Changeset 44700 in webkit for trunk/JavaScriptCore

Timestamp:

Jun 15, 2009, 5:26:53 PM (16 years ago)

Author:

[email protected]

Message:

2009-06-15 Gavin Barraclough <​[email protected]>

Reviewed by Oliver Hunt.

Move repatching methods into a set of methods on a class. This will allow us to
coallesce memory reprotection calls. Really, we want this class to be called
PatchBuffer, we want the class PatchBuffer to be called LinkBuffer, we want both
to be memblers of MacroAssembler rather then AbstractMacroAssembler, we don't
want the CodeLocationFoo types anymore (they are now only really there to provide
type safety, and that is completely undermined by the way we use offsets). Then
the link & patch buffers should delegate the actual patching calls to the
architecture-specific layer of the MacroAssembler. Landing all these changes as a
sequence of patches.

No performance impact.

• assembler/AbstractMacroAssembler.h: (JSC::AbstractMacroAssembler::CodeLocationCall::CodeLocationCall): (JSC::AbstractMacroAssembler::CodeLocationNearCall::CodeLocationNearCall): (JSC::AbstractMacroAssembler::CodeLocationNearCall::calleeReturnAddressValue): (JSC::AbstractMacroAssembler::RepatchBuffer::RepatchBuffer): (JSC::AbstractMacroAssembler::RepatchBuffer::relink): (JSC::AbstractMacroAssembler::RepatchBuffer::repatch): (JSC::AbstractMacroAssembler::RepatchBuffer::relinkCallerToTrampoline): (JSC::AbstractMacroAssembler::RepatchBuffer::relinkCallerToFunction): (JSC::AbstractMacroAssembler::RepatchBuffer::relinkNearCallerToTrampoline): (JSC::AbstractMacroAssembler::RepatchBuffer::repatchLoadPtrToLEA):
• jit/JIT.cpp: (JSC::ctiPatchNearCallByReturnAddress): (JSC::ctiPatchCallByReturnAddress): (JSC::JIT::unlinkCall): (JSC::JIT::linkCall):
• jit/JITPropertyAccess.cpp: (JSC::JIT::privateCompilePutByIdTransition): (JSC::JIT::patchGetByIdSelf): (JSC::JIT::patchMethodCallProto): (JSC::JIT::patchPutByIdReplace): (JSC::JIT::privateCompilePatchGetArrayLength): (JSC::JIT::privateCompileGetByIdProto): (JSC::JIT::privateCompileGetByIdSelfList): (JSC::JIT::privateCompileGetByIdProtoList): (JSC::JIT::privateCompileGetByIdChainList): (JSC::JIT::privateCompileGetByIdChain):

Location:

trunk/JavaScriptCore

Files:

• ChangeLog (modified) (1 diff)
• assembler/AbstractMacroAssembler.h (modified) (20 diffs)
• jit/JIT.cpp (modified) (3 diffs)
• jit/JITPropertyAccess.cpp (modified) (10 diffs)

