<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[214645] trunk/Source/JavaScriptCore</title>
</head>
<body>

<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }
#msg dl a { font-weight: bold}
#msg dl a:link    { color:#fc3; }
#msg dl a:active  { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/214645">214645</a></dd>
<dt>Author</dt> <dd>sbarati@apple.com</dd>
<dt>Date</dt> <dd>2017-03-30 18:15:25 -0700 (Thu, 30 Mar 2017)</dd>
</dl>

<h3>Log Message</h3>
<pre>WebAssembly: When Wasm calls to C, it should use Wasm::Context* instead of ExecState* to get VM
https://bugs.webkit.org/show_bug.cgi?id=170185

Reviewed by Michael Saboff.

This is one more step in the direction of PIC-ified Wasm.
When we lift WasmCallee above VM, we will no longer be
able to get VM from ExecState*. This patch ensures that
we don't do that from within the Wasm runtime. Instead,
we use the Wasm::Context* to get the VM.

This patch also adds a new class, Wasm::Thunks. There
is a single Wasm::Thunks that lives in the process. It
is responsible for generating a thunk that Wasm relies on.
The only such thunk right now is the exception throwing
thunk.

This patch also rids WasmFaultSignalHandler from any knowledge
of VM. Previously, it relied on VM to get the exception handling
thunk.

The only part of the Wasm runtime that will be allowed
to get VM&amp; from ExecState will be WasmBinding. In the
future, we plan to keep the calls out to JS to keep
a JSCell as the callee.

* JavaScriptCore.xcodeproj/project.pbxproj:
* dfg/DFGOSREntry.cpp:
(JSC::DFG::prepareOSREntry):
* ftl/FTLOSRExitCompiler.cpp:
(JSC::FTL::compileStub):
* interpreter/Interpreter.cpp:
(JSC::UnwindFunctor::copyCalleeSavesToVMEntryFrameCalleeSavesBuffer):
* jit/AssemblyHelpers.cpp:
(JSC::AssemblyHelpers::restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer):
(JSC::AssemblyHelpers::copyCalleeSavesToVMEntryFrameCalleeSavesBufferImpl):
* jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::copyCalleeSavesToVMEntryFrameCalleeSavesBuffer):
* jit/ThunkGenerators.cpp:
(JSC::throwExceptionFromWasmThunkGenerator): Deleted.
* jit/ThunkGenerators.h:
* runtime/InitializeThreading.cpp:
(JSC::initializeThreading):
* runtime/VM.cpp:
(JSC::VM::VM):
(JSC::VM::getAllCalleeSaveRegisterOffsets):
* runtime/VM.h:
(JSC::VM::topVMEntryFrameOffset):
(JSC::VM::getAllCalleeSaveRegisterOffsets): Deleted.
* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::emitExceptionCheck):
* wasm/WasmFaultSignalHandler.cpp:
(JSC::Wasm::trapHandler):
* wasm/WasmMemory.cpp:
(JSC::Wasm::tryGetFastMemory):
* wasm/WasmThunks.cpp: Added.
(JSC::Wasm::throwExceptionFromWasmThunkGenerator):
(JSC::Wasm::Thunks::initialize):
(JSC::Wasm::Thunks::singleton):
(JSC::Wasm::Thunks::stub):
(JSC::Wasm::Thunks::existingStub):
* wasm/WasmThunks.h: Added.
* wasm/js/JSWebAssemblyInstance.cpp:
(JSC::JSWebAssemblyInstance::JSWebAssemblyInstance):
* wasm/js/JSWebAssemblyInstance.h:
(JSC::JSWebAssemblyInstance::offsetOfVM):
* wasm/js/JSWebAssemblyMemory.cpp:
(JSC::JSWebAssemblyMemory::grow):
* wasm/js/JSWebAssemblyMemory.h:
* wasm/js/WebAssemblyMemoryPrototype.cpp:
(JSC::webAssemblyMemoryProtoFuncGrow):</pre>

<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCoreCMakeListstxt">trunk/Source/JavaScriptCore/CMakeLists.txt</a></li>
<li><a href="#trunkSourceJavaScriptCoreChangeLog">trunk/Source/JavaScriptCore/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCoreJavaScriptCorexcodeprojprojectpbxproj">trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGOSREntrycpp">trunk/Source/JavaScriptCore/dfg/DFGOSREntry.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLOSRExitCompilercpp">trunk/Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreinterpreterInterpretercpp">trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitAssemblyHelperscpp">trunk/Source/JavaScriptCore/jit/AssemblyHelpers.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitAssemblyHelpersh">trunk/Source/JavaScriptCore/jit/AssemblyHelpers.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitThunkGeneratorscpp">trunk/Source/JavaScriptCore/jit/ThunkGenerators.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitThunkGeneratorsh">trunk/Source/JavaScriptCore/jit/ThunkGenerators.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeInitializeThreadingcpp">trunk/Source/JavaScriptCore/runtime/InitializeThreading.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeVMcpp">trunk/Source/JavaScriptCore/runtime/VM.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeVMh">trunk/Source/JavaScriptCore/runtime/VM.h</a></li>
<li><a href="#trunkSourceJavaScriptCorewasmWasmB3IRGeneratorcpp">trunk/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorewasmWasmFaultSignalHandlercpp">trunk/Source/JavaScriptCore/wasm/WasmFaultSignalHandler.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorewasmWasmFaultSignalHandlerh">trunk/Source/JavaScriptCore/wasm/WasmFaultSignalHandler.h</a></li>
<li><a href="#trunkSourceJavaScriptCorewasmWasmMemorycpp">trunk/Source/JavaScriptCore/wasm/WasmMemory.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorewasmjsJSWebAssemblyCalleecpp">trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyCallee.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorewasmjsJSWebAssemblyInstancecpp">trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorewasmjsJSWebAssemblyInstanceh">trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.h</a></li>
<li><a href="#trunkSourceJavaScriptCorewasmjsJSWebAssemblyMemorycpp">trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyMemory.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorewasmjsJSWebAssemblyMemoryh">trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyMemory.h</a></li>
<li><a href="#trunkSourceJavaScriptCorewasmjsWebAssemblyMemoryPrototypecpp">trunk/Source/JavaScriptCore/wasm/js/WebAssemblyMemoryPrototype.cpp</a></li>
</ul>

<h3>Added Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCorewasmWasmThunkscpp">trunk/Source/JavaScriptCore/wasm/WasmThunks.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorewasmWasmThunksh">trunk/Source/JavaScriptCore/wasm/WasmThunks.h</a></li>
</ul>

</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceJavaScriptCoreCMakeListstxt"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/CMakeLists.txt (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/CMakeLists.txt        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/CMakeLists.txt        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -947,6 +947,7 @@
</span><span class="cx">     wasm/WasmPlan.cpp
</span><span class="cx">     wasm/WasmOpcodeOrigin.cpp
</span><span class="cx">     wasm/WasmSignature.cpp
</span><ins>+    wasm/WasmThunks.cpp
</ins><span class="cx">     wasm/WasmValidate.cpp
</span><span class="cx">     wasm/WasmWorklist.cpp
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ChangeLog (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ChangeLog        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/ChangeLog        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -1,3 +1,77 @@
</span><ins>+2017-03-30  Saam Barati  &lt;sbarati@apple.com&gt;
+
+        WebAssembly: When Wasm calls to C, it should use Wasm::Context* instead of ExecState* to get VM
+        https://bugs.webkit.org/show_bug.cgi?id=170185
+
+        Reviewed by Michael Saboff.
+
+        This is one more step in the direction of PIC-ified Wasm.
+        When we lift WasmCallee above VM, we will no longer be
+        able to get VM from ExecState*. This patch ensures that
+        we don't do that from within the Wasm runtime. Instead,
+        we use the Wasm::Context* to get the VM.
