Changeset 264688 in webkit


Ignore:
Timestamp:
Jul 21, 2020 6:40:59 PM (4 years ago)
Author:
mark.lam@apple.com
Message:

Simplify DisallowScope, DisallowGC, and DisallowVMReentry implementations.
https://bugs.webkit.org/show_bug.cgi?id=214539
<rdar://problem/65795729>

Reviewed by Keith Miller.

Previously, DisallowScope needed to support enabling and disabling. This was
only needed to enable the implementation of ObjectInitializationScope. Now, we
can make the DisallowGC and DisallowVMReentry inside ObjectInitializationScope
optional with WTF::Optional. With that we can simplify these scopes and make
them true RAII scope objects.

This patch also does the following:

  1. Renamed DisallowVMReentry to DisallowVMEntry. The scope can be used to disable VM entry completely. There's no need to restrict it to only re-entries.
  1. Enforcement of DisallowVMReentry is now done in the LLInt's doVMEntry() instead of the VMEntryScope's constructor. This is a stronger guarantee.

If Options::crashOnDisallowedVMEntry() is true, the VM will crash if it sees
an attempt to enter the VM while disallowed.

If Options::crashOnDisallowedVMEntry() is false, an attempt to call into the VM
while disallowed will return immediately with an undefined result without
invoking any script.

By default, Options::crashOnDisallowedVMEntry() is true if ASSERT_ENABLED is
true.

  1. Change DisallowScope and DisallowGC to be based on ASSERT_ENABLED instead of NEBUG.
  1. Make DisallowVMEntry always enforceable, not just when ASSERT_ENABLED. It's enforcement action depends on Options::crashOnDisallowedVMEntry() as described above.
  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • heap/DeferGC.cpp:
  • heap/DeferGC.h:

(JSC::DisallowGC::DisallowGC):
(JSC::DisallowGC::initialize):

  • interpreter/Interpreter.cpp:

(JSC::Interpreter::executeProgram):
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):
(JSC::Interpreter::execute):
(JSC::Interpreter::executeModuleProgram):

  • llint/LLIntSlowPaths.cpp:

(JSC::LLInt::llint_check_vm_entry_permission):

  • llint/LLIntSlowPaths.h:
  • llint/LowLevelInterpreter32_64.asm:
  • llint/LowLevelInterpreter64.asm:
  • runtime/DisallowScope.h:

(JSC::DisallowScope::DisallowScope):
(JSC::DisallowScope::~DisallowScope):
(JSC::DisallowScope::isInEffectOnCurrentThread):
(JSC::DisallowScope::enable): Deleted.
(JSC::DisallowScope::disable): Deleted.
(JSC::DisallowScope::enterScope): Deleted.
(JSC::DisallowScope::exitScope): Deleted.

  • runtime/DisallowVMEntry.h: Copied from Source/JavaScriptCore/runtime/DisallowVMReentry.h.

(JSC::DisallowVMEntryImpl::DisallowVMEntryImpl):
(JSC::DisallowVMEntryImpl::~DisallowVMEntryImpl):
(JSC::DisallowVMEntryImpl::isEngaged const):
(JSC::DisallowVMEntryImpl::release):
(JSC::DisallowVMReentry::DisallowVMReentry): Deleted.
(JSC::DisallowVMReentry::initialize): Deleted.
(JSC::DisallowVMReentry::scopeReentryCount): Deleted.
(JSC::DisallowVMReentry::setScopeReentryCount): Deleted.

  • runtime/DisallowVMReentry.cpp: Removed.
  • runtime/DisallowVMReentry.h: Removed.
  • runtime/InitializeThreading.cpp:

(JSC::initialize):

  • runtime/JSArray.cpp:

(JSC::JSArray::tryCreateUninitializedRestricted):

  • runtime/ObjectInitializationScope.cpp:

(JSC::ObjectInitializationScope::ObjectInitializationScope):
(JSC::ObjectInitializationScope::notifyAllocated):
(JSC::ObjectInitializationScope::notifyInitialized):

  • runtime/ObjectInitializationScope.h:

(JSC::ObjectInitializationScope::vm const):
(JSC::ObjectInitializationScope::ObjectInitializationScope):
(JSC::ObjectInitializationScope::~ObjectInitializationScope):
(JSC::ObjectInitializationScope::notifyAllocated):
(JSC::ObjectInitializationScope::notifyInitialized):

  • runtime/OptionsList.h:
  • runtime/RegExpMatchesArray.h:

(JSC::tryCreateUninitializedRegExpMatchesArray):

  • runtime/VM.h:
  • runtime/VMEntryScope.cpp:

(JSC::VMEntryScope::VMEntryScope):

Location:
trunk/Source/JavaScriptCore
Files:
1 deleted
20 edited
1 moved

Legend:

Unmodified
Added
Removed
  • trunk/Source/JavaScriptCore/CMakeLists.txt

    r264639 r264688  
    839839    runtime/DirectEvalExecutable.h
    840840    runtime/DisallowScope.h
    841     runtime/DisallowVMReentry.h
     841    runtime/DisallowVMEntry.h
    842842    runtime/DumpContext.h
    843843    runtime/ECMAMode.h
  • trunk/Source/JavaScriptCore/ChangeLog

    r264679 r264688  
     12020-07-21  Mark Lam  <mark.lam@apple.com>
     2
     3        Simplify DisallowScope, DisallowGC, and DisallowVMReentry implementations.
     4        https://bugs.webkit.org/show_bug.cgi?id=214539
     5        <rdar://problem/65795729>
     6
     7        Reviewed by Keith Miller.
     8
     9        Previously, DisallowScope needed to support enabling and disabling.  This was
     10        only needed to enable the implementation of ObjectInitializationScope.  Now, we
     11        can make the DisallowGC and DisallowVMReentry inside ObjectInitializationScope
     12        optional with WTF::Optional.  With that we can simplify these scopes and make
     13        them true RAII scope objects.
     14
     15        This patch also does the following:
     16
     17        1. Renamed DisallowVMReentry to DisallowVMEntry.
     18           The scope can be used to disable VM entry completely.  There's no need to
     19           restrict it to only re-entries.
     20
     21        2. Enforcement of DisallowVMReentry is now done in the LLInt's doVMEntry() instead
     22           of the VMEntryScope's constructor.  This is a stronger guarantee.
     23
     24           If Options::crashOnDisallowedVMEntry() is true, the VM will crash if it sees
     25           an attempt to enter the VM while disallowed.
     26
     27           If Options::crashOnDisallowedVMEntry() is false, an attempt to call into the VM
     28           while disallowed will return immediately with an undefined result without
     29           invoking any script.
     30
     31           By default, Options::crashOnDisallowedVMEntry() is true if ASSERT_ENABLED is
     32           true.
     33
     34        3. Change DisallowScope and DisallowGC to be based on ASSERT_ENABLED instead of NEBUG.
     35
     36        4. Make DisallowVMEntry always enforceable, not just when ASSERT_ENABLED.
     37           It's enforcement action depends on Options::crashOnDisallowedVMEntry() as
     38           described above.
     39
     40        * CMakeLists.txt:
     41        * JavaScriptCore.xcodeproj/project.pbxproj:
     42        * Sources.txt:
     43        * heap/DeferGC.cpp:
     44        * heap/DeferGC.h:
     45        (JSC::DisallowGC::DisallowGC):
     46        (JSC::DisallowGC::initialize):
     47        * interpreter/Interpreter.cpp:
     48        (JSC::Interpreter::executeProgram):
     49        (JSC::Interpreter::executeCall):
     50        (JSC::Interpreter::executeConstruct):
     51        (JSC::Interpreter::execute):
     52        (JSC::Interpreter::executeModuleProgram):
     53        * llint/LLIntSlowPaths.cpp:
     54        (JSC::LLInt::llint_check_vm_entry_permission):
     55        * llint/LLIntSlowPaths.h:
     56        * llint/LowLevelInterpreter32_64.asm:
     57        * llint/LowLevelInterpreter64.asm:
     58        * runtime/DisallowScope.h:
     59        (JSC::DisallowScope::DisallowScope):
     60        (JSC::DisallowScope::~DisallowScope):
     61        (JSC::DisallowScope::isInEffectOnCurrentThread):
     62        (JSC::DisallowScope::enable): Deleted.
     63        (JSC::DisallowScope::disable): Deleted.
     64        (JSC::DisallowScope::enterScope): Deleted.
     65        (JSC::DisallowScope::exitScope): Deleted.
     66        * runtime/DisallowVMEntry.h: Copied from Source/JavaScriptCore/runtime/DisallowVMReentry.h.
     67        (JSC::DisallowVMEntryImpl::DisallowVMEntryImpl):
     68        (JSC::DisallowVMEntryImpl::~DisallowVMEntryImpl):
     69        (JSC::DisallowVMEntryImpl::isEngaged const):
     70        (JSC::DisallowVMEntryImpl::release):
     71        (JSC::DisallowVMReentry::DisallowVMReentry): Deleted.
     72        (JSC::DisallowVMReentry::initialize): Deleted.
     73        (JSC::DisallowVMReentry::scopeReentryCount): Deleted.
     74        (JSC::DisallowVMReentry::setScopeReentryCount): Deleted.
     75        * runtime/DisallowVMReentry.cpp: Removed.
     76        * runtime/DisallowVMReentry.h: Removed.
     77        * runtime/InitializeThreading.cpp:
     78        (JSC::initialize):
     79        * runtime/JSArray.cpp:
     80        (JSC::JSArray::tryCreateUninitializedRestricted):
     81        * runtime/ObjectInitializationScope.cpp:
     82        (JSC::ObjectInitializationScope::ObjectInitializationScope):
     83        (JSC::ObjectInitializationScope::notifyAllocated):
     84        (JSC::ObjectInitializationScope::notifyInitialized):
     85        * runtime/ObjectInitializationScope.h:
     86        (JSC::ObjectInitializationScope::vm const):
     87        (JSC::ObjectInitializationScope::ObjectInitializationScope):
     88        (JSC::ObjectInitializationScope::~ObjectInitializationScope):
     89        (JSC::ObjectInitializationScope::notifyAllocated):
     90        (JSC::ObjectInitializationScope::notifyInitialized):
     91        * runtime/OptionsList.h:
     92        * runtime/RegExpMatchesArray.h:
     93        (JSC::tryCreateUninitializedRegExpMatchesArray):
     94        * runtime/VM.h:
     95        * runtime/VMEntryScope.cpp:
     96        (JSC::VMEntryScope::VMEntryScope):
     97
    1982020-07-21  Mark Lam  <mark.lam@apple.com>
    299
  • trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj

    r264639 r264688  
    19261926                FE533CA61F217DB30016A1FE /* JavaScriptCore.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 932F5BD90822A1C700736975 /* JavaScriptCore.framework */; };
    19271927                FE533CAD1F217EA50016A1FE /* testmasm.cpp in Sources */ = {isa = PBXBuildFile; fileRef = FE533CA01F217C310016A1FE /* testmasm.cpp */; };
    1928                 FE54DEFB1E8C6D8800A892C5 /* DisallowVMReentry.h in Headers */ = {isa = PBXBuildFile; fileRef = FE54DEFA1E8C6D7200A892C5 /* DisallowVMReentry.h */; settings = {ATTRIBUTES = (Private, ); }; };
     1928                FE54DEFB1E8C6D8800A892C5 /* DisallowVMEntry.h in Headers */ = {isa = PBXBuildFile; fileRef = FE54DEFA1E8C6D7200A892C5 /* DisallowVMEntry.h */; settings = {ATTRIBUTES = (Private, ); }; };
    19291929                FE54DEFF1E8D76FA00A892C5 /* DisallowScope.h in Headers */ = {isa = PBXBuildFile; fileRef = FE54DEFE1E8D742800A892C5 /* DisallowScope.h */; settings = {ATTRIBUTES = (Private, ); }; };
    19301930                FE5628CE1E99513200C49E45 /* AirPrintSpecial.h in Headers */ = {isa = PBXBuildFile; fileRef = FE5628CC1E99512400C49E45 /* AirPrintSpecial.h */; };
     
    52265226                FE533CA01F217C310016A1FE /* testmasm.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = testmasm.cpp; sourceTree = "<group>"; };
    52275227                FE533CAC1F217DB40016A1FE /* testmasm */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = testmasm; sourceTree = BUILT_PRODUCTS_DIR; };
    5228                 FE54DEFA1E8C6D7200A892C5 /* DisallowVMReentry.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DisallowVMReentry.h; sourceTree = "<group>"; };
    5229                 FE54DEFC1E8C6DFF00A892C5 /* DisallowVMReentry.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = DisallowVMReentry.cpp; sourceTree = "<group>"; };
     5228                FE54DEFA1E8C6D7200A892C5 /* DisallowVMEntry.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DisallowVMEntry.h; sourceTree = "<group>"; };
    52305229                FE54DEFE1E8D742800A892C5 /* DisallowScope.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DisallowScope.h; sourceTree = "<group>"; };
    52315230                FE5628CB1E99512400C49E45 /* AirPrintSpecial.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = AirPrintSpecial.cpp; path = b3/air/AirPrintSpecial.cpp; sourceTree = "<group>"; };
     
    71737172                                14386A731DD69895008652C4 /* DirectEvalExecutable.h */,
    71747173                                FE54DEFE1E8D742800A892C5 /* DisallowScope.h */,
    7175                                 FE54DEFC1E8C6DFF00A892C5 /* DisallowVMReentry.cpp */,
    7176                                 FE54DEFA1E8C6D7200A892C5 /* DisallowVMReentry.h */,
     7174                                FE54DEFA1E8C6D7200A892C5 /* DisallowVMEntry.h */,
    71777175                                E31618101EC5FE080006A218 /* DOMAnnotation.h */,
    71787176                                E31618111EC5FE080006A218 /* DOMAttributeGetterSetter.cpp */,
     
    95299527                                0F37308F1C0CD68500052BFA /* DisallowMacroScratchRegisterUsage.h in Headers */,
    95309528                                FE54DEFF1E8D76FA00A892C5 /* DisallowScope.h in Headers */,
    9531                                 FE54DEFB1E8C6D8800A892C5 /* DisallowVMReentry.h in Headers */,
     9529                                FE54DEFB1E8C6D8800A892C5 /* DisallowVMEntry.h in Headers */,
    95329530                                0FF42731158EBD54004CB9FF /* Disassembler.h in Headers */,
    95339531                                E31618131EC5FE170006A218 /* DOMAnnotation.h in Headers */,
  • trunk/Source/JavaScriptCore/Sources.txt

    r264639 r264688  
    767767runtime/DirectArgumentsOffset.cpp
    768768runtime/DirectEvalExecutable.cpp
    769 runtime/DisallowVMReentry.cpp
    770769runtime/DoublePredictionFuzzerAgent.cpp
    771770runtime/DumpContext.cpp
  • trunk/Source/JavaScriptCore/heap/DeferGC.cpp

    r261755 r264688  
    11/*
    2  * Copyright (C) 2013-2017 Apple Inc. All rights reserved.
     2 * Copyright (C) 2013-2020 Apple Inc. All rights reserved.
    33 *
    44 * Redistribution and use in source and binary forms, with or without
     
