Context Navigation

← Previous Changeset
Next Changeset →

Changeset 220807 in webkit

Timestamp:

Aug 16, 2017 1:38:57 PM (7 years ago)

Author:

mark.lam@apple.com

Message:

Enhance MacroAssembler::probe() to support an initializeStackFunction callback.
https://bugs.webkit.org/show_bug.cgi?id=175617
<rdar://problem/33912104>

Reviewed by JF Bastien.

This patch adds a new feature to MacroAssembler::probe() where the probe function
can provide a ProbeFunction callback to fill in stack values after the stack
pointer has been adjusted. The probe function can use this feature as follows:

Set the new sp value in the ProbeContext's CPUState.

Set the ProbeContext's initializeStackFunction to a ProbeFunction callback which will do the work of filling in the stack values after the probe trampoline has adjusted the machine stack pointer.

Set the ProbeContext's initializeStackArgs to any value that the client wants to pass to the initializeStackFunction callback.

Return from the probe function.

Upon returning from the probe function, the probe trampoline will adjust the
the stack pointer based on the sp value in CPUState. If initializeStackFunction
is not set, the probe trampoline will restore registers and return to its caller.

If initializeStackFunction is set, the trampoline will move the ProbeContext
beyond the range of the stack pointer i.e. it will place the new ProbeContext at
an address lower than where CPUState.sp() points. This ensures that the
ProbeContext will not be trashed by the initializeStackFunction when it writes to
the stack. Then, the trampoline will call back to the initializeStackFunction
ProbeFunction to let it fill in the stack values as desired. The
initializeStackFunction ProbeFunction will be passed the moved ProbeContext at
the new location.

initializeStackFunction may now write to the stack at addresses greater or
equal to CPUState.sp(), but not below that. initializeStackFunction is also
not allowed to change CPUState.sp(). If the initializeStackFunction does not
abide by these rules, then behavior is undefined, and bad things may happen.

For future reference, some implementation details that this patch needed to
be mindful of:

When the probe trampoline allocates stack space for the ProbeContext, it should include OUT_SIZE as well. This ensures that it doesn't have to move the ProbeContext on exit if the probe function didn't change the sp.

If the trampoline has to move the ProbeContext, it needs to point the machine sp to new ProbeContext first before copying over the ProbeContext data. This protects the new ProbeContext from possibly being trashed by interrupts.

When computing the new address of ProbeContext to move to, we need to make sure that it is properly aligned in accordance with stack ABI requirements (just like we did when we allocated the ProbeContext on entry to the probe trampoline).

When copying the ProbeContext to its new location, the trampoline should always copy words from low addresses to high addresses. This is because if we're moving the ProbeContext, we'll always be moving it to a lower address.

assembler/MacroAssembler.h:
assembler/MacroAssemblerARM.cpp:
assembler/MacroAssemblerARM64.cpp:
assembler/MacroAssemblerARMv7.cpp:
assembler/MacroAssemblerX86Common.cpp:
assembler/testmasm.cpp:

(JSC::testProbePreservesGPRS):
(JSC::testProbeModifiesStackPointer):
(JSC::fillStack):
(JSC::testProbeModifiesStackWithCallback):
(JSC::run):

Location:

trunk/Source/JavaScriptCore

Files:

: 7 edited

ChangeLog (modified) (1 diff)
assembler/MacroAssembler.h (modified) (2 diffs)
assembler/MacroAssemblerARM.cpp (modified) (9 diffs)
assembler/MacroAssemblerARM64.cpp (modified) (7 diffs)
assembler/MacroAssemblerARMv7.cpp (modified) (8 diffs)
assembler/MacroAssemblerX86Common.cpp (modified) (12 diffs)
assembler/testmasm.cpp (modified) (5 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/Source/JavaScriptCore/ChangeLog

-                      r220791
+                      r220807
+-08-16  Mark Lam  <mark.lam@apple.com>
+        Enhance MacroAssembler::probe() to support an initializeStackFunction callback.
+        https://bugs.webkit.org/show_bug.cgi?id=175617
+        <rdar://problem/33912104>
+        Reviewed by JF Bastien.
+        This patch adds a new feature to MacroAssembler::probe() where the probe function
+        can provide a ProbeFunction callback to fill in stack values after the stack
+        pointer has been adjusted.  The probe function can use this feature as follows:
+. Set the new sp value in the ProbeContext's CPUState.
+. Set the ProbeContext's initializeStackFunction to a ProbeFunction callback
+           which will do the work of filling in the stack values after the probe
+           trampoline has adjusted the machine stack pointer.
+. Set the ProbeContext's initializeStackArgs to any value that the client wants
+           to pass to the initializeStackFunction callback.
+. Return from the probe function.
+        Upon returning from the probe function, the probe trampoline will adjust the
+        the stack pointer based on the sp value in CPUState.  If initializeStackFunction
+        is not set, the probe trampoline will restore registers and return to its caller.
+        If initializeStackFunction is set, the trampoline will move the ProbeContext
+        beyond the range of the stack pointer i.e. it will place the new ProbeContext at
+        an address lower than where CPUState.sp() points.  This ensures that the
+        ProbeContext will not be trashed by the initializeStackFunction when it writes to
+        the stack.  Then, the trampoline will call back to the initializeStackFunction
+        ProbeFunction to let it fill in the stack values as desired.  The
+        initializeStackFunction ProbeFunction will be passed the moved ProbeContext at
+        the new location.
+        initializeStackFunction may now write to the stack at addresses greater or
+        equal to CPUState.sp(), but not below that.  initializeStackFunction is also
+        not allowed to change CPUState.sp().  If the initializeStackFunction does not
+        abide by these rules, then behavior is undefined, and bad things may happen.
+        For future reference, some implementation details that this patch needed to
+        be mindful of:
+. When the probe trampoline allocates stack space for the ProbeContext, it
+           should include OUT_SIZE as well.  This ensures that it doesn't have to move
+           the ProbeContext on exit if the probe function didn't change the sp.
+. If the trampoline has to move the ProbeContext, it needs to point the machine
+           sp to new ProbeContext first before copying over the ProbeContext data.  This
+           protects the new ProbeContext from possibly being trashed by interrupts.
+. When computing the new address of ProbeContext to move to, we need to make
+           sure that it is properly aligned in accordance with stack ABI requirements
+           (just like we did when we allocated the ProbeContext on entry to the
+           probe trampoline).
+. When copying the ProbeContext to its new location, the trampoline should
+           always copy words from low addresses to high addresses.  This is because if
+           we're moving the ProbeContext, we'll always be moving it to a lower address.
+        * assembler/MacroAssembler.h:
+        * assembler/MacroAssemblerARM.cpp:
+        * assembler/MacroAssemblerARM64.cpp:
+        * assembler/MacroAssemblerARMv7.cpp:
+        * assembler/MacroAssemblerX86Common.cpp:
+        * assembler/testmasm.cpp:
+        (JSC::testProbePreservesGPRS):
+        (JSC::testProbeModifiesStackPointer):
+        (JSC::fillStack):
+        (JSC::testProbeModifiesStackWithCallback):
+        (JSC::run):
 -08-16  Csaba Osztrogonác  <ossy@webkit.org>

trunk/Source/JavaScriptCore/assembler/MacroAssembler.h

-                      r220720
+                      r220807
     // of the call to the user probe function.
     //
+    // The probe function may choose to move the stack pointer (in any direction).
+    // To do this, the probe function needs to set the new sp value in the CPUState.
+    //
+    // The probe function may also choose to fill stack space with some values.
+    // To do this, the probe function must first:
+    // 1. Set the new sp value in the ProbeContext's CPUState.
+    // 2. Set the ProbeContext's initializeStackFunction to a ProbeFunction callback
+    //    which will do the work of filling in the stack values after the probe
+    //    trampoline has adjusted the machine stack pointer.
+    // 3. Set the ProbeContext's initializeStackArgs to any value that the client wants
+    //    to pass to the initializeStackFunction callback.
+    // 4. Return from the probe function.
+    //
+    // Upon returning from the probe function, the probe trampoline will adjust the
+    // the stack pointer based on the sp value in CPUState. If initializeStackFunction
+    // is not set, the probe trampoline will restore registers and return to its caller.
+    //
+    // If initializeStackFunction is set, the trampoline will move the ProbeContext
+    // beyond the range of the stack pointer i.e. it will place the new ProbeContext at
+    // an address lower than where CPUState.sp() points. This ensures that the
+    // ProbeContext will not be trashed by the initializeStackFunction when it writes to
+    // the stack. Then, the trampoline will call back to the initializeStackFunction
+    // ProbeFunction to let it fill in the stack values as desired. The
+    // initializeStackFunction ProbeFunction will be passed the moved ProbeContext at
+    // the new location.
+    //
+    // initializeStackFunction may now write to the stack at addresses greater or
+    // equal to CPUState.sp(), but not below that. initializeStackFunction is also
+    // not allowed to change CPUState.sp(). If the initializeStackFunction does not
+    // abide by these rules, then behavior is undefined, and bad things may happen.
+    //
     // Note: this version of probe() should be implemented by the target specific
     // MacroAssembler.
 …
     ProbeFunction probeFunction;
     void* arg;
+    ProbeFunction initializeStackFunction;
+    void* initializeStackArg;
     CPUState cpu;

