diff --git a/js/src/jscntxt.h b/js/src/jscntxt.h index bdd345256b9..1960582a214 100644 --- a/js/src/jscntxt.h +++ b/js/src/jscntxt.h @@ -97,6 +97,7 @@ typedef struct JSGSNCache { namespace nanojit { class Fragment; class Fragmento; + class LirBuffer; } class TraceRecorder; extern "C++" { template class Queue; } @@ -132,6 +133,7 @@ typedef struct JSTraceMonitor { /* Fragmento for the regular expression compiler. This is logically * a distinct compiler but needs to be managed in exactly the same * way as the real tracing Fragmento. */ + CLS(nanojit::LirBuffer) reLirBuf; CLS(nanojit::Fragmento) reFragmento; /* Keep a list of recorders we need to abort on cache flush. */ diff --git a/js/src/jsregexp.cpp b/js/src/jsregexp.cpp index bdc020f08e3..c390fec991a 100644 --- a/js/src/jsregexp.cpp +++ b/js/src/jsregexp.cpp @@ -2053,6 +2053,7 @@ class RegExpNativeCompiler { JSRegExp* re; CompilerState* cs; /* RegExp to compile */ Fragment* fragment; + LirBuffer* lirbuf; LirWriter* lir; LirBufWriter* lirBufWriter; /* for skip */ @@ -2424,8 +2425,7 @@ GetNativeRegExp(JSContext* cx, JSRegExp* re) return NULL; } else { fragment = fragmento->getAnchor(hash); - fragment->lirbuf = new (&gc) LirBuffer(fragmento, NULL); - /* required to have the onDestroy method delete the lirbuf. */ + fragment->lirbuf = JS_TRACE_MONITOR(cx).reLirBuf; fragment->root = fragment; } diff --git a/js/src/jstracer.cpp b/js/src/jstracer.cpp index 99f505c43a8..bbade644c5f 100644 --- a/js/src/jstracer.cpp +++ b/js/src/jstracer.cpp @@ -2699,7 +2699,7 @@ nanojit::LirNameMap::formatGuard(LIns *i, char *out) void nanojit::Fragment::onDestroy() { - if (root == this) { + if (root == this && lirbuf && !lirbuf->shared) { delete lirbuf; } delete (TreeInfo *)vmprivate; @@ -4034,6 +4034,8 @@ js_InitJIT(JSTraceMonitor *tm) Fragmento* fragmento = new (&gc) Fragmento(core, 20); verbose_only(fragmento->labels = new (&gc) LabelMap(core, NULL);) tm->reFragmento = fragmento; + tm->reLirBuf = new (&gc) LirBuffer(fragmento, NULL); + tm->reLirBuf->shared = true; } InitIMacroCode(); #if !defined XP_WIN @@ -4071,6 +4073,7 @@ js_FinishJIT(JSTraceMonitor *tm) tm->recoveryDoublePool = tm->recoveryDoublePoolPtr = NULL; } if (tm->reFragmento != NULL) { + delete tm->reLirBuf; verbose_only(delete tm->reFragmento->labels;) delete tm->reFragmento; } diff --git a/js/src/nanojit/LIR.cpp b/js/src/nanojit/LIR.cpp index cbf5e5811b6..856c124a6d1 100755 --- a/js/src/nanojit/LIR.cpp +++ b/js/src/nanojit/LIR.cpp @@ -88,7 +88,7 @@ namespace nanojit // LCompressedBuffer LirBuffer::LirBuffer(Fragmento* frago, const CallInfo* functions) - : _frago(frago), _pages(frago->core()->GetGC()), _functions(functions), abi(ABI_FASTCALL) + : _frago(frago), _pages(frago->core()->GetGC()), _functions(functions), abi(ABI_FASTCALL), shared(false) { clear(); Page* start = pageAlloc(); diff --git a/js/src/nanojit/LIR.h b/js/src/nanojit/LIR.h index bd0981345d7..9cfcbe30ae1 100644 --- a/js/src/nanojit/LIR.h +++ b/js/src/nanojit/LIR.h @@ -714,6 +714,8 @@ namespace nanojit LInsp state,param1,sp,rp; LInsp savedRegs[NumSavedRegs]; bool explicitSavedRegs; + + bool shared; protected: friend class LirBufWriter;