Changeset 207456 in webkit


Ignore:
Timestamp:
Oct 18, 2016 1:13:26 AM (7 years ago)
Author:
Yusuke Suzuki
Message:

[DOMJIT] Use NativeCallFrameTracer for operations used for DOMJIT slow calls
https://bugs.webkit.org/show_bug.cgi?id=163586

Reviewed by Saam Barati.

Source/JavaScriptCore:

C functions called from the DOMJIT slow path calls should use NativeCallFrameTracer.
This fixes the debug assertion caused in r207427.

  • bytecode/DOMJITAccessCasePatchpointParams.cpp:

(JSC::SlowPathCallGeneratorWithArguments::generateImpl):
(JSC::DOMJITAccessCasePatchpointParams::emitSlowPathCalls):

  • bytecode/DOMJITAccessCasePatchpointParams.h:
  • bytecode/PolymorphicAccess.cpp:

(JSC::AccessCase::emitDOMJITGetter):

  • jsc.cpp:

(WTF::DOMJITGetter::DOMJITNodeDOMJIT::slowCall):
(WTF::DOMJITGetterComplex::DOMJITNodeDOMJIT::slowCall):

Source/WebCore:

  • domjit/JSNodeDOMJIT.cpp:

(WebCore::toWrapperSlow):

Location:
trunk/Source
Files:
1 added
9 edited
1 copied

Legend:

Unmodified
Added
Removed
  • trunk/Source/JavaScriptCore/ChangeLog

    r207453 r207456  
     12016-10-17  Yusuke Suzuki  <utatane.tea@gmail.com>
     2
     3        [DOMJIT] Use NativeCallFrameTracer for operations used for DOMJIT slow calls
     4        https://bugs.webkit.org/show_bug.cgi?id=163586
     5
     6        Reviewed by Saam Barati.
     7
     8        C functions called from the DOMJIT slow path calls should use NativeCallFrameTracer.
     9        This fixes the debug assertion caused in r207427.
     10
     11        * bytecode/DOMJITAccessCasePatchpointParams.cpp:
     12        (JSC::SlowPathCallGeneratorWithArguments::generateImpl):
     13        (JSC::DOMJITAccessCasePatchpointParams::emitSlowPathCalls):
     14        * bytecode/DOMJITAccessCasePatchpointParams.h:
     15        * bytecode/PolymorphicAccess.cpp:
     16        (JSC::AccessCase::emitDOMJITGetter):
     17        * jsc.cpp:
     18        (WTF::DOMJITGetter::DOMJITNodeDOMJIT::slowCall):
     19        (WTF::DOMJITGetterComplex::DOMJITNodeDOMJIT::slowCall):
     20
    1212016-10-17  Keith Miller  <keith_miller@apple.com>
    222
  • trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj

    r207453 r207456  
    21062106                E33F50851B8437A000413856 /* JSInternalPromiseDeferred.h in Headers */ = {isa = PBXBuildFile; fileRef = E33F50831B8437A000413856 /* JSInternalPromiseDeferred.h */; settings = {ATTRIBUTES = (Private, ); }; };
    21072107                E33F50871B8449EF00413856 /* JSInternalPromiseConstructor.lut.h in Headers */ = {isa = PBXBuildFile; fileRef = E33F50861B8449EF00413856 /* JSInternalPromiseConstructor.lut.h */; };
     2108                E34EDBF71DB5FFC900DC87A5 /* FrameTracers.h in Headers */ = {isa = PBXBuildFile; fileRef = E34EDBF61DB5FFC100DC87A5 /* FrameTracers.h */; settings = {ATTRIBUTES = (Private, ); }; };
    21082109                E354622B1B6065D100545386 /* ConstructAbility.h in Headers */ = {isa = PBXBuildFile; fileRef = E354622A1B6065D100545386 /* ConstructAbility.h */; settings = {ATTRIBUTES = (Private, ); }; };
    21092110                E3555B8A1DAE03A500F36921 /* DOMJITCallDOMPatchpoint.h in Headers */ = {isa = PBXBuildFile; fileRef = E3555B891DAE03A200F36921 /* DOMJITCallDOMPatchpoint.h */; settings = {ATTRIBUTES = (Private, ); }; };
     
