WebKit side of merge from r41149 to r41181.

JavaScriptCore/jit/JIT.cpp

 /*
  * Copyright (C) 2008, 2009 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
@@ skipping 603 matching lines @@
             // We check the value as if it was a uint32 against the m_fastAccessCutoff - which will always fail if
             // number was signed since m_fastAccessCutoff is always less than intmax (since the total allocation
             // size is always less than 4Gb).  As such zero extending wil have been correct (and extending the value
             // to 64-bits is necessary since it's used in the address calculation.  We zero extend rather than sign
             // extending since it makes it easier to re-tag the value in the slow case.
             zeroExtend32ToPtr(regT1, regT1);
 #else
             emitFastArithImmToInt(regT1);
 #endif
             emitJumpSlowCaseIfNotJSCell(regT0);
-            addSlowCase(branchPtr(NotEqual, Address(regT0), ImmPtr(m_interpreter->m_jsArrayVptr)));
+            addSlowCase(branchPtr(NotEqual, Address(regT0), ImmPtr(m_globalData->jsArrayVPtr)));
 
             // This is an array; get the m_storage pointer into ecx, then check if the index is below the fast cutoff
             loadPtr(Address(regT0, FIELD_OFFSET(JSArray, m_storage)), regT2);
             addSlowCase(branch32(AboveOrEqual, regT1, Address(regT0, FIELD_OFFSET(JSArray, m_fastAccessCutoff))));
 
             // Get the value from the vector
             loadPtr(BaseIndex(regT2, regT1, ScalePtr, FIELD_OFFSET(ArrayStorage, m_vector[0])), regT0);
             emitPutVirtualRegister(currentInstruction[1].u.operand);
             NEXT_OPCODE(op_get_by_val);
         }
@@ skipping 12 matching lines @@
         case op_put_by_val: {
             emitGetVirtualRegisters(currentInstruction[1].u.operand, regT0, currentInstruction[2].u.operand, regT1);
             emitJumpSlowCaseIfNotImmediateInteger(regT1);
 #if USE(ALTERNATE_JSIMMEDIATE)
             // See comment in op_get_by_val.
             zeroExtend32ToPtr(regT1, regT1);
 #else
             emitFastArithImmToInt(regT1);
 #endif
             emitJumpSlowCaseIfNotJSCell(regT0);
-            addSlowCase(branchPtr(NotEqual, Address(regT0), ImmPtr(m_interpreter->m_jsArrayVptr)));
+            addSlowCase(branchPtr(NotEqual, Address(regT0), ImmPtr(m_globalData->jsArrayVPtr)));
 
             // This is an array; get the m_storage pointer into ecx, then check if the index is below the fast cutoff
             loadPtr(Address(regT0, FIELD_OFFSET(JSArray, m_storage)), regT2);
             Jump inFastVector = branch32(Below, regT1, Address(regT0, FIELD_OFFSET(JSArray, m_fastAccessCutoff)));
             // No; oh well, check if the access if within the vector - if so, we may still be okay.
             addSlowCase(branch32(AboveOrEqual, regT1, Address(regT2, FIELD_OFFSET(ArrayStorage, m_vectorLength))));
 
             // This is a write to the slow part of the vector; first, we have to check if this would be the first write to this location.
             // FIXME: should be able to handle initial write to array; increment the the number of items in the array, and potentially update fast access cutoff. 
             addSlowCase(branchTestPtr(Zero, BaseIndex(regT2, regT1, ScalePtr, FIELD_OFFSET(ArrayStorage, m_vector[0]))));
@@ skipping 996 matching lines @@
         emitCTICall(JITStubs::cti_register_file_check);
 #ifndef NDEBUG
         // reset this, in order to guard it's use with asserts
         m_bytecodeIndex = (unsigned)-1;
 #endif
         jump(afterRegisterFileCheck);
     }
 
     ASSERT(m_jmpTable.isEmpty());
 
-    RefPtr<ExecutablePool> allocator = m_globalData->poolForSize(m_assembler.size());
+    RefPtr<ExecutablePool> allocator = m_globalData->executableAllocator.poolForSize(m_assembler.size());
     void* code = m_assembler.executableCopy(allocator.get());
     JITCodeRef codeRef(code, allocator);
 #ifndef NDEBUG
     codeRef.codeSize = m_assembler.size();
 #endif
 