trunk/Source/JavaScriptCore/assembler/MacroAssemblerARM.cpp

-                      r220629
+                      r220807
 #if COMPILER(GCC_OR_CLANG)
 // The following are offsets for ProbeContext fields accessed
 // by the ctiMasmProbeTrampoline stub.
 …
 #define PROBE_PROBE_FUNCTION_OFFSET (0 * PTR_SIZE)
 #define PROBE_ARG_OFFSET (1 * PTR_SIZE)
+#define PROBE_FIRST_GPREG_OFFSET (2 * PTR_SIZE)
+#define PROBE_INIT_STACK_FUNCTION_OFFSET (2 * PTR_SIZE)
+#define PROBE_INIT_STACK_ARG_OFFSET (3 * PTR_SIZE)
+#define PROBE_FIRST_GPREG_OFFSET (4 * PTR_SIZE)
 #define GPREG_SIZE 4
 …
 #define PROBE_SIZE (PROBE_FIRST_FPREG_OFFSET + (32 * FPREG_SIZE))
+#define PROBE_ALIGNED_SIZE (PROBE_SIZE)
+#define OUT_SIZE GPREG_SIZE
 // These ASSERTs remind you that if you change the layout of ProbeContext,
 …
 COMPILE_ASSERT(PROBE_OFFSETOF(probeFunction) == PROBE_PROBE_FUNCTION_OFFSET, ProbeContext_probeFunction_offset_matches_ctiMasmProbeTrampoline);
 COMPILE_ASSERT(PROBE_OFFSETOF(arg) == PROBE_ARG_OFFSET, ProbeContext_arg_offset_matches_ctiMasmProbeTrampoline);
+COMPILE_ASSERT(PROBE_OFFSETOF(initializeStackFunction) == PROBE_INIT_STACK_FUNCTION_OFFSET, ProbeContext_initializeStackFunction_offset_matches_ctiMasmProbeTrampoline);
+COMPILE_ASSERT(PROBE_OFFSETOF(initializeStackArg) == PROBE_INIT_STACK_ARG_OFFSET, ProbeContext_initializeStackArg_offset_matches_ctiMasmProbeTrampoline);
 COMPILE_ASSERT(!(PROBE_CPU_R0_OFFSET & 0x3), ProbeContext_cpu_r0_offset_should_be_4_byte_aligned);
 …
 COMPILE_ASSERT(PROBE_OFFSETOF(cpu.sprs[ARMRegisters::fpscr]) == PROBE_CPU_FPSCR_OFFSET, ProbeContext_cpu_fpscr_offset_matches_ctiMasmProbeTrampoline);
 COMPILE_ASSERT(!(PROBE_CPU_D0_OFFSET & 0xf), ProbeContext_cpu_d0_offset_should_be_16_byte_aligned);
+COMPILE_ASSERT(!(PROBE_CPU_D0_OFFSET & 0x7), ProbeContext_cpu_d0_offset_should_be_8_byte_aligned);
 COMPILE_ASSERT(PROBE_OFFSETOF(cpu.fprs[ARMRegisters::d0]) == PROBE_CPU_D0_OFFSET, ProbeContext_cpu_d0_offset_matches_ctiMasmProbeTrampoline);
 …
 COMPILE_ASSERT(sizeof(ProbeContext) == PROBE_SIZE, ProbeContext_size_matches_ctiMasmProbeTrampoline);
-COMPILE_ASSERT(!(PROBE_ALIGNED_SIZE & 0xf), ProbeContext_aligned_size_offset_should_be_16_byte_aligned);
 #undef PROBE_OFFSETOF
 …
     "mov       ip, sp" "\n"
     "mov       r3, sp" "\n"
     "sub       r3, r3, #" STRINGIZE_VALUE_OF(PROBE_ALIGNED_SIZE) "\n"
+    "sub       r3, r3, #" STRINGIZE_VALUE_OF(PROBE_SIZE + OUT_SIZE) "\n"
     // The ARM EABI specifies that the stack needs to be 16 byte aligned.
     "bic       r3, r3, #0xf" "\n"
     "mov       sp, r3" "\n"
+    "mov       sp, r3" "\n" // Set the sp to protect the ProbeContext from interrupts before we initialize it.
     "str       lr, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_PC_OFFSET) "]" "\n"
 …
     "add       ip, sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_D0_OFFSET) "\n"
     "vstmia.64 ip, { d0-d15 }" "\n"
     "vstmia.64 ip, { d16-d31 }" "\n"
+    "vstmia.64 ip!, { d0-d15 }" "\n"
+    "vstmia.64 ip!, { d16-d31 }" "\n"
     "mov       fp, sp" "\n" // Save the ProbeContext*.
+    // Initialize ProbeContext::initializeStackFunction to zero.
+    "mov       r0, #0" "\n"
+    "str       r0, [fp, #" STRINGIZE_VALUE_OF(PROBE_INIT_STACK_FUNCTION_OFFSET) "]" "\n"
     "ldr       ip, [sp, #" STRINGIZE_VALUE_OF(PROBE_PROBE_FUNCTION_OFFSET) "]" "\n"
     "mov       r0, sp" "\n" // the ProbeContext* arg.
     "blx       ip" "\n"
+    // Make sure the ProbeContext is entirely below the result stack pointer so
+    // that register values are still preserved when we call the initializeStack
+    // function.
+    "ldr       r1, [fp, #" STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET) "]" "\n" // Result sp.
+    "add       r2, fp, #" STRINGIZE_VALUE_OF(PROBE_SIZE + OUT_SIZE) "\n" // End of ProveContext + buffer.
+    "cmp       r1, r2" "\n"
+    "bge     " LOCAL_LABEL_STRING(ctiMasmProbeTrampolineProbeContextIsSafe) "\n"
+    // Allocate a safe place on the stack below the result stack pointer to stash the ProbeContext.
+    "sub       r1, r1, #" STRINGIZE_VALUE_OF(PROBE_SIZE + OUT_SIZE) "\n"
+    "bic       r1, r1, #0xf" "\n" // The ARM EABI specifies that the stack needs to be 16 byte aligned.
+    "mov       sp, r1" "\n" // Set the new sp to protect that memory from interrupts before we copy the ProbeContext.
+    // Copy the ProbeContext to the safe place.
+    // Note: we have to copy from low address to higher address because we're moving the
+    // ProbeContext to a lower address.
+    "mov       r5, fp" "\n"
+    "mov       r6, r1" "\n"
+    "add       r7, fp, #" STRINGIZE_VALUE_OF(PROBE_SIZE) "\n"
+    LOCAL_LABEL_STRING(ctiMasmProbeTrampolineCopyLoop) ":" "\n"
+    "ldr       r3, [r5], #4" "\n"
+    "ldr       r4, [r5], #4" "\n"
+    "str       r3, [r6], #4" "\n"
+    "str       r4, [r6], #4" "\n"
+    "cmp       r5, r7" "\n"
+    "blt     " LOCAL_LABEL_STRING(ctiMasmProbeTrampolineCopyLoop) "\n"
+    "mov       fp, r1" "\n"
+    // Call initializeStackFunction if present.
+    LOCAL_LABEL_STRING(ctiMasmProbeTrampolineProbeContextIsSafe) ":" "\n"
+    "ldr       r2, [fp, #" STRINGIZE_VALUE_OF(PROBE_INIT_STACK_FUNCTION_OFFSET) "]" "\n"
+    "cbz       r2, " LOCAL_LABEL_STRING(ctiMasmProbeTrampolineRestoreRegisters) "\n"
+    "mov       r0, fp" "\n" // Set the ProbeContext* arg.
+    "blx       r2" "\n" // Call the initializeStackFunction (loaded into r2 above).
+    LOCAL_LABEL_STRING(ctiMasmProbeTrampolineRestoreRegisters) ":" "\n"
     "mov       sp, fp" "\n"
 …
     // There are 5 more registers left to restore: ip, sp, lr, pc, and apsr.
+    // There are 2 issues that complicate the restoration of these last few
+    // registers:
+    //
+    // 1. Normal ARM calling convention relies on moving lr to pc to return to
+    //    the caller. In our case, the address to return to is specified by
+    //    ProbeContext.cpu.pc. And at that moment, we won't have any available
+    //    scratch registers to hold the return address (lr needs to hold
+    //    ProbeContext.cpu.lr, not the return address).
+    //
+    //    The solution is to store the return address on the stack and load the
+    //     pc from there.
+    //
+    // 2. Issue 1 means we will need to write to the stack location at
+    //    ProbeContext.cpu.gprs[sp] - PTR_SIZE. But if the user probe function had
+    //    modified the value of ProbeContext.cpu.gprs[sp] to point in the range between
+    //    &ProbeContext.cpu.gprs[ip] thru &ProbeContext.cpu.sprs[aspr], then the action
+    //    for Issue 1 may trash the values to be restored before we can restore them.
+    //
+    //    The solution is to check if ProbeContext.cpu.gprs[sp] contains a value in
+    //    the undesirable range. If so, we copy the remaining ProbeContext
+    //    register data to a safe area first, and restore the remaining register
+    //    from this new safe area.
+    // The restore area for the pc will be located at 1 word below the resultant sp.
+    // All restore values are located at offset <= PROBE_CPU_APSR_OFFSET. Hence,
+    // we need to make sure that resultant sp > offset of apsr + 1.
+    "add       ip, sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_APSR_OFFSET + PTR_SIZE) "\n"
+    // Set up the restore area for sp and pc.
     "ldr       lr, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET) "]" "\n"
-    "cmp       lr, ip" "\n"
-    "bgt     " SYMBOL_STRING(ctiMasmProbeTrampolineEnd) "\n"
-    // Getting here means that the restore area will overlap the ProbeContext data
-    // that we will need to get the restoration values from. So, let's move that
-    // data to a safe place before we start writing into the restore area.
-    // Let's locate the "safe area" at 2x sizeof(ProbeContext) below where the
-    // restore area. This ensures that:
-    // 1. The safe area does not overlap the restore area.
-    // 2. The safe area does not overlap the ProbeContext.
-    //    This makes it so that we can use memcpy (does not require memmove) semantics
-    //    to copy the restore values to the safe area.
-    // lr already contains [sp, #STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET)].
-    "sub       lr, lr, #(2 * " STRINGIZE_VALUE_OF(PROBE_ALIGNED_SIZE) ")" "\n"
-    "mov       ip, sp" "\n" // Save the original ProbeContext*.
-    // Make sure the stack pointer points to the safe area. This ensures that the
-    // safe area is protected from interrupt handlers overwriting it.
-    "mov       sp, lr" "\n" // sp now points to the new ProbeContext in the safe area.
-    "mov       lr, ip" "\n" // Use lr as the old ProbeContext*.
-    // Copy the restore data to the new ProbeContext*.
-    "ldr       ip, [lr, #" STRINGIZE_VALUE_OF(PROBE_CPU_IP_OFFSET) "]" "\n"
-    "str       ip, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_IP_OFFSET) "]" "\n"
-    "ldr       ip, [lr, #" STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET) "]" "\n"
-    "str       ip, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET) "]" "\n"
-    "ldr       ip, [lr, #" STRINGIZE_VALUE_OF(PROBE_CPU_LR_OFFSET) "]" "\n"
-    "str       ip, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_LR_OFFSET) "]" "\n"
-    "ldr       ip, [lr, #" STRINGIZE_VALUE_OF(PROBE_CPU_PC_OFFSET) "]" "\n"
-    "str       ip, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_PC_OFFSET) "]" "\n"
-    "ldr       ip, [lr, #" STRINGIZE_VALUE_OF(PROBE_CPU_APSR_OFFSET) "]" "\n"
-    "str       ip, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_APSR_OFFSET) "]" "\n"
-    // ctiMasmProbeTrampolineEnd expects lr to contain the sp value to be restored.
-    // Since we used it as scratch above, let's restore it.
-    "ldr       lr, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET) "]" "\n"
-    SYMBOL_STRING(ctiMasmProbeTrampolineEnd) ":" "\n"
-    // Set up the restore area for sp and pc.
-    // lr already contains [sp, #STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET)].
     // Push the pc on to the restore area.
     "ldr       ip, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_PC_OFFSET) "]" "\n"
     "sub       lr, lr, #" STRINGIZE_VALUE_OF(PTR_SIZE) "\n"
+    "sub       lr, lr, #" STRINGIZE_VALUE_OF(OUT_SIZE) "\n"
     "str       ip, [lr]" "\n"
     // Point sp to the restore area.

