadowChicken::Packet)), shadowPacket, scratch2);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitCCallHelpersh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/CCallHelpers.h (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/CCallHelpers.h 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/jit/CCallHelpers.h 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -50,8 +50,8 @@
</span><span class="cx">
</span><span class="cx"> class CCallHelpers : public AssemblyHelpers {
</span><span class="cx"> public:
</span><del>- CCallHelpers(VM* vm, CodeBlock* codeBlock = 0)
- : AssemblyHelpers(vm, codeBlock)
</del><ins>+ CCallHelpers(CodeBlock* codeBlock = 0)
+ : AssemblyHelpers(codeBlock)
</ins><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -2440,11 +2440,11 @@
</span><span class="cx"> #endif
</span><span class="cx"> }
</span><span class="cx">
</span><del>- void jumpToExceptionHandler()
</del><ins>+ void jumpToExceptionHandler(VM& vm)
</ins><span class="cx"> {
</span><span class="cx"> // genericUnwind() leaves the handler CallFrame* in vm->callFrameForCatch,
</span><span class="cx"> // and the address of the handler in vm->targetMachinePCForThrow.
</span><del>- loadPtr(&vm()->targetMachinePCForThrow, GPRInfo::regT1);
</del><ins>+ loadPtr(&vm.targetMachinePCForThrow, GPRInfo::regT1);
</ins><span class="cx"> jump(GPRInfo::regT1);
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -2640,7 +2640,7 @@
</span><span class="cx"> void logShadowChickenProloguePacket(GPRReg shadowPacket, GPRReg scratch1, GPRReg scope);
</span><span class="cx"> void logShadowChickenTailPacket(GPRReg shadowPacket, JSValueRegs thisRegs, GPRReg scope, CodeBlock*, CallSiteIndex);
</span><span class="cx"> // Leaves behind a pointer to the Packet we should write to in shadowPacket.
</span><del>- void ensureShadowChickenPacket(GPRReg shadowPacket, GPRReg scratch1NonArgGPR, GPRReg scratch2);
</del><ins>+ void ensureShadowChickenPacket(VM&, GPRReg shadowPacket, GPRReg scratch1NonArgGPR, GPRReg scratch2);
</ins><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> } // namespace JSC
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JIT.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JIT.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/jit/JIT.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -110,7 +110,7 @@
</span><span class="cx"> skipOptimize.append(branchAdd32(Signed, TrustedImm32(Options::executionCounterIncrementForEntry()), AbsoluteAddress(m_codeBlock->addressOfJITExecuteCounter())));
</span><span class="cx"> ASSERT(!m_bytecodeOffset);
</span><span class="cx">
</span><del>- copyCalleeSavesFromFrameOrRegisterToVMEntryFrameCalleeSavesBuffer();
</del><ins>+ copyCalleeSavesFromFrameOrRegisterToVMEntryFrameCalleeSavesBuffer(*vm());
</ins><span class="cx">
</span><span class="cx"> callOperation(operationOptimize, m_bytecodeOffset);
</span><span class="cx"> skipOptimize.append(branchTestPtr(Zero, returnValueGPR));
</span><span class="lines">@@ -872,7 +872,7 @@
</span><span class="cx"> if (!m_exceptionChecksWithCallFrameRollback.empty()) {
</span><span class="cx"> m_exceptionChecksWithCallFrameRollback.link(this);
</span><span class="cx">
</span><del>- copyCalleeSavesToVMEntryFrameCalleeSavesBuffer();
</del><ins>+ copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(*vm());
</ins><span class="cx">
</span><span class="cx"> // lookupExceptionHandlerFromCallerFrame is passed two arguments, the VM and the exec (the CallFrame*).
</span><span class="cx">
</span><span class="lines">@@ -885,7 +885,7 @@
</span><span class="cx"> poke(GPRInfo::argumentGPR1, 1);
</span><span class="cx"> #endif
</span><span class="cx"> m_calls.append(CallRecord(call(), std::numeric_limits<unsigned>::max(), FunctionPtr(lookupExceptionHandlerFromCallerFrame).value()));
</span><del>- jumpToExceptionHandler();
</del><ins>+ jumpToExceptionHandler(*vm());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (!m_exceptionChecks.empty() || m_byValCompilationInfo.size()) {
</span><span class="lines">@@ -892,7 +892,7 @@
</span><span class="cx"> m_exceptionHandler = label();
</span><span class="cx"> m_exceptionChecks.link(this);
</span><span class="cx">
</span><del>- copyCalleeSavesToVMEntryFrameCalleeSavesBuffer();
</del><ins>+ copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(*vm());
</ins><span class="cx">
</span><span class="cx"> // lookupExceptionHandler is passed two arguments, the VM and the exec (the CallFrame*).
</span><span class="cx"> move(TrustedImmPtr(vm()), GPRInfo::argumentGPR0);
</span><span class="lines">@@ -904,7 +904,7 @@
</span><span class="cx"> poke(GPRInfo::argumentGPR1, 1);
</span><span class="cx"> #endif
</span><span class="cx"> m_calls.append(CallRecord(call(), std::numeric_limits<unsigned>::max(), FunctionPtr(lookupExceptionHandler).value()));
</span><del>- jumpToExceptionHandler();
</del><ins>+ jumpToExceptionHandler(*vm());
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JIT.h (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JIT.h 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/jit/JIT.h 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -294,12 +294,12 @@
</span><span class="cx">
</span><span class="cx"> void exceptionCheck()
</span><span class="cx"> {
</span><del>- m_exceptionChecks.append(emitExceptionCheck());
</del><ins>+ m_exceptionChecks.append(emitExceptionCheck(*vm()));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void exceptionCheckWithCallFrameRollback()
</span><span class="cx"> {
</span><del>- m_exceptionChecksWithCallFrameRollback.append(emitExceptionCheck());
</del><ins>+ m_exceptionChecksWithCallFrameRollback.append(emitExceptionCheck(*vm()));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void privateCompileExceptionHandlers();
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITMathICh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITMathIC.h (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITMathIC.h 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/jit/JITMathIC.h 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -131,7 +131,7 @@
</span><span class="cx"> void generateOutOfLine(VM& vm, CodeBlock* codeBlock, FunctionPtr callReplacement)
</span><span class="cx"> {
</span><span class="cx"> auto linkJumpToOutOfLineSnippet = [&] () {
</span><del>- CCallHelpers jit(&vm, codeBlock);
</del><ins>+ CCallHelpers jit(codeBlock);
</ins><span class="cx"> auto jump = jit.jump();
</span><span class="cx"> // We don't need a nop sled here because nobody should be jumping into the middle of an IC.