+
+        This patch also adds a new class, Wasm::Thunks. There
+        is a single Wasm::Thunks that lives in the process. It
+        is responsible for generating a thunk that Wasm relies on.
+        The only such thunk right now is the exception throwing
+        thunk.
+
+        This patch also rids WasmFaultSignalHandler from any knowledge
+        of VM. Previously, it relied on VM to get the exception handling
+        thunk.
+
+        The only part of the Wasm runtime that will be allowed
+        to get VM&amp; from ExecState will be WasmBinding. In the
+        future, we plan to keep the calls out to JS to keep
+        a JSCell as the callee.
+
+        * JavaScriptCore.xcodeproj/project.pbxproj:
+        * dfg/DFGOSREntry.cpp:
+        (JSC::DFG::prepareOSREntry):
+        * ftl/FTLOSRExitCompiler.cpp:
+        (JSC::FTL::compileStub):
+        * interpreter/Interpreter.cpp:
+        (JSC::UnwindFunctor::copyCalleeSavesToVMEntryFrameCalleeSavesBuffer):
+        * jit/AssemblyHelpers.cpp:
+        (JSC::AssemblyHelpers::restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer):
+        (JSC::AssemblyHelpers::copyCalleeSavesToVMEntryFrameCalleeSavesBufferImpl):
+        * jit/AssemblyHelpers.h:
+        (JSC::AssemblyHelpers::copyCalleeSavesToVMEntryFrameCalleeSavesBuffer):
+        * jit/ThunkGenerators.cpp:
+        (JSC::throwExceptionFromWasmThunkGenerator): Deleted.
+        * jit/ThunkGenerators.h:
+        * runtime/InitializeThreading.cpp:
+        (JSC::initializeThreading):
+        * runtime/VM.cpp:
+        (JSC::VM::VM):
+        (JSC::VM::getAllCalleeSaveRegisterOffsets):
+        * runtime/VM.h:
+        (JSC::VM::topVMEntryFrameOffset):
+        (JSC::VM::getAllCalleeSaveRegisterOffsets): Deleted.
+        * wasm/WasmB3IRGenerator.cpp:
+        (JSC::Wasm::B3IRGenerator::emitExceptionCheck):
+        * wasm/WasmFaultSignalHandler.cpp:
+        (JSC::Wasm::trapHandler):
+        * wasm/WasmMemory.cpp:
+        (JSC::Wasm::tryGetFastMemory):
+        * wasm/WasmThunks.cpp: Added.
+        (JSC::Wasm::throwExceptionFromWasmThunkGenerator):
+        (JSC::Wasm::Thunks::initialize):
+        (JSC::Wasm::Thunks::singleton):
+        (JSC::Wasm::Thunks::stub):
+        (JSC::Wasm::Thunks::existingStub):
+        * wasm/WasmThunks.h: Added.
+        * wasm/js/JSWebAssemblyInstance.cpp:
+        (JSC::JSWebAssemblyInstance::JSWebAssemblyInstance):
+        * wasm/js/JSWebAssemblyInstance.h:
+        (JSC::JSWebAssemblyInstance::offsetOfVM):
+        * wasm/js/JSWebAssemblyMemory.cpp:
+        (JSC::JSWebAssemblyMemory::grow):
+        * wasm/js/JSWebAssemblyMemory.h:
+        * wasm/js/WebAssemblyMemoryPrototype.cpp:
+        (JSC::webAssemblyMemoryProtoFuncGrow):
+
</ins><span class="cx"> 2017-03-30  Mark Lam  &lt;mark.lam@apple.com&gt;
</span><span class="cx"> 
</span><span class="cx">         IntlObject should not be using JSArray::initializeIndex().
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreJavaScriptCorexcodeprojprojectpbxproj"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -1310,6 +1310,8 @@
</span><span class="cx">                 4443AE3316E188D90076F110 /* Foundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 51F0EB6105C86C6B00E6DF1B /* Foundation.framework */; };
</span><span class="cx">                 451539B912DC994500EF7AC4 /* Yarr.h in Headers */ = {isa = PBXBuildFile; fileRef = 451539B812DC994500EF7AC4 /* Yarr.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="cx">                 473DA4A4764C45FE871B0485 /* DefinePropertyAttributes.h in Headers */ = {isa = PBXBuildFile; fileRef = 169948EDE68D4054B01EF797 /* DefinePropertyAttributes.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><ins>+                5250D2D11E8DA05A0029A932 /* WasmThunks.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5250D2CF1E8DA05A0029A932 /* WasmThunks.cpp */; };
+                5250D2D21E8DA05A0029A932 /* WasmThunks.h in Headers */ = {isa = PBXBuildFile; fileRef = 5250D2D01E8DA05A0029A932 /* WasmThunks.h */; settings = {ATTRIBUTES = (Private, ); }; };
</ins><span class="cx">                 52678F8E1A031009006A306D /* BasicBlockLocation.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 52678F8C1A031009006A306D /* BasicBlockLocation.cpp */; };
</span><span class="cx">                 52678F8F1A031009006A306D /* BasicBlockLocation.h in Headers */ = {isa = PBXBuildFile; fileRef = 52678F8D1A031009006A306D /* BasicBlockLocation.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="cx">                 52678F911A04177C006A306D /* ControlFlowProfiler.h in Headers */ = {isa = PBXBuildFile; fileRef = 52678F901A04177C006A306D /* ControlFlowProfiler.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="lines">@@ -3811,6 +3813,8 @@
</span><span class="cx">                 4CE978E385A8498199052153 /* ModuleNamespaceAccessCase.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ModuleNamespaceAccessCase.h; sourceTree = &quot;&lt;group&gt;&quot;; };
</span><span class="cx">                 51F0EB6105C86C6B00E6DF1B /* Foundation.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Foundation.framework; path = /System/Library/Frameworks/Foundation.framework; sourceTree = &quot;&lt;absolute&gt;&quot;; };
</span><span class="cx">                 51F0EC0705C86C9A00E6DF1B /* libobjc.dylib */ = {isa = PBXFileReference; lastKnownFileType = &quot;compiled.mach-o.dylib&quot;; name = libobjc.dylib; path = /usr/lib/libobjc.dylib; sourceTree = &quot;&lt;absolute&gt;&quot;; };
</span><ins>+                5250D2CF1E8DA05A0029A932 /* WasmThunks.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WasmThunks.cpp; sourceTree = &quot;&lt;group&gt;&quot;; };
+                5250D2D01E8DA05A0029A932 /* WasmThunks.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WasmThunks.h; sourceTree = &quot;&lt;group&gt;&quot;; };
</ins><span class="cx">                 52678F8C1A031009006A306D /* BasicBlockLocation.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = BasicBlockLocation.cpp; sourceTree = &quot;&lt;group&gt;&quot;; };
</span><span class="cx">                 52678F8D1A031009006A306D /* BasicBlockLocation.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = BasicBlockLocation.h; sourceTree = &quot;&lt;group&gt;&quot;; };
</span><span class="cx">                 52678F901A04177C006A306D /* ControlFlowProfiler.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ControlFlowProfiler.h; sourceTree = &quot;&lt;group&gt;&quot;; };
</span><span class="lines">@@ -6321,6 +6325,8 @@
</span><span class="cx">                                 53F40E841D58F9770099A1B6 /* WasmSections.h */,
</span><span class="cx">                                 AD7438BE1E04579200FD0C2A /* WasmSignature.cpp */,
</span><span class="cx">                                 AD7438BF1E04579200FD0C2A /* WasmSignature.h */,
</span><ins>+                                5250D2CF1E8DA05A0029A932 /* WasmThunks.cpp */,
+                                5250D2D01E8DA05A0029A932 /* WasmThunks.h */,
</ins><span class="cx">                                 53FF7F9A1DBFD2B900A26CCC /* WasmValidate.cpp */,
</span><span class="cx">                                 53FF7F981DBFCD9000A26CCC /* WasmValidate.h */,