trunk/Source/JavaScriptCore/assembler/MacroAssemblerARM64.cpp

-                      r220630
+                      r220807
 #define PROBE_PROBE_FUNCTION_OFFSET (0 * PTR_SIZE)
 #define PROBE_ARG_OFFSET (1 * PTR_SIZE)
+#define PROBE_FIRST_GPREG_OFFSET (2 * PTR_SIZE)
+#define PROBE_INIT_STACK_FUNCTION_OFFSET (2 * PTR_SIZE)
+#define PROBE_INIT_STACK_ARG_OFFSET (3 * PTR_SIZE)
+#define PROBE_FIRST_GPREG_OFFSET (4 * PTR_SIZE)
 #define GPREG_SIZE 8
 …
 COMPILE_ASSERT(PROBE_OFFSETOF(probeFunction) == PROBE_PROBE_FUNCTION_OFFSET, ProbeContext_probeFunction_offset_matches_ctiMasmProbeTrampoline);
 COMPILE_ASSERT(PROBE_OFFSETOF(arg) == PROBE_ARG_OFFSET, ProbeContext_arg_offset_matches_ctiMasmProbeTrampoline);
+COMPILE_ASSERT(PROBE_OFFSETOF(initializeStackFunction) == PROBE_INIT_STACK_FUNCTION_OFFSET, ProbeContext_initializeStackFunction_offset_matches_ctiMasmProbeTrampoline);
+COMPILE_ASSERT(PROBE_OFFSETOF(initializeStackArg) == PROBE_INIT_STACK_ARG_OFFSET, ProbeContext_initializeStackArg_offset_matches_ctiMasmProbeTrampoline);
 COMPILE_ASSERT(!(PROBE_CPU_X0_OFFSET & 0x7), ProbeContext_cpu_r0_offset_should_be_8_byte_aligned);
 …
 // Conditions for using ldp and stp.
 static_assert(PROBE_CPU_PC_OFFSET == PROBE_CPU_SP_OFFSET + PTR_SIZE, "PROBE_CPU_SP_OFFSET and PROBE_CPU_PC_OFFSET must be adjacent");
+static_assert(!(PROBE_SIZE_PLUS_EXTRAS & 0xf), "PROBE_SIZE_PLUS_EXTRAS should be 16 byte aligned"); // the ProbeContext copying code relies on this.
 #undef PROBE_OFFSETOF
 …
 static_assert(OUT_LR_OFFSET == offsetof(OutgoingProbeRecord, lr), "OUT_LR_OFFSET is incorrect");
 static_assert(OUT_SIZE == sizeof(OutgoingProbeRecord), "OUT_SIZE is incorrect");
 static_assert(!(sizeof(OutgoingProbeRecord) & 0xf), "IncomingProbeStack must be 16-byte aligned");
+static_assert(!(sizeof(OutgoingProbeRecord) & 0xf), "OutgoingProbeStack must be 16-byte aligned");
 #define STATE_PC_NOT_CHANGED 0
 …
     "mov       x27, sp" "\n"
     "sub       x27, x27, #" STRINGIZE_VALUE_OF(PROBE_SIZE_PLUS_EXTRAS) "\n"
+    "sub       x27, x27, #" STRINGIZE_VALUE_OF(PROBE_SIZE_PLUS_EXTRAS + OUT_SIZE) "\n"
     "bic       x27, x27, #0xf" "\n" // The ARM EABI specifies that the stack needs to be 16 byte aligned.
     "mov       sp, x27" "\n" // Make sure interrupts don't over-write our data on the stack.
+    "mov       sp, x27" "\n" // Set the sp to protect the ProbeContext from interrupts before we initialize it.
     "stp       x0, x1, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_X0_OFFSET) "]" "\n"
 …
     "mov       x27, sp" "\n" // Save the ProbeContext* in a callee saved register.
+    // Initialize ProbeContext::initializeStackFunction to zero.
+    "str       xzr, [x27, #" STRINGIZE_VALUE_OF(PROBE_INIT_STACK_FUNCTION_OFFSET) "]" "\n"
     // Note: we haven't changed the value of fp. Hence, it is still pointing to the frame of
     // the caller of the probe (which is what we want in order to play nice with debuggers e.g. lldb).
     "mov       x0, sp" "\n" // Set the ProbeContext* arg.
     "blr       x2" "\n" // Call the probe handler function (loaded into x2 above).
+    // Make sure the ProbeContext is entirely below the result stack pointer so
+    // that register values are still preserved when we call the initializeStack
+    // function.
+    "ldr       x1, [x27, #" STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET) "]" "\n" // Result sp.
+    "add       x2, x27, #" STRINGIZE_VALUE_OF(PROBE_SIZE_PLUS_EXTRAS + OUT_SIZE) "\n" // End of ProbeContext + buffer.
+    "cmp       x1, x2" "\n"
+    "bge     " LOCAL_LABEL_STRING(ctiMasmProbeTrampolineProbeContextIsSafe) "\n"
+    // Allocate a safe place on the stack below the result stack pointer to stash the ProbeContext.
+    "sub       x1, x1, #" STRINGIZE_VALUE_OF(PROBE_SIZE_PLUS_EXTRAS + OUT_SIZE) "\n"
+    "bic       x1, x1, #0xf" "\n" // The ARM EABI specifies that the stack needs to be 16 byte aligned.
+    "mov       sp, x1" "\n" // Set the new sp to protect that memory from interrupts before we copy the ProbeContext.
+    // Copy the ProbeContext to the safe place.
+    // Note: we have to copy from low address to higher address because we're moving the
+    // ProbeContext to a lower address.
+    "mov       x5, x27" "\n"
+    "mov       x6, x1" "\n"
+    "add       x7, x27, #" STRINGIZE_VALUE_OF(PROBE_SIZE_PLUS_EXTRAS) "\n"
+    LOCAL_LABEL_STRING(ctiMasmProbeTrampolineCopyLoop) ":" "\n"
+    "ldp       x3, x4, [x5], #16" "\n"
+    "stp       x3, x4, [x6], #16" "\n"
+    "cmp       x5, x7" "\n"
+    "blt     " LOCAL_LABEL_STRING(ctiMasmProbeTrampolineCopyLoop) "\n"
+    "mov       x27, x1" "\n"
+    // Call initializeStackFunction if present.
+    LOCAL_LABEL_STRING(ctiMasmProbeTrampolineProbeContextIsSafe) ":" "\n"
+    "ldr       x2, [x27, #" STRINGIZE_VALUE_OF(PROBE_INIT_STACK_FUNCTION_OFFSET) "]" "\n"
+    "cbz       x2, " LOCAL_LABEL_STRING(ctiMasmProbeTrampolineRestoreRegisters) "\n"
+    "mov       x0, x27" "\n" // Set the ProbeContext* arg.
+    "blr       x2" "\n" // Call the initializeStackFunction (loaded into x2 above).
+    LOCAL_LABEL_STRING(ctiMasmProbeTrampolineRestoreRegisters) ":" "\n"
     "mov       sp, x27" "\n"
 …
     "ldr       x29, [sp, #" STRINGIZE_VALUE_OF(SAVED_PROBE_RETURN_PC_OFFSET) "]" "\n" // Preload the probe return site pc.
-    // The probe handler may have moved the sp. For the return process, we may need
-    // space for 2 OutgoingProbeRecords below the final sp value. We need to make
-    // sure that the space for these 2 OutgoingProbeRecords do not overlap the
-    // restore values of the registers.
-    // All restore values are located at offset <= PROBE_CPU_FPSR_OFFSET. Hence,
-    // we need to make sure that resultant sp > offset of fpsr + 2 * sizeof(OutgoingProbeRecord).
-    "add       x27, sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_FPSR_OFFSET + 2 * OUT_SIZE) "\n"
-    "ldr       x28, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET) "]" "\n"
-    "cmp       x28, x27" "\n"
-    "bgt     " LOCAL_LABEL_STRING(ctiMasmProbeTrampolineFillOutgoingProbeRecords) "\n"
-    // There is overlap. We need to copy the ProbeContext to a safe area first.
-    // Let's locate the "safe area" at 2x sizeof(ProbeContext) below where the OutgoingProbeRecords are.
-    // This ensures that:
-    // 1. The safe area does not overlap the OutgoingProbeRecords.
-    // 2. The safe area does not overlap the ProbeContext.
-    // x28 already contains [sp, #STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET)].
-    "sub       x28, x28, #" STRINGIZE_VALUE_OF(2 * PROBE_SIZE) "\n"
-    "mov       x27, sp" "\n" // Save the original ProbeContext*.
-    // Make sure the stack pointer points to the safe area. This ensures that the
-    // safe area is protected from interrupt handlers overwriting it.
-    "mov       sp, x28" "\n" // sp now points to the new ProbeContext in the safe area.
-    // Copy the relevant restore data to the new ProbeContext*.
-    "str       x30, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_X0_OFFSET) "]" "\n" // Stash the pc changed state away so that we can use lr.
-    "ldp       x28, x30, [x27, #" STRINGIZE_VALUE_OF(PROBE_CPU_X27_OFFSET) "]" "\n" // copy x27 and x28.
-    "stp       x28, x30, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_X27_OFFSET) "]" "\n"
-    "ldp       x28, x30, [x27, #" STRINGIZE_VALUE_OF(PROBE_CPU_FP_OFFSET) "]" "\n" // copy fp and lr.
-    "stp       x28, x30, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_FP_OFFSET) "]" "\n"
-    "ldp       x28, x30, [x27, #" STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET) "]" "\n" // copy sp and pc.
-    "stp       x28, x30, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET) "]" "\n"
-    "ldp       x28, x30, [x27, #" STRINGIZE_VALUE_OF(PROBE_CPU_NZCV_OFFSET) "]" "\n" // copy nzcv and fpsr.
-    "stp       x28, x30, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_NZCV_OFFSET) "]" "\n"
-    "ldr       x30, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_X0_OFFSET) "]" "\n" // Retrieve the stashed the pc changed state.
     LOCAL_LABEL_STRING(ctiMasmProbeTrampolineFillOutgoingProbeRecords) ":" "\n"