trunk/JavaScriptCore/ChangeLog

@@ +1 @@
+2009-06-15  Gavin Barraclough  <[email protected]>
+
+        Reviewed by Oliver Hunt.
+
+        Move repatching methods into a set of methods on a class.  This will allow us to
+        coallesce memory reprotection calls.  Really, we want this class to be called
+        PatchBuffer, we want the class PatchBuffer to be called LinkBuffer, we want both
+        to be memblers of MacroAssembler rather then AbstractMacroAssembler, we don't
+        want the CodeLocationFoo types anymore (they are now only really there to provide
+        type safety, and that is completely undermined by the way we use offsets).  Then
+        the link & patch buffers should delegate the actual patching calls to the
+        architecture-specific layer of the MacroAssembler.  Landing all these changes as a
+        sequence of patches.
+
+        No performance impact.
+
+        * assembler/AbstractMacroAssembler.h:
+        (JSC::AbstractMacroAssembler::CodeLocationCall::CodeLocationCall):
+        (JSC::AbstractMacroAssembler::CodeLocationNearCall::CodeLocationNearCall):
+        (JSC::AbstractMacroAssembler::CodeLocationNearCall::calleeReturnAddressValue):
+        (JSC::AbstractMacroAssembler::RepatchBuffer::RepatchBuffer):
+        (JSC::AbstractMacroAssembler::RepatchBuffer::relink):
+        (JSC::AbstractMacroAssembler::RepatchBuffer::repatch):
+        (JSC::AbstractMacroAssembler::RepatchBuffer::relinkCallerToTrampoline):
+        (JSC::AbstractMacroAssembler::RepatchBuffer::relinkCallerToFunction):
+        (JSC::AbstractMacroAssembler::RepatchBuffer::relinkNearCallerToTrampoline):
+        (JSC::AbstractMacroAssembler::RepatchBuffer::repatchLoadPtrToLEA):
+        * jit/JIT.cpp:
+        (JSC::ctiPatchNearCallByReturnAddress):
+        (JSC::ctiPatchCallByReturnAddress):
+        (JSC::JIT::unlinkCall):
+        (JSC::JIT::linkCall):
+        * jit/JITPropertyAccess.cpp:
+        (JSC::JIT::privateCompilePutByIdTransition):
+        (JSC::JIT::patchGetByIdSelf):
+        (JSC::JIT::patchMethodCallProto):
+        (JSC::JIT::patchPutByIdReplace):
+        (JSC::JIT::privateCompilePatchGetArrayLength):
+        (JSC::JIT::privateCompileGetByIdProto):
+        (JSC::JIT::privateCompileGetByIdSelfList):
+        (JSC::JIT::privateCompileGetByIdProtoList):
+        (JSC::JIT::privateCompileGetByIdChainList):
+        (JSC::JIT::privateCompileGetByIdChain):
+
 2009-06-15  Gavin Barraclough  <[email protected]>
 

trunk/JavaScriptCore/assembler/AbstractMacroAssembler.h

@@ -50 +50 @@
     class Jump;
     class PatchBuffer;
+    class RepatchBuffer;
     class CodeLocationInstruction;
     class CodeLocationLabel;
@@ -429 +430 @@
     // instruction stream, without any semantic information.
     class CodeLocationCommon {
+        friend class RepatchBuffer;
+
     public:
         CodeLocationCommon()
@@ -469 +472 @@
     // An arbitrary instruction in the JIT code.
     class CodeLocationInstruction : public CodeLocationCommon {
-        friend class CodeLocationCommon;
     public:
         CodeLocationInstruction()
@@ -475 +477 @@
         }
 
-        void repatchLoadPtrToLEA()
-        {
-            AssemblerType::repatchLoadPtrToLEA(this->dataLocation());
-        }
-
-    private:
         explicit CodeLocationInstruction(void* location)
             : CodeLocationCommon(CodePtr(location))
@@ -496 +492 @@
         friend class CodeLocationNearCall;
         friend class PatchBuffer;
+        friend class RepatchBuffer;
         friend class ProcessorReturnAddress;
 
@@ -542 +539 @@
         }
 
-        void relink(CodeLocationLabel destination)
-        {
-            AssemblerType::relinkJump(this->dataLocation(), destination.dataLocation());
-        }
-
-    private:
         explicit CodeLocationJump(void* location)
             : CodeLocationCommon(CodePtr(location))
@@ -558 +549 @@
     // A point in the JIT code at which there is a call instruction.
     class CodeLocationCall : public CodeLocationCommon {
-        friend class CodeLocationCommon;
-        friend class PatchBuffer;
-        friend class ProcessorReturnAddress;
     public:
         CodeLocationCall()
@@ -566 +554 @@
         }
 
-        void relink(CodeLocationLabel destination)
-        {
-#if PLATFORM(X86_64)
-            CodeLocationCommon::dataLabelPtrAtOffset(-REPTACH_OFFSET_CALL_R11).repatch(destination.executableAddress());
-#else
-            AssemblerType::relinkCall(this->dataLocation(), destination.executableAddress());
-#endif
-        }
-
-        void relink(FunctionPtr destination)
-        {
-#if PLATFORM(X86_64)
-            CodeLocationCommon::dataLabelPtrAtOffset(-REPTACH_OFFSET_CALL_R11).repatch(destination.executableAddress());
-#else
-            AssemblerType::relinkCall(this->dataLocation(), destination.executableAddress());
-#endif
+        explicit CodeLocationCall(CodePtr location)
+            : CodeLocationCommon(location)
+        {
+        }
+
+        explicit CodeLocationCall(void* location)
+            : CodeLocationCommon(CodePtr(location))
+        {
         }
 