</span><span class="cx">                                 530FB3031E7A1146003C19DD /* WasmWorklist.cpp */,
</span><span class="lines">@@ -8720,6 +8726,7 @@
</span><span class="cx">                                 70B791971C024A29002481E2 /* GeneratorFunctionPrototype.h in Headers */,
</span><span class="cx">                                 70B791991C024A29002481E2 /* GeneratorPrototype.h in Headers */,
</span><span class="cx">                                 70B7919D1C024A56002481E2 /* GeneratorPrototype.lut.h in Headers */,
</span><ins>+                                5250D2D21E8DA05A0029A932 /* WasmThunks.h in Headers */,
</ins><span class="cx">                                 0FE050191AA9091100D33B33 /* GenericArguments.h in Headers */,
</span><span class="cx">                                 0FE0501A1AA9091100D33B33 /* GenericArgumentsInlines.h in Headers */,
</span><span class="cx">                                 0FE0501B1AA9091100D33B33 /* GenericOffset.h in Headers */,
</span><span class="lines">@@ -10291,6 +10298,7 @@
</span><span class="cx">                                 0FDDBFB51666EED800C55FEF /* DFGVariableAccessDataDump.cpp in Sources */,
</span><span class="cx">                                 0F2BDC5115228FFD00CD8910 /* DFGVariableEvent.cpp in Sources */,
</span><span class="cx">                                 0F2BDC4A1522809A00CD8910 /* DFGVariableEventStream.cpp in Sources */,
</span><ins>+                                5250D2D11E8DA05A0029A932 /* WasmThunks.cpp in Sources */,
</ins><span class="cx">                                 0FFFC95F14EF90BB00C72532 /* DFGVirtualRegisterAllocationPhase.cpp in Sources */,
</span><span class="cx">                                 0FC97F4118202119002C9B26 /* DFGWatchpointCollectionPhase.cpp in Sources */,
</span><span class="cx">                                 0FDB2CE7174830A2007B3C1B /* DFGWorklist.cpp in Sources */,
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGOSREntrycpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGOSREntry.cpp (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGOSREntry.cpp        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/dfg/DFGOSREntry.cpp        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -312,7 +312,7 @@
</span><span class="cx">     // 6) Copy our callee saves to buffer.
</span><span class="cx"> #if NUMBER_OF_CALLEE_SAVES_REGISTERS &gt; 0
</span><span class="cx">     RegisterAtOffsetList* registerSaveLocations = codeBlock-&gt;calleeSaveRegisters();
</span><del>-    RegisterAtOffsetList* allCalleeSaves = vm-&gt;getAllCalleeSaveRegisterOffsets();
</del><ins>+    RegisterAtOffsetList* allCalleeSaves = VM::getAllCalleeSaveRegisterOffsets();
</ins><span class="cx">     RegisterSet dontSaveRegisters = RegisterSet(RegisterSet::stackRegisters(), RegisterSet::allFPRs());
</span><span class="cx"> 
</span><span class="cx">     unsigned registerCount = registerSaveLocations-&gt;size();
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLOSRExitCompilercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -409,7 +409,7 @@
</span><span class="cx"> 
</span><span class="cx">     RegisterSet allFTLCalleeSaves = RegisterSet::ftlCalleeSaveRegisters();
</span><span class="cx">     RegisterAtOffsetList* baselineCalleeSaves = baselineCodeBlock-&gt;calleeSaveRegisters();
</span><del>-    RegisterAtOffsetList* vmCalleeSaves = vm-&gt;getAllCalleeSaveRegisterOffsets();
</del><ins>+    RegisterAtOffsetList* vmCalleeSaves = VM::getAllCalleeSaveRegisterOffsets();
</ins><span class="cx">     RegisterSet vmCalleeSavesToSkip = RegisterSet::stackRegisters();
</span><span class="cx">     if (exit.isExceptionHandler()) {
</span><span class="cx">         jit.loadPtr(&amp;vm-&gt;topVMEntryFrame, GPRInfo::regT1);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreinterpreterInterpretercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -635,7 +635,7 @@
</span><span class="cx">             return;
</span><span class="cx"> 
</span><span class="cx">         VM&amp; vm = m_callFrame-&gt;vm();
</span><del>-        RegisterAtOffsetList* allCalleeSaves = vm.getAllCalleeSaveRegisterOffsets();
</del><ins>+        RegisterAtOffsetList* allCalleeSaves = VM::getAllCalleeSaveRegisterOffsets();
</ins><span class="cx">         RegisterSet dontCopyRegisters = RegisterSet::stackRegisters();
</span><span class="cx">         intptr_t* frame = reinterpret_cast&lt;intptr_t*&gt;(m_callFrame-&gt;registers());
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitAssemblyHelperscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/AssemblyHelpers.cpp (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/AssemblyHelpers.cpp        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/jit/AssemblyHelpers.cpp        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -582,7 +582,7 @@
</span><span class="cx"> void AssemblyHelpers::restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer(VM&amp; vm)
</span><span class="cx"> {
</span><span class="cx"> #if NUMBER_OF_CALLEE_SAVES_REGISTERS &gt; 0
</span><del>-    RegisterAtOffsetList* allCalleeSaves = vm.getAllCalleeSaveRegisterOffsets();
</del><ins>+    RegisterAtOffsetList* allCalleeSaves = VM::getAllCalleeSaveRegisterOffsets();
</ins><span class="cx">     RegisterSet dontRestoreRegisters = RegisterSet::stackRegisters();
</span><span class="cx">     unsigned registerCount = allCalleeSaves-&gt;size();
</span><span class="cx"> 
</span><span class="lines">@@ -872,6 +872,29 @@
</span><span class="cx">     }
</span><span class="cx"> }
</span><span class="cx"> 
</span><ins>+void AssemblyHelpers::copyCalleeSavesToVMEntryFrameCalleeSavesBufferImpl(GPRReg calleeSavesBuffer)
+{
+#if NUMBER_OF_CALLEE_SAVES_REGISTERS &gt; 0
+    addPtr(TrustedImm32(VMEntryFrame::calleeSaveRegistersBufferOffset()), calleeSavesBuffer);
+
+    RegisterAtOffsetList* allCalleeSaves = VM::getAllCalleeSaveRegisterOffsets();
+    RegisterSet dontCopyRegisters = RegisterSet::stackRegisters();
+    unsigned registerCount = allCalleeSaves-&gt;size();
+    
+    for (unsigned i = 0; i &lt; registerCount; i++) {
+        RegisterAtOffset entry = allCalleeSaves-&gt;at(i);
+        if (dontCopyRegisters.get(entry.reg()))
+            continue;
+        if (entry.reg().isGPR())
+            storePtr(entry.reg().gpr(), Address(calleeSavesBuffer, entry.offset()));
+        else
+            storeDouble(entry.reg().fpr(), Address(calleeSavesBuffer, entry.offset()));
+    }
+#else
+    UNUSED_PARAM(calleeSavesBuffer);
+#endif
+}
+
</ins><span class="cx"> } // namespace JSC
</span><span class="cx"> 
</span><span class="cx"> #endif // ENABLE(JIT)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitAssemblyHelpersh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/AssemblyHelpers.h (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/AssemblyHelpers.h        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/jit/AssemblyHelpers.h        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -333,27 +333,23 @@
</span><span class="cx"> #endif
</span><span class="cx">     }
</span><span class="cx"> 
</span><ins>+    // If you use this, be aware that vmGPR will get trashed.