</span><span class="cx"> bool needsBranchCompaction = false;
</span><span class="lines">@@ -150,7 +150,7 @@
</span><span class="cx">
</span><span class="cx"> if (m_generateFastPathOnRepatch) {
</span><span class="cx">
</span><del>- CCallHelpers jit(&vm, codeBlock);
</del><ins>+ CCallHelpers jit(codeBlock);
</ins><span class="cx"> MathICGenerationState generationState;
</span><span class="cx"> bool generatedInline = generateInline(jit, generationState, shouldEmitProfiling);
</span><span class="cx">
</span><span class="lines">@@ -190,7 +190,7 @@
</span><span class="cx"> replaceCall();
</span><span class="cx">
</span><span class="cx"> {
</span><del>- CCallHelpers jit(&vm, codeBlock);
</del><ins>+ CCallHelpers jit(codeBlock);
</ins><span class="cx">
</span><span class="cx"> MacroAssembler::JumpList endJumpList;
</span><span class="cx"> MacroAssembler::JumpList slowPathJumpList;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITOpcodescpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -162,7 +162,7 @@
</span><span class="cx">
</span><span class="cx"> // Load the prototype of the object in regT2. If this is equal to regT1 - WIN!
</span><span class="cx"> // Otherwise, check if we've hit null - if we have then drop out of the loop, if not go again.
</span><del>- emitLoadStructure(regT2, regT2, regT3);
</del><ins>+ emitLoadStructure(*vm(), regT2, regT2, regT3);
</ins><span class="cx"> load64(Address(regT2, Structure::prototypeOffset()), regT2);
</span><span class="cx"> Jump isInstance = branchPtr(Equal, regT2, regT1);
</span><span class="cx"> emitJumpIfJSCell(regT2).linkTo(loop, this);
</span><span class="lines">@@ -210,7 +210,7 @@
</span><span class="cx"> Jump notMasqueradesAsUndefined = jump();
</span><span class="cx">
</span><span class="cx"> isMasqueradesAsUndefined.link(this);
</span><del>- emitLoadStructure(regT0, regT1, regT2);
</del><ins>+ emitLoadStructure(*vm(), regT0, regT1, regT2);
</ins><span class="cx"> move(TrustedImmPtr(m_codeBlock->globalObject()), regT0);
</span><span class="cx"> loadPtr(Address(regT1, Structure::globalObjectOffset()), regT1);
</span><span class="cx"> comparePtr(Equal, regT0, regT1, regT0);
</span><span class="lines">@@ -351,7 +351,7 @@
</span><span class="cx"> bool shouldCheckMasqueradesAsUndefined = true;
</span><span class="cx">
</span><span class="cx"> emitGetVirtualRegister(currentInstruction[1].u.operand, value);
</span><del>- emitConvertValueToBoolean(JSValueRegs(value), result, scratch, fpRegT0, fpRegT1, shouldCheckMasqueradesAsUndefined, m_codeBlock->globalObject());
</del><ins>+ emitConvertValueToBoolean(*vm(), JSValueRegs(value), result, scratch, fpRegT0, fpRegT1, shouldCheckMasqueradesAsUndefined, m_codeBlock->globalObject());
</ins><span class="cx">
</span><span class="cx"> addJump(branchTest32(Zero, result), target);
</span><span class="cx"> }
</span><span class="lines">@@ -366,7 +366,7 @@
</span><span class="cx">
</span><span class="cx"> // First, handle JSCell cases - check MasqueradesAsUndefined bit on the structure.
</span><span class="cx"> Jump isNotMasqueradesAsUndefined = branchTest8(Zero, Address(regT0, JSCell::typeInfoFlagsOffset()), TrustedImm32(MasqueradesAsUndefined));
</span><del>- emitLoadStructure(regT0, regT2, regT1);
</del><ins>+ emitLoadStructure(*vm(), regT0, regT2, regT1);
</ins><span class="cx"> move(TrustedImmPtr(m_codeBlock->globalObject()), regT0);
</span><span class="cx"> addJump(branchPtr(Equal, Address(regT2, Structure::globalObjectOffset()), regT0), target);
</span><span class="cx"> Jump masqueradesGlobalObjectIsForeign = jump();
</span><span class="lines">@@ -389,7 +389,7 @@
</span><span class="cx">
</span><span class="cx"> // First, handle JSCell cases - check MasqueradesAsUndefined bit on the structure.
</span><span class="cx"> addJump(branchTest8(Zero, Address(regT0, JSCell::typeInfoFlagsOffset()), TrustedImm32(MasqueradesAsUndefined)), target);
</span><del>- emitLoadStructure(regT0, regT2, regT1);
</del><ins>+ emitLoadStructure(*vm(), regT0, regT2, regT1);
</ins><span class="cx"> move(TrustedImmPtr(m_codeBlock->globalObject()), regT0);
</span><span class="cx"> addJump(branchPtr(NotEqual, Address(regT2, Structure::globalObjectOffset()), regT0), target);
</span><span class="cx"> Jump wasNotImmediate = jump();
</span><span class="lines">@@ -433,7 +433,7 @@
</span><span class="cx"> GPRReg scratch = regT2;
</span><span class="cx"> bool shouldCheckMasqueradesAsUndefined = true;
</span><span class="cx"> emitGetVirtualRegister(currentInstruction[1].u.operand, value);
</span><del>- emitConvertValueToBoolean(JSValueRegs(value), result, scratch, fpRegT0, fpRegT1, shouldCheckMasqueradesAsUndefined, m_codeBlock->globalObject());
</del><ins>+ emitConvertValueToBoolean(*vm(), JSValueRegs(value), result, scratch, fpRegT0, fpRegT1, shouldCheckMasqueradesAsUndefined, m_codeBlock->globalObject());
</ins><span class="cx"> addJump(branchTest32(NonZero, result), target);
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -451,10 +451,10 @@
</span><span class="cx"> void JIT::emit_op_throw(Instruction* currentInstruction)
</span><span class="cx"> {
</span><span class="cx"> ASSERT(regT0 == returnValueGPR);
</span><del>- copyCalleeSavesToVMEntryFrameCalleeSavesBuffer();
</del><ins>+ copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(*vm());
</ins><span class="cx"> emitGetVirtualRegister(currentInstruction[1].u.operand, regT0);
</span><span class="cx"> callOperationNoExceptionCheck(operationThrow, regT0);
</span><del>- jumpToExceptionHandler();