@@ -591 +571 @@
         }
 
-    private:
-        explicit CodeLocationCall(CodePtr location)
-            : CodeLocationCommon(location)
-        {
-        }
-
-        explicit CodeLocationCall(void* location)
-            : CodeLocationCommon(CodePtr(location))
-        {
-        }
     };
 
@@ -607 +577 @@
     // A point in the JIT code at which there is a call instruction with near linkage.
     class CodeLocationNearCall : public CodeLocationCommon {
-        friend class CodeLocationCommon;
-        friend class PatchBuffer;
-        friend class ProcessorReturnAddress;
     public:
         CodeLocationNearCall()
@@ -615 +582 @@
         }
 
-        void relink(CodePtr destination)
-        {
-            AssemblerType::relinkCall(this->dataLocation(), destination.executableAddress());
-        }
-
-        void relink(CodeLocationLabel destination)
-        {
-            AssemblerType::relinkCall(this->dataLocation(), destination.executableAddress());
-        }
-
-        void relink(FunctionPtr destination)
-        {
-            AssemblerType::relinkCall(this->dataLocation(), destination.executableAddress());
+        explicit CodeLocationNearCall(CodePtr location)
+            : CodeLocationCommon(location)
+        {
+        }
+
+        explicit CodeLocationNearCall(void* location)
+            : CodeLocationCommon(CodePtr(location))
+        {
         }
 
@@ -636 +598 @@
             return this->executableAddress();
         }
-
-    private:
-        explicit CodeLocationNearCall(CodePtr location)
-            : CodeLocationCommon(location)
-        {
-        }
-
-        explicit CodeLocationNearCall(void* location)
-            : CodeLocationCommon(CodePtr(location))
-        {
-        }
     };
 
@@ -653 +604 @@
     // A point in the JIT code at which there is an int32_t immediate that may be repatched.
     class CodeLocationDataLabel32 : public CodeLocationCommon {
-        friend class CodeLocationCommon;
-        friend class PatchBuffer;
     public:
         CodeLocationDataLabel32()
@@ -660 +609 @@
         }
 
-        void repatch(int32_t value)
-        {
-            AssemblerType::repatchInt32(this->dataLocation(), value);
-        }
-
-    private:
         explicit CodeLocationDataLabel32(void* location)
             : CodeLocationCommon(CodePtr(location))
@@ -676 +619 @@
     // A point in the JIT code at which there is a void* immediate that may be repatched.
     class CodeLocationDataLabelPtr : public CodeLocationCommon {
-        friend class CodeLocationCommon;
-        friend class PatchBuffer;
     public:
         CodeLocationDataLabelPtr()
@@ -683 +624 @@
         }
 
-        void repatch(void* value)
-        {
-            AssemblerType::repatchPointer(this->dataLocation(), value);
-        }
-
-    private:
         explicit CodeLocationDataLabelPtr(void* location)
             : CodeLocationCommon(CodePtr(location))
@@ -699 +634 @@
     // This class can be used to relink a call identified by its return address.
     class ProcessorReturnAddress {
-        friend class CodeLocationCall;
-        friend class CodeLocationNearCall;
     public:
         ProcessorReturnAddress(void* location)
@@ -707 +640 @@
         }
 
-        void relinkCallerToTrampoline(CodeLocationLabel label)
-        {
-            CodeLocationCall(CodePtr(m_location)).relink(label);
-        }
-        
-        void relinkCallerToTrampoline(CodePtr newCalleeFunction)
-        {
-            relinkCallerToTrampoline(CodeLocationLabel(newCalleeFunction));
-        }
-
-        void relinkCallerToFunction(FunctionPtr function)
-        {
-            CodeLocationCall(CodePtr(m_location)).relink(function);
-        }
-        
-        void relinkNearCallerToTrampoline(CodeLocationLabel label)
-        {
-            CodeLocationNearCall(CodePtr(m_location)).relink(label);
-        }
-        
-        void relinkNearCallerToTrampoline(CodePtr newCalleeFunction)
-        {
-            relinkNearCallerToTrampoline(CodeLocationLabel(newCalleeFunction));
-        }
-
         void* addressForLookup()
         {
@@ -737 +645 @@
         }
 