trunk/Source/JavaScriptCore/assembler/MacroAssemblerARMv7.cpp

-                      r220579
+                      r220807
 #define PROBE_PROBE_FUNCTION_OFFSET (0 * PTR_SIZE)
 #define PROBE_ARG_OFFSET (1 * PTR_SIZE)
+#define PROBE_FIRST_GPREG_OFFSET (2 * PTR_SIZE)
+#define PROBE_INIT_STACK_FUNCTION_OFFSET (2 * PTR_SIZE)
+#define PROBE_INIT_STACK_ARG_OFFSET (3 * PTR_SIZE)
+#define PROBE_FIRST_GPREG_OFFSET (4 * PTR_SIZE)
 #define GPREG_SIZE 4
 …
 #define PROBE_CPU_D30_OFFSET (PROBE_FIRST_FPREG_OFFSET + (30 * FPREG_SIZE))
 #define PROBE_CPU_D31_OFFSET (PROBE_FIRST_FPREG_OFFSET + (31 * FPREG_SIZE))
 #define PROBE_SIZE (PROBE_FIRST_FPREG_OFFSET + (32 * FPREG_SIZE))
+#define PROBE_ALIGNED_SIZE (PROBE_SIZE)
+#define OUT_SIZE GPREG_SIZE
 // These ASSERTs remind you that if you change the layout of ProbeContext,
 …
 COMPILE_ASSERT(PROBE_OFFSETOF(probeFunction) == PROBE_PROBE_FUNCTION_OFFSET, ProbeContext_probeFunction_offset_matches_ctiMasmProbeTrampoline);
 COMPILE_ASSERT(PROBE_OFFSETOF(arg) == PROBE_ARG_OFFSET, ProbeContext_arg_offset_matches_ctiMasmProbeTrampoline);
+COMPILE_ASSERT(PROBE_OFFSETOF(initializeStackFunction) == PROBE_INIT_STACK_FUNCTION_OFFSET, ProbeContext_initializeStackFunction_offset_matches_ctiMasmProbeTrampoline);
+COMPILE_ASSERT(PROBE_OFFSETOF(initializeStackArg) == PROBE_INIT_STACK_ARG_OFFSET, ProbeContext_initializeStackArg_offset_matches_ctiMasmProbeTrampoline);
 COMPILE_ASSERT(!(PROBE_CPU_R0_OFFSET & 0x3), ProbeContext_cpu_r0_offset_should_be_4_byte_aligned);
 …
 COMPILE_ASSERT(PROBE_OFFSETOF(cpu.sprs[ARMRegisters::fpscr]) == PROBE_CPU_FPSCR_OFFSET, ProbeContext_cpu_fpscr_offset_matches_ctiMasmProbeTrampoline);
 COMPILE_ASSERT(!(PROBE_CPU_D0_OFFSET & 0xf), ProbeContext_cpu_d0_offset_should_be_16_byte_aligned);
+COMPILE_ASSERT(!(PROBE_CPU_D0_OFFSET & 0x7), ProbeContext_cpu_d0_offset_should_be_8_byte_aligned);
 COMPILE_ASSERT(PROBE_OFFSETOF(cpu.fprs[ARMRegisters::d0]) == PROBE_CPU_D0_OFFSET, ProbeContext_cpu_d0_offset_matches_ctiMasmProbeTrampoline);
 …
 COMPILE_ASSERT(sizeof(ProbeContext) == PROBE_SIZE, ProbeContext_size_matches_ctiMasmProbeTrampoline);
-COMPILE_ASSERT(!(PROBE_ALIGNED_SIZE & 0xf), ProbeContext_aligned_size_offset_should_be_16_byte_aligned);
 #undef PROBE_OFFSETOF
 …
     "mov       ip, sp" "\n"
     "mov       r0, sp" "\n"
     "sub       r0, r0, #" STRINGIZE_VALUE_OF(PROBE_ALIGNED_SIZE) "\n"
+    "sub       r0, r0, #" STRINGIZE_VALUE_OF(PROBE_SIZE + OUT_SIZE) "\n"
     // The ARM EABI specifies that the stack needs to be 16 byte aligned.
     "bic       r0, r0, #0xf" "\n"
     "mov       sp, r0" "\n"
+    "mov       sp, r0" "\n" // Set the sp to protect the ProbeContext from interrupts before we initialize it.
     "str       lr, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_PC_OFFSET) "]" "\n"
 …
     "mov       fp, sp" "\n" // Save the ProbeContext*.
+    // Initialize ProbeContext::initializeStackFunction to zero.
+    "mov       r0, #0" "\n"
+    "str       r0, [fp, #" STRINGIZE_VALUE_OF(PROBE_INIT_STACK_FUNCTION_OFFSET) "]" "\n"
     "ldr       ip, [sp, #" STRINGIZE_VALUE_OF(PROBE_PROBE_FUNCTION_OFFSET) "]" "\n"
     "mov       r0, sp" "\n" // the ProbeContext* arg.
     "blx       ip" "\n"
+    // Make sure the ProbeContext is entirely below the result stack pointer so
+    // that register values are still preserved when we call the initializeStack
+    // function.
+    "ldr       r1, [fp, #" STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET) "]" "\n" // Result sp.
+    "add       r2, fp, #" STRINGIZE_VALUE_OF(PROBE_SIZE + OUT_SIZE) "\n" // End of ProveContext + buffer.
+    "cmp       r1, r2" "\n"
+    "it        ge" "\n"
+    "bge     " LOCAL_LABEL_STRING(ctiMasmProbeTrampolineProbeContextIsSafe) "\n"
+    // Allocate a safe place on the stack below the result stack pointer to stash the ProbeContext.
+    "sub       r1, r1, #" STRINGIZE_VALUE_OF(PROBE_SIZE + OUT_SIZE) "\n"
+    "bic       r1, r1, #0xf" "\n" // The ARM EABI specifies that the stack needs to be 16 byte aligned.
+    "mov       sp, r1" "\n" // Set the new sp to protect that memory from interrupts before we copy the ProbeContext.
+    // Copy the ProbeContext to the safe place.
+    // Note: we have to copy from low address to higher address because we're moving the
+    // ProbeContext to a lower address.
+    "mov       r5, fp" "\n"
+    "mov       r6, r1" "\n"
+    "add       r7, fp, #" STRINGIZE_VALUE_OF(PROBE_SIZE) "\n"
+    LOCAL_LABEL_STRING(ctiMasmProbeTrampolineCopyLoop) ":" "\n"
+    "ldr       r3, [r5], #4" "\n"
+    "ldr       r4, [r5], #4" "\n"
+    "str       r3, [r6], #4" "\n"
+    "str       r4, [r6], #4" "\n"
+    "cmp       r5, r7" "\n"
+    "it        lt" "\n"
+    "blt     " LOCAL_LABEL_STRING(ctiMasmProbeTrampolineCopyLoop) "\n"
+    "mov       fp, r1" "\n"
+    // Call initializeStackFunction if present.
+    LOCAL_LABEL_STRING(ctiMasmProbeTrampolineProbeContextIsSafe) ":" "\n"
+    "ldr       r2, [fp, #" STRINGIZE_VALUE_OF(PROBE_INIT_STACK_FUNCTION_OFFSET) "]" "\n"
+    "cbz       r2, " LOCAL_LABEL_STRING(ctiMasmProbeTrampolineRestoreRegisters) "\n"
