summaryrefslogtreecommitdiff
path: root/Source/JavaScriptCore
diff options
context:
space:
mode:
Diffstat (limited to 'Source/JavaScriptCore')
-rw-r--r--Source/JavaScriptCore/jit/JIT.cpp5
-rw-r--r--Source/JavaScriptCore/runtime/JSObject.cpp5
2 files changed, 9 insertions, 1 deletions
diff --git a/Source/JavaScriptCore/jit/JIT.cpp b/Source/JavaScriptCore/jit/JIT.cpp
index 8e003c782..9b46d8792 100644
--- a/Source/JavaScriptCore/jit/JIT.cpp
+++ b/Source/JavaScriptCore/jit/JIT.cpp
@@ -74,7 +74,7 @@ JIT::JIT(VM* vm, CodeBlock* codeBlock)
: m_interpreter(vm->interpreter)
, m_vm(vm)
, m_codeBlock(codeBlock)
- , m_labels(codeBlock ? codeBlock->numberOfInstructions() : 0)
+ , m_labels(0)
, m_bytecodeOffset((unsigned)-1)
, m_propertyAccessInstructionIndex(UINT_MAX)
, m_byValInstructionIndex(UINT_MAX)
@@ -96,6 +96,7 @@ JIT::JIT(VM* vm, CodeBlock* codeBlock)
, m_shouldEmitProfiling(false)
#endif
{
+ m_labels.reserveCapacity(codeBlock ? codeBlock->numberOfInstructions() : 0);
}
#if ENABLE(DFG_JIT)
@@ -174,6 +175,7 @@ void JIT::privateCompileMainPass()
m_globalResolveInfoIndex = 0;
m_callLinkInfoIndex = 0;
+ m_labels.resize(instructionCount);
for (m_bytecodeOffset = 0; m_bytecodeOffset < instructionCount; ) {
if (m_disassembler)
@@ -694,6 +696,7 @@ JITCode JIT::privateCompile(CodePtr* functionEntryArityCheck, JITCompilationEffo
if (patchBuffer.didFailToAllocate())
return JITCode();
+ ASSERT(m_labels.size() >= m_codeBlock->instructionCount());
// Translate vPC offsets into addresses in JIT generated code, for switch tables.
for (unsigned i = 0; i < m_switches.size(); ++i) {
SwitchRecord record = m_switches[i];
diff --git a/Source/JavaScriptCore/runtime/JSObject.cpp b/Source/JavaScriptCore/runtime/JSObject.cpp
index 5637e2090..bd5591986 100644
--- a/Source/JavaScriptCore/runtime/JSObject.cpp
+++ b/Source/JavaScriptCore/runtime/JSObject.cpp
@@ -1909,6 +1909,11 @@ void JSObject::putByIndexBeyondVectorLengthWithoutAttributes(ExecState* exec, un
}
}
+// Used in JSArray.cpp so we must instantiate explicit
+template void JSObject::putByIndexBeyondVectorLengthWithoutAttributes<Int32Shape>(ExecState* exec, unsigned i, JSValue value);
+template void JSObject::putByIndexBeyondVectorLengthWithoutAttributes<DoubleShape>(ExecState* exec, unsigned i, JSValue value);
+template void JSObject::putByIndexBeyondVectorLengthWithoutAttributes<ContiguousShape>(ExecState* exec, unsigned i, JSValue value);
+
void JSObject::putByIndexBeyondVectorLengthWithArrayStorage(ExecState* exec, unsigned i, JSValue value, bool shouldThrow, ArrayStorage* storage)
{
VM& vm = exec->vm();
View Lorry Controller Status