-    private:
         ReturnAddressPtr m_location;
     };
@@ -902 +809 @@
     };
 
+    class RepatchBuffer {
+    public:
+        RepatchBuffer()
+        {
+        }
+
+        void relink(CodeLocationJump jump, CodeLocationLabel destination)
+        {
+            AssemblerType::relinkJump(jump.dataLocation(), destination.dataLocation());
+        }
+
+        void relink(CodeLocationCall call, CodeLocationLabel destination)
+        {
+#if PLATFORM(X86_64)
+            repatch(call.dataLabelPtrAtOffset(-REPTACH_OFFSET_CALL_R11), destination.executableAddress());
+#else
+            AssemblerType::relinkCall(call.dataLocation(), destination.executableAddress());
+#endif
+        }
+
+        void relink(CodeLocationCall call, FunctionPtr destination)
+        {
+#if PLATFORM(X86_64)
+            repatch(call.dataLabelPtrAtOffset(-REPTACH_OFFSET_CALL_R11), destination.executableAddress());
+#else
+            AssemblerType::relinkCall(call.dataLocation(), destination.executableAddress());
+#endif
+        }
+
+        void relink(CodeLocationNearCall nearCall, CodePtr destination)
+        {
+            AssemblerType::relinkCall(nearCall.dataLocation(), destination.executableAddress());
+        }
+
+        void relink(CodeLocationNearCall nearCall, CodeLocationLabel destination)
+        {
+            AssemblerType::relinkCall(nearCall.dataLocation(), destination.executableAddress());
+        }
+
+        void relink(CodeLocationNearCall nearCall, FunctionPtr destination)
+        {
+            AssemblerType::relinkCall(nearCall.dataLocation(), destination.executableAddress());
+        }
+
+        void repatch(CodeLocationDataLabel32 dataLabel32, int32_t value)
+        {
+            AssemblerType::repatchInt32(dataLabel32.dataLocation(), value);
+        }
+
+        void repatch(CodeLocationDataLabelPtr dataLabelPtr, void* value)
+        {
+            AssemblerType::repatchPointer(dataLabelPtr.dataLocation(), value);
+        }
+
+        void relinkCallerToTrampoline(ProcessorReturnAddress returnAddress, CodeLocationLabel label)
+        {
+            relink(CodeLocationCall(CodePtr(returnAddress.m_location)), label);
+        }
+        
+        void relinkCallerToTrampoline(ProcessorReturnAddress returnAddress, CodePtr newCalleeFunction)
+        {
+            relinkCallerToTrampoline(returnAddress, CodeLocationLabel(newCalleeFunction));
+        }
+
+        void relinkCallerToFunction(ProcessorReturnAddress returnAddress, FunctionPtr function)
+        {
+            relink(CodeLocationCall(CodePtr(returnAddress.m_location)), function);
+        }
+        
+        void relinkNearCallerToTrampoline(ProcessorReturnAddress returnAddress, CodeLocationLabel label)
+        {
+            relink(CodeLocationNearCall(CodePtr(returnAddress.m_location)), label);
+        }
+        
+        void relinkNearCallerToTrampoline(ProcessorReturnAddress returnAddress, CodePtr newCalleeFunction)
+        {
+            relinkNearCallerToTrampoline(returnAddress, CodeLocationLabel(newCalleeFunction));
+        }
+
+        void repatchLoadPtrToLEA(CodeLocationInstruction instruction)
+        {
+            AssemblerType::repatchLoadPtrToLEA(instruction.dataLocation());
+        }
+    };
+
 
     // Section 5: Misc admin methods

trunk/JavaScriptCore/jit/JIT.cpp

@@ -49 +49 @@
 void ctiPatchNearCallByReturnAddress(MacroAssembler::ProcessorReturnAddress returnAddress, MacroAssemblerCodePtr newCalleeFunction)
 {
-    returnAddress.relinkNearCallerToTrampoline(newCalleeFunction);
+    MacroAssembler::RepatchBuffer repatchBuffer;
+    repatchBuffer.relinkNearCallerToTrampoline(returnAddress, newCalleeFunction);
 }
 