</del><ins>+ jumpToExceptionHandler(*vm());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void JIT::emit_op_push_with_scope(Instruction* currentInstruction)
</span><span class="lines">@@ -530,7 +530,7 @@
</span><span class="cx">
</span><span class="cx"> void JIT::emit_op_catch(Instruction* currentInstruction)
</span><span class="cx"> {
</span><del>- restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer();
</del><ins>+ restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer(*vm());
</ins><span class="cx">
</span><span class="cx"> move(TrustedImmPtr(m_vm), regT3);
</span><span class="cx"> load64(Address(regT3, VM::callFrameForCatchOffset()), callFrameRegister);
</span><span class="lines">@@ -540,7 +540,7 @@
</span><span class="cx">
</span><span class="cx"> callOperationNoExceptionCheck(operationCheckIfExceptionIsUncatchableAndNotifyProfiler);
</span><span class="cx"> Jump isCatchableException = branchTest32(Zero, returnValueGPR);
</span><del>- jumpToExceptionHandler();
</del><ins>+ jumpToExceptionHandler(*vm());
</ins><span class="cx"> isCatchableException.link(this);
</span><span class="cx">
</span><span class="cx"> move(TrustedImmPtr(m_vm), regT3);
</span><span class="lines">@@ -640,7 +640,7 @@
</span><span class="cx"> Jump wasNotMasqueradesAsUndefined = jump();
</span><span class="cx">
</span><span class="cx"> isMasqueradesAsUndefined.link(this);
</span><del>- emitLoadStructure(regT0, regT2, regT1);
</del><ins>+ emitLoadStructure(*vm(), regT0, regT2, regT1);
</ins><span class="cx"> move(TrustedImmPtr(m_codeBlock->globalObject()), regT0);
</span><span class="cx"> loadPtr(Address(regT2, Structure::globalObjectOffset()), regT2);
</span><span class="cx"> comparePtr(Equal, regT0, regT2, regT0);
</span><span class="lines">@@ -672,7 +672,7 @@
</span><span class="cx"> Jump wasNotMasqueradesAsUndefined = jump();
</span><span class="cx">
</span><span class="cx"> isMasqueradesAsUndefined.link(this);
</span><del>- emitLoadStructure(regT0, regT2, regT1);
</del><ins>+ emitLoadStructure(*vm(), regT0, regT2, regT1);
</ins><span class="cx"> move(TrustedImmPtr(m_codeBlock->globalObject()), regT0);
</span><span class="cx"> loadPtr(Address(regT2, Structure::globalObjectOffset()), regT2);
</span><span class="cx"> comparePtr(NotEqual, regT0, regT2, regT0);
</span><span class="lines">@@ -918,7 +918,7 @@
</span><span class="cx"> if (canBeOptimized()) {
</span><span class="cx"> linkSlowCase(iter);
</span><span class="cx">
</span><del>- copyCalleeSavesFromFrameOrRegisterToVMEntryFrameCalleeSavesBuffer();
</del><ins>+ copyCalleeSavesFromFrameOrRegisterToVMEntryFrameCalleeSavesBuffer(*vm());
</ins><span class="cx">
</span><span class="cx"> callOperation(operationOptimize, m_bytecodeOffset);
</span><span class="cx"> Jump noOptimizedEntry = branchTestPtr(Zero, returnValueGPR);
</span><span class="lines">@@ -1367,7 +1367,7 @@
</span><span class="cx"> GPRReg shadowPacketReg = regT0;
</span><span class="cx"> GPRReg scratch1Reg = nonArgGPR0; // This must be a non-argument register.
</span><span class="cx"> GPRReg scratch2Reg = regT2;
</span><del>- ensureShadowChickenPacket(shadowPacketReg, scratch1Reg, scratch2Reg);
</del><ins>+ ensureShadowChickenPacket(*vm(), shadowPacketReg, scratch1Reg, scratch2Reg);
</ins><span class="cx"> emitGetVirtualRegister(currentInstruction[1].u.operand, regT3);
</span><span class="cx"> logShadowChickenProloguePacket(shadowPacketReg, scratch1Reg, regT3);
</span><span class="cx"> }
</span><span class="lines">@@ -1379,7 +1379,7 @@
</span><span class="cx"> GPRReg shadowPacketReg = regT0;
</span><span class="cx"> GPRReg scratch1Reg = nonArgGPR0; // This must be a non-argument register.
</span><span class="cx"> GPRReg scratch2Reg = regT2;
</span><del>- ensureShadowChickenPacket(shadowPacketReg, scratch1Reg, scratch2Reg);
</del><ins>+ ensureShadowChickenPacket(*vm(), shadowPacketReg, scratch1Reg, scratch2Reg);
</ins><span class="cx"> emitGetVirtualRegister(currentInstruction[1].u.operand, regT2);
</span><span class="cx"> emitGetVirtualRegister(currentInstruction[2].u.operand, regT3);
</span><span class="cx"> logShadowChickenTailPacket(shadowPacketReg, JSValueRegs(regT2), regT3, m_codeBlock, CallSiteIndex(m_bytecodeOffset));
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITOpcodes32_64cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -55,7 +55,7 @@
</span><span class="cx">
</span><span class="cx"> emitFunctionPrologue();
</span><span class="cx"> emitPutToCallFrameHeader(0, CallFrameSlot::codeBlock);
</span><del>- storePtr(callFrameRegister, &m_vm->topCallFrame);
</del><ins>+ storePtr(callFrameRegister, &vm->topCallFrame);
</ins><span class="cx">
</span><span class="cx"> #if CPU(X86)
</span><span class="cx"> // Calling convention: f(ecx, edx, ...);
</span><span class="lines">@@ -107,7 +107,7 @@
</span><span class="cx"> // Handle an exception
</span><span class="cx"> sawException.link(this);
</span><span class="cx">
</span><del>- storePtr(callFrameRegister, &m_vm->topCallFrame);
</del><ins>+ storePtr(callFrameRegister, &vm->topCallFrame);
</ins><span class="cx">
</span><span class="cx"> #if CPU(X86)
</span><span class="cx"> addPtr(TrustedImm32(-4), stackPointerRegister);
</span><span class="lines">@@ -123,10 +123,10 @@
</span><span class="cx"> addPtr(TrustedImm32(8), stackPointerRegister);
</span><span class="cx"> #endif
</span><span class="cx">
</span><del>- jumpToExceptionHandler();
</del><ins>+ jumpToExceptionHandler(*vm);
</ins><span class="cx">
</span><span class="cx"> // All trampolines constructed! copy the code, link up calls, and set the pointers on the Machine object.