     PatchBuffer patchBuffer(code);
 
     // Translate vPC offsets into addresses in JIT generated code, for switch tables.
     for (unsigned i = 0; i < m_switches.size(); ++i) {
@@ skipping 56 matching lines @@
         info.callReturnLocation = patchBuffer.locationOfNearCall(m_callStructureStubCompilationInfo[i].callReturnLocation);
         info.hotPathBegin = patchBuffer.locationOf(m_callStructureStubCompilationInfo[i].hotPathBegin);
         info.hotPathOther = patchBuffer.locationOfNearCall(m_callStructureStubCompilationInfo[i].hotPathOther);
         info.coldPathOther = patchBuffer.locationOf(m_callStructureStubCompilationInfo[i].coldPathOther);
     }
 #endif
 
     m_codeBlock->setJITCode(codeRef);
 }
 
-void JIT::privateCompileCTIMachineTrampolines()
+void JIT::privateCompileCTIMachineTrampolines(RefPtr<ExecutablePool>* executablePool, void** ctiArrayLengthTrampoline, void** ctiStringLengthTrampoline, void** ctiVirtualCallPreLink, void** ctiVirtualCallLink, void** ctiVirtualCall)
 {
 #if ENABLE(JIT_OPTIMIZE_PROPERTY_ACCESS)
     // (1) The first function provides fast property access for array length
     Label arrayLengthBegin = align();
 
     // Check eax is an array
     Jump array_failureCases1 = emitJumpIfNotJSCell(regT0);
-    Jump array_failureCases2 = branchPtr(NotEqual, Address(regT0), ImmPtr(m_interpreter->m_jsArrayVptr));
+    Jump array_failureCases2 = branchPtr(NotEqual, Address(regT0), ImmPtr(m_globalData->jsArrayVPtr));
 
     // Checks out okay! - get the length from the storage
     loadPtr(Address(regT0, FIELD_OFFSET(JSArray, m_storage)), regT0);
     load32(Address(regT0, FIELD_OFFSET(ArrayStorage, m_length)), regT0);
 
     Jump array_failureCases3 = branch32(Above, regT0, Imm32(JSImmediate::maxImmediateInt));
 
     // regT0 contains a 64 bit value (is positive, is zero extended) so we don't need sign extend here.
     emitFastArithIntToImmNoCheck(regT0, regT0);
 
     ret();
 
     // (2) The second function provides fast property access for string length
     Label stringLengthBegin = align();
 
     // Check eax is a string
     Jump string_failureCases1 = emitJumpIfNotJSCell(regT0);
-    Jump string_failureCases2 = branchPtr(NotEqual, Address(regT0), ImmPtr(m_interpreter->m_jsStringVptr));
+    Jump string_failureCases2 = branchPtr(NotEqual, Address(regT0), ImmPtr(m_globalData->jsStringVPtr));
 
     // Checks out okay! - get the length from the Ustring.
     loadPtr(Address(regT0, FIELD_OFFSET(JSString, m_value) + FIELD_OFFSET(UString, m_rep)), regT0);
     load32(Address(regT0, FIELD_OFFSET(UString::Rep, len)), regT0);
 
     Jump string_failureCases3 = branch32(Above, regT0, Imm32(JSImmediate::maxImmediateInt));
 
     // regT0 contains a 64 bit value (is positive, is zero extended) so we don't need sign extend here.
     emitFastArithIntToImmNoCheck(regT0, regT0);
     
@@ skipping 117 matching lines @@
 #if ENABLE(JIT_OPTIMIZE_PROPERTY_ACCESS)
     Call array_failureCases1Call = makeTailRecursiveCall(array_failureCases1);
     Call array_failureCases2Call = makeTailRecursiveCall(array_failureCases2);
     Call array_failureCases3Call = makeTailRecursiveCall(array_failureCases3);
     Call string_failureCases1Call = makeTailRecursiveCall(string_failureCases1);
     Call string_failureCases2Call = makeTailRecursiveCall(string_failureCases2);
     Call string_failureCases3Call = makeTailRecursiveCall(string_failureCases3);
 #endif
 
