Changeset 269950 in webkit
- Timestamp:
- Nov 18, 2020 2:55:25 AM (3 years ago)
- Location:
- trunk
- Files:
-
- 15 deleted
- 75 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/JSTests/ChangeLog
r269940 r269950 1 2020-11-18 Commit Queue <commit-queue@webkit.org> 2 3 Unreviewed, reverting r269940. 4 https://bugs.webkit.org/show_bug.cgi?id=219076 5 6 caused seemingly-infinite build time regression 7 8 Reverted changeset: 9 10 "[JSC] Implement WebAssembly.Memory with shared" 11 https://bugs.webkit.org/show_bug.cgi?id=218693 12 https://trac.webkit.org/changeset/269940 13 1 14 2020-11-16 Yusuke Suzuki <ysuzuki@apple.com> 2 15 -
trunk/JSTests/wasm/js-api/test_memory.js
r269940 r269950 125 125 { 126 126 assert.throws(() => new WebAssembly.Memory(20), TypeError, "WebAssembly.Memory expects its first argument to be an object"); 127 new WebAssembly.Memory({initial:1}, {});127 assert.throws(() => new WebAssembly.Memory({}, {}), TypeError, "WebAssembly.Memory expects exactly one argument"); 128 128 } 129 129 -
trunk/LayoutTests/ChangeLog
r269946 r269950 1 2020-11-18 Commit Queue <commit-queue@webkit.org> 2 3 Unreviewed, reverting r269940. 4 https://bugs.webkit.org/show_bug.cgi?id=219076 5 6 caused seemingly-infinite build time regression 7 8 Reverted changeset: 9 10 "[JSC] Implement WebAssembly.Memory with shared" 11 https://bugs.webkit.org/show_bug.cgi?id=218693 12 https://trac.webkit.org/changeset/269940 13 1 14 2020-11-18 Carlos Garcia Campos <cgarcia@igalia.com> 2 15 -
trunk/LayoutTests/imported/w3c/ChangeLog
r269940 r269950 1 2020-11-18 Commit Queue <commit-queue@webkit.org> 2 3 Unreviewed, reverting r269940. 4 https://bugs.webkit.org/show_bug.cgi?id=219076 5 6 caused seemingly-infinite build time regression 7 8 Reverted changeset: 9 10 "[JSC] Implement WebAssembly.Memory with shared" 11 https://bugs.webkit.org/show_bug.cgi?id=218693 12 https://trac.webkit.org/changeset/269940 13 1 14 2020-11-16 Yusuke Suzuki <ysuzuki@apple.com> 2 15 -
trunk/LayoutTests/imported/w3c/web-platform-tests/html/webappapis/scripting/processing-model-2/integration-with-the-javascript-agent-formalism/requires-success.any.worker-expected.txt
r269940 r269950 1 1 2 PASS [[CanBlock]] in a DedicatedWorkerGlobalScope 2 FAIL [[CanBlock]] in a DedicatedWorkerGlobalScope Typed array for wait/notify must wrap a SharedArrayBuffer. 3 3 -
trunk/LayoutTests/imported/w3c/web-platform-tests/wasm/jsapi/memory/constructor-shared.tentative.any-expected.txt
r269940 r269950 1 1 2 PASS Shared memory without maximum 3 PASS Order of evaluation for descriptor (with shared) 4 PASS Shared memory 2 FAIL Shared memory without maximum assert_throws_js: function "() => new WebAssembly.Memory({ "initial": 10, "shared": true })" did not throw 3 FAIL Order of evaluation for descriptor (with shared) assert_array_equals: lengths differ, expected array ["initial", "initial valueOf", "maximum", "maximum valueOf", "shared"] length 5, got ["initial", "initial valueOf", "maximum", "maximum valueOf"] length 4 4 FAIL Shared memory assert_equals: undefined: constructor expected true but got false 5 5 -
trunk/LayoutTests/imported/w3c/web-platform-tests/wasm/jsapi/memory/constructor-shared.tentative.any.worker-expected.txt
r269940 r269950 1 1 2 PASS Shared memory without maximum 3 PASS Order of evaluation for descriptor (with shared) 4 PASS Shared memory 2 FAIL Shared memory without maximum assert_throws_js: function "() => new WebAssembly.Memory({ "initial": 10, "shared": true })" did not throw 3 FAIL Order of evaluation for descriptor