    2929namespace JSC {
    3030
    31 #ifndef NDEBUG
     31#if ASSERT_ENABLED
    3232LazyNeverDestroyed<ThreadSpecific<unsigned, WTF::CanBeGCThread::True>> DisallowGC::s_scopeReentryCount;
    3333#endif
  • trunk/Source/JavaScriptCore/heap/DeferGC.h

    r262570 r264688  
    7878    typedef DisallowScope<DisallowGC> Base;
    7979public:
    80 #ifdef NDEBUG
    81 
    82     ALWAYS_INLINE DisallowGC(bool = false) { }
    83     ALWAYS_INLINE static void initialize() { }
    84 
    85 #else // not NDEBUG
    86 
    87     DisallowGC(bool enabled = true)
    88         : Base(enabled)
    89     { }
     80#if ASSERT_ENABLED
     81    DisallowGC() = default;
    9082
    9183    static void initialize()
     
    10698    JS_EXPORT_PRIVATE static LazyNeverDestroyed<ThreadSpecific<unsigned, WTF::CanBeGCThread::True>> s_scopeReentryCount;
    10799
    108 #endif // NDEBUG
     100#else
     101    ALWAYS_INLINE DisallowGC() { } // We need this to placate Clang due to unused warnings.
     102    ALWAYS_INLINE static void initialize() { }
     103#endif // ASSERT_ENABLED
    109104   
    110105    friend class DisallowScope<DisallowGC>;
  • trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp

    r261895 r264688  
    11/*
    2  * Copyright (C) 2008-2019 Apple Inc. All rights reserved.
     2 * Copyright (C) 2008-2020 Apple Inc. All rights reserved.
    33 * Copyright (C) 2008 Cameron Zwarich <cwzwarich@uwaterloo.ca>
    44 *
     
    826826    }
    827827
    828     DisallowGC disallowGC; // Ensure no GC happens. GC can replace CodeBlock in Executable.
    829 
    830     RefPtr<JITCode> jitCode = program->generatedJITCode();
    831 
     828    RefPtr<JITCode> jitCode;
    832829    ProtoCallFrame protoCallFrame;
    833     protoCallFrame.init(codeBlock, globalObject, globalCallee, thisObj, 1);
     830    {
     831        DisallowGC disallowGC; // Ensure no GC happens. GC can replace CodeBlock in Executable.
     832        jitCode = program->generatedJITCode();
     833        protoCallFrame.init(codeBlock, globalObject, globalCallee, thisObj, 1);
     834    }
    834835
    835836    // Execute the code:
    836     disallowGC.disable();
    837837    throwScope.release();
    838838    ASSERT(jitCode == program->generatedJITCode().ptr());
     
    891891    }
    892892
    893     DisallowGC disallowGC; // Ensure no GC happens. GC can replace CodeBlock in Executable.
    894 
    895893    RefPtr<JITCode> jitCode;
    896     if (isJSCall)
    897         jitCode = callData.js.functionExecutable->generatedJITCodeForCall();
    898 
    899894    ProtoCallFrame protoCallFrame;
    900     protoCallFrame.init(newCodeBlock, globalObject, function, thisValue, argsCount, args.data());
     895    {
     896        DisallowGC disallowGC; // Ensure no GC happens. GC can replace CodeBlock in Executable.
     897        if (isJSCall)
     898            jitCode = callData.js.functionExecutable->generatedJITCodeForCall();
     899        protoCallFrame.init(newCodeBlock, globalObject, function, thisValue, argsCount, args.data());
     900    }
    901901
    902902    JSValue result;
    903     {
    904         // Execute the code:
    905         disallowGC.disable();
    906         if (isJSCall) {
    907             throwScope.release();
    908             ASSERT(jitCode == callData.js.functionExecutable->generatedJITCodeForCall().ptr());
    909             result = jitCode->execute(&vm, &protoCallFrame);
    910         } else {
    911             result = JSValue::decode(vmEntryToNative(callData.native.function.rawPointer(), &vm, &protoCallFrame));
    912             RETURN_IF_EXCEPTION(throwScope, JSValue());
    913         }
     903    // Execute the code:
     904    if (isJSCall) {
     905        throwScope.release();
     906        ASSERT(jitCode == callData.js.functionExecutable->generatedJITCodeForCall().ptr());
     907        result = jitCode->execute(&vm, &protoCallFrame);
     908    } else {
     909        result = JSValue::decode(vmEntryToNative(callData.native.function.rawPointer(), &vm, &protoCallFrame));
     910        RETURN_IF_EXCEPTION(throwScope, JSValue());
    914911    }
    915912
     