</span><del>- LinkBuffer patchBuffer(*m_vm, *this, GLOBAL_THUNK_ID);
</del><ins>+ LinkBuffer patchBuffer(*vm, *this, GLOBAL_THUNK_ID);
</ins><span class="cx">
</span><span class="cx"> patchBuffer.link(nativeCall, FunctionPtr(func));
</span><span class="cx"> return FINALIZE_CODE(patchBuffer, ("JIT CTI native call"));
</span><span class="lines">@@ -463,7 +463,7 @@
</span><span class="cx"> GPRReg scratch = regT2;
</span><span class="cx"> GPRReg result = regT3;
</span><span class="cx"> bool shouldCheckMasqueradesAsUndefined = true;
</span><del>- emitConvertValueToBoolean(value, result, scratch, fpRegT0, fpRegT1, shouldCheckMasqueradesAsUndefined, m_codeBlock->globalObject());
</del><ins>+ emitConvertValueToBoolean(*vm(), value, result, scratch, fpRegT0, fpRegT1, shouldCheckMasqueradesAsUndefined, m_codeBlock->globalObject());
</ins><span class="cx">
</span><span class="cx"> addJump(branchTest32(Zero, result), target);
</span><span class="cx"> }
</span><span class="lines">@@ -478,7 +478,7 @@
</span><span class="cx"> JSValueRegs value(regT1, regT0);
</span><span class="cx"> GPRReg scratch = regT2;
</span><span class="cx"> GPRReg result = regT3;
</span><del>- emitConvertValueToBoolean(value, result, scratch, fpRegT0, fpRegT1, shouldCheckMasqueradesAsUndefined, m_codeBlock->globalObject());
</del><ins>+ emitConvertValueToBoolean(*vm(), value, result, scratch, fpRegT0, fpRegT1, shouldCheckMasqueradesAsUndefined, m_codeBlock->globalObject());
</ins><span class="cx">
</span><span class="cx"> addJump(branchTest32(NonZero, result), target);
</span><span class="cx"> }
</span><span class="lines">@@ -760,10 +760,10 @@
</span><span class="cx"> void JIT::emit_op_throw(Instruction* currentInstruction)
</span><span class="cx"> {
</span><span class="cx"> ASSERT(regT0 == returnValueGPR);
</span><del>- copyCalleeSavesToVMEntryFrameCalleeSavesBuffer();
</del><ins>+ copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(*vm());
</ins><span class="cx"> emitLoad(currentInstruction[1].u.operand, regT1, regT0);
</span><span class="cx"> callOperationNoExceptionCheck(operationThrow, regT1, regT0);
</span><del>- jumpToExceptionHandler();
</del><ins>+ jumpToExceptionHandler(*vm());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void JIT::emit_op_push_with_scope(Instruction* currentInstruction)
</span><span class="lines">@@ -821,7 +821,7 @@
</span><span class="cx">
</span><span class="cx"> void JIT::emit_op_catch(Instruction* currentInstruction)
</span><span class="cx"> {
</span><del>- restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer();
</del><ins>+ restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer(*vm());
</ins><span class="cx">
</span><span class="cx"> move(TrustedImmPtr(m_vm), regT3);
</span><span class="cx"> // operationThrow returns the callFrame for the handler.
</span><span class="lines">@@ -832,7 +832,7 @@
</span><span class="cx">
</span><span class="cx"> callOperationNoExceptionCheck(operationCheckIfExceptionIsUncatchableAndNotifyProfiler);
</span><span class="cx"> Jump isCatchableException = branchTest32(Zero, returnValueGPR);
</span><del>- jumpToExceptionHandler();
</del><ins>+ jumpToExceptionHandler(*vm());
</ins><span class="cx"> isCatchableException.link(this);
</span><span class="cx">
</span><span class="cx"> move(TrustedImmPtr(m_vm), regT3);
</span><span class="lines">@@ -1314,7 +1314,7 @@
</span><span class="cx"> GPRReg shadowPacketReg = regT0;
</span><span class="cx"> GPRReg scratch1Reg = nonArgGPR0; // This must be a non-argument register.
</span><span class="cx"> GPRReg scratch2Reg = regT2;
</span><del>- ensureShadowChickenPacket(shadowPacketReg, scratch1Reg, scratch2Reg);
</del><ins>+ ensureShadowChickenPacket(*vm(), shadowPacketReg, scratch1Reg, scratch2Reg);
</ins><span class="cx">
</span><span class="cx"> scratch1Reg = regT4;
</span><span class="cx"> emitLoadPayload(currentInstruction[1].u.operand, regT3);
</span><span class="lines">@@ -1328,7 +1328,7 @@
</span><span class="cx"> GPRReg shadowPacketReg = regT0;
</span><span class="cx"> GPRReg scratch1Reg = nonArgGPR0; // This must be a non-argument register.
</span><span class="cx"> GPRReg scratch2Reg = regT2;
</span><del>- ensureShadowChickenPacket(shadowPacketReg, scratch1Reg, scratch2Reg);
</del><ins>+ ensureShadowChickenPacket(*vm(), shadowPacketReg, scratch1Reg, scratch2Reg);
</ins><span class="cx">
</span><span class="cx"> emitLoadPayload(currentInstruction[1].u.operand, regT2);
</span><span class="cx"> emitLoadTag(currentInstruction[1].u.operand, regT1);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITPropertyAccesscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITPropertyAccess.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITPropertyAccess.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/jit/JITPropertyAccess.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -1217,7 +1217,7 @@
</span><span class="cx"> if (mode == ShouldFilterBaseAndValue || mode == ShouldFilterBase)
</span><span class="cx"> ownerNotCell = branchTest64(NonZero, regT0, tagMaskRegister);
</span><span class="cx">
</span><del>- Jump ownerIsRememberedOrInEden = barrierBranch(regT0, regT1);
</del><ins>+ Jump ownerIsRememberedOrInEden = barrierBranch(*vm(), regT0, regT1);
</ins><span class="cx"> callOperation(operationWriteBarrierSlowPath, regT0);
</span><span class="cx"> ownerIsRememberedOrInEden.link(this);
</span><span class="cx">
</span><span class="lines">@@ -1255,7 +1255,7 @@
</span><span class="cx"> if (mode == ShouldFilterBase || mode == ShouldFilterBaseAndValue)
</span><span class="cx"> ownerNotCell = branch32(NotEqual, regT0, TrustedImm32(JSValue::CellTag));
</span><span class="cx">
</span><del>- Jump ownerIsRememberedOrInEden = barrierBranch(regT1, regT2);
</del><ins>+ Jump ownerIsRememberedOrInEden = barrierBranch(*vm(), regT1, regT2);
</ins><span class="cx"> callOperation(operationWriteBarrierSlowPath, regT1);
</span><span class="cx"> ownerIsRememberedOrInEden.link(this);
</span><span class="cx">
</span><span class="lines">@@ -1283,7 +1283,7 @@
</span><span class="cx">
</span><span class="cx"> void JIT::emitWriteBarrier(JSCell* owner)
</span><span class="cx"> {
</span><del>- Jump ownerIsRememberedOrInEden = barrierBranch(owner, regT0);
</del><ins>+ Jump ownerIsRememberedOrInEden = barrierBranch(*vm(), owner, regT0);
</ins><span class="cx"> callOperation(operationWriteBarrierSlowPath, owner);