    44224423                E33F50861B8449EF00413856 /* JSInternalPromiseConstructor.lut.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSInternalPromiseConstructor.lut.h; sourceTree = "<group>"; };
    44234424                E33F50881B844A1A00413856 /* InternalPromiseConstructor.js */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.javascript; path = InternalPromiseConstructor.js; sourceTree = "<group>"; };
     4425                E34EDBF61DB5FFC100DC87A5 /* FrameTracers.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = FrameTracers.h; sourceTree = "<group>"; };
    44244426                E354622A1B6065D100545386 /* ConstructAbility.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ConstructAbility.h; sourceTree = "<group>"; };
    44254427                E3555B891DAE03A200F36921 /* DOMJITCallDOMPatchpoint.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DOMJITCallDOMPatchpoint.h; sourceTree = "<group>"; };
     
    52085210                                1429D8DC0ED2205B00B89619 /* CallFrame.h */,
    52095211                                A7F869EC0F95C2EC00558697 /* CallFrameClosure.h */,
     5212                                E34EDBF61DB5FFC100DC87A5 /* FrameTracers.h */,
    52105213                                1429D7D30ED2128200B89619 /* Interpreter.cpp */,
    52115214                                1429D77B0ED20D7300B89619 /* Interpreter.h */,
     
    80388041                                A72028BA1797603D0098028C /* JSFunctionInlines.h in Headers */,
    80398042                                0F2B66F117B6B5AB00A7AE3F /* JSGenericTypedArrayView.h in Headers */,
     8043                                E34EDBF71DB5FFC900DC87A5 /* FrameTracers.h in Headers */,
    80408044                                0F2B66F217B6B5AB00A7AE3F /* JSGenericTypedArrayViewConstructor.h in Headers */,
    80418045                                0F2B66F317B6B5AB00A7AE3F /* JSGenericTypedArrayViewConstructorInlines.h in Headers */,
  • trunk/Source/JavaScriptCore/bytecode/DOMJITAccessCasePatchpointParams.cpp

    r207427 r207456  
    4848
    4949    template<size_t... ArgumentsIndex>
    50     CCallHelpers::JumpList generateImpl(VM& vm, AccessGenerationState& state, const RegisterSet& usedRegistersByPatchpoint, CCallHelpers& jit, std::index_sequence<ArgumentsIndex...>)
     50    CCallHelpers::JumpList generateImpl(AccessGenerationState& state, const RegisterSet& usedRegistersByPatchpoint, CCallHelpers& jit, std::index_sequence<ArgumentsIndex...>)
    5151    {
    5252        CCallHelpers::JumpList exceptions;
     
    5959
    6060        jit.makeSpaceOnStackForCCall();
    61 
    62         jit.storePtr(GPRInfo::callFrameRegister, &vm.topCallFrame);
    6361
    6462        // FIXME: Currently, we do not check any ARM EABI / SH4 things here.
     
    8987    }
    9088
    91     CCallHelpers::JumpList generate(VM& vm, AccessGenerationState& state, const RegisterSet& usedRegistersByPatchpoint, CCallHelpers& jit) override
     89    CCallHelpers::JumpList generate(AccessGenerationState& state, const RegisterSet& usedRegistersByPatchpoint, CCallHelpers& jit) override
    9290    {
    9391        m_from.link(&jit);
    94         CCallHelpers::JumpList exceptions = generateImpl(vm, state, usedRegistersByPatchpoint, jit, std::make_index_sequence<std::tuple_size<std::tuple<Arguments...>>::value>());
     92        CCallHelpers::JumpList exceptions = generateImpl(state, usedRegistersByPatchpoint, jit, std::make_index_sequence<std::tuple_size<std::tuple<Arguments...>>::value>());
    9593        jit.jump().linkTo(m_to, &jit);
    9694        return exceptions;
     