    973970    }
    974971
    975     DisallowGC disallowGC; // Ensure no GC happens. GC can replace CodeBlock in Executable.
    976 
    977972    RefPtr<JITCode> jitCode;
    978     if (isJSConstruct)
    979         jitCode = constructData.js.functionExecutable->generatedJITCodeForConstruct();
    980 
    981973    ProtoCallFrame protoCallFrame;
    982     protoCallFrame.init(newCodeBlock, globalObject, constructor, newTarget, argsCount, args.data());
     974    {
     975        DisallowGC disallowGC; // Ensure no GC happens. GC can replace CodeBlock in Executable.
     976        if (isJSConstruct)
     977            jitCode = constructData.js.functionExecutable->generatedJITCodeForConstruct();
     978        protoCallFrame.init(newCodeBlock, globalObject, constructor, newTarget, argsCount, args.data());
     979    }
    983980
    984981    JSValue result;
    985     {
    986         // Execute the code.
    987         disallowGC.disable();
    988         if (isJSConstruct) {
    989             ASSERT(jitCode == constructData.js.functionExecutable->generatedJITCodeForConstruct().ptr());
    990             result = jitCode->execute(&vm, &protoCallFrame);
    991         } else {
    992             result = JSValue::decode(vmEntryToNative(constructData.native.function.rawPointer(), &vm, &protoCallFrame));
    993 
    994             if (LIKELY(!throwScope.exception()))
    995                 RELEASE_ASSERT(result.isObject());
    996         }
     982    // Execute the code.
     983    if (isJSConstruct) {
     984        ASSERT(jitCode == constructData.js.functionExecutable->generatedJITCodeForConstruct().ptr());
     985        result = jitCode->execute(&vm, &protoCallFrame);
     986    } else {
     987        result = JSValue::decode(vmEntryToNative(constructData.native.function.rawPointer(), &vm, &protoCallFrame));
     988
     989        if (LIKELY(!throwScope.exception()))
     990            RELEASE_ASSERT(result.isObject());
    997991    }
    998992
     
    11941188    }
    11951189
    1196     DisallowGC disallowGC; // Ensure no GC happens. GC can replace CodeBlock in Executable.
    1197 
    1198     RefPtr<JITCode> jitCode = eval->generatedJITCode();
    1199 
     1190    RefPtr<JITCode> jitCode;
    12001191    ProtoCallFrame protoCallFrame;
    1201     protoCallFrame.init(codeBlock, globalObject, callee, thisValue, 1);
     1192    {
     1193        DisallowGC disallowGC; // Ensure no GC happens. GC can replace CodeBlock in Executable.
     1194        jitCode = eval->generatedJITCode();
     1195        protoCallFrame.init(codeBlock, globalObject, callee, thisValue, 1);
     1196    }
    12021197
    12031198    // Execute the code:
    1204     disallowGC.disable();
    12051199    throwScope.release();
    12061200    ASSERT(jitCode == eval->generatedJITCode().ptr());
     
    12521246    }
    12531247
    1254     DisallowGC disallowGC; // Ensure no GC happens. GC can replace CodeBlock in Executable.
    1255 
    1256     RefPtr<JITCode> jitCode = executable->generatedJITCode();
    1257 
    1258     // The |this| of the module is always `undefined`.
    1259     // http://www.ecma-international.org/ecma-262/6.0/#sec-module-environment-records-hasthisbinding
    1260     // http://www.ecma-international.org/ecma-262/6.0/#sec-module-environment-records-getthisbinding
     1248    RefPtr<JITCode> jitCode;
    12611249    ProtoCallFrame protoCallFrame;
    1262     protoCallFrame.init(codeBlock, globalObject, callee, jsUndefined(), 1);
     1250    {
     1251        DisallowGC disallowGC; // Ensure no GC happens. GC can replace CodeBlock in Executable.
     1252        jitCode = executable->generatedJITCode();
     1253        // The |this| of the module is always `undefined`.
     1254        // http://www.ecma-international.org/ecma-262/6.0/#sec-module-environment-records-hasthisbinding
     1255        // http://www.ecma-international.org/ecma-262/6.0/#sec-module-environment-records-getthisbinding
     1256        protoCallFrame.init(codeBlock, globalObject, callee, jsUndefined(), 1);
     1257    }
    12631258
    12641259    // Execute the code:
    1265     disallowGC.disable();
    12661260    throwScope.release();
    12671261    ASSERT(jitCode == executable->generatedJITCode().ptr());
  • trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp

    r264679 r264688  
    23172317}
    23182318
     2319extern "C" SlowPathReturnType llint_check_vm_entry_permission(VM* vm, ProtoCallFrame*)
     2320{
     2321    ASSERT_UNUSED(vm, vm->disallowVMEntryCount);
     2322    if (Options::crashOnDisallowedVMEntry())
     2323        CRASH();
     2324
     2325    // Else return, and let doVMEntry return undefined.
     2326    return encodeResult(nullptr, nullptr);
     2327}
     2328
    23192329extern "C" void llint_dump_value(EncodedJSValue value);
    23202330extern "C" void llint_dump_value(EncodedJSValue value)
  • trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.h

    r262613 r264688  
    11/*
    2  * Copyright (C) 2011-2018 Apple Inc. All rights reserved.
     2 * Copyright (C) 2011-2020 Apple Inc. All rights reserved.
    33 *
    44 * Redistribution and use in source and binary forms, with or without
     
    148148extern "C" SlowPathReturnType llint_stack_check_at_vm_entry(VM*, Register*) WTF_INTERNAL;
    149149#endif
     150extern "C" SlowPathReturnType llint_check_vm_entry_permission(VM*, ProtoCallFrame*) WTF_INTERNAL;
    150151extern "C" NO_RETURN_DUE_TO_CRASH void llint_crash() WTF_INTERNAL;
    151152
  • trunk/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm

    r264504 r264688  
    1 # Copyright (C) 2011-2019 Apple Inc. All rights reserved.
     1# Copyright (C) 2011-2020 Apple Inc. All rights reserved.
    22#
    33# Redistribution and use in source and binary forms, with or without
     