</span><span class="cx"> ownerIsRememberedOrInEden.link(this);
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJSInterfaceJITh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JSInterfaceJIT.h (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JSInterfaceJIT.h 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/jit/JSInterfaceJIT.h 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -41,7 +41,8 @@
</span><span class="cx"> class JSInterfaceJIT : public CCallHelpers, public GPRInfo, public FPRInfo {
</span><span class="cx"> public:
</span><span class="cx"> JSInterfaceJIT(VM* vm, CodeBlock* codeBlock = 0)
</span><del>- : CCallHelpers(vm, codeBlock)
</del><ins>+ : CCallHelpers(codeBlock)
+ , m_vm(vm)
</ins><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -77,6 +78,10 @@
</span><span class="cx"> inline Address intPayloadFor(int index, RegisterID base = callFrameRegister);
</span><span class="cx"> inline Address intTagFor(int index, RegisterID base = callFrameRegister);
</span><span class="cx"> inline Address addressFor(int index, RegisterID base = callFrameRegister);
</span><ins>+
+ VM* vm() const { return m_vm; }
+
+ VM* m_vm;
</ins><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> struct ThunkHelpers {
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitRepatchcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/Repatch.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/Repatch.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/jit/Repatch.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -177,7 +177,7 @@
</span><span class="cx"> && slot.slotBase() == baseValue
</span><span class="cx"> && InlineAccess::isCacheableArrayLength(stubInfo, jsCast<JSArray*>(baseValue))) {
</span><span class="cx">
</span><del>- bool generatedCodeInline = InlineAccess::generateArrayLength(*codeBlock->vm(), stubInfo, jsCast<JSArray*>(baseValue));
</del><ins>+ bool generatedCodeInline = InlineAccess::generateArrayLength(stubInfo, jsCast<JSArray*>(baseValue));
</ins><span class="cx"> if (generatedCodeInline) {
</span><span class="cx"> ftlThunkAwareRepatchCall(codeBlock, stubInfo.slowPathCallLocation(), appropriateOptimizingGetByIdFunction(kind));
</span><span class="cx"> stubInfo.initArrayLength();
</span><span class="lines">@@ -233,7 +233,7 @@
</span><span class="cx"> && !structure->needImpurePropertyWatchpoint()
</span><span class="cx"> && !loadTargetFromProxy) {
</span><span class="cx">
</span><del>- bool generatedCodeInline = InlineAccess::generateSelfPropertyAccess(*codeBlock->vm(), stubInfo, structure, slot.cachedOffset());
</del><ins>+ bool generatedCodeInline = InlineAccess::generateSelfPropertyAccess(stubInfo, structure, slot.cachedOffset());
</ins><span class="cx"> if (generatedCodeInline) {
</span><span class="cx"> LOG_IC((ICEvent::GetByIdSelfPatch, structure->classInfo(), propertyName));
</span><span class="cx"> structure->startWatchingPropertyForReplacements(vm, slot.cachedOffset());
</span><span class="lines">@@ -329,7 +329,7 @@
</span><span class="cx"> LOG_IC((ICEvent::GetByIdReplaceWithJump, baseValue.classInfoOrNull(vm), propertyName));
</span><span class="cx">
</span><span class="cx"> RELEASE_ASSERT(result.code());
</span><del>- InlineAccess::rewireStubAsJump(exec->vm(), stubInfo, CodeLocationLabel(result.code()));
</del><ins>+ InlineAccess::rewireStubAsJump(stubInfo, CodeLocationLabel(result.code()));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> return result.shouldGiveUpNow() ? GiveUpOnCache : RetryCacheLater;
</span><span class="lines">@@ -396,7 +396,7 @@
</span><span class="cx"> && !structure->needImpurePropertyWatchpoint()
</span><span class="cx"> && !structure->inferredTypeFor(ident.impl())) {
</span><span class="cx">
</span><del>- bool generatedCodeInline = InlineAccess::generateSelfPropertyReplace(vm, stubInfo, structure, slot.cachedOffset());
</del><ins>+ bool generatedCodeInline = InlineAccess::generateSelfPropertyReplace(stubInfo, structure, slot.cachedOffset());
</ins><span class="cx"> if (generatedCodeInline) {
</span><span class="cx"> LOG_IC((ICEvent::PutByIdSelfPatch, structure->classInfo(), ident));
</span><span class="cx"> ftlThunkAwareRepatchCall(codeBlock, stubInfo.slowPathCallLocation(), appropriateOptimizingPutByIdFunction(slot, putKind));
</span><span class="lines">@@ -483,7 +483,7 @@
</span><span class="cx">
</span><span class="cx"> RELEASE_ASSERT(result.code());
</span><span class="cx">
</span><del>- InlineAccess::rewireStubAsJump(vm, stubInfo, CodeLocationLabel(result.code()));
</del><ins>+ InlineAccess::rewireStubAsJump(stubInfo, CodeLocationLabel(result.code()));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> return result.shouldGiveUpNow() ? GiveUpOnCache : RetryCacheLater;
</span><span class="lines">@@ -785,7 +785,7 @@
</span><span class="cx">
</span><span class="cx"> GPRReg calleeGPR = static_cast<GPRReg>(callLinkInfo.calleeGPR());
</span><span class="cx">
</span><del>- CCallHelpers stubJit(&vm, callerCodeBlock);
</del><ins>+ CCallHelpers stubJit(callerCodeBlock);
</ins><span class="cx">
</span><span class="cx"> CCallHelpers::JumpList slowPath;
</span><span class="cx">
</span><span class="lines">@@ -981,7 +981,7 @@
</span><span class="cx"> void resetGetByID(CodeBlock* codeBlock, StructureStubInfo& stubInfo, GetByIDKind kind)
</span><span class="cx"> {
</span><span class="cx"> ftlThunkAwareRepatchCall(codeBlock, stubInfo.slowPathCallLocation(), appropriateOptimizingGetByIdFunction(kind));
</span><del>- InlineAccess::rewireStubAsJump(*codeBlock->vm(), stubInfo, stubInfo.slowPathStartLocation());
</del><ins>+ InlineAccess::rewireStubAsJump(stubInfo, stubInfo.slowPathStartLocation());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void resetPutByID(CodeBlock* codeBlock, StructureStubInfo& stubInfo)
</span><span class="lines">@@ -1000,7 +1000,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> ftlThunkAwareRepatchCall(codeBlock, stubInfo.slowPathCallLocation(), optimizedFunction);
</span><del>- InlineAccess::rewireStubAsJump(*codeBlock->vm(), stubInfo, stubInfo.slowPathStartLocation());