+    "mov       r0, fp" "\n" // Set the ProbeContext* arg.
+    "blx       r2" "\n" // Call the initializeStackFunction (loaded into r2 above).
+    LOCAL_LABEL_STRING(ctiMasmProbeTrampolineRestoreRegisters) ":" "\n"
     "mov       sp, fp" "\n"
 …
     // There are 5 more registers left to restore: ip, sp, lr, pc, and apsr.
+    // There are 2 issues that complicate the restoration of these last few
+    // registers:
+    //
+    // 1. Normal ARM calling convention relies on moving lr to pc to return to
+    //    the caller. In our case, the address to return to is specified by
+    //    ProbeContext.cpu.gprs[pc]. And at that moment, we won't have any available
+    //    scratch registers to hold the return address (lr needs to hold
+    //    ProbeContext.cpu.gprs[lr], not the return address).
+    //
+    //    The solution is to store the return address on the stack and load the
+    //    pc from there.
+    //
+    // 2. Issue 1 means we will need to write to the stack location at
+    //    ProbeContext.cpu.gprs[sp] - PTR_SIZE. But if the user probe function had
+    //    modified the value of ProbeContext.cpu.gprs[sp] to point in the range between
+    //    &ProbeContext.cpu.gprs[ip] thru &ProbeContext.cpu.sprs[aspr], then the action
+    //    for Issue 1 may trash the values to be restored before we can restore them.
+    //
+    //    The solution is to check if ProbeContext.cpu.gprs[sp] contains a value in
+    //    the undesirable range. If so, we copy the remaining ProbeContext
+    //    register data to a safe area first, and restore the remaining register
+    //    from this new safe area.
+    // The restore area for the pc will be located at 1 word below the resultant sp.
+    // All restore values are located at offset <= PROBE_CPU_APSR_OFFSET. Hence,
+    // we need to make sure that resultant sp > offset of apsr + 1.
+    "add       ip, sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_APSR_OFFSET + PTR_SIZE) "\n"
+    // Set up the restore area for sp and pc.
     "ldr       lr, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET) "]" "\n"
-    "cmp       lr, ip" "\n"
-    "it        gt" "\n"
-    "bgt     " SYMBOL_STRING(ctiMasmProbeTrampolineEnd) "\n"
-    // Getting here means that the restore area will overlap the ProbeContext data
-    // that we will need to get the restoration values from. So, let's move that
-    // data to a safe place before we start writing into the restore area.
-    // Let's locate the "safe area" at 2x sizeof(ProbeContext) below where the
-    // restore area. This ensures that:
-    // 1. The safe area does not overlap the restore area.
-    // 2. The safe area does not overlap the ProbeContext.
-    //    This makes it so that we can use memcpy (does not require memmove) semantics
-    //    to copy the restore values to the safe area.
-    // lr already contains [sp, #STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET)].
-    "sub       lr, lr, #(2 * " STRINGIZE_VALUE_OF(PROBE_ALIGNED_SIZE) ")" "\n"
-    "mov       ip, sp" "\n" // Save the original ProbeContext*.
-    // Make sure the stack pointer points to the safe area. This ensures that the
-    // safe area is protected from interrupt handlers overwriting it.
-    "mov       sp, lr" "\n" // sp now points to the new ProbeContext in the safe area.
-    "mov       lr, ip" "\n" // Use lr as the old ProbeContext*.
-    // Copy the restore data to the new ProbeContext*.
-    "ldr       ip, [lr, #" STRINGIZE_VALUE_OF(PROBE_CPU_IP_OFFSET) "]" "\n"
-    "str       ip, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_IP_OFFSET) "]" "\n"
-    "ldr       ip, [lr, #" STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET) "]" "\n"
-    "str       ip, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET) "]" "\n"
-    "ldr       ip, [lr, #" STRINGIZE_VALUE_OF(PROBE_CPU_LR_OFFSET) "]" "\n"
-    "str       ip, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_LR_OFFSET) "]" "\n"
-    "ldr       ip, [lr, #" STRINGIZE_VALUE_OF(PROBE_CPU_PC_OFFSET) "]" "\n"
-    "str       ip, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_PC_OFFSET) "]" "\n"
-    "ldr       ip, [lr, #" STRINGIZE_VALUE_OF(PROBE_CPU_APSR_OFFSET) "]" "\n"
-    "str       ip, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_APSR_OFFSET) "]" "\n"
-    // ctiMasmProbeTrampolineEnd expects lr to contain the sp value to be restored.
-    // Since we used it as scratch above, let's restore it.
-    "ldr       lr, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET) "]" "\n"
-    ".thumb_func " THUMB_FUNC_PARAM(ctiMasmProbeTrampolineEnd) "\n"
-    SYMBOL_STRING(ctiMasmProbeTrampolineEnd) ":" "\n"
-    // Set up the restore area for sp and pc.
-    // lr already contains [sp, #STRINGIZE_VALUE_OF(PROBE_CPU_SP_OFFSET)].
     // Push the pc on to the restore area.
     "ldr       ip, [sp, #" STRINGIZE_VALUE_OF(PROBE_CPU_PC_OFFSET) "]" "\n"
     "sub       lr, lr, #" STRINGIZE_VALUE_OF(PTR_SIZE) "\n"
+    "sub       lr, lr, #" STRINGIZE_VALUE_OF(OUT_SIZE) "\n"
     "str       ip, [lr]" "\n"
     // Point sp to the restore area.