    171171    # aliasing problems with our arguments.
    172172
     173    loadi VM::disallowVMEntryCount[vm], t4
     174    btinz t4, .checkVMEntryPermission
     175
    173176    if ARMv7
    174177        vmEntryRecord(cfr, t3)
     
    317320    end
    318321
     322    popCalleeSaves()
     323    functionEpilogue()
     324    ret
     325
     326.checkVMEntryPermission:
     327    move vm, a0
     328    move protoCallFrame, a1
     329    cCall2(_llint_check_vm_entry_permission)
     330    move UndefinedTag, r0
     331    move 0, r1
     332
     333    subp cfr, CalleeRegisterSaveSize, sp
    319334    popCalleeSaves()
    320335    functionEpilogue()
  • trunk/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm

    r264504 r264688  
    167167    checkStackPointerAlignment(t4, 0xbad0dc01)
    168168
     169    loadi VM::disallowVMEntryCount[vm], t4
     170    btinz t4, .checkVMEntryPermission
     171
    169172    storep vm, VMEntryRecord::m_vm[sp]
    170173    loadp VM::topCallFrame[vm], t4
     
    282285    subp cfr, CalleeRegisterSaveSize, sp
    283286
     287    popCalleeSaves()
     288    functionEpilogue()
     289    ret
     290
     291.checkVMEntryPermission:
     292    move vm, a0
     293    move protoCallFrame, a1
     294    cCall2(_llint_check_vm_entry_permission)
     295    move ValueUndefined, r0
     296
     297    subp cfr, CalleeRegisterSaveSize, sp
    284298    popCalleeSaves()
    285299    functionEpilogue()
  • trunk/Source/JavaScriptCore/runtime/DisallowScope.h

    r258443 r264688  
    11/*
    2  * Copyright (C) 2017-2019 Apple Inc. All rights reserved.
     2 * Copyright (C) 2017-2020 Apple Inc. All rights reserved.
    33 *
    44 * Redistribution and use in source and binary forms, with or without
     
    3636    WTF_FORBID_HEAP_ALLOCATION;
    3737public:
    38 #ifdef NDEBUG
    39 
    40     ALWAYS_INLINE DisallowScope(bool = false) { }
    41     ALWAYS_INLINE ~DisallowScope() { }
    42     ALWAYS_INLINE static bool isInEffectOnCurrentThread() { return false; }
    43     ALWAYS_INLINE void enable() { }
    44     ALWAYS_INLINE void disable() { }
    45 
    46 #else // not NDEBUG
    47 
    48     DisallowScope(bool enabled = true)
     38#if ASSERT_ENABLED
     39    DisallowScope()
    4940    {
    50         m_isEnabled = enabled;
    51         if (m_isEnabled)
    52             enterScope();
     41        auto count = T::scopeReentryCount();
     42        T::setScopeReentryCount(++count);
    5343    }
    5444
    5545    ~DisallowScope()
    5646    {
    57         if (m_isEnabled)
    58             exitScope();
     47        auto count = T::scopeReentryCount();
     48        ASSERT(count);
     49        T::setScopeReentryCount(--count);
    5950    }
    6051
     
    6455    }
    6556
    66     void enable()
    67     {
    68         m_isEnabled = true;
    69         enterScope();
    70     }
    71 
    72     void disable()
    73     {
    74         m_isEnabled = false;
    75         exitScope();
    76     }
    77 
    78 private:
    79     void enterScope()
    80     {
    81         auto count = T::scopeReentryCount();
    82         T::setScopeReentryCount(++count);
    83     }
    84 
    85     void exitScope()
    86     {
    87         auto count = T::scopeReentryCount();
    88         ASSERT(count);
    89         T::setScopeReentryCount(--count);
    90     }
    91 
    92     bool m_isEnabled;
    93 #endif // NDEBUG
     57#else // not ASSERT_ENABLED
     58    ALWAYS_INLINE DisallowScope() { } // We need this to placate Clang due to unused warnings.
     59    ALWAYS_INLINE static bool isInEffectOnCurrentThread() { return false; }
     60#endif // ASSERT_ENABLED
    9461};
    9562
  • trunk/Source/JavaScriptCore/runtime/DisallowVMEntry.h

    r264687 r264688  
    11/*
    2  * Copyright (C) 2017 Apple Inc. All rights reserved.
     2 * Copyright (C) 2017-2020 Apple Inc. All rights reserved.
    33 *
    44 * Redistribution and use in source and binary forms, with or without
     
