Changeset 268247 in webkit for trunk/Source/JavaScriptCore/jit/Repatch.cpp

Timestamp:

Oct 8, 2020, 10:08:11 PM (5 years ago)

Author:

[email protected]

Message:

Unreviewed, reland r268170
​https://bugs.webkit.org/show_bug.cgi?id=217460

Source/JavaScriptCore:

Fixed missing wrong OperationPtrTag use in Repatch.cpp.

• assembler/AbstractMacroAssembler.h:

(JSC::AbstractMacroAssembler::getLinkerAddress):

• assembler/AssemblerBuffer.h:

(JSC::ARM64EHash::update):
(JSC::ARM64EHash::finalHash const):

• assembler/JITOperationList.cpp:

(JSC::addPointers):

• assembler/MacroAssemblerARM64.cpp:

(JSC::MacroAssembler::probe):

• assembler/MacroAssemblerCodeRef.h:

(JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr):
(JSC::MacroAssemblerCodePtr::createFromExecutableAddress):

• assembler/testmasm.cpp:

(JSC::testProbeModifiesProgramCounter):

• b3/air/testair.cpp:
• ftl/FTLOutput.h:

(JSC::FTL::Output::callWithoutSideEffects):
(JSC::FTL::Output::operation):

• ftl/FTLSlowPathCall.cpp:

(JSC::FTL::SlowPathCallContext::makeCall):

• jit/JITCode.cpp:

(JSC::JITCodeWithCodeRef::executableAddressAtOffset):

• jit/JITExceptions.cpp:

(JSC::genericUnwind):

• jit/JITOperations.cpp:
• jit/Repatch.cpp:

(JSC::readPutICCallTarget):
(JSC::ftlThunkAwareRepatchCall):
(JSC::tryCacheGetBy):
(JSC::tryCachePutByID):

• llint/LLIntData.cpp:

(JSC::LLInt::initialize):

• llint/LLIntPCRanges.h:

(JSC::LLInt::isLLIntPC):

• llint/LLIntSlowPaths.cpp:

(JSC::LLInt::setUpCall):

• llint/LLIntThunks.cpp:

(JSC::LLInt::generateThunkWithJumpTo):

• runtime/JSCPtrTag.h:
• runtime/MachineContext.h:

(JSC::MachineContext::instructionPointer):

• runtime/NativeExecutable.cpp:

(JSC::NativeExecutable::finishCreation):

• runtime/PutPropertySlot.h:

(JSC::PutPropertySlot::setCustomValue):
(JSC::PutPropertySlot::setCustomAccessor):
(JSC::PutPropertySlot::customSetter const):

• wasm/WasmAirIRGenerator.cpp:

(JSC::Wasm::AirIRGenerator::emitCCall):

• wasm/WasmSlowPaths.cpp:

Source/WTF:

• wtf/PlatformRegisters.cpp:

(WTF::threadStateLRInternal):
(WTF::threadStatePCInternal):

• wtf/PtrTag.h:

(WTF::tagCodePtr):
(WTF::untagCodePtr):
(WTF::assertIsCFunctionPtr):
(WTF::assertIsNullOrCFunctionPtr):
(WTF::assertIsNotTagged):
(WTF::assertIsTagged):
(WTF::assertIsNullOrTagged):
(WTF::isTaggedWith):
(WTF::assertIsTaggedWith):
(WTF::assertIsNullOrTaggedWith):
(WTF::tagCFunctionPtr):
(WTF::tagCFunction):
(WTF::untagCFunctionPtr):
(WTF::tagInt):

File:

• trunk/Source/JavaScriptCore/jit/Repatch.cpp (modified) (5 diffs)

trunk/Source/JavaScriptCore/jit/Repatch.cpp

@@ -74 +74 @@
 static FunctionPtr<CFunctionPtrTag> readPutICCallTarget(CodeBlock* codeBlock, CodeLocationCall<JSInternalPtrTag> call)
 {
-    FunctionPtr<OperationPtrTag> target = MacroAssembler::readCallTarget<OperationPtrTag>(call);
 #if ENABLE(FTL_JIT)
     if (codeBlock->jitType() == JITType::FTLJIT) {
-        MacroAssemblerCodePtr<JITThunkPtrTag> thunk = MacroAssemblerCodePtr<OperationPtrTag>::createFromExecutableAddress(target.executableAddress()).retagged<JITThunkPtrTag>();
+        FunctionPtr<JITThunkPtrTag> target = MacroAssembler::readCallTarget<JITThunkPtrTag>(call);
+        MacroAssemblerCodePtr<JITThunkPtrTag> thunk = MacroAssemblerCodePtr<JITThunkPtrTag>::createFromExecutableAddress(target.executableAddress());
         return codeBlock->vm().ftlThunks->keyForSlowPathCallThunk(thunk).callTarget().retagged<CFunctionPtrTag>();
     }
@@ -83 +83 @@
     UNUSED_PARAM(codeBlock);
 #endif // ENABLE(FTL_JIT)
+    FunctionPtr<OperationPtrTag> target = MacroAssembler::readCallTarget<OperationPtrTag>(call);
     return target.retagged<CFunctionPtrTag>();
 }
@@ -92 +93 @@
         VM& vm = codeBlock->vm();
         FTL::Thunks& thunks = *vm.ftlThunks;
-        FunctionPtr<OperationPtrTag> target = MacroAssembler::readCallTarget<OperationPtrTag>(call);
-        auto slowPathThunk = MacroAssemblerCodePtr<JITThunkPtrTag>::createFromExecutableAddress(target.retaggedExecutableAddress<JITThunkPtrTag>());
+        FunctionPtr<JITThunkPtrTag> target = MacroAssembler::readCallTarget<JITThunkPtrTag>(call);
+        auto slowPathThunk = MacroAssemblerCodePtr<JITThunkPtrTag>::createFromExecutableAddress(target.executableAddress());
         FTL::SlowPathCallKey key = thunks.keyForSlowPathCallThunk(slowPathThunk);
         key = key.withCallTarget(newCalleeFunction);
-        MacroAssembler::repatchCall(call, FunctionPtr<OperationPtrTag>(thunks.getSlowPathCallThunk(vm, key).retaggedCode<OperationPtrTag>()));
+        MacroAssembler::repatchCall(call, FunctionPtr<JITThunkPtrTag>(thunks.getSlowPathCallThunk(vm, key).code()));
         return;
     }
@@ -406 +407 @@
                     newCase = GetterSetterAccessCase::create(
                         vm, codeBlock, type, propertyName, offset, structure, conditionSet, loadTargetFromProxy,
-                        slot.watchpointSet(), slot.isCacheableCustom() ? slot.customGetter() : nullptr,
+                        slot.watchpointSet(), slot.isCacheableCustom() ? FunctionPtr<OperationPtrTag>(slot.customGetter()) : nullptr,
                         slot.isCacheableCustom() && slot.slotBase() != baseValue ? slot.slotBase() : nullptr,
                         domAttribute, WTFMove(prototypeAccessChain));
@@ -742 +743 @@
                 newCase = GetterSetterAccessCase::create(
                     vm, codeBlock, slot.isCustomAccessor() ? AccessCase::CustomAccessorSetter : AccessCase::CustomValueSetter, oldStructure, propertyName,
-                    invalidOffset, conditionSet, WTFMove(prototypeAccessChain), isProxy, slot.customSetter(), slot.base() != baseValue ? slot.base() : nullptr);
+                    invalidOffset, conditionSet, WTFMove(prototypeAccessChain), isProxy, slot.customSetter().retagged<OperationPtrTag>(), slot.base() != baseValue ? slot.base() : nullptr);
             } else {
                 ASSERT(slot.isCacheableSetter());