    115113#undef JSC_DEFINE_CALL_OPERATIONS
    116114
    117 CCallHelpers::JumpList DOMJITAccessCasePatchpointParams::emitSlowPathCalls(VM& vm, AccessGenerationState& state, const RegisterSet& usedRegistersByPatchpoint, CCallHelpers& jit)
     115CCallHelpers::JumpList DOMJITAccessCasePatchpointParams::emitSlowPathCalls(AccessGenerationState& state, const RegisterSet& usedRegistersByPatchpoint, CCallHelpers& jit)
    118116{
    119117    CCallHelpers::JumpList exceptions;
    120118    for (auto& generator : m_generators)
    121         exceptions.append(generator->generate(vm, state, usedRegistersByPatchpoint, jit));
     119        exceptions.append(generator->generate(state, usedRegistersByPatchpoint, jit));
    122120    return exceptions;
    123121}
  • trunk/Source/JavaScriptCore/bytecode/DOMJITAccessCasePatchpointParams.h

    r207427 r207456  
    4444    public:
    4545        virtual ~SlowPathCallGenerator() { }
    46         virtual CCallHelpers::JumpList generate(VM&, AccessGenerationState&, const RegisterSet& usedRegistersByPatchpoint, CCallHelpers&) = 0;
     46        virtual CCallHelpers::JumpList generate(AccessGenerationState&, const RegisterSet& usedRegistersByPatchpoint, CCallHelpers&) = 0;
    4747    };
    4848
    49     CCallHelpers::JumpList emitSlowPathCalls(VM&, AccessGenerationState&, const RegisterSet& usedRegistersByPatchpoint, CCallHelpers&);
     49    CCallHelpers::JumpList emitSlowPathCalls(AccessGenerationState&, const RegisterSet& usedRegistersByPatchpoint, CCallHelpers&);
    5050
    5151private:
  • trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp

    r207437 r207456  
    14271427{
    14281428    CCallHelpers& jit = *state.jit;
    1429     VM& vm = *jit.vm();
    14301429    StructureStubInfo& stubInfo = *state.stubInfo;
    14311430    JSValueRegs valueRegs = state.valueRegs;
     
    15361535    state.succeed();
    15371536
    1538     CCallHelpers::JumpList exceptions = params.emitSlowPathCalls(vm, state, registersToSpillForCCall, jit);
     1537    CCallHelpers::JumpList exceptions = params.emitSlowPathCalls(state, registersToSpillForCCall, jit);
    15391538    exceptions.link(&jit);
    15401539    allocator.restoreReusedRegistersByPopping(jit, preservedState);
  • trunk/Source/JavaScriptCore/interpreter/Interpreter.h

    r206707 r207456  
    3232#include "ArgList.h"
    3333#include "CatchScope.h"
     34#include "FrameTracers.h"
    3435#include "JSCJSValue.h"
    3536#include "JSCell.h"
     
    8687    };
    8788
    88     class SuspendExceptionScope {
    89     public:
    90         SuspendExceptionScope(VM* vm)
    91             : m_vm(vm)
    92         {
    93             auto scope = DECLARE_CATCH_SCOPE(*vm);
    94             oldException = scope.exception();
    95             scope.clearException();
    96         }
    97         ~SuspendExceptionScope()
    98         {
    99             m_vm->restorePreviousException(oldException);
    100         }
    101     private:
    102         Exception* oldException;
    103         VM* m_vm;
    104     };
    105    
    106     class TopCallFrameSetter {
    107     public:
    108         TopCallFrameSetter(VM& currentVM, CallFrame* callFrame)
    109             : vm(currentVM)
    110             , oldCallFrame(currentVM.topCallFrame)
    111         {
    112             currentVM.topCallFrame = callFrame;
    113         }
    114        
    115         ~TopCallFrameSetter()
    116         {
    117             vm.topCallFrame = oldCallFrame;
    118         }
    119     private:
    120         VM& vm;
    121         CallFrame* oldCallFrame;
    122     };
    123    
    124     class NativeCallFrameTracer {
    125     public:
    126         ALWAYS_INLINE NativeCallFrameTracer(VM* vm, CallFrame* callFrame)
    127         {
    128             ASSERT(vm);
    129             ASSERT(callFrame);
    130             ASSERT(reinterpret_cast<void*>(callFrame) < reinterpret_cast<void*>(vm->topVMEntryFrame));
    131             vm->topCallFrame = callFrame;
    132         }
    133     };
    134 
    135     class NativeCallFrameTracerWithRestore {
    136     public:
    137         ALWAYS_INLINE NativeCallFrameTracerWithRestore(VM* vm, VMEntryFrame* vmEntryFrame, CallFrame* callFrame)
    138             : m_vm(vm)
    139         {
    140             ASSERT(vm);
    141             ASSERT(callFrame);
    142             m_savedTopVMEntryFrame = vm->topVMEntryFrame;
    143             m_savedTopCallFrame = vm->topCallFrame;
    144             vm->topVMEntryFrame = vmEntryFrame;
    145             vm->topCallFrame = callFrame;
    146         }
    147 
    148         ALWAYS_INLINE ~NativeCallFrameTracerWithRestore()
    149         {
    150             m_vm->topVMEntryFrame = m_savedTopVMEntryFrame;
    151             m_vm->topCallFrame = m_savedTopCallFrame;
    152         }
    153 
    154     private:
    155         VM* m_vm;
    156         VMEntryFrame* m_savedTopVMEntryFrame;
    157         CallFrame* m_savedTopCallFrame;
    158     };
    159 
    16089    class Interpreter {
    16190        WTF_MAKE_FAST_ALLOCATED;
  • trunk/Source/JavaScriptCore/jsc.cpp