trunk/Source/JavaScriptCore/assembler/MacroAssemblerX86Common.cpp

-                      r220701
+                      r220807
 #define PROBE_PROBE_FUNCTION_OFFSET (0 * PTR_SIZE)
 #define PROBE_ARG_OFFSET (1 * PTR_SIZE)
+#define PROBE_FIRST_GPR_OFFSET (2 * PTR_SIZE)
+#define PROBE_INIT_STACK_FUNCTION_OFFSET (2 * PTR_SIZE)
+#define PROBE_INIT_STACK_ARG_OFFSET (3 * PTR_SIZE)
+#define PROBE_FIRST_GPR_OFFSET (4 * PTR_SIZE)
 #define PROBE_CPU_EAX_OFFSET (PROBE_FIRST_GPR_OFFSET + (0 * PTR_SIZE))
 #define PROBE_CPU_ECX_OFFSET (PROBE_FIRST_GPR_OFFSET + (1 * PTR_SIZE))
 …
 #if CPU(X86)
 #define PROBE_SIZE (PROBE_CPU_XMM7_OFFSET + XMM_SIZE)
-#define PROBE_ALIGNED_SIZE (PROBE_SIZE + (2 * XMM_SIZE))
 #else // CPU(X86_64)
 #define PROBE_CPU_XMM8_OFFSET (PROBE_FIRST_XMM_OFFSET + (8 * XMM_SIZE))
 …
 #define PROBE_CPU_XMM15_OFFSET (PROBE_FIRST_XMM_OFFSET + (15 * XMM_SIZE))
 #define PROBE_SIZE (PROBE_CPU_XMM15_OFFSET + XMM_SIZE)
-#define PROBE_ALIGNED_SIZE (PROBE_SIZE + (4 * XMM_SIZE))
 #endif // CPU(X86_64)
+// The outgoing record to be popped off the stack at the end consists of:
+// eflags, eax, ecx, ebp, eip.
+#define OUT_SIZE        (5 * PTR_SIZE)
 // These ASSERTs remind you that if you change the layout of ProbeContext,
 …
 COMPILE_ASSERT(PROBE_OFFSETOF(probeFunction) == PROBE_PROBE_FUNCTION_OFFSET, ProbeContext_probeFunction_offset_matches_ctiMasmProbeTrampoline);
 COMPILE_ASSERT(PROBE_OFFSETOF(arg) == PROBE_ARG_OFFSET, ProbeContext_arg_offset_matches_ctiMasmProbeTrampoline);
+COMPILE_ASSERT(PROBE_OFFSETOF(initializeStackFunction) == PROBE_INIT_STACK_FUNCTION_OFFSET, ProbeContext_initializeStackFunction_offset_matches_ctiMasmProbeTrampoline);
+COMPILE_ASSERT(PROBE_OFFSETOF(initializeStackArg) == PROBE_INIT_STACK_ARG_OFFSET, ProbeContext_initializeStackArg_offset_matches_ctiMasmProbeTrampoline);
 COMPILE_ASSERT(PROBE_OFFSETOF(cpu.gprs[X86Registers::eax]) == PROBE_CPU_EAX_OFFSET, ProbeContext_cpu_eax_offset_matches_ctiMasmProbeTrampoline);
 …
 COMPILE_ASSERT(sizeof(ProbeContext) == PROBE_SIZE, ProbeContext_size_matches_ctiMasmProbeTrampoline);
-COMPILE_ASSERT(!(PROBE_ALIGNED_SIZE & 0x1f), ProbeContext_aligned_size_offset_should_be_32_byte_aligned);
 #undef PROBE_OFFSETOF
 …
     "movl %esp, %eax" "\n"
+    "subl $" STRINGIZE_VALUE_OF(PROBE_ALIGNED_SIZE) ", %esp" "\n"
+    // The X86_64 ABI specifies that the worse case stack alignment requirement
+    // is 32 bytes.
+    "subl $" STRINGIZE_VALUE_OF(PROBE_SIZE + OUT_SIZE) ", %esp" "\n"
+    // The X86_64 ABI specifies that the worse case stack alignment requirement is 32 bytes.
     "andl $~0x1f, %esp" "\n"
 …
     "movq %xmm7, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM7_OFFSET) "(%ebp)" "\n"
+    "xorl %eax, %eax" "\n"
+    "movl %eax, " STRINGIZE_VALUE_OF(PROBE_INIT_STACK_FUNCTION_OFFSET) "(%ebp)" "\n"
     // Reserve stack space for the arg while maintaining the required stack
     // pointer 32 byte alignment:
 …
     "call *" STRINGIZE_VALUE_OF(PROBE_PROBE_FUNCTION_OFFSET) "(%ebp)" "\n"
+    // Make sure the ProbeContext is entirely below the result stack pointer so
+    // that register values are still preserved when we call the initializeStack
+    // function.
+    "movl $" STRINGIZE_VALUE_OF(PROBE_SIZE + OUT_SIZE) ", %ecx" "\n"
+    "movl %ebp, %eax" "\n"
+    "movl " STRINGIZE_VALUE_OF(PROBE_CPU_ESP_OFFSET) "(%ebp), %edx" "\n"
+    "addl %ecx, %eax" "\n"
+    "cmpl %eax, %edx" "\n"
+    "jge " LOCAL_LABEL_STRING(ctiMasmProbeTrampolineProbeContextIsSafe) "\n"
+    // Allocate a safe place on the stack below the result stack pointer to stash the ProbeContext.
+    "subl %ecx, %edx" "\n"
+    "andl $~0x1f, %edx" "\n" // Keep the stack pointer 32 bytes aligned.
+    "xorl %eax, %eax" "\n"
+    "movl %edx, %esp" "\n"
+    "movl $" STRINGIZE_VALUE_OF(PROBE_SIZE) ", %ecx" "\n"
+    // Copy the ProbeContext to the safe place.
+    LOCAL_LABEL_STRING(ctiMasmProbeTrampolineCopyLoop) ":" "\n"
+    "movl (%ebp, %eax), %edx" "\n"
+    "movl %edx, (%esp, %eax)" "\n"
+    "addl $" STRINGIZE_VALUE_OF(PTR_SIZE) ", %eax" "\n"
+    "cmpl %eax, %ecx" "\n"
+    "jg " LOCAL_LABEL_STRING(ctiMasmProbeTrampolineCopyLoop) "\n"
+    "movl %esp, %ebp" "\n"
+    // Call initializeStackFunction if present.
+    LOCAL_LABEL_STRING(ctiMasmProbeTrampolineProbeContextIsSafe) ":" "\n"
+    "xorl %ecx, %ecx" "\n"
+    "addl " STRINGIZE_VALUE_OF(PROBE_INIT_STACK_FUNCTION_OFFSET) "(%ebp), %ecx" "\n"
+    "je " LOCAL_LABEL_STRING(ctiMasmProbeTrampolineRestoreRegisters) "\n"
+    // Reserve stack space for the arg while maintaining the required stack
+    // pointer 32 byte alignment:
+    "subl $0x20, %esp" "\n"
+    "movl %ebp, 0(%esp)" "\n" // the ProbeContext* arg.
+    "call *%ecx" "\n"
+    LOCAL_LABEL_STRING(ctiMasmProbeTrampolineRestoreRegisters) ":" "\n"
     // To enable probes to modify register state, we copy all registers
 …
     // ecx now points to the restore area.
-    // Before we copy values from the ProbeContext to the restore area, we need to
-    // make sure that the restore area does not overlap any of the values that we'll
-    // be copying from in the ProbeContext. All the restore values to be copied from
-    // comes from offset <= PROBE_CPU_EFLAGS_OFFSET in the ProbeContext.
-    "movl %ebp, %eax" "\n"
-    "addl $" STRINGIZE_VALUE_OF(PROBE_CPU_EFLAGS_OFFSET) ", %eax" "\n"
-    "cmpl %eax, %ecx" "\n"
-    "jg " SYMBOL_STRING(ctiMasmProbeTrampolineEnd) "\n"
-    // Getting here means that the restore area will overlap the ProbeContext data
-    // that we will need to get the restoration values from. So, let's move that
-    // data to a safe place before we start writing into the restore area.
-    // Let's locate the "safe area" at 2x sizeof(ProbeContext) below where the
-    // restore area. This ensures that:
-    // 1. The safe area does not overlap the restore area.
-    // 2. The safe area does not overlap the ProbeContext.
-    //    This makes it so that we can use memcpy (does not require memmove) semantics
-    //    to copy the restore values to the safe area.
-    // Note: the safe area does not have to 32-byte align it because we're not using
-    // it to store any xmm regs.
-    "movl %ecx, %eax" "\n"
-    "subl $2 * " STRINGIZE_VALUE_OF(PROBE_ALIGNED_SIZE) ", %eax" "\n"
-    // eax now points to the safe area.
-    // Make sure the stack pointer points to the safe area. This ensures that the
-    // safe area is protected from interrupt handlers overwriting it.
-    "movl %eax, %esp" "\n"
-    "movl " STRINGIZE_VALUE_OF(PROBE_CPU_EAX_OFFSET) "(%ebp), %ecx" "\n"
-    "movl %ecx, " STRINGIZE_VALUE_OF(PROBE_CPU_EAX_OFFSET) "(%eax)" "\n"
-    "movl " STRINGIZE_VALUE_OF(PROBE_CPU_ECX_OFFSET) "(%ebp), %ecx" "\n"
-    "movl %ecx, " STRINGIZE_VALUE_OF(PROBE_CPU_ECX_OFFSET) "(%eax)" "\n"
-    "movl " STRINGIZE_VALUE_OF(PROBE_CPU_EBP_OFFSET) "(%ebp), %ecx" "\n"
-    "movl %ecx, " STRINGIZE_VALUE_OF(PROBE_CPU_EBP_OFFSET) "(%eax)" "\n"
-    "movl " STRINGIZE_VALUE_OF(PROBE_CPU_ESP_OFFSET) "(%ebp), %ecx" "\n"
-    "movl %ecx, " STRINGIZE_VALUE_OF(PROBE_CPU_ESP_OFFSET) "(%eax)" "\n"
-    "movl " STRINGIZE_VALUE_OF(PROBE_CPU_EIP_OFFSET) "(%ebp), %ecx" "\n"