+    void copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(GPRReg vmGPR)
+    {
+#if NUMBER_OF_CALLEE_SAVES_REGISTERS &gt; 0
+        loadPtr(Address(vmGPR, VM::topVMEntryFrameOffset()), vmGPR);
+        copyCalleeSavesToVMEntryFrameCalleeSavesBufferImpl(vmGPR);
+#else
+        UNUSED_PARAM(vmGPR);
+#endif
+    }
+
</ins><span class="cx">     void copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(VM&amp; vm, const TempRegisterSet&amp; usedRegisters = { RegisterSet::stubUnavailableRegisters() })
</span><span class="cx">     {
</span><span class="cx"> #if NUMBER_OF_CALLEE_SAVES_REGISTERS &gt; 0
</span><span class="cx">         GPRReg temp1 = usedRegisters.getFreeGPR(0);
</span><del>-
</del><span class="cx">         loadPtr(&amp;vm.topVMEntryFrame, temp1);
</span><del>-        addPtr(TrustedImm32(VMEntryFrame::calleeSaveRegistersBufferOffset()), temp1);
-
-        RegisterAtOffsetList* allCalleeSaves = vm.getAllCalleeSaveRegisterOffsets();
-        RegisterSet dontCopyRegisters = RegisterSet::stackRegisters();
-        unsigned registerCount = allCalleeSaves-&gt;size();
-        
-        for (unsigned i = 0; i &lt; registerCount; i++) {
-            RegisterAtOffset entry = allCalleeSaves-&gt;at(i);
-            if (dontCopyRegisters.get(entry.reg()))
-                continue;
-            if (entry.reg().isGPR())
-                storePtr(entry.reg().gpr(), Address(temp1, entry.offset()));
-            else
-                storeDouble(entry.reg().fpr(), Address(temp1, entry.offset()));
-        }
</del><ins>+        copyCalleeSavesToVMEntryFrameCalleeSavesBufferImpl(temp1);
</ins><span class="cx"> #else
</span><span class="cx">         UNUSED_PARAM(vm);
</span><span class="cx">         UNUSED_PARAM(usedRegisters);
</span><span class="lines">@@ -376,7 +372,7 @@
</span><span class="cx">         loadPtr(&amp;vm.topVMEntryFrame, temp1);
</span><span class="cx">         addPtr(TrustedImm32(VMEntryFrame::calleeSaveRegistersBufferOffset()), temp1);
</span><span class="cx"> 
</span><del>-        RegisterAtOffsetList* allCalleeSaves = vm.getAllCalleeSaveRegisterOffsets();
</del><ins>+        RegisterAtOffsetList* allCalleeSaves = VM::getAllCalleeSaveRegisterOffsets();
</ins><span class="cx">         RegisterAtOffsetList* currentCalleeSaves = codeBlock()-&gt;calleeSaveRegisters();
</span><span class="cx">         RegisterSet dontCopyRegisters = RegisterSet::stackRegisters();
</span><span class="cx">         unsigned registerCount = allCalleeSaves-&gt;size();
</span><span class="lines">@@ -1591,6 +1587,8 @@
</span><span class="cx"> #endif
</span><span class="cx"> 
</span><span class="cx"> protected:
</span><ins>+    void copyCalleeSavesToVMEntryFrameCalleeSavesBufferImpl(GPRReg calleeSavesBuffer);
+
</ins><span class="cx">     CodeBlock* m_codeBlock;
</span><span class="cx">     CodeBlock* m_baselineCodeBlock;
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitThunkGeneratorscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/ThunkGenerators.cpp (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/ThunkGenerators.cpp        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/jit/ThunkGenerators.cpp        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -33,12 +33,9 @@
</span><span class="cx"> #include &quot;JSArray.h&quot;
</span><span class="cx"> #include &quot;JSBoundFunction.h&quot;
</span><span class="cx"> #include &quot;JSCInlines.h&quot;
</span><del>-#include &quot;JSWebAssemblyInstance.h&quot;
-#include &quot;JSWebAssemblyRuntimeError.h&quot;
</del><span class="cx"> #include &quot;MathCommon.h&quot;
</span><span class="cx"> #include &quot;MaxFrameExtentForSlowPathCall.h&quot;
</span><span class="cx"> #include &quot;SpecializedThunkJIT.h&quot;
</span><del>-#include &quot;WasmExceptionType.h&quot;
</del><span class="cx"> #include &lt;wtf/InlineASM.h&gt;
</span><span class="cx"> #include &lt;wtf/StringPrintStream.h&gt;
</span><span class="cx"> #include &lt;wtf/text/StringImpl.h&gt;
</span><span class="lines">@@ -1133,47 +1130,6 @@
</span><span class="cx">         linkBuffer, (&quot;Specialized thunk for bound function calls with no arguments&quot;));
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-#if ENABLE(WEBASSEMBLY)
-MacroAssemblerCodeRef throwExceptionFromWasmThunkGenerator(VM* vm)
-{
-    CCallHelpers jit;
-
-    // The thing that jumps here must move ExceptionType into the argumentGPR1 and jump here.
-    // We're allowed to use temp registers here, but not callee saves.
-    {
-        RegisterSet usedRegisters = RegisterSet::stubUnavailableRegisters();
-        usedRegisters.set(GPRInfo::argumentGPR1);
-        jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(*vm, usedRegisters);
-    }
-
-    jit.move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
-    jit.loadWasmContext(GPRInfo::argumentGPR2);
-    CCallHelpers::Call call = jit.call();
-    jit.jumpToExceptionHandler(*vm);
-
-    void (*throwWasmException)(ExecState*, Wasm::ExceptionType, JSWebAssemblyInstance*) = [] (ExecState* exec, Wasm::ExceptionType type, JSWebAssemblyInstance* wasmContext) {
-        VM* vm = &amp;exec-&gt;vm();
-        NativeCallFrameTracer tracer(vm, exec);
-
-        {
-            auto throwScope = DECLARE_THROW_SCOPE(*vm);
-            JSGlobalObject* globalObject = wasmContext-&gt;globalObject();
-
-            JSWebAssemblyRuntimeError* error = JSWebAssemblyRuntimeError::create(exec, *vm, globalObject-&gt;WebAssemblyRuntimeErrorStructure(), Wasm::errorMessageForExceptionType(type));
-            throwException(exec, throwScope, error);
-        }
-
-        genericUnwind(vm, exec);
-        ASSERT(!!vm-&gt;callFrameForCatch);
-    };
-
-    LinkBuffer linkBuffer(jit, GLOBAL_THUNK_ID);
-    linkBuffer.link(call, throwWasmException);
-    return FINALIZE_CODE(
-        linkBuffer, (&quot;Throw exception from Wasm&quot;));
-}
-#endif // ENABLE(WEBASSEMBLY)
-
</del><span class="cx"> } // namespace JSC
</span><span class="cx"> 
</span><span class="cx"> #endif // ENABLE(JIT)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitThunkGeneratorsh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/ThunkGenerators.h (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/ThunkGenerators.h        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/jit/ThunkGenerators.h        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -64,10 +64,5 @@
</span><span class="cx"> MacroAssemblerCodeRef truncThunkGenerator(VM*);
</span><span class="cx"> 
</span><span class="cx"> MacroAssemblerCodeRef boundThisNoArgsFunctionCallGenerator(VM*);
</span><del>-
-#if ENABLE(WEBASSEMBLY)
-MacroAssemblerCodeRef throwExceptionFromWasmThunkGenerator(VM*);
-#endif
-
</del><span class="cx"> }
</span><span class="cx"> #endif // ENABLE(JIT)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeInitializeThreadingcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/InitializeThreading.cpp (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/InitializeThreading.cpp        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/runtime/InitializeThreading.cpp        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -39,6 +39,7 @@
</span><span class="cx"> #include &quot;Options.h&quot;
</span><span class="cx"> #include &quot;StructureIDTable.h&quot;
</span><span class="cx"> #include &quot;SuperSampler.h&quot;
</span><ins>+#include &quot;WasmThunks.h&quot;
</ins><span class="cx"> #include &quot;WriteBarrier.h&quot;
</span><span class="cx"> #include &lt;mutex&gt;
</span><span class="cx"> #include &lt;wtf/MainThread.h&gt;
</span><span class="lines">@@ -70,6 +71,10 @@