 void ctiPatchCallByReturnAddress(MacroAssembler::ProcessorReturnAddress returnAddress, MacroAssemblerCodePtr newCalleeFunction)
 {
-    returnAddress.relinkCallerToTrampoline(newCalleeFunction);
+    MacroAssembler::RepatchBuffer repatchBuffer;
+    repatchBuffer.relinkCallerToTrampoline(returnAddress, newCalleeFunction);
 }
 
 void ctiPatchCallByReturnAddress(MacroAssembler::ProcessorReturnAddress returnAddress, FunctionPtr newCalleeFunction)
 {
-    returnAddress.relinkCallerToFunction(newCalleeFunction);
+    MacroAssembler::RepatchBuffer repatchBuffer;
+    repatchBuffer.relinkCallerToFunction(returnAddress, newCalleeFunction);
 }
 
@@ -903 +906 @@
     // (and, if a new JSFunction happened to be constructed at the same location, we could get a false positive
     // match).  Reset the check so it no longer matches.
-    callLinkInfo->hotPathBegin.repatch(JSValue::encode(JSValue()));
+    RepatchBuffer repatchBuffer;
+    repatchBuffer.repatch(callLinkInfo->hotPathBegin, JSValue::encode(JSValue()));
 }
 
 void JIT::linkCall(JSFunction* callee, CodeBlock* calleeCodeBlock, JITCode& code, CallLinkInfo* callLinkInfo, int callerArgCount, JSGlobalData* globalData)
 {
+    RepatchBuffer repatchBuffer;
+
     // Currently we only link calls with the exact number of arguments.
     // If this is a native call calleeCodeBlock is null so the number of parameters is unimportant
@@ -916 +922 @@
             calleeCodeBlock->addCaller(callLinkInfo);
     
-        callLinkInfo->hotPathBegin.repatch(callee);
-        callLinkInfo->hotPathOther.relink(code.addressForCall());
+        repatchBuffer.repatch(callLinkInfo->hotPathBegin, callee);
+        repatchBuffer.relink(callLinkInfo->hotPathOther, code.addressForCall());
     }
 
     // patch the call so we do not continue to try to link.
-    callLinkInfo->callReturnLocation.relink(globalData->jitStubs.ctiVirtualCall());
+    repatchBuffer.relink(callLinkInfo->callReturnLocation, globalData->jitStubs.ctiVirtualCall());
 }
 

trunk/JavaScriptCore/jit/JITPropertyAccess.cpp

@@ -499 +499 @@
     CodeLocationLabel entryLabel = patchBuffer.finalizeCodeAddendum();
     stubInfo->stubRoutine = entryLabel;
-    returnAddress.relinkCallerToTrampoline(entryLabel);
+    RepatchBuffer repatchBuffer;
+    repatchBuffer.relinkCallerToTrampoline(returnAddress, entryLabel);
 }
 
 void JIT::patchGetByIdSelf(StructureStubInfo* stubInfo, Structure* structure, size_t cachedOffset, ProcessorReturnAddress returnAddress)
 {
+    RepatchBuffer repatchBuffer;
+
     // We don't want to patch more than once - in future go to cti_op_get_by_id_generic.
     // Should probably go to JITStubs::cti_op_get_by_id_fail, but that doesn't do anything interesting right now.
-    returnAddress.relinkCallerToFunction(FunctionPtr(JITStubs::cti_op_get_by_id_self_fail));
+    repatchBuffer.relinkCallerToFunction(returnAddress, FunctionPtr(JITStubs::cti_op_get_by_id_self_fail));
 
     int offset = sizeof(JSValue) * cachedOffset;
@@ -513 +516 @@
     // and makes the subsequent load's offset automatically correct
     if (structure->isUsingInlineStorage())
-        stubInfo->hotPathBegin.instructionAtOffset(patchOffsetGetByIdExternalLoad).repatchLoadPtrToLEA();
+        repatchBuffer.repatchLoadPtrToLEA(stubInfo->hotPathBegin.instructionAtOffset(patchOffsetGetByIdExternalLoad));
 