-    "movl %ecx, " STRINGIZE_VALUE_OF(PROBE_CPU_EIP_OFFSET) "(%eax)" "\n"
-    "movl " STRINGIZE_VALUE_OF(PROBE_CPU_EFLAGS_OFFSET) "(%ebp), %ecx" "\n"
-    "movl %ecx, " STRINGIZE_VALUE_OF(PROBE_CPU_EFLAGS_OFFSET) "(%eax)" "\n"
-    "movl %eax, %ebp" "\n"
-    // We used ecx above as scratch register. Let's restore it to points to the
-    // restore area.
-    "movl " STRINGIZE_VALUE_OF(PROBE_CPU_ESP_OFFSET) "(%ebp), %ecx" "\n"
-    "subl $5 * " STRINGIZE_VALUE_OF(PTR_SIZE) ", %ecx" "\n"
-    // ecx now points to the restore area.
-    SYMBOL_STRING(ctiMasmProbeTrampolineEnd) ":" "\n"
     // Copy remaining restore values from the ProbeContext to the restore area.
+    // Note: We already ensured above that the ProbeContext is in a safe location before
+    // calling the initializeStackFunction. The initializeStackFunction is not allowed to
+    // change the stack pointer again.
     "movl " STRINGIZE_VALUE_OF(PROBE_CPU_EFLAGS_OFFSET) "(%ebp), %eax" "\n"
     "movl %eax, 0 * " STRINGIZE_VALUE_OF(PTR_SIZE) "(%ecx)" "\n"
 …
     "movq %rsp, %rax" "\n"
+    "subq $" STRINGIZE_VALUE_OF(PROBE_ALIGNED_SIZE) ", %rsp" "\n"
+    // The X86_64 ABI specifies that the worse case stack alignment requirement
+    // is 32 bytes.
+    "subq $" STRINGIZE_VALUE_OF(PROBE_SIZE + OUT_SIZE) ", %rsp" "\n"
+    // The X86_64 ABI specifies that the worse case stack alignment requirement is 32 bytes.
     "andq $~0x1f, %rsp" "\n"
+    // Since sp points to the ProbeContext, we've ensured that it's protected from interrupts before we initialize it.
     "movq %rbp, " STRINGIZE_VALUE_OF(PROBE_CPU_EBP_OFFSET) "(%rsp)" "\n"
 …
     "movq %xmm15, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM15_OFFSET) "(%rbp)" "\n"
+    "xorq %rax, %rax" "\n"
+    "movq %rax, " STRINGIZE_VALUE_OF(PROBE_INIT_STACK_FUNCTION_OFFSET) "(%rbp)" "\n"
     "movq %rbp, %rdi" "\n" // the ProbeContext* arg.
     "call *" STRINGIZE_VALUE_OF(PROBE_PROBE_FUNCTION_OFFSET) "(%rbp)" "\n"
+    // Make sure the ProbeContext is entirely below the result stack pointer so
+    // that register values are still preserved when we call the initializeStack
+    // function.
+    "movq $" STRINGIZE_VALUE_OF(PROBE_SIZE + OUT_SIZE) ", %rcx" "\n"
+    "movq %rbp, %rax" "\n"
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_ESP_OFFSET) "(%rbp), %rdx" "\n"
+    "addq %rcx, %rax" "\n"
+    "cmpq %rax, %rdx" "\n"
+    "jge " LOCAL_LABEL_STRING(ctiMasmProbeTrampolineProbeContextIsSafe) "\n"
+    // Allocate a safe place on the stack below the result stack pointer to stash the ProbeContext.
+    "subq %rcx, %rdx" "\n"
+    "andq $~0x1f, %rdx" "\n" // Keep the stack pointer 32 bytes aligned.
+    "xorq %rax, %rax" "\n"
+    "movq %rdx, %rsp" "\n"
+    "movq $" STRINGIZE_VALUE_OF(PROBE_SIZE) ", %rcx" "\n"
+    // Copy the ProbeContext to the safe place.
+    LOCAL_LABEL_STRING(ctiMasmProbeTrampolineCopyLoop) ":" "\n"
+    "movq (%rbp, %rax), %rdx" "\n"
+    "movq %rdx, (%rsp, %rax)" "\n"
+    "addq $" STRINGIZE_VALUE_OF(PTR_SIZE) ", %rax" "\n"
+    "cmpq %rax, %rcx" "\n"
+    "jg " LOCAL_LABEL_STRING(ctiMasmProbeTrampolineCopyLoop) "\n"
+    "movq %rsp, %rbp" "\n"
+    // Call initializeStackFunction if present.
+    LOCAL_LABEL_STRING(ctiMasmProbeTrampolineProbeContextIsSafe) ":" "\n"
+    "xorq %rcx, %rcx" "\n"
+    "addq " STRINGIZE_VALUE_OF(PROBE_INIT_STACK_FUNCTION_OFFSET) "(%rbp), %rcx" "\n"
+    "je " LOCAL_LABEL_STRING(ctiMasmProbeTrampolineRestoreRegisters) "\n"
+    "movq %rbp, %rdi" "\n" // the ProbeContext* arg.
+    "call *%rcx" "\n"
+    LOCAL_LABEL_STRING(ctiMasmProbeTrampolineRestoreRegisters) ":" "\n"
     // To enable probes to modify register state, we copy all registers
 …
     // rcx now points to the restore area.
-    // Before we copy values from the ProbeContext to the restore area, we need to
-    // make sure that the restore area does not overlap any of the values that we'll
-    // be copying from in the ProbeContext. All the restore values to be copied from
-    // comes from offset <= PROBE_CPU_EFLAGS_OFFSET in the ProbeContext.
-    "movq %rbp, %rax" "\n"
-    "addq $" STRINGIZE_VALUE_OF(PROBE_CPU_EFLAGS_OFFSET) ", %rax" "\n"
-    "cmpq %rax, %rcx" "\n"
-    "jg " SYMBOL_STRING(ctiMasmProbeTrampolineEnd) "\n"
-    // Getting here means that the restore area will overlap the ProbeContext data
-    // that we will need to get the restoration values from. So, let's move that
-    // data to a safe place before we start writing into the restore area.
-    // Let's locate the "safe area" at 2x sizeof(ProbeContext) below where the
-    // restore area. This ensures that:
-    // 1. The safe area does not overlap the restore area.
-    // 2. The safe area does not overlap the ProbeContext.
-    //    This makes it so that we can use memcpy (does not require memmove) semantics
-    //    to copy the restore values to the safe area.
-    // Note: the safe area does not have to 32-byte align it because we're not using
-    // it to store any xmm regs.
-    "movq %rcx, %rax" "\n"
-    "subq $2 * " STRINGIZE_VALUE_OF(PROBE_ALIGNED_SIZE) ", %rax" "\n"
-    // rax now points to the safe area.
-    // Make sure the stack pointer points to the safe area. This ensures that the
-    // safe area is protected from interrupt handlers overwriting it.
-    "movq %rax, %rsp" "\n"
-    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_EAX_OFFSET) "(%rbp), %rcx" "\n"
-    "movq %rcx, " STRINGIZE_VALUE_OF(PROBE_CPU_EAX_OFFSET) "(%rax)" "\n"
-    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_ECX_OFFSET) "(%rbp), %rcx" "\n"
-    "movq %rcx, " STRINGIZE_VALUE_OF(PROBE_CPU_ECX_OFFSET) "(%rax)" "\n"
-    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_EBP_OFFSET) "(%rbp), %rcx" "\n"
-    "movq %rcx, " STRINGIZE_VALUE_OF(PROBE_CPU_EBP_OFFSET) "(%rax)" "\n"
-    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_ESP_OFFSET) "(%rbp), %rcx" "\n"
-    "movq %rcx, " STRINGIZE_VALUE_OF(PROBE_CPU_ESP_OFFSET) "(%rax)" "\n"
-    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_EIP_OFFSET) "(%rbp), %rcx" "\n"
-    "movq %rcx, " STRINGIZE_VALUE_OF(PROBE_CPU_EIP_OFFSET) "(%rax)" "\n"
-    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_EFLAGS_OFFSET) "(%rbp), %rcx" "\n"
-    "movq %rcx, " STRINGIZE_VALUE_OF(PROBE_CPU_EFLAGS_OFFSET) "(%rax)" "\n"
-    "movq %rax, %rbp" "\n"
-    // We used rcx above as scratch register. Let's restore it to points to the
-    // restore area.
-    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_ESP_OFFSET) "(%rbp), %rcx" "\n"
-    "subq $5 * " STRINGIZE_VALUE_OF(PTR_SIZE) ", %rcx" "\n"
-    // rcx now points to the restore area.
-    SYMBOL_STRING(ctiMasmProbeTrampolineEnd) ":" "\n"
     // Copy remaining restore values from the ProbeContext to the restore area.
+    // Note: We already ensured above that the ProbeContext is in a safe location before
+    // calling the initializeStackFunction. The initializeStackFunction is not allowed to
+    // change the stack pointer again.
     "movq " STRINGIZE_VALUE_OF(PROBE_CPU_EFLAGS_OFFSET) "(%rbp), %rax" "\n"
     "movq %rax, 0 * " STRINGIZE_VALUE_OF(PTR_SIZE) "(%rcx)" "\n"