</span><span class="cx">         initializeSuperSampler();
</span><span class="cx">         WTFThreadData&amp; threadData = wtfThreadData();
</span><span class="cx">         threadData.setSavedLastStackTop(threadData.stack().origin());
</span><ins>+
+#if ENABLE(WEBASSEMBLY)
+        Wasm::Thunks::initialize();
+#endif
</ins><span class="cx">     });
</span><span class="cx"> }
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeVMcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/VM.cpp (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/VM.cpp        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/runtime/VM.cpp        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -283,7 +283,6 @@
</span><span class="cx"> 
</span><span class="cx"> #if ENABLE(JIT)
</span><span class="cx">     jitStubs = std::make_unique&lt;JITThunks&gt;();
</span><del>-    allCalleeSaveRegisterOffsets = std::make_unique&lt;RegisterAtOffsetList&gt;(RegisterSet::vmCalleeSaveRegisters(), RegisterAtOffsetList::ZeroBased);
</del><span class="cx"> #endif
</span><span class="cx">     arityCheckData = std::make_unique&lt;CommonSlowPaths::ArityCheckData&gt;();
</span><span class="cx"> 
</span><span class="lines">@@ -939,4 +938,18 @@
</span><span class="cx"> }
</span><span class="cx"> #endif
</span><span class="cx"> 
</span><ins>+#if ENABLE(JIT)
+RegisterAtOffsetList* VM::getAllCalleeSaveRegisterOffsets()
+{
+    static RegisterAtOffsetList* result;
+
+    static std::once_flag calleeSavesFlag;
+    std::call_once(calleeSavesFlag, [] () {
+        result = new RegisterAtOffsetList(RegisterSet::vmCalleeSaveRegisters(), RegisterAtOffsetList::ZeroBased);
+    });
+
+    return result;
+}
+#endif // ENABLE(JIT)
+
</ins><span class="cx"> } // namespace JSC
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeVMh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/VM.h (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/VM.h        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/runtime/VM.h        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -456,9 +456,7 @@
</span><span class="cx">         return jitStubs-&gt;ctiStub(this, generator);
</span><span class="cx">     }
</span><span class="cx">     
</span><del>-    std::unique_ptr&lt;RegisterAtOffsetList&gt; allCalleeSaveRegisterOffsets;
-    
-    RegisterAtOffsetList* getAllCalleeSaveRegisterOffsets() { return allCalleeSaveRegisterOffsets.get(); }
</del><ins>+    static RegisterAtOffsetList* getAllCalleeSaveRegisterOffsets();
</ins><span class="cx"> 
</span><span class="cx"> #endif // ENABLE(JIT)
</span><span class="cx">     std::unique_ptr&lt;CommonSlowPaths::ArityCheckData&gt; arityCheckData;
</span><span class="lines">@@ -483,6 +481,11 @@
</span><span class="cx">         return OBJECT_OFFSETOF(VM, targetMachinePCForThrow);
</span><span class="cx">     }
</span><span class="cx"> 
</span><ins>+    static ptrdiff_t topVMEntryFrameOffset()
+    {
+        return OBJECT_OFFSETOF(VM, topVMEntryFrame);
+    }
+
</ins><span class="cx">     void restorePreviousException(Exception* exception) { setException(exception); }
</span><span class="cx"> 
</span><span class="cx">     void clearLastException() { m_lastException = nullptr; }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorewasmWasmB3IRGeneratorcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -57,6 +57,7 @@
</span><span class="cx"> #include &quot;WasmFunctionParser.h&quot;
</span><span class="cx"> #include &quot;WasmMemory.h&quot;
</span><span class="cx"> #include &quot;WasmOpcodeOrigin.h&quot;
</span><ins>+#include &quot;WasmThunks.h&quot;
</ins><span class="cx"> #include &lt;wtf/Optional.h&gt;
</span><span class="cx"> 
</span><span class="cx"> void dumpProcedure(void* ptr)
</span><span class="lines">@@ -161,7 +162,7 @@
</span><span class="cx">             return fail(__VA_ARGS__);             \
</span><span class="cx">     } while (0)
</span><span class="cx"> 
</span><del>-    B3IRGenerator(VM&amp;, const ModuleInformation&amp;, Procedure&amp;, WasmInternalFunction*, Vector&lt;UnlinkedWasmToWasmCall&gt;&amp;, MemoryMode);
</del><ins>+    B3IRGenerator(const ModuleInformation&amp;, Procedure&amp;, WasmInternalFunction*, Vector&lt;UnlinkedWasmToWasmCall&gt;&amp;, MemoryMode);
</ins><span class="cx"> 
</span><span class="cx">     PartialResult WARN_UNUSED_RETURN addArguments(const Signature*);
</span><span class="cx">     PartialResult WARN_UNUSED_RETURN addLocal(Type, uint32_t);
</span><span class="lines">@@ -232,7 +233,6 @@
</span><span class="cx"> 
</span><span class="cx">     Origin origin();
</span><span class="cx"> 
</span><del>-    VM&amp; m_vm;
</del><span class="cx">     FunctionParser&lt;B3IRGenerator&gt;* m_parser;
</span><span class="cx">     const ModuleInformation&amp; m_info;
</span><span class="cx">     MemoryMode m_mode;
</span><span class="lines">@@ -302,9 +302,8 @@
</span><span class="cx">     });
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-B3IRGenerator::B3IRGenerator(VM&amp; vm, const ModuleInformation&amp; info, Procedure&amp; procedure, WasmInternalFunction* compilation, Vector&lt;UnlinkedWasmToWasmCall&gt;&amp; unlinkedWasmToWasmCalls, MemoryMode mode)
-    : m_vm(vm)
-    , m_info(info)
</del><ins>+B3IRGenerator::B3IRGenerator(const ModuleInformation&amp; info, Procedure&amp; procedure, WasmInternalFunction* compilation, Vector&lt;UnlinkedWasmToWasmCall&gt;&amp; unlinkedWasmToWasmCalls, MemoryMode mode)
+    : m_info(info)
</ins><span class="cx">     , m_mode(mode)
</span><span class="cx">     , m_proc(procedure)
</span><span class="cx">     , m_unlinkedWasmToWasmCalls(unlinkedWasmToWasmCalls)
</span><span class="lines">@@ -376,9 +375,8 @@
</span><span class="cx">     jit.move(CCallHelpers::TrustedImm32(static_cast&lt;uint32_t&gt;(type)), GPRInfo::argumentGPR1);
</span><span class="cx">     auto jumpToExceptionStub = jit.jump();
</span><span class="cx"> 
</span><del>-    VM* vm = &amp;m_vm;
-    jit.addLinkTask([vm, jumpToExceptionStub] (LinkBuffer&amp; linkBuffer) {
-        linkBuffer.link(jumpToExceptionStub, CodeLocationLabel(vm-&gt;getCTIStub(throwExceptionFromWasmThunkGenerator).code()));
</del><ins>+    jit.addLinkTask([jumpToExceptionStub] (LinkBuffer&amp; linkBuffer) {
+        linkBuffer.link(jumpToExceptionStub, CodeLocationLabel(Thunks::singleton().stub(throwExceptionFromWasmThunkGenerator).code()));
</ins><span class="cx">     });
</span><span class="cx"> }
</span><span class="cx"> 
</span><span class="lines">@@ -443,8 +441,8 @@
</span><span class="cx"> 
</span><span class="cx"> auto B3IRGenerator::addGrowMemory(ExpressionType delta, ExpressionType&amp; result) -&gt; PartialResult
</span><span class="cx"> {
</span><del>-    int32_t (*growMemory) (ExecState*, JSWebAssemblyInstance*, int32_t) = [] (ExecState* exec, JSWebAssemblyInstance* wasmContext, int32_t delta) -&gt; int32_t {
-        VM&amp; vm = exec-&gt;vm();
</del><ins>+    int32_t (*growMemory) (Context*, int32_t) = [] (Context* wasmContext, int32_t delta) -&gt; int32_t {
+        VM&amp; vm = *wasmContext-&gt;vm();
</ins><span class="cx">         auto scope = DECLARE_THROW_SCOPE(vm);
</span><span class="cx"> 
</span><span class="cx">         JSWebAssemblyMemory* wasmMemory = wasmContext-&gt;memory();
</span><span class="lines">@@ -453,7 +451,9 @@
</span><span class="cx">             return -1;
</span><span class="cx"> 
</span><span class="cx">         bool shouldThrowExceptionsOnFailure = false;
</span><del>-        PageCount result = wasmMemory-&gt;grow(exec, static_cast&lt;uint32_t&gt;(delta), shouldThrowExceptionsOnFailure);
</del><ins>+        // grow() does not require ExecState* if it doesn't throw exceptions.