    r207432 r207456  
    627627        }
    628628
     629        static EncodedJSValue JIT_OPERATION slowCall(ExecState* exec, void* pointer)
     630        {
     631            NativeCallFrameTracer tracer(&exec->vm(), exec);
     632            return JSValue::encode(jsNumber(static_cast<DOMJITGetter*>(pointer)->value()));
     633        }
     634
    629635        Ref<DOMJIT::CallDOMPatchpoint> callDOM() override
    630636        {
     
    634640                JSValueRegs results = params[0].jsValueRegs();
    635641                GPRReg dom = params[1].gpr();
    636 
    637                 params.addSlowPathCall(jit.jump(), jit, static_cast<EncodedJSValue(*)(ExecState*, void*)>([](ExecState*, void* pointer) {
    638                     return JSValue::encode(jsNumber(static_cast<DOMJITGetter*>(pointer)->value()));
    639                 }), results, dom);
     642                params.addSlowPathCall(jit.jump(), jit, slowCall, results, dom);
    640643                return CCallHelpers::JumpList();
    641644
     
    707710        {
    708711            return DOMJITNode::checkDOMJITNode();
     712        }
     713
     714        static EncodedJSValue JIT_OPERATION slowCall(ExecState* exec, void* pointer)
     715        {
     716            VM& vm = exec->vm();
     717            NativeCallFrameTracer tracer(&vm, exec);
     718            auto scope = DECLARE_THROW_SCOPE(vm);
     719            auto* object = static_cast<DOMJITNode*>(pointer);
     720            auto* domjitGetterComplex = jsDynamicCast<DOMJITGetterComplex*>(object);
     721            if (domjitGetterComplex) {
     722                if (domjitGetterComplex->m_enableException)
     723                    return JSValue::encode(throwException(exec, scope, createError(exec, ASCIILiteral("DOMJITGetterComplex slow call exception"))));
     724            }
     725            return JSValue::encode(jsNumber(object->value()));
    709726        }
    710727
     
    721738                    jit.move(CCallHelpers::TrustedImm32(42), params.gpScratch(i));
    722739
    723                 params.addSlowPathCall(jit.jump(), jit, static_cast<EncodedJSValue(*)(ExecState*, void*)>([](ExecState* exec, void* pointer) {
    724                     VM& vm = exec->vm();
    725                     auto scope = DECLARE_THROW_SCOPE(vm);
    726                     auto* object = static_cast<DOMJITNode*>(pointer);
    727                     auto* domjitGetterComplex = jsDynamicCast<DOMJITGetterComplex*>(object);
    728                     if (domjitGetterComplex) {
    729                         if (domjitGetterComplex->m_enableException)
    730                             return JSValue::encode(throwException(exec, scope, createError(exec, ASCIILiteral("DOMJITGetterComplex slow call exception"))));
    731                     }
    732                     return JSValue::encode(jsNumber(object->value()));
    733                 }), results, domGPR);
     740                params.addSlowPathCall(jit.jump(), jit, slowCall, results, domGPR);
    734741                return CCallHelpers::JumpList();
    735742
  • trunk/Source/WebCore/ChangeLog