trunk/Source/JavaScriptCore/assembler/testmasm.cpp

-                      r220744
+                      r220807
 namespace {
+using CPUState = MacroAssembler::CPUState;
 StaticLock crashLock;
 …
     // to validate that the probe preserves register values.
     unsigned probeCallCount = 0;
     MacroAssembler::CPUState originalState;
+    CPUState originalState;
     compileAndRun<void>([&] (CCallHelpers& jit) {
 …
+{
     unsigned probeCallCount = 0;
     MacroAssembler::CPUState originalState;
+    CPUState originalState;
     void* originalSP { nullptr };
     void* modifiedSP { nullptr };
 …
+}
+struct FillStackData {
+    CPUState originalState;
+    void* originalSP { nullptr };
+    void* newSP { nullptr };
+    uintptr_t modifiedFlags { 0 };
+    MacroAssembler::SPRegisterID flagsSPR;
+};
+static void fillStack(ProbeContext* context)
+{
+    auto& cpu = context->cpu;
+    FillStackData& data = *reinterpret_cast<FillStackData*>(context->initializeStackArg);
+    CPUState& originalState = data.originalState;
+    void*& originalSP = data.originalSP;
+    void*& newSP = data.newSP;
+    uintptr_t& modifiedFlags = data.modifiedFlags;
+    MacroAssembler::SPRegisterID& flagsSPR = data.flagsSPR;
+    CHECK_EQ(reinterpret_cast<void*>(context->initializeStackFunction), reinterpret_cast<void*>(fillStack));
+    CHECK_EQ(cpu.sp(), newSP);
+    // Verify that the probe has put the ProbeContext out of harm's way.
+    CHECK_EQ((reinterpret_cast<void*>(context + 1) <= cpu.sp()), true);
+    // Verify the CPU state.
+    for (auto id = CCallHelpers::firstRegister(); id <= CCallHelpers::lastRegister(); id = nextID(id)) {
+        if (isFP(id)) {
+            CHECK_EQ(cpu.gpr(id), originalState.gpr(id));
+            continue;
+        }
+        if (isSpecialGPR(id))
+            continue;
+        CHECK_EQ(cpu.gpr(id), testWord(id));
+    }
+    for (auto id = CCallHelpers::firstFPRegister(); id <= CCallHelpers::lastFPRegister(); id = nextID(id))
+        CHECK_EQ(cpu.fpr<uint64_t>(id), testWord64(id));
+    CHECK_EQ(cpu.spr(flagsSPR), modifiedFlags);
+    // Fill the stack with values.
+    uintptr_t* p = reinterpret_cast<uintptr_t*>(newSP);
+    int count = 0;
+    while (p < reinterpret_cast<uintptr_t*>(originalSP))
+        *p++ = testWord(count++);
+};
+void testProbeModifiesStackWithCallback()
+{
+    unsigned probeCallCount = 0;
+    FillStackData data;
+    CPUState& originalState = data.originalState;
+    void*& originalSP = data.originalSP;
+    void*& newSP = data.newSP;
+    uintptr_t& modifiedFlags = data.modifiedFlags;
+    size_t numberOfExtraEntriesToWrite = 10; // ARM64 requires that this be 2 word aligned.
+    MacroAssembler::SPRegisterID& flagsSPR = data.flagsSPR;
+#if CPU(X86) || CPU(X86_64)
+    flagsSPR = X86Registers::eflags;
+    uintptr_t flagsMask = 0xc5;
+#elif CPU(ARM_THUMB2) || CPU(ARM_TRADITIONAL)
+    flagsSPR = ARMRegisters::apsr;
+    uintptr_t flagsMask = 0xf0000000;
+#elif CPU(ARM64)
+    flagsSPR = ARM64Registers::nzcv;
+    uintptr_t flagsMask = 0xf0000000;
+#endif
+    compileAndRun<void>([&] (CCallHelpers& jit) {
+        jit.emitFunctionPrologue();
+        // Write expected values into the registers.
+        jit.probe([&] (ProbeContext* context) {
+            auto& cpu = context->cpu;
+            probeCallCount++;
+            // Preserve the original CPU state.
+            for (auto id = CCallHelpers::firstRegister(); id <= CCallHelpers::lastRegister(); id = nextID(id)) {
+                originalState.gpr(id) = cpu.gpr(id);
+                if (isSpecialGPR(id))
+                    continue;
+                cpu.gpr(id) = testWord(static_cast<int>(id));
+            }
+            for (auto id = CCallHelpers::firstFPRegister(); id <= CCallHelpers::lastFPRegister(); id = nextID(id)) {
+                originalState.fpr(id) = cpu.fpr(id);
+                cpu.fpr(id) = bitwise_cast<double>(testWord64(id));
+            }
+            originalState.spr(flagsSPR) = cpu.spr(flagsSPR);
+            modifiedFlags = originalState.spr(flagsSPR) ^ flagsMask;
+            cpu.spr(flagsSPR) = modifiedFlags;
+            CHECK_EQ(reinterpret_cast<void*>(context->initializeStackFunction), 0);
+            // Prepare for initializeStack callback.
+            context->initializeStackFunction = fillStack;
+            context->initializeStackArg = &data;
+            // Ensure that we'll be writing over the regions of the stack where the ProbeContext is.
+            originalSP = cpu.sp();
+            newSP = reinterpret_cast<uintptr_t*>(context) - numberOfExtraEntriesToWrite;
+            cpu.sp() = newSP;
+        });
+        // Validate that the registers and stack have the expected values.
+        jit.probe([&] (ProbeContext* context) {
+            auto& cpu = context->cpu;
+            probeCallCount++;
+            // Validate the register values.
+            for (auto id = CCallHelpers::firstRegister(); id <= CCallHelpers::lastRegister(); id = nextID(id)) {
+                if (isFP(id)) {
+                    CHECK_EQ(cpu.gpr(id), originalState.gpr(id));
+                    continue;
+                }
+                if (isSpecialGPR(id))
+                    continue;
+                CHECK_EQ(cpu.gpr(id), testWord(id));
+            }
+            for (auto id = CCallHelpers::firstFPRegister(); id <= CCallHelpers::lastFPRegister(); id = nextID(id))
+                CHECK_EQ(cpu.fpr<uint64_t>(id), testWord64(id));
+            CHECK_EQ(cpu.spr(flagsSPR), modifiedFlags);
+            CHECK_EQ(cpu.sp(), newSP);
+            // Validate the stack with values.
+            uintptr_t* p = reinterpret_cast<uintptr_t*>(newSP);
+            int count = 0;
+            while (p < reinterpret_cast<uintptr_t*>(originalSP))
+                CHECK_EQ(*p++, testWord(count++));
+        });
+        // Restore the original state.
+        jit.probe([&] (ProbeContext* context) {
+            auto& cpu = context->cpu;
+            probeCallCount++;
+            for (auto id = CCallHelpers::firstRegister(); id <= CCallHelpers::lastRegister(); id = nextID(id)) {
+                if (isSpecialGPR(id))
+                    continue;
+                cpu.gpr(id) = originalState.gpr(id);
+            }
+            for (auto id = CCallHelpers::firstFPRegister(); id <= CCallHelpers::lastFPRegister(); id = nextID(id))
+                cpu.fpr(id) = originalState.fpr(id);
+            cpu.spr(flagsSPR) = originalState.spr(flagsSPR);
+            cpu.sp() = originalSP;
+        });
+        jit.emitFunctionEpilogue();
+        jit.ret();
+    });
+    CHECK_EQ(probeCallCount, 3);
+}
 #define RUN(test) do {                          \
         if (!shouldRun(#test))                  \
 …
     RUN(testProbeModifiesStackPointerToNBytesBelowSP());
     RUN(testProbeModifiesProgramCounter());
+    RUN(testProbeModifiesStackWithCallback());
     if (tasks.isEmpty())

Note: See TracChangeset for help on using the changeset viewer.