+        ExecState* exec = nullptr; 
+        PageCount result = wasmMemory-&gt;grow(vm, exec, static_cast&lt;uint32_t&gt;(delta), shouldThrowExceptionsOnFailure);
</ins><span class="cx">         RELEASE_ASSERT(!scope.exception());
</span><span class="cx">         if (!result)
</span><span class="cx">             return -1;
</span><span class="lines">@@ -463,7 +463,7 @@
</span><span class="cx"> 
</span><span class="cx">     result = m_currentBlock-&gt;appendNew&lt;CCallValue&gt;(m_proc, Int32, origin(),
</span><span class="cx">         m_currentBlock-&gt;appendNew&lt;ConstPtrValue&gt;(m_proc, origin(), bitwise_cast&lt;void*&gt;(growMemory)),
</span><del>-        m_currentBlock-&gt;appendNew&lt;B3::Value&gt;(m_proc, B3::FramePointer, origin()), m_instanceValue, delta);
</del><ins>+        m_instanceValue, delta);
</ins><span class="cx"> 
</span><span class="cx">     restoreWebAssemblyGlobalState(m_info.memory, m_instanceValue, m_proc, m_currentBlock);
</span><span class="cx"> 
</span><span class="lines">@@ -1277,7 +1277,7 @@
</span><span class="cx">             out.print(&quot;Wasm: &quot;, bitwise_cast&lt;OpcodeOrigin&gt;(origin));
</span><span class="cx">     });
</span><span class="cx"> 
</span><del>-    B3IRGenerator context(vm, info, procedure, result.get(), unlinkedWasmToWasmCalls, mode);
</del><ins>+    B3IRGenerator context(info, procedure, result.get(), unlinkedWasmToWasmCalls, mode);
</ins><span class="cx">     FunctionParser&lt;B3IRGenerator&gt; parser(&amp;vm, context, functionStart, functionLength, signature, info, moduleSignatureIndicesToUniquedSignatureIndices);
</span><span class="cx">     WASM_FAIL_IF_HELPER_FAILS(parser.parse());
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorewasmWasmFaultSignalHandlercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/wasm/WasmFaultSignalHandler.cpp (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/wasm/WasmFaultSignalHandler.cpp        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/wasm/WasmFaultSignalHandler.cpp        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -33,6 +33,7 @@
</span><span class="cx"> #include &quot;VM.h&quot;
</span><span class="cx"> #include &quot;WasmExceptionType.h&quot;
</span><span class="cx"> #include &quot;WasmMemory.h&quot;
</span><ins>+#include &quot;WasmThunks.h&quot;
</ins><span class="cx"> 
</span><span class="cx"> #include &lt;signal.h&gt;
</span><span class="cx"> #include &lt;wtf/Lock.h&gt;
</span><span class="lines">@@ -49,7 +50,7 @@
</span><span class="cx"> static struct sigaction oldSigSegvHandler;
</span><span class="cx"> static bool fastHandlerInstalled { false };
</span><span class="cx"> static StaticLock codeLocationsLock;
</span><del>-static LazyNeverDestroyed&lt;HashSet&lt;std::tuple&lt;VM*, void*, void*&gt;&gt;&gt; codeLocations; // (vm, start, end)
</del><ins>+static LazyNeverDestroyed&lt;HashSet&lt;std::tuple&lt;void*, void*&gt;&gt;&gt; codeLocations; // (start, end)
</ins><span class="cx"> 
</span><span class="cx"> static void trapHandler(int signal, siginfo_t* sigInfo, void* ucontext)
</span><span class="cx"> {
</span><span class="lines">@@ -81,14 +82,13 @@
</span><span class="cx">             dataLogLnIf(verbose, &quot;found active fast memory for faulting address&quot;);
</span><span class="cx">             LockHolder locker(codeLocationsLock);
</span><span class="cx">             for (auto range : codeLocations.get()) {
</span><del>-                VM* vm;
</del><span class="cx">                 void* start;
</span><span class="cx">                 void* end;
</span><del>-                std::tie(vm, start, end) = range;
</del><ins>+                std::tie(start, end) = range;
</ins><span class="cx">                 dataLogLnIf(verbose, &quot;function start: &quot;, RawPointer(start), &quot; end: &quot;, RawPointer(end));
</span><span class="cx">                 if (start &lt;= faultingInstruction &amp;&amp; faultingInstruction &lt; end) {
</span><span class="cx">                     dataLogLnIf(verbose, &quot;found match&quot;);
</span><del>-                    MacroAssemblerCodeRef exceptionStub = vm-&gt;jitStubs-&gt;existingCTIStub(throwExceptionFromWasmThunkGenerator);
</del><ins>+                    MacroAssemblerCodeRef exceptionStub = Thunks::singleton().existingStub(throwExceptionFromWasmThunkGenerator);
</ins><span class="cx">                     // If for whatever reason we don't have a stub then we should just treat this like a regular crash.
