Changeset 236880 in webkit


Ignore:
Timestamp:
Oct 5, 2018, 11:33:41 AM (7 years ago)
Author:
mark.lam@apple.com
Message:

performJITMemcpy() should handle the case when the executable allocator is not initialized yet.
https://bugs.webkit.org/show_bug.cgi?id=190317
<rdar://problem/45039398>

Reviewed by Saam Barati.

When SeparatedWXHeaps is in use, jitWriteThunkGenerator() will call performJITMemcpy()
to copy memory before the JIT fixed memory pool is initialize. Before r236864,
performJITMemcpy() would just do a memcpy in that case. We need to restore the
equivalent behavior.

  • jit/ExecutableAllocator.cpp:

(JSC::isJITPC):

  • jit/ExecutableAllocator.h:

(JSC::performJITMemcpy):

Location:
trunk/Source/JavaScriptCore
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/ChangeLog

    r236873 r236880  
     12018-10-05  Mark Lam  <mark.lam@apple.com>
     2
     3        performJITMemcpy() should handle the case when the executable allocator is not initialized yet.
     4        https://bugs.webkit.org/show_bug.cgi?id=190317
     5        <rdar://problem/45039398>
     6
     7        Reviewed by Saam Barati.
     8
     9        When SeparatedWXHeaps is in use, jitWriteThunkGenerator() will call performJITMemcpy()
     10        to copy memory before the JIT fixed memory pool is initialize.  Before r236864,
     11        performJITMemcpy() would just do a memcpy in that case.  We need to restore the
     12        equivalent behavior.
     13
     14        * jit/ExecutableAllocator.cpp:
     15        (JSC::isJITPC):
     16        * jit/ExecutableAllocator.h:
     17        (JSC::performJITMemcpy):
     18
    1192018-10-05  Carlos Eduardo Ramalho  <cadubentzen@gmail.com>
    220

  • trunk/Source/JavaScriptCore/jit/ExecutableAllocator.cpp

    r236864 r236880  
    332332        return linkBuffer.finalizeCodeWithoutDisassembly<JITThunkPtrTag>();
    333333    }
    334 #else // CPU(ARM64) && USE(EXECUTE_ONLY_JIT_WRITE_FUNCTION)
     334#else // not CPU(ARM64) && USE(EXECUTE_ONLY_JIT_WRITE_FUNCTION)
    335335    static void genericWriteToJITRegion(off_t offset, const void* data, size_t dataSize)
    336336    {
     
    351351        return MacroAssemblerCodeRef<JITThunkPtrTag>::createSelfManagedCodeRef(codePtr);
    352352    }
    353 #endif
     353#endif // CPU(ARM64) && USE(EXECUTE_ONLY_JIT_WRITE_FUNCTION)
    354354
    355355#else // OS(DARWIN) && HAVE(REMAP_JIT)
     
    510510bool isJITPC(void* pc)
    511511{
    512     return allocator->isJITPC(pc);
     512    return allocator && allocator->isJITPC(pc);
    513513}
    514514

  • trunk/Source/JavaScriptCore/jit/ExecutableAllocator.h

    r236864 r236880  
    9494    RELEASE_ASSERT(roundUpToMultipleOf<instructionSize>(src) == src);
    9595#endif
    96     if (dst >= startOfFixedExecutableMemoryPool() && dst < endOfFixedExecutableMemoryPool()) {
     96    if (isJITPC(dst)) {
    9797        RELEASE_ASSERT(reinterpret_cast<uint8_t*>(dst) + n <= endOfFixedExecutableMemoryPool());
    9898#if ENABLE(FAST_JIT_PERMISSIONS)
Note: See TracChangeset for help on using the changeset viewer.