     // All trampolines constructed! copy the code, link up calls, and set the pointers on the Machine object.
-    m_interpreter->m_executablePool = m_globalData->poolForSize(m_assembler.size());
-    void* code = m_assembler.executableCopy(m_interpreter->m_executablePool.get());
+    *executablePool = m_globalData->executableAllocator.poolForSize(m_assembler.size());
+    void* code = m_assembler.executableCopy((*executablePool).get());
+
     PatchBuffer patchBuffer(code);
-
 #if ENABLE(JIT_OPTIMIZE_PROPERTY_ACCESS)
     patchBuffer.link(array_failureCases1Call, JITStubs::cti_op_get_by_id_array_fail);
     patchBuffer.link(array_failureCases2Call, JITStubs::cti_op_get_by_id_array_fail);
     patchBuffer.link(array_failureCases3Call, JITStubs::cti_op_get_by_id_array_fail);
     patchBuffer.link(string_failureCases1Call, JITStubs::cti_op_get_by_id_string_fail);
     patchBuffer.link(string_failureCases2Call, JITStubs::cti_op_get_by_id_string_fail);
     patchBuffer.link(string_failureCases3Call, JITStubs::cti_op_get_by_id_string_fail);
 
-    m_interpreter->m_ctiArrayLengthTrampoline = patchBuffer.trampolineAt(arrayLengthBegin);
-    m_interpreter->m_ctiStringLengthTrampoline = patchBuffer.trampolineAt(stringLengthBegin);
+    *ctiArrayLengthTrampoline = patchBuffer.trampolineAt(arrayLengthBegin);
+    *ctiStringLengthTrampoline = patchBuffer.trampolineAt(stringLengthBegin);
+#else
+    UNUSED_PARAM(ctiArrayLengthTrampoline);
+    UNUSED_PARAM(ctiStringLengthTrampoline);
 #endif
     patchBuffer.link(callArityCheck1, JITStubs::cti_op_call_arityCheck);
     patchBuffer.link(callArityCheck2, JITStubs::cti_op_call_arityCheck);
     patchBuffer.link(callArityCheck3, JITStubs::cti_op_call_arityCheck);
     patchBuffer.link(callJSFunction1, JITStubs::cti_op_call_JSFunction);
     patchBuffer.link(callJSFunction2, JITStubs::cti_op_call_JSFunction);
     patchBuffer.link(callJSFunction3, JITStubs::cti_op_call_JSFunction);
     patchBuffer.link(callDontLazyLinkCall, JITStubs::cti_vm_dontLazyLinkCall);
     patchBuffer.link(callLazyLinkCall, JITStubs::cti_vm_lazyLinkCall);
 
-    m_interpreter->m_ctiVirtualCallPreLink = patchBuffer.trampolineAt(virtualCallPreLinkBegin);
-    m_interpreter->m_ctiVirtualCallLink = patchBuffer.trampolineAt(virtualCallLinkBegin);
-    m_interpreter->m_ctiVirtualCall = patchBuffer.trampolineAt(virtualCallBegin);
+    *ctiVirtualCallPreLink = patchBuffer.trampolineAt(virtualCallPreLinkBegin);
+    *ctiVirtualCallLink = patchBuffer.trampolineAt(virtualCallLinkBegin);
+    *ctiVirtualCall = patchBuffer.trampolineAt(virtualCallBegin);
 }
 
 void JIT::emitGetVariableObjectRegister(RegisterID variableObject, int index, RegisterID dst)
 {
     loadPtr(Address(variableObject, FIELD_OFFSET(JSVariableObject, d)), dst);
     loadPtr(Address(dst, FIELD_OFFSET(JSVariableObject::JSVariableObjectData, registers)), dst);
     loadPtr(Address(dst, index * sizeof(Register)), dst);
 }
 
 void JIT::emitPutVariableObjectRegister(RegisterID src, RegisterID variableObject, int index)
 {
     loadPtr(Address(variableObject, FIELD_OFFSET(JSVariableObject, d)), variableObject);
     loadPtr(Address(variableObject, FIELD_OFFSET(JSVariableObject::JSVariableObjectData, registers)), variableObject);
     storePtr(src, Address(variableObject, index * sizeof(Register)));
 }
 
 } // namespace JSC
 
 #endif // ENABLE(JIT)