</del><ins>+ InlineAccess::rewireStubAsJump(stubInfo, stubInfo.slowPathStartLocation());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void resetIn(CodeBlock*, StructureStubInfo& stubInfo)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitSetupVarargsFramecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/SetupVarargsFrame.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/SetupVarargsFrame.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/jit/SetupVarargsFrame.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -60,7 +60,7 @@
</span><span class="cx"> jit.addPtr(GPRInfo::callFrameRegister, resultGPR);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-static void emitSetupVarargsFrameFastCase(CCallHelpers& jit, GPRReg numUsedSlotsGPR, GPRReg scratchGPR1, GPRReg scratchGPR2, GPRReg scratchGPR3, ValueRecovery argCountRecovery, VirtualRegister firstArgumentReg, unsigned firstVarArgOffset, CCallHelpers::JumpList& slowCase)
</del><ins>+static void emitSetupVarargsFrameFastCase(VM& vm, CCallHelpers& jit, GPRReg numUsedSlotsGPR, GPRReg scratchGPR1, GPRReg scratchGPR2, GPRReg scratchGPR3, ValueRecovery argCountRecovery, VirtualRegister firstArgumentReg, unsigned firstVarArgOffset, CCallHelpers::JumpList& slowCase)
</ins><span class="cx"> {
</span><span class="cx"> CCallHelpers::JumpList end;
</span><span class="cx">
</span><span class="lines">@@ -82,7 +82,7 @@
</span><span class="cx">
</span><span class="cx"> emitSetVarargsFrame(jit, scratchGPR1, true, numUsedSlotsGPR, scratchGPR2);
</span><span class="cx">
</span><del>- slowCase.append(jit.branchPtr(CCallHelpers::Above, CCallHelpers::AbsoluteAddress(jit.vm()->addressOfSoftStackLimit()), scratchGPR2));
</del><ins>+ slowCase.append(jit.branchPtr(CCallHelpers::Above, CCallHelpers::AbsoluteAddress(vm.addressOfSoftStackLimit()), scratchGPR2));
</ins><span class="cx">
</span><span class="cx"> // Before touching stack values, we should update the stack pointer to protect them from signal stack.
</span><span class="cx"> jit.addPtr(CCallHelpers::TrustedImm32(sizeof(CallerFrameAndPC)), scratchGPR2, CCallHelpers::stackPointerRegister);
</span><span class="lines">@@ -111,7 +111,7 @@
</span><span class="cx"> done.link(&jit);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void emitSetupVarargsFrameFastCase(CCallHelpers& jit, GPRReg numUsedSlotsGPR, GPRReg scratchGPR1, GPRReg scratchGPR2, GPRReg scratchGPR3, InlineCallFrame* inlineCallFrame, unsigned firstVarArgOffset, CCallHelpers::JumpList& slowCase)
</del><ins>+void emitSetupVarargsFrameFastCase(VM& vm, CCallHelpers& jit, GPRReg numUsedSlotsGPR, GPRReg scratchGPR1, GPRReg scratchGPR2, GPRReg scratchGPR3, InlineCallFrame* inlineCallFrame, unsigned firstVarArgOffset, CCallHelpers::JumpList& slowCase)
</ins><span class="cx"> {
</span><span class="cx"> ValueRecovery argumentCountRecovery;
</span><span class="cx"> VirtualRegister firstArgumentReg;
</span><span class="lines">@@ -132,7 +132,7 @@
</span><span class="cx"> VirtualRegister(CallFrameSlot::argumentCount), DataFormatInt32);
</span><span class="cx"> firstArgumentReg = VirtualRegister(CallFrame::argumentOffset(0));
</span><span class="cx"> }
</span><del>- emitSetupVarargsFrameFastCase(jit, numUsedSlotsGPR, scratchGPR1, scratchGPR2, scratchGPR3, argumentCountRecovery, firstArgumentReg, firstVarArgOffset, slowCase);
</del><ins>+ emitSetupVarargsFrameFastCase(vm, jit, numUsedSlotsGPR, scratchGPR1, scratchGPR2, scratchGPR3, argumentCountRecovery, firstArgumentReg, firstVarArgOffset, slowCase);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> } // namespace JSC
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitSetupVarargsFrameh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/SetupVarargsFrame.h (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/SetupVarargsFrame.h 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/jit/SetupVarargsFrame.h 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -36,7 +36,7 @@
</span><span class="cx">
</span><span class="cx"> // Assumes that SP refers to the last in-use stack location, and after this returns SP will point to
</span><span class="cx"> // the newly created frame plus the native header. scratchGPR2 may be the same as numUsedSlotsGPR.
</span><del>-void emitSetupVarargsFrameFastCase(CCallHelpers&, GPRReg numUsedSlotsGPR, GPRReg scratchGPR1, GPRReg scratchGPR2, GPRReg scratchGPR3, InlineCallFrame*, unsigned firstVarArgOffset, CCallHelpers::JumpList& slowCase);
</del><ins>+void emitSetupVarargsFrameFastCase(VM&, CCallHelpers&, GPRReg numUsedSlotsGPR, GPRReg scratchGPR1, GPRReg scratchGPR2, GPRReg scratchGPR3, InlineCallFrame*, unsigned firstVarArgOffset, CCallHelpers::JumpList& slowCase);
</ins><span class="cx">
</span><span class="cx"> } // namespace JSC
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitSpecializedThunkJITh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/SpecializedThunkJIT.h (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/SpecializedThunkJIT.h 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/jit/SpecializedThunkJIT.h 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -76,7 +76,7 @@
</span><span class="cx"> void loadArgumentWithSpecificClass(const ClassInfo* classInfo, int argument, RegisterID dst, RegisterID scratch)
</span><span class="cx"> {
</span><span class="cx"> loadCellArgument(argument, dst);
</span><del>- emitLoadStructure(dst, scratch, dst);
</del><ins>+ emitLoadStructure(*vm(), dst, scratch, dst);
</ins><span class="cx"> appendFailure(branchPtr(NotEqual, Address(scratch, Structure::classInfoOffset()), TrustedImmPtr(classInfo)));
</span><span class="cx"> // We have to reload the argument since emitLoadStructure clobbered it.
</span><span class="cx"> loadCellArgument(argument, dst);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitThunkGeneratorscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/ThunkGenerators.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/ThunkGenerators.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/jit/ThunkGenerators.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -63,19 +63,19 @@
</span><span class="cx"> // linking helper (C++ code) decides to throw an exception instead.
</span><span class="cx"> MacroAssemblerCodeRef throwExceptionFromCallSlowPathGenerator(VM* vm)
</span><span class="cx"> {
</span><del>- CCallHelpers jit(vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx">
</span><span class="cx"> // The call pushed a return address, so we need to pop it back off to re-align the stack,
</span><span class="cx"> // even though we won't use it.