</span><span class="cx">                     if (!exceptionStub)
</span><span class="cx">                         break;
</span><span class="lines">@@ -108,20 +108,20 @@
</span><span class="cx">         sigaction(signal, &amp;oldSigSegvHandler, nullptr);
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-void registerCode(VM&amp; vm, void* start, void* end)
</del><ins>+void registerCode(void* start, void* end)
</ins><span class="cx"> {
</span><span class="cx">     if (!fastMemoryEnabled())
</span><span class="cx">         return;
</span><span class="cx">     LockHolder locker(codeLocationsLock);
</span><del>-    codeLocations-&gt;add(std::make_tuple(&amp;vm, start, end));
</del><ins>+    codeLocations-&gt;add(std::make_tuple(start, end));
</ins><span class="cx"> }
</span><span class="cx"> 
</span><del>-void unregisterCode(VM&amp; vm, void* start, void* end)
</del><ins>+void unregisterCode(void* start, void* end)
</ins><span class="cx"> {
</span><span class="cx">     if (!fastMemoryEnabled())
</span><span class="cx">         return;
</span><span class="cx">     LockHolder locker(codeLocationsLock);
</span><del>-    codeLocations-&gt;remove(std::make_tuple(&amp;vm, start, end));
</del><ins>+    codeLocations-&gt;remove(std::make_tuple(start, end));
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> bool fastMemoryEnabled()
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorewasmWasmFaultSignalHandlerh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/wasm/WasmFaultSignalHandler.h (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/wasm/WasmFaultSignalHandler.h        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/wasm/WasmFaultSignalHandler.h        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -31,8 +31,8 @@
</span><span class="cx"> 
</span><span class="cx"> namespace Wasm {
</span><span class="cx"> 
</span><del>-void registerCode(VM&amp;, void* start, void* end);
-void unregisterCode(VM&amp;, void* start, void* end);
</del><ins>+void registerCode(void* start, void* end);
+void unregisterCode(void* start, void* end);
</ins><span class="cx"> 
</span><span class="cx"> bool fastMemoryEnabled();
</span><span class="cx"> JS_EXPORT_PRIVATE void enableFastMemory();
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorewasmWasmMemorycpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/wasm/WasmMemory.cpp (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/wasm/WasmMemory.cpp        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/wasm/WasmMemory.cpp        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -30,6 +30,7 @@
</span><span class="cx"> 
</span><span class="cx"> #include &quot;VM.h&quot;
</span><span class="cx"> #include &quot;WasmFaultSignalHandler.h&quot;
</span><ins>+#include &quot;WasmThunks.h&quot;
</ins><span class="cx"> 
</span><span class="cx"> #include &lt;wtf/HexNumber.h&gt;
</span><span class="cx"> #include &lt;wtf/NeverDestroyed.h&gt;
</span><span class="lines">@@ -131,7 +132,7 @@
</span><span class="cx">         return fail();
</span><span class="cx"> 
</span><span class="cx">     // We need to be sure we have a stub prior to running code.
</span><del>-    if (UNLIKELY(!vm.getCTIStub(throwExceptionFromWasmThunkGenerator).size()))
</del><ins>+    if (UNLIKELY(!Thunks::singleton().stub(throwExceptionFromWasmThunkGenerator)))
</ins><span class="cx">         return fail();
</span><span class="cx"> 
</span><span class="cx">     ASSERT(allocatedFastMemories &lt;= maxFastMemories);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorewasmWasmThunkscpp"></a>
<div class="addfile"><h4>Added: trunk/Source/JavaScriptCore/wasm/WasmThunks.cpp (0 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/wasm/WasmThunks.cpp                                (rev 0)
+++ trunk/Source/JavaScriptCore/wasm/WasmThunks.cpp        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -0,0 +1,117 @@
</span><ins>+/*
+ * Copyright (C) 2017 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include &quot;config.h&quot;
+#include &quot;WasmThunks.h&quot;
+
+#if ENABLE(WEBASSEMBLY)
+
+#include &quot;CCallHelpers.h&quot;
+#include &quot;FrameTracers.h&quot;
+#include &quot;HeapCellInlines.h&quot;
+#include &quot;JITExceptions.h&quot;
+#include &quot;JSWebAssemblyInstance.h&quot;
+#include &quot;JSWebAssemblyRuntimeError.h&quot;
+#include &quot;LinkBuffer.h&quot;
+#include &quot;WasmContext.h&quot;
+#include &quot;WasmExceptionType.h&quot;
+
+namespace JSC { namespace Wasm {
+
+MacroAssemblerCodeRef throwExceptionFromWasmThunkGenerator()
+{
+    CCallHelpers jit;
+
+    // The thing that jumps here must move ExceptionType into the argumentGPR1 before jumping here.
+    // We're allowed to use temp registers here. We are not allowed to use callee saves.
+    jit.loadWasmContext(GPRInfo::argumentGPR2);
+    jit.loadPtr(CCallHelpers::Address(GPRInfo::argumentGPR2, Context::offsetOfVM()), GPRInfo::argumentGPR0);
+    jit.copyCalleeSavesToVMEntryFrameCalleeSavesBuffer(GPRInfo::argumentGPR0);
+    jit.move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
+    CCallHelpers::Call call = jit.call();
+    jit.jump(GPRInfo::returnValueGPR);
+    jit.breakpoint(); // We should not reach this.
+
+    void* (*throwWasmException)(ExecState*, Wasm::ExceptionType, Wasm::Context*) = [] (ExecState* exec, Wasm::ExceptionType type, Wasm::Context* wasmContext) -&gt; void* {
+        VM* vm = wasmContext-&gt;vm();
+        NativeCallFrameTracer tracer(vm, exec);
+
+        {
+            auto throwScope = DECLARE_THROW_SCOPE(*vm);
+            JSGlobalObject* globalObject = wasmContext-&gt;globalObject();
+
+            JSWebAssemblyRuntimeError* error = JSWebAssemblyRuntimeError::create(
+                exec, *vm, globalObject-&gt;WebAssemblyRuntimeErrorStructure(), Wasm::errorMessageForExceptionType(type));
+            throwException(exec, throwScope, error);
+        }
+
+        genericUnwind(vm, exec);
+        ASSERT(!!vm-&gt;callFrameForCatch);
+        ASSERT(!!vm-&gt;targetMachinePCForThrow);
+        return vm-&gt;targetMachinePCForThrow;
+    };
+
+    LinkBuffer linkBuffer(jit, GLOBAL_THUNK_ID);
+    linkBuffer.link(call, throwWasmException);
+    return FINALIZE_CODE(linkBuffer, (&quot;Throw exception from Wasm&quot;));
+}
+
+static Thunks* thunks;
+void Thunks::initialize()
+{
+    thunks = new Thunks;
+}
+
+Thunks&amp; Thunks::singleton()
+{
+    ASSERT(thunks);
+    return *thunks;
+}
+
+MacroAssemblerCodeRef Thunks::stub(ThunkGenerator generator)
+{
+    auto locker = holdLock(m_lock);
+
+    ASSERT(!!generator);
+    auto addResult = m_stubs.add(generator, MacroAssemblerCodeRef());
+    if (addResult.isNewEntry)
+        addResult.iterator-&gt;value = generator();
+    return addResult.iterator-&gt;value;
+}
+
+MacroAssemblerCodeRef Thunks::existingStub(ThunkGenerator generator)
+{
+    auto locker = holdLock(m_lock);
+
+    auto iter = m_stubs.find(generator);
+    if (iter != m_stubs.end())
+        return iter-&gt;value;
+
+    return MacroAssemblerCodeRef();
+}
+
+} } // namespace JSC::Wasm
+
+#endif // ENABLE(WEBASSEMBLY)
</ins></span></pre></div>
<a id="trunkSourceJavaScriptCorewasmWasmThunkshfromrev214644trunkSourceJavaScriptCorewasmWasmFaultSignalHandlerh"></a>
<div class="copfile"><h4>Copied: trunk/Source/JavaScriptCore/wasm/WasmThunks.h (from rev 214644, trunk/Source/JavaScriptCore/wasm/WasmFaultSignalHandler.h) (0 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/wasm/WasmThunks.h                                (rev 0)
+++ trunk/Source/JavaScriptCore/wasm/WasmThunks.h        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -0,0 +1,55 @@
</span><ins>+/*
+ * Copyright (C) 2017 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#if ENABLE(WEBASSEMBLY)
+
+#include &quot;MacroAssemblerCodeRef.h&quot;
+
+namespace JSC { namespace Wasm {
+