    2626#pragma once
    2727
    28 #include "DisallowScope.h"
    29 #include <wtf/NeverDestroyed.h>
    30 #include <wtf/ThreadSpecific.h>
    31 
    3228namespace JSC {
    3329
    34 class DisallowVMReentry : public DisallowScope<DisallowVMReentry> {
    35     WTF_MAKE_NONCOPYABLE(DisallowVMReentry);
    36     typedef DisallowScope<DisallowVMReentry> Base;
     30class VM;
     31
     32// The only reason we implement DisallowVMEntry as specialization of a template
     33// is so that we can work around having to #include VM.h, which can hurt build
     34// time. This defers the cost of #include'ing VM.h to only the clients that
     35// need it.
     36
     37template<typename VMType = VM>
     38class DisallowVMEntryImpl {
     39    WTF_MAKE_NONCOPYABLE(DisallowVMEntryImpl);
    3740public:
    38 #ifdef NDEBUG
     41    DisallowVMEntryImpl(VMType& vm)
     42        : m_vm(&vm)
     43    {
     44        m_vm->disallowVMEntryCount++;
     45    }
    3946
    40     ALWAYS_INLINE DisallowVMReentry(bool = false) { }
    41     ALWAYS_INLINE static void initialize() { }
    42 
    43 #else // not NDEBUG
    44 
    45     DisallowVMReentry(bool enabled = true)
    46         : Base(enabled)
    47     { }
    48 
    49     static void initialize()
     47    ~DisallowVMEntryImpl()
    5048    {
    51         s_scopeReentryCount.construct();
     49        RELEASE_ASSERT(m_vm->disallowVMEntryCount);
     50        m_vm->disallowVMEntryCount--;
     51        m_vm = nullptr;
    5252    }
    5353
    5454private:
    55     static unsigned scopeReentryCount()
    56     {
    57         return *s_scopeReentryCount.get();
    58     }
    59     static void setScopeReentryCount(unsigned value)
    60     {
    61         *s_scopeReentryCount.get() = value;
    62     }
    63 
    64     JS_EXPORT_PRIVATE static LazyNeverDestroyed<ThreadSpecific<unsigned, WTF::CanBeGCThread::True>> s_scopeReentryCount;
    65 
    66 #endif // NDEBUG
    67 
    68     friend class DisallowScope<DisallowVMReentry>;
     55    VMType* m_vm;
    6956};
    7057
     58using DisallowVMEntry = DisallowVMEntryImpl<VM>;
     59
    7160} // namespace JSC
  • trunk/Source/JavaScriptCore/runtime/InitializeThreading.cpp

    r263635 r264688  
    3030#include "InitializeThreading.h"
    3131
    32 #include "DisallowVMReentry.h"
    3332#include "ExecutableAllocator.h"
    3433#include "JSCConfig.h"
     
    7978
    8079        LLInt::initialize();
    81 #ifndef NDEBUG
    8280        DisallowGC::initialize();
    83         DisallowVMReentry::initialize();
    84 #endif
     81
    8582        initializeSuperSampler();
    8683        Thread& thread = Thread::current();
  • trunk/Source/JavaScriptCore/runtime/JSArray.cpp

    r261755 r264688  
    11/*
    22 *  Copyright (C) 1999-2000 Harri Porten (porten@kde.org)
    3  *  Copyright (C) 2003-2019 Apple Inc. All rights reserved.
     3 *  Copyright (C) 2003-2020 Apple Inc. All rights reserved.
    44 *  Copyright (C) 2003 Peter Kelly (pmk@post.com)
    55 *  Copyright (C) 2006 Alexey Proskuryakov (ap@nypop.com)
     
    9797    JSArray* result = createWithButterfly(vm, deferralContext, structure, butterfly);
    9898
    99     const bool createUninitialized = true;
    100     scope.notifyAllocated(result, createUninitialized);
     99    scope.notifyAllocated(result);
    101100    return result;
    102101}
  • trunk/Source/JavaScriptCore/runtime/ObjectInitializationScope.cpp

    r261993 r264688  
    11/*
    2  * Copyright (C) 2017-2019 Apple Inc. All rights reserved.
     2 * Copyright (C) 2017-2020 Apple Inc. All rights reserved.
    33 *
    44 * Redistribution and use in source and binary forms, with or without
     
    3535namespace JSC {
    3636
    37 #ifndef NDEBUG
     37#if ASSERT_ENABLED
     38
    3839ObjectInitializationScope::ObjectInitializationScope(VM& vm)
    3940    : m_vm(vm)
    40     , m_disallowGC(false)
    41     , m_disallowVMReentry(false)
    4241{
    4342}
     
    5150}
    5251
    53 void ObjectInitializationScope::notifyAllocated(JSObject* object, bool wasCreatedUninitialized)
     52void ObjectInitializationScope::notifyAllocated(JSObject* object)
    5453{
    55     if (wasCreatedUninitialized) {
    56         m_disallowGC.enable();
    57         m_disallowVMReentry.enable();
    58         m_object = object;
    59     } else
    60         verifyPropertiesAreInitialized(object);
     54    ASSERT(!m_disallowGC);
     55    ASSERT(!m_disallowVMEntry);
     56    m_disallowGC.emplace();
     57    m_disallowVMEntry.emplace(m_vm);
     58    m_object = object;
    6159}
    6260
     
    6462{
    6563    if (m_object) {
    66         m_disallowGC.disable();
    67         m_disallowVMReentry.disable();
     64        m_disallowGC.reset();
     65        m_disallowVMEntry.reset();
    6866        m_object = nullptr;
    6967    }
     