</span><span class="cx"> jit.preserveReturnAddressAfterCall(GPRInfo::nonPreservedNonReturnGPR);
</span><span class="cx">
</span><del>- jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer();
</del><ins>+ jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(*vm);
</ins><span class="cx">
</span><span class="cx"> jit.setupArguments(CCallHelpers::TrustedImmPtr(vm), GPRInfo::callFrameRegister);
</span><span class="cx"> jit.move(CCallHelpers::TrustedImmPtr(bitwise_cast<void*>(lookupExceptionHandler)), GPRInfo::nonArgGPR0);
</span><span class="cx"> emitPointerValidation(jit, GPRInfo::nonArgGPR0);
</span><span class="cx"> jit.call(GPRInfo::nonArgGPR0);
</span><del>- jit.jumpToExceptionHandler();
</del><ins>+ jit.jumpToExceptionHandler(*vm);
</ins><span class="cx">
</span><span class="cx"> LinkBuffer patchBuffer(*vm, jit, GLOBAL_THUNK_ID);
</span><span class="cx"> return FINALIZE_CODE(patchBuffer, ("Throw exception from call slow path thunk"));
</span><span class="lines">@@ -138,7 +138,7 @@
</span><span class="cx"> // to perform linking and lazy compilation if necessary. We expect the callee
</span><span class="cx"> // to be in regT0/regT1 (payload/tag), the CallFrame to have already
</span><span class="cx"> // been adjusted, and all other registers to be available for use.
</span><del>- CCallHelpers jit(vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx">
</span><span class="cx"> slowPathFor(jit, vm, operationLinkCall);
</span><span class="cx">
</span><span class="lines">@@ -150,7 +150,7 @@
</span><span class="cx"> // object construction then you're going to lose big time anyway.
</span><span class="cx"> MacroAssemblerCodeRef linkPolymorphicCallThunkGenerator(VM* vm)
</span><span class="cx"> {
</span><del>- CCallHelpers jit(vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx">
</span><span class="cx"> slowPathFor(jit, vm, operationLinkPolymorphicCall);
</span><span class="cx">
</span><span class="lines">@@ -169,7 +169,7 @@
</span><span class="cx"> // jump to the callee, or save the return address to the call frame while we
</span><span class="cx"> // make a C++ function call to the appropriate JIT operation.
</span><span class="cx">
</span><del>- CCallHelpers jit(vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx">
</span><span class="cx"> CCallHelpers::JumpList slowCase;
</span><span class="cx">
</span><span class="lines">@@ -358,7 +358,7 @@
</span><span class="cx"> // Handle an exception
</span><span class="cx"> exceptionHandler.link(&jit);
</span><span class="cx">
</span><del>- jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer();
</del><ins>+ jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(*vm);
</ins><span class="cx"> jit.storePtr(JSInterfaceJIT::callFrameRegister, &vm->topCallFrame);
</span><span class="cx">
</span><span class="cx"> #if CPU(X86) && USE(JSVALUE32_64)
</span><span class="lines">@@ -380,7 +380,7 @@
</span><span class="cx"> jit.addPtr(JSInterfaceJIT::TrustedImm32(4 * sizeof(int64_t)), JSInterfaceJIT::stackPointerRegister);
</span><span class="cx"> #endif
</span><span class="cx">
</span><del>- jit.jumpToExceptionHandler();
</del><ins>+ jit.jumpToExceptionHandler(*vm);
</ins><span class="cx">
</span><span class="cx"> LinkBuffer patchBuffer(*vm, jit, GLOBAL_THUNK_ID);
</span><span class="cx"> return FINALIZE_CODE(patchBuffer, ("native %s%s trampoline", entryType == EnterViaJumpWithSavedTags ? "Tail With Saved Tags " : entryType == EnterViaJumpWithoutSavedTags ? "Tail Without Saved Tags " : "", toCString(kind).data()));
</span><span class="lines">@@ -1033,7 +1033,7 @@
</span><span class="cx"> return MacroAssemblerCodeRef::createSelfManagedCodeRef(vm->jitStubs->ctiNativeCall(vm));
</span><span class="cx">
</span><span class="cx"> #if USE(JSVALUE64)
</span><del>- jit.emitRandomThunk(SpecializedThunkJIT::regT0, SpecializedThunkJIT::regT1, SpecializedThunkJIT::regT2, SpecializedThunkJIT::regT3, SpecializedThunkJIT::fpRegT0);
</del><ins>+ jit.emitRandomThunk(*vm, SpecializedThunkJIT::regT0, SpecializedThunkJIT::regT1, SpecializedThunkJIT::regT2, SpecializedThunkJIT::regT3, SpecializedThunkJIT::fpRegT0);
</ins><span class="cx"> jit.returnDouble(SpecializedThunkJIT::fpRegT0);
</span><span class="cx">
</span><span class="cx"> return jit.finalize(vm->jitStubs->ctiNativeTailCall(vm), "random");
</span><span class="lines">@@ -1044,7 +1044,7 @@
</span><span class="cx">
</span><span class="cx"> MacroAssemblerCodeRef boundThisNoArgsFunctionCallGenerator(VM* vm)
</span><span class="cx"> {
</span><del>- CCallHelpers jit(vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx">
</span><span class="cx"> jit.emitFunctionPrologue();
</span><span class="cx">
</span><span class="lines">@@ -1136,7 +1136,7 @@
</span><span class="cx"> #if ENABLE(WEBASSEMBLY)
</span><span class="cx"> MacroAssemblerCodeRef throwExceptionFromWasmThunkGenerator(VM* vm)
</span><span class="cx"> {
</span><del>- CCallHelpers jit(vm);
</del><ins>+ CCallHelpers jit;
</ins><span class="cx">
</span><span class="cx"> // The thing that jumps here must move ExceptionType into the argumentGPR1 and jump here.
</span><span class="cx"> // We're allowed to use temp registers here, but not callee saves.