    r207455 r207456  
     12016-10-17  Yusuke Suzuki  <utatane.tea@gmail.com>
     2
     3        [DOMJIT] Use NativeCallFrameTracer for operations used for DOMJIT slow calls
     4        https://bugs.webkit.org/show_bug.cgi?id=163586
     5
     6        Reviewed by Saam Barati.
     7
     8        * domjit/JSNodeDOMJIT.cpp:
     9        (WebCore::toWrapperSlow):
     10
    1112016-10-18  Ryuan Choi  <ryuan.choi@navercorp.com>
    212
  • trunk/Source/WebCore/ForwardingHeaders/interpreter/FrameTracers.h

    r207455 r207456  
    2424 */
    2525
    26 #pragma once
    27 
    28 #if ENABLE(JIT)
    29 
    30 #include "DOMJITPatchpointParams.h"
    31 
    32 namespace JSC {
    33 
    34 struct AccessGenerationState;
    35 
    36 class DOMJITAccessCasePatchpointParams : public DOMJIT::PatchpointParams {
    37 public:
    38     DOMJITAccessCasePatchpointParams(Vector<DOMJIT::Value>&& regs, Vector<GPRReg>&& gpScratch, Vector<FPRReg>&& fpScratch)
    39         : DOMJIT::PatchpointParams(WTFMove(regs), WTFMove(gpScratch), WTFMove(fpScratch))
    40     {
    41     }
    42 
    43     class SlowPathCallGenerator {
    44     public:
    45         virtual ~SlowPathCallGenerator() { }
    46         virtual CCallHelpers::JumpList generate(VM&, AccessGenerationState&, const RegisterSet& usedRegistersByPatchpoint, CCallHelpers&) = 0;
    47     };
    48 
    49     CCallHelpers::JumpList emitSlowPathCalls(VM&, AccessGenerationState&, const RegisterSet& usedRegistersByPatchpoint, CCallHelpers&);
    50 
    51 private:
    52 #define JSC_DEFINE_CALL_OPERATIONS(OperationType, ResultType, ...) void addSlowPathCallImpl(CCallHelpers::JumpList, CCallHelpers&, OperationType, ResultType, std::tuple<__VA_ARGS__> args) override;
    53     DOMJIT_SLOW_PATH_CALLS(JSC_DEFINE_CALL_OPERATIONS)
    54 #undef JSC_DEFINE_CALL_OPERATIONS
    55     Vector<std::unique_ptr<SlowPathCallGenerator>> m_generators;
    56 };
    57 
    58 }
    59 
     26#ifndef WebCore_FWD_FrameTracers_h
     27#define WebCore_FWD_FrameTracers_h
     28#include <JavaScriptCore/FrameTracers.h>
    6029#endif
  • trunk/Source/WebCore/domjit/JSNodeDOMJIT.cpp

    r207427 r207456  
    3434#include <domjit/DOMJITPatchpoint.h>
    3535#include <domjit/DOMJITPatchpointParams.h>
     36#include <interpreter/FrameTracers.h>
    3637
    3738using namespace JSC;
     
    4243
    4344template<typename WrappedNode>
    44 EncodedJSValue toWrapperSlow(JSC::ExecState* exec, JSC::JSGlobalObject* globalObject, void* result)
     45EncodedJSValue JIT_OPERATION toWrapperSlow(JSC::ExecState* exec, JSC::JSGlobalObject* globalObject, void* result)
    4546{
    4647    ASSERT(exec);
    4748    ASSERT(result);
    4849    ASSERT(globalObject);
     50    JSC::NativeCallFrameTracer tracer(&exec->vm(), exec);
    4951    return JSValue::encode(toJS(exec, static_cast<JSDOMGlobalObject*>(globalObject), *static_cast<WrappedNode*>(result)));
    5052}
Note: See TracChangeset for help on using the changeset viewer.