     // Patch the offset into the propoerty map to load from, then patch the Structure to look for.
-    stubInfo->hotPathBegin.dataLabelPtrAtOffset(patchOffsetGetByIdStructure).repatch(structure);
-    stubInfo->hotPathBegin.dataLabel32AtOffset(patchOffsetGetByIdPropertyMapOffset).repatch(offset);
+    repatchBuffer.repatch(stubInfo->hotPathBegin.dataLabelPtrAtOffset(patchOffsetGetByIdStructure), structure);
+    repatchBuffer.repatch(stubInfo->hotPathBegin.dataLabel32AtOffset(patchOffsetGetByIdPropertyMapOffset), offset);
 }
 
 void JIT::patchMethodCallProto(MethodCallLinkInfo& methodCallLinkInfo, JSFunction* callee, Structure* structure, JSObject* proto)
 {
+    RepatchBuffer repatchBuffer;
+
     ASSERT(!methodCallLinkInfo.cachedStructure);
     methodCallLinkInfo.cachedStructure = structure;
     structure->ref();
 
-    methodCallLinkInfo.structureLabel.repatch(structure);
-    methodCallLinkInfo.structureLabel.dataLabelPtrAtOffset(patchOffsetMethodCheckProtoObj).repatch(proto);
-    methodCallLinkInfo.structureLabel.dataLabelPtrAtOffset(patchOffsetMethodCheckProtoStruct).repatch(proto->structure());
-    methodCallLinkInfo.structureLabel.dataLabelPtrAtOffset(patchOffsetMethodCheckPutFunction).repatch(callee);
+    repatchBuffer.repatch(methodCallLinkInfo.structureLabel, structure);
+    repatchBuffer.repatch(methodCallLinkInfo.structureLabel.dataLabelPtrAtOffset(patchOffsetMethodCheckProtoObj), proto);
+    repatchBuffer.repatch(methodCallLinkInfo.structureLabel.dataLabelPtrAtOffset(patchOffsetMethodCheckProtoStruct), proto->structure());
+    repatchBuffer.repatch(methodCallLinkInfo.structureLabel.dataLabelPtrAtOffset(patchOffsetMethodCheckPutFunction), callee);
 }
 
 void JIT::patchPutByIdReplace(StructureStubInfo* stubInfo, Structure* structure, size_t cachedOffset, ProcessorReturnAddress returnAddress)
 {
+    RepatchBuffer repatchBuffer;
+
     // We don't want to patch more than once - in future go to cti_op_put_by_id_generic.
     // Should probably go to JITStubs::cti_op_put_by_id_fail, but that doesn't do anything interesting right now.
-    returnAddress.relinkCallerToFunction(FunctionPtr(JITStubs::cti_op_put_by_id_generic));
+    repatchBuffer.relinkCallerToFunction(returnAddress, FunctionPtr(JITStubs::cti_op_put_by_id_generic));
 
     int offset = sizeof(JSValue) * cachedOffset;
@@ -543 +550 @@
     // and makes the subsequent load's offset automatically correct
     if (structure->isUsingInlineStorage())
-        stubInfo->hotPathBegin.instructionAtOffset(patchOffsetPutByIdExternalLoad).repatchLoadPtrToLEA();
+        repatchBuffer.repatchLoadPtrToLEA(stubInfo->hotPathBegin.instructionAtOffset(patchOffsetPutByIdExternalLoad));
 
     // Patch the offset into the propoerty map to load from, then patch the Structure to look for.
-    stubInfo->hotPathBegin.dataLabelPtrAtOffset(patchOffsetPutByIdStructure).repatch(structure);
-    stubInfo->hotPathBegin.dataLabel32AtOffset(patchOffsetPutByIdPropertyMapOffset).repatch(offset);
+    repatchBuffer.repatch(stubInfo->hotPathBegin.dataLabelPtrAtOffset(patchOffsetPutByIdStructure), structure);
+    repatchBuffer.repatch(stubInfo->hotPathBegin.dataLabel32AtOffset(patchOffsetPutByIdPropertyMapOffset), offset);
 }
 
@@ -553 +560 @@
 {
     StructureStubInfo* stubInfo = &m_codeBlock->getStubInfo(returnAddress.addressForLookup());
-
-    // We don't want to patch more than once - in future go to cti_op_put_by_id_generic.
-    returnAddress.relinkCallerToFunction(FunctionPtr(JITStubs::cti_op_get_by_id_array_fail));
 