</span><span class="lines">@@ -1143,13 +1143,13 @@
</span><span class="cx"> {
</span><span class="cx"> RegisterSet usedRegisters = RegisterSet::stubUnavailableRegisters();
</span><span class="cx"> usedRegisters.set(GPRInfo::argumentGPR1);
</span><del>- jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(usedRegisters);
</del><ins>+ jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(*vm, usedRegisters);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> jit.move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
</span><span class="cx"> jit.loadWasmContext(GPRInfo::argumentGPR2);
</span><span class="cx"> CCallHelpers::Call call = jit.call();
</span><del>- jit.jumpToExceptionHandler();
</del><ins>+ jit.jumpToExceptionHandler(*vm);
</ins><span class="cx">
</span><span class="cx"> void (*throwWasmException)(ExecState*, Wasm::ExceptionType, JSWebAssemblyInstance*) = [] (ExecState* exec, Wasm::ExceptionType type, JSWebAssemblyInstance* wasmContext) {
</span><span class="cx"> VM* vm = &exec->vm();
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorewasmWasmB3IRGeneratorcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -1282,8 +1282,8 @@
</span><span class="cx"> {
</span><span class="cx"> auto result = std::make_unique<WasmInternalFunction>();
</span><span class="cx">
</span><del>- compilationContext.jsEntrypointJIT = std::make_unique<CCallHelpers>(&vm);
- compilationContext.wasmEntrypointJIT = std::make_unique<CCallHelpers>(&vm);
</del><ins>+ compilationContext.jsEntrypointJIT = std::make_unique<CCallHelpers>();
+ compilationContext.wasmEntrypointJIT = std::make_unique<CCallHelpers>();
</ins><span class="cx">
</span><span class="cx"> Procedure procedure;
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorewasmWasmBindingcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/wasm/WasmBinding.cpp (214530 => 214531)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/wasm/WasmBinding.cpp 2017-03-29 06:07:26 UTC (rev 214530)
+++ trunk/Source/JavaScriptCore/wasm/WasmBinding.cpp 2017-03-29 06:15:23 UTC (rev 214531)
</span><span class="lines">@@ -40,7 +40,7 @@
</span><span class="cx">
</span><span class="cx"> namespace JSC { namespace Wasm {
</span><span class="cx">
</span><del>-typedef CCallHelpers JIT;
</del><ins>+using JIT = CCallHelpers;
</ins><span class="cx">
</span><span class="cx"> static void materializeImportJSCell(JIT& jit, unsigned importIndex, GPRReg result)
</span><span class="cx"> {
</span><span class="lines">@@ -57,7 +57,7 @@
</span><span class="cx"> const JSCCallingConvention& jsCC = jscCallingConvention();
</span><span class="cx"> const Signature* signature = SignatureInformation::get(vm, signatureIndex);
</span><span class="cx"> unsigned argCount = signature->argumentCount();
</span><del>- JIT jit(vm, nullptr);
</del><ins>+ JIT jit;
</ins><span class="cx">
</span><span class="cx"> // Below, we assume that the JS calling convention is always on the stack.
</span><span class="cx"> ASSERT(!jsCC.m_gprArgs.size());
</span><span class="lines">@@ -88,7 +88,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (hasBadI64Use) {
</span><del>- jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer();
</del><ins>+ jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(*vm);
</ins><span class="cx"> jit.move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
</span><span class="cx"> jit.loadWasmContext(GPRInfo::argumentGPR1);
</span><span class="cx">
</span><span class="lines">@@ -97,7 +97,7 @@
</span><span class="cx"> jit.storePtr(GPRInfo::argumentGPR2, JIT::Address(GPRInfo::callFrameRegister, CallFrameSlot::callee * static_cast<int>(sizeof(Register))));
</span><span class="cx">
</span><span class="cx"> auto call = jit.call();
</span><del>- jit.jumpToExceptionHandler();
</del><ins>+ jit.jumpToExceptionHandler(*vm);
</ins><span class="cx">
</span><span class="cx"> void (*throwBadI64)(ExecState*, JSWebAssemblyInstance*) = [] (ExecState* exec, JSWebAssemblyInstance* wasmContext) -> void {
</span><span class="cx"> VM* vm = &exec->vm();
</span><span class="lines">@@ -309,7 +309,7 @@
</span><span class="cx"> slowPath.link(&jit);
</span><span class="cx"> jit.setupArgumentsWithExecState(GPRInfo::returnValueGPR);
</span><span class="cx"> auto call = jit.call();
</span><del>- exceptionChecks.append(jit.emitJumpIfException());
</del><ins>+ exceptionChecks.append(jit.emitJumpIfException(*vm));
</ins><span class="cx">
</span><span class="cx"> int32_t (*convertToI32)(ExecState*, JSValue) = [] (ExecState* exec, JSValue v) -> int32_t {
</span><span class="cx"> VM* vm = &exec->vm();
</span><span class="lines">@@ -342,7 +342,7 @@
</span><span class="cx"> notANumber.link(&jit);
</span><span class="cx"> jit.setupArgumentsWithExecState(GPRInfo::returnValueGPR);
</span><span class="cx"> auto call = jit.call();
</span><del>- exceptionChecks.append(jit.emitJumpIfException());
</del><ins>+ exceptionChecks.append(jit.emitJumpIfException(*vm));
</ins><span class="cx">
</span><span class="cx"> float (*convertToF32)(ExecState*, JSValue) = [] (ExecState* exec, JSValue v) -> float {
</span><span class="cx"> VM* vm = &exec->vm();
</span><span class="lines">@@ -374,7 +374,7 @@
</span><span class="cx"> notANumber.link(&jit);
</span><span class="cx"> jit.setupArgumentsWithExecState(GPRInfo::returnValueGPR);
</span><span class="cx"> auto call = jit.call();
</span><del>- exceptionChecks.append(jit.emitJumpIfException());
</del><ins>+ exceptionChecks.append(jit.emitJumpIfException(*vm));
</ins><span class="cx">
</span><span class="cx"> double (*convertToF64)(ExecState*, JSValue) = [] (ExecState* exec, JSValue v) -> double {
</span><span class="cx"> VM* vm = &exec->vm();
</span><span class="lines">@@ -395,10 +395,10 @@
</span><span class="cx">
</span><span class="cx"> if (!exceptionChecks.empty()) {
</span><span class="cx"> exceptionChecks.link(&jit);
</span><del>- jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer();
</del><ins>+ jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(*vm);
</ins><span class="cx"> jit.move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
</span><span class="cx"> auto call = jit.call();
</span><del>- jit.jumpToExceptionHandler();
</del><ins>+ jit.jumpToExceptionHandler(*vm);
</ins><span class="cx">
</span><span class="cx"> void (*doUnwinding)(ExecState*) = [] (ExecState* exec) -> void {
</span><span class="cx"> VM* vm = &exec->vm();
</span><span class="lines">@@ -429,7 +429,7 @@
</span><span class="cx"> static MacroAssemblerCodeRef wasmToWasm(VM* vm, unsigned importIndex)
</span><span class="cx"> {
</span><span class="cx"> const PinnedRegisterInfo& pinnedRegs = PinnedRegisterInfo::get();
</span><del>- JIT jit(vm, nullptr);
</del><ins>+ JIT jit;
</ins><span class="cx">
</span><span class="cx"> GPRReg scratch = GPRInfo::nonPreservedNonArgumentGPR;
</span><span class="cx">
</span></span></pre>
</div>
</div>
</body>
</html>