    115113    }
    116114}
    117 #endif
     115
     116#endif // ASSERT_ENABLED
    118117
    119118} // namespace JSC
  • trunk/Source/JavaScriptCore/runtime/ObjectInitializationScope.h

    r251690 r264688  
    11/*
    2  * Copyright (C) 2017-2019 Apple Inc. All rights reserved.
     2 * Copyright (C) 2017-2020 Apple Inc. All rights reserved.
    33 *
    44 * Redistribution and use in source and binary forms, with or without
     
    2727
    2828#include "DeferGC.h"
    29 #include "DisallowVMReentry.h"
     29#include "DisallowVMEntry.h"
    3030#include "VM.h"
     31#include <wtf/Optional.h>
    3132
    3233namespace JSC {
     
    3536class JSObject;
    3637
    37 #ifdef NDEBUG
     38#if ASSERT_ENABLED
     39
     40class ObjectInitializationScope {
     41public:
     42    JS_EXPORT_PRIVATE ObjectInitializationScope(VM&);
     43    JS_EXPORT_PRIVATE ~ObjectInitializationScope();
     44
     45    VM& vm() const { return m_vm; }
     46    void notifyAllocated(JSObject*);
     47    void notifyInitialized(JSObject*);
     48
     49private:
     50    void verifyPropertiesAreInitialized(JSObject*);
     51
     52    VM& m_vm;
     53    Optional<DisallowGC> m_disallowGC;
     54    Optional<DisallowVMEntry> m_disallowVMEntry;
     55    JSObject* m_object { nullptr };
     56};
     57
     58#else // not ASSERT_ENABLED
    3859
    3960class ObjectInitializationScope {
     
    4869
    4970    ALWAYS_INLINE VM& vm() const { return m_vm; }
    50     ALWAYS_INLINE void notifyAllocated(JSObject*, bool) { }
     71    ALWAYS_INLINE void notifyAllocated(JSObject*) { }
    5172    ALWAYS_INLINE void notifyInitialized(JSObject*) { }
    5273
     
    5576};
    5677
    57 #else // not NDEBUG
    58 
    59 class ObjectInitializationScope {
    60 public:
    61     JS_EXPORT_PRIVATE ObjectInitializationScope(VM&);
    62     JS_EXPORT_PRIVATE ~ObjectInitializationScope();
    63 
    64     VM& vm() const { return m_vm; }
    65     void notifyAllocated(JSObject*, bool wasCreatedUninitialized);
    66     void notifyInitialized(JSObject*);
    67 
    68 private:
    69     void verifyPropertiesAreInitialized(JSObject*);
    70 
    71     VM& m_vm;
    72     DisallowGC m_disallowGC;
    73     DisallowVMReentry m_disallowVMReentry;
    74     JSObject* m_object { nullptr };
    75 };
    76 
    77 #endif // NDEBUG
     78#endif // ASSERT_ENABLED
    7879
    7980} // namespace JSC
  • trunk/Source/JavaScriptCore/runtime/OptionsList.h

    r264672 r264688  
    9595    v(Unsigned, reservedZoneSize, 64 * KB, Normal, "The amount of stack space we guarantee to our clients (and to interal VM code that does not call out to clients).") \
    9696    \
     97    v(Bool, crashOnDisallowedVMEntry, ASSERT_ENABLED, Normal, "Forces a crash if we attempt to enter the VM when disallowed") \
    9798    v(Bool, crashIfCantAllocateJITMemory, false, Normal, nullptr) \
    9899    v(Unsigned, jitMemoryReservationSize, 0, Normal, "Set this number to change the executable allocation size in ExecutableAllocatorFixedVMPool. (In bytes.)") \
  • trunk/Source/JavaScriptCore/runtime/RegExpMatchesArray.h

    r262570 r264688  
    5555    JSArray* result = JSArray::createWithButterfly(vm, deferralContext, structure, butterfly);
    5656
    57     const bool createUninitialized = true;
    58     scope.notifyAllocated(result, createUninitialized);
     57    scope.notifyAllocated(result);
    5958    return result;
    6059}
  • trunk/Source/JavaScriptCore/runtime/VM.h

    r264639 r264688  
    3636#include "DateInstanceCache.h"
    3737#include "DeleteAllCodeEffort.h"
     38#include "DisallowVMEntry.h"
    3839#include "ExceptionEventLocation.h"
    3940#include "ExecutableAllocator.h"
     
    953954    void scanSideState(ConservativeRoots&) const;
    954955
     956    unsigned disallowVMEntryCount { 0 };
    955957    VMEntryScope* entryScope;
    956958
  • trunk/Source/JavaScriptCore/runtime/VMEntryScope.cpp

    r261755 r264688  
    11/*
    2  * Copyright (C) 2013-2018 Apple Inc. All rights reserved.
     2 * Copyright (C) 2013-2020 Apple Inc. All rights reserved.
    33 *
    44 * Redistribution and use in source and binary forms, with or without
     
    2727#include "VMEntryScope.h"
    2828
    29 #include "DisallowVMReentry.h"
    3029#include "Options.h"
    3130#include "SamplingProfiler.h"
     
    4039    , m_globalObject(globalObject)
    4140{
    42     ASSERT(!DisallowVMReentry::isInEffectOnCurrentThread());
    4341    if (!vm.entryScope) {
    4442        vm.entryScope = this;
Note: See TracChangeset for help on using the changeset viewer.