     // Check eax is an array
@@ -585 +589 @@
     // Finally patch the jump to slow case back in the hot path to jump here instead.
     CodeLocationJump jumpLocation = stubInfo->hotPathBegin.jumpAtOffset(patchOffsetGetByIdBranchToSlowCase);
-    jumpLocation.relink(entryLabel);
+    RepatchBuffer repatchBuffer;
+    repatchBuffer.relink(jumpLocation, entryLabel);
+
+    // We don't want to patch more than once - in future go to cti_op_put_by_id_generic.
+    repatchBuffer.relinkCallerToFunction(returnAddress, FunctionPtr(JITStubs::cti_op_get_by_id_array_fail));
 }
 
 void JIT::privateCompileGetByIdProto(StructureStubInfo* stubInfo, Structure* structure, Structure* prototypeStructure, size_t cachedOffset, ProcessorReturnAddress returnAddress, CallFrame* callFrame)
 {
-    // We don't want to patch more than once - in future go to cti_op_put_by_id_generic.
-    returnAddress.relinkCallerToFunction(FunctionPtr(JITStubs::cti_op_get_by_id_proto_list));
-
     // The prototype object definitely exists (if this stub exists the CodeBlock is referencing a Structure that is
     // referencing the prototype object - let's speculatively load it's table nice and early!)
@@ -630 +635 @@
     // Finally patch the jump to slow case back in the hot path to jump here instead.
     CodeLocationJump jumpLocation = stubInfo->hotPathBegin.jumpAtOffset(patchOffsetGetByIdBranchToSlowCase);
-    jumpLocation.relink(entryLabel);
+    RepatchBuffer repatchBuffer;
+    repatchBuffer.relink(jumpLocation, entryLabel);
+
+    // We don't want to patch more than once - in future go to cti_op_put_by_id_generic.
+    repatchBuffer.relinkCallerToFunction(returnAddress, FunctionPtr(JITStubs::cti_op_get_by_id_proto_list));
 }
 
@@ -658 +667 @@
     // Finally patch the jump to slow case back in the hot path to jump here instead.
     CodeLocationJump jumpLocation = stubInfo->hotPathBegin.jumpAtOffset(patchOffsetGetByIdBranchToSlowCase);
-    jumpLocation.relink(entryLabel);
+    RepatchBuffer repatchBuffer;
+    repatchBuffer.relink(jumpLocation, entryLabel);
 }
 
@@ -702 +712 @@
     // Finally patch the jump to slow case back in the hot path to jump here instead.
     CodeLocationJump jumpLocation = stubInfo->hotPathBegin.jumpAtOffset(patchOffsetGetByIdBranchToSlowCase);
-    jumpLocation.relink(entryLabel);
+    RepatchBuffer repatchBuffer;
+    repatchBuffer.relink(jumpLocation, entryLabel);
 }
 
@@ -755 +766 @@
     // Finally patch the jump to slow case back in the hot path to jump here instead.
     CodeLocationJump jumpLocation = stubInfo->hotPathBegin.jumpAtOffset(patchOffsetGetByIdBranchToSlowCase);
-    jumpLocation.relink(entryLabel);
+    RepatchBuffer repatchBuffer;
+    repatchBuffer.relink(jumpLocation, entryLabel);
 }
 
 void JIT::privateCompileGetByIdChain(StructureStubInfo* stubInfo, Structure* structure, StructureChain* chain, size_t count, size_t cachedOffset, ProcessorReturnAddress returnAddress, CallFrame* callFrame)
 {
-    // We don't want to patch more than once - in future go to cti_op_put_by_id_generic.
-    returnAddress.relinkCallerToFunction(FunctionPtr(JITStubs::cti_op_get_by_id_proto_list));
-
     ASSERT(count);
     
@@ -805 +814 @@
     // Finally patch the jump to slow case back in the hot path to jump here instead.
     CodeLocationJump jumpLocation = stubInfo->hotPathBegin.jumpAtOffset(patchOffsetGetByIdBranchToSlowCase);
-    jumpLocation.relink(entryLabel);
+    RepatchBuffer repatchBuffer;
+    repatchBuffer.relink(jumpLocation, entryLabel);
+
+    // We don't want to patch more than once - in future go to cti_op_put_by_id_generic.
+    repatchBuffer.relinkCallerToFunction(returnAddress, FunctionPtr(JITStubs::cti_op_get_by_id_proto_list));
 }