+MacroAssemblerCodeRef throwExceptionFromWasmThunkGenerator();
+
+typedef MacroAssemblerCodeRef (*ThunkGenerator)();
+
+class Thunks {
+public:
+    static void initialize();
+    static Thunks&amp; singleton();
+
+    MacroAssemblerCodeRef stub(ThunkGenerator);
+    MacroAssemblerCodeRef existingStub(ThunkGenerator);
+
+private:
+    Thunks() = default;
+
+    HashMap&lt;ThunkGenerator, MacroAssemblerCodeRef&gt; m_stubs;
+    Lock m_lock;
+};
+
+} } // namespace JSC::Wasm
+
+#endif // ENABLE(WEBASSEMBLY)
</ins></span></pre></div>
<a id="trunkSourceJavaScriptCorewasmjsJSWebAssemblyCalleecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyCallee.cpp (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyCallee.cpp        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyCallee.cpp        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -44,13 +44,13 @@
</span><span class="cx">     Base::finishCreation(vm);
</span><span class="cx"> 
</span><span class="cx">     m_entrypoint = WTFMove(entrypoint);
</span><del>-    Wasm::registerCode(vm, m_entrypoint.compilation-&gt;codeRef().executableMemory()-&gt;start(), m_entrypoint.compilation-&gt;codeRef().executableMemory()-&gt;end());
</del><ins>+    Wasm::registerCode(m_entrypoint.compilation-&gt;codeRef().executableMemory()-&gt;start(), m_entrypoint.compilation-&gt;codeRef().executableMemory()-&gt;end());
</ins><span class="cx"> }
</span><span class="cx"> 
</span><span class="cx"> void JSWebAssemblyCallee::destroy(JSCell* cell)
</span><span class="cx"> {
</span><span class="cx">     JSWebAssemblyCallee* thisObject = static_cast&lt;JSWebAssemblyCallee*&gt;(cell);
</span><del>-    Wasm::unregisterCode(*cell-&gt;vm(), thisObject-&gt;m_entrypoint.compilation-&gt;codeRef().executableMemory()-&gt;start(), thisObject-&gt;m_entrypoint.compilation-&gt;codeRef().executableMemory()-&gt;end());
</del><ins>+    Wasm::unregisterCode(thisObject-&gt;m_entrypoint.compilation-&gt;codeRef().executableMemory()-&gt;start(), thisObject-&gt;m_entrypoint.compilation-&gt;codeRef().executableMemory()-&gt;end());
</ins><span class="cx">     thisObject-&gt;JSWebAssemblyCallee::~JSWebAssemblyCallee();
</span><span class="cx"> }
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorewasmjsJSWebAssemblyInstancecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.cpp (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.cpp        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.cpp        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -51,6 +51,7 @@
</span><span class="cx"> 
</span><span class="cx"> JSWebAssemblyInstance::JSWebAssemblyInstance(VM&amp; vm, Structure* structure, unsigned numImportFunctions)
</span><span class="cx">     : Base(vm, structure)
</span><ins>+    , m_vm(&amp;vm)
</ins><span class="cx">     , m_numImportFunctions(numImportFunctions)
</span><span class="cx"> {
</span><span class="cx">     memset(importFunctions(), 0, m_numImportFunctions * sizeof(WriteBarrier&lt;JSObject&gt;));
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorewasmjsJSWebAssemblyInstanceh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.h (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.h        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.h        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -78,6 +78,7 @@
</span><span class="cx">     static ptrdiff_t offsetOfTable() { return OBJECT_OFFSETOF(JSWebAssemblyInstance, m_table); }
</span><span class="cx">     static ptrdiff_t offsetOfCallee() { return OBJECT_OFFSETOF(JSWebAssemblyInstance, m_callee); }
</span><span class="cx">     static ptrdiff_t offsetOfGlobals() { return OBJECT_OFFSETOF(JSWebAssemblyInstance, m_globals); }
</span><ins>+    static ptrdiff_t offsetOfVM() { return OBJECT_OFFSETOF(JSWebAssemblyInstance, m_vm); }
</ins><span class="cx">     static size_t offsetOfImportFunctions() { return WTF::roundUpToMultipleOf&lt;sizeof(WriteBarrier&lt;JSCell&gt;)&gt;(sizeof(JSWebAssemblyInstance)); }
</span><span class="cx">     static size_t offsetOfImportFunction(size_t importFunctionNum) { return offsetOfImportFunctions() + importFunctionNum * sizeof(sizeof(WriteBarrier&lt;JSCell&gt;)); }
</span><span class="cx"> 
</span><span class="lines">@@ -93,6 +94,7 @@
</span><span class="cx">     }
</span><span class="cx"> 
</span><span class="cx"> private:
</span><ins>+    VM* m_vm;
</ins><span class="cx">     WriteBarrier&lt;JSObject&gt;* importFunctions() { return bitwise_cast&lt;WriteBarrier&lt;JSObject&gt;*&gt;(bitwise_cast&lt;char*&gt;(this) + offsetOfImportFunctions()); }
</span><span class="cx"> 
</span><span class="cx">     WriteBarrier&lt;JSWebAssemblyModule&gt; m_module;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorewasmjsJSWebAssemblyMemorycpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyMemory.cpp (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyMemory.cpp        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyMemory.cpp        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -73,9 +73,9 @@
</span><span class="cx">     return m_bufferWrapper.get();
</span><span class="cx"> }
</span><span class="cx"> 
</span><del>-Wasm::PageCount JSWebAssemblyMemory::grow(ExecState* exec, uint32_t delta, bool shouldThrowExceptionsOnFailure)
</del><ins>+Wasm::PageCount JSWebAssemblyMemory::grow(VM&amp; vm, ExecState* exec, uint32_t delta, bool shouldThrowExceptionsOnFailure)
</ins><span class="cx"> {
</span><del>-    VM&amp; vm = exec-&gt;vm();
</del><ins>+    // Note: We can only use exec if shouldThrowExceptionsOnFailure is true.
</ins><span class="cx">     auto throwScope = DECLARE_THROW_SCOPE(vm);
</span><span class="cx"> 
</span><span class="cx">     Wasm::PageCount oldPageCount = memory().sizeInPages();
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorewasmjsJSWebAssemblyMemoryh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyMemory.h (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyMemory.h        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyMemory.h        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -48,7 +48,7 @@
</span><span class="cx"> 
</span><span class="cx">     Wasm::Memory&amp; memory() { return m_memory.get(); }
</span><span class="cx">     JSArrayBuffer* buffer(VM&amp; vm, JSGlobalObject*);
</span><del>-    Wasm::PageCount grow(ExecState*, uint32_t delta, bool shouldThrowExceptionsOnFailure);
</del><ins>+    Wasm::PageCount grow(VM&amp;, ExecState*, uint32_t delta, bool shouldThrowExceptionsOnFailure);
</ins><span class="cx"> 
</span><span class="cx">     static ptrdiff_t offsetOfMemory() { return OBJECT_OFFSETOF(JSWebAssemblyMemory, m_memoryBase); }
</span><span class="cx">     static ptrdiff_t offsetOfSize() { return OBJECT_OFFSETOF(JSWebAssemblyMemory, m_memorySize); }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorewasmjsWebAssemblyMemoryPrototypecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/wasm/js/WebAssemblyMemoryPrototype.cpp (214644 => 214645)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/wasm/js/WebAssemblyMemoryPrototype.cpp        2017-03-31 00:51:51 UTC (rev 214644)
+++ trunk/Source/JavaScriptCore/wasm/js/WebAssemblyMemoryPrototype.cpp        2017-03-31 01:15:25 UTC (rev 214645)
</span><span class="lines">@@ -79,7 +79,7 @@
</span><span class="cx">     RETURN_IF_EXCEPTION(throwScope, { });
</span><span class="cx"> 
</span><span class="cx">     bool shouldThrowExceptionsOnFailure = true;
</span><del>-    Wasm::PageCount result = memory-&gt;grow(exec, delta, shouldThrowExceptionsOnFailure);
</del><ins>+    Wasm::PageCount result = memory-&gt;grow(vm, exec, delta, shouldThrowExceptionsOnFailure);
</ins><span class="cx">     RETURN_IF_EXCEPTION(throwScope, { });
</span><span class="cx"> 
</span><span class="cx">     return JSValue::encode(jsNumber(result.pageCount()));
</span></span></pre>
</div>
</div>

</body>
</html>