Bug 797435 - Add rooting of IC stub IonCodes to OOL exit frames. (r=dvander)
authorKannan Vijayan <kvijayan@mozilla.com>
Wed, 03 Oct 2012 14:21:53 -0400
changeset 109204 1f6b48dea5fc708fc8c63b1cb84781cc04de909a
parent 109203 4cc97bf599621bcba726b8e45f29f34c5854bf64
child 109205 134f5b1d6d507199a8cc4be955b186fdcf27a984
push id82
push usershu@rfrn.org
push dateFri, 05 Oct 2012 13:20:22 +0000
reviewersdvander
bugs797435
milestone18.0a1
Bug 797435 - Add rooting of IC stub IonCodes to OOL exit frames. (r=dvander)
js/src/ion/IonFrames.cpp
js/src/ion/arm/IonFrames-arm.h
js/src/ion/shared/IonFrames-x86-shared.h
--- a/js/src/ion/IonFrames.cpp
+++ b/js/src/ion/IonFrames.cpp
@@ -545,23 +545,25 @@ MarkIonExitFrame(JSTracer *trc, const Io
         size_t len = native->argc() + 2;
         Value *vp = native->vp();
         gc::MarkValueRootRange(trc, len, vp, "ion-native-args");
         return;
     }
 
     if (frame.isOOLNativeGetter()) {
         IonOOLNativeGetterExitFrameLayout *oolgetter = frame.exitFrame()->oolNativeGetterExit();
+        gc::MarkIonCodeRoot(trc, oolgetter->stubCode(), "ion-ool-getter-code");
         gc::MarkValueRoot(trc, oolgetter->vp(), "ion-ool-getter-callee");
-        gc::MarkValueRoot(trc, oolgetter->vp() + 1, "ion-ool-getter-this");
+        gc::MarkValueRoot(trc, oolgetter->thisp(), "ion-ool-getter-this");
         return;
     }
  
     if (frame.isOOLPropertyOp()) {
         IonOOLPropertyOpExitFrameLayout *oolgetter = frame.exitFrame()->oolPropertyOpExit();
+        gc::MarkIonCodeRoot(trc, oolgetter->stubCode(), "ion-ool-property-op-code");
         gc::MarkValueRoot(trc, oolgetter->vp(), "ion-ool-property-op-vp");
         gc::MarkIdRoot(trc, oolgetter->id(), "ion-ool-property-op-id");
         gc::MarkObjectRoot(trc, oolgetter->obj(), "ion-ool-property-op-obj");
         return;
     }
 
     if (frame.isDOMExit()) {
         IonDOMExitFrameLayout *dom = frame.exitFrame()->DOMExit();
--- a/js/src/ion/arm/IonFrames-arm.h
+++ b/js/src/ion/arm/IonFrames-arm.h
@@ -265,27 +265,37 @@ class IonOOLNativeGetterExitFrameLayout
     // compiler may add some padding between the fields.
     uint32_t loCalleeResult_;
     uint32_t hiCalleeResult_;
 
     // The frame includes the object argument.
     uint32_t loThis_;
     uint32_t hiThis_;
 
+    // pointer to root the stub's IonCode
+    IonCode *stubCode_;
+
   public:
     static inline size_t Size() {
         return sizeof(IonOOLNativeGetterExitFrameLayout);
     }
 
     static size_t offsetOfResult() {
         return offsetof(IonOOLNativeGetterExitFrameLayout, loCalleeResult_);
     }
+
+    inline IonCode **stubCode() {
+        return &stubCode_;
+    }
     inline Value *vp() {
         return reinterpret_cast<Value*>(&loCalleeResult_);
     }
+    inline Value *thisp() {
+        return reinterpret_cast<Value*>(&loThis_);
+    }
     inline uintptr_t argc() const {
         return 0;
     }
 };
 
 class IonOOLPropertyOpExitFrameLayout
 {
     IonExitFooterFrame footer_;
@@ -297,24 +307,31 @@ class IonOOLPropertyOpExitFrameLayout
     // id for JSHandleId
     jsid id_;
 
     // space for JSMutableHandleValue result
     // use two uint32_t so compiler doesn't align.
     uint32_t vp0_;
     uint32_t vp1_;
 
+    // pointer to root the stub's IonCode
+    IonCode *stubCode_;
+
   public:
     static inline size_t Size() {
         return sizeof(IonOOLPropertyOpExitFrameLayout);
     }
 
     static size_t offsetOfResult() {
         return offsetof(IonOOLPropertyOpExitFrameLayout, vp0_);
     }
+
+    inline IonCode **stubCode() {
+        return &stubCode_;
+    }
     inline Value *vp() {
         return reinterpret_cast<Value*>(&vp0_);
     }
     inline jsid *id() {
         return &id_;
     }
     inline JSObject **obj() {
         return &obj_;
--- a/js/src/ion/shared/IonFrames-x86-shared.h
+++ b/js/src/ion/shared/IonFrames-x86-shared.h
@@ -246,31 +246,41 @@ class IonOOLNativeGetterExitFrameLayout
     IonExitFrameLayout exit_;
 
     // We need to split the Value into 2 fields of 32 bits, otherwise the C++
     // compiler may add some padding between the fields.
     uint32_t loCalleeResult_;
     uint32_t hiCalleeResult_;
 
     // The frame includes the object argument.
-    uint32_t loThisResult_;
-    uint32_t hiThisResult_;
+    uint32_t loThis_;
+    uint32_t hiThis_;
+
+    // pointer to root the stub's IonCode
+    IonCode *stubCode_;
 
   public:
     static inline size_t Size() {
         return sizeof(IonOOLNativeGetterExitFrameLayout);
     }
 
     static size_t offsetOfResult() {
         return offsetof(IonOOLNativeGetterExitFrameLayout, loCalleeResult_);
     }
 
+    inline IonCode **stubCode() {
+        return &stubCode_;
+    }
     inline Value *vp() {
         return reinterpret_cast<Value*>(&loCalleeResult_);
     }
+    inline Value *thisp() {
+        return reinterpret_cast<Value*>(&loThis_);
+    }
+
     inline uintptr_t argc() const {
         return 0;
     }
 };
 
 class IonOOLPropertyOpExitFrameLayout
 {
   protected: // only to silence a clang warning about unused private fields
@@ -283,25 +293,31 @@ class IonOOLPropertyOpExitFrameLayout
     // id for JSHandleId
     jsid id_;
 
     // space for JSMutableHandleValue result
     // use two uint32_t so compiler doesn't align.
     uint32_t vp0_;
     uint32_t vp1_;
 
+    // pointer to root the stub's IonCode
+    IonCode *stubCode_;
+
   public:
     static inline size_t Size() {
         return sizeof(IonOOLPropertyOpExitFrameLayout);
     }
 
     static size_t offsetOfResult() {
         return offsetof(IonOOLPropertyOpExitFrameLayout, vp0_);
     }
 
+    inline IonCode **stubCode() {
+        return &stubCode_;
+    }
     inline Value *vp() {
         return reinterpret_cast<Value*>(&vp0_);
     }
     inline jsid *id() {
         return &id_;
     }
     inline JSObject **obj() {
         return &obj_;