Ignore:
Timestamp:
Jun 14, 2019, 4:14:14 PM (6 years ago)
Author:
[email protected]
Message:

Restore PAC based cage.
https://bugs.webkit.org/show_bug.cgi?id=198872

Rubber-stamped by Saam Barati.

Source/bmalloc:

  • bmalloc/Gigacage.h:

Source/JavaScriptCore:

  • assembler/MacroAssemblerARM64.h:

(JSC::MacroAssemblerARM64::bitFieldInsert64):

  • assembler/MacroAssemblerARM64E.h:
  • assembler/testmasm.cpp:

(JSC::testCagePreservesPACFailureBit):
(JSC::run):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::jumpForTypedArrayIsNeuteredIfOutOfBounds):
(JSC::DFG::SpeculativeJIT::cageTypedArrayStorage):
(JSC::DFG::SpeculativeJIT::compileGetTypedArrayByteOffset):
(JSC::DFG::SpeculativeJIT::compileNewTypedArrayWithSize):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNewTypedArray):
(JSC::FTL::DFG::LowerDFGToB3::caged):

  • jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::cageWithoutUntagging):
(JSC::AssemblyHelpers::cageConditionally):
(JSC::AssemblyHelpers::cage): Deleted.

  • jit/JITPropertyAccess.cpp:

(JSC::JIT::emitIntTypedArrayGetByVal):
(JSC::JIT::emitFloatTypedArrayGetByVal):
(JSC::JIT::emitIntTypedArrayPutByVal):
(JSC::JIT::emitFloatTypedArrayPutByVal):

  • llint/LowLevelInterpreter.asm:
  • llint/LowLevelInterpreter64.asm:
  • offlineasm/arm64.rb:
  • offlineasm/instructions.rb:
  • offlineasm/registers.rb:
  • wasm/WasmAirIRGenerator.cpp:

(JSC::Wasm::AirIRGenerator::restoreWebAssemblyGlobalState):
(JSC::Wasm::AirIRGenerator::addCallIndirect):

  • wasm/WasmB3IRGenerator.cpp:

(JSC::Wasm::B3IRGenerator::restoreWebAssemblyGlobalState):
(JSC::Wasm::B3IRGenerator::addCallIndirect):

  • wasm/WasmBinding.cpp:

(JSC::Wasm::wasmToWasm):

  • wasm/js/JSToWasm.cpp:

(JSC::Wasm::createJSToWasmWrapper):

  • wasm/js/WebAssemblyFunction.cpp:

(JSC::WebAssemblyFunction::jsCallEntrypointSlow):

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/offlineasm/arm64.rb

    r246240 r246451  
    127127        when 't6'
    128128          arm64GPRName('x6', kind)
     129        when 't7'
     130          arm64GPRName('x7', kind)
    129131        when 'cfr'
    130132            arm64GPRName('x29', kind)
     
    10201022        when "memfence"
    10211023            $asm.puts "dmb sy"
     1024        when "bfiq"
     1025            $asm.puts "bfi #{operands[3].arm64Operand(:quad)}, #{operands[0].arm64Operand(:quad)}, #{operands[1].value}, #{operands[2].value}"
    10221026        when "pcrtoaddr"
    10231027            $asm.puts "adr #{operands[1].arm64Operand(:quad)}, #{operands[0].value}"
Note: See TracChangeset for help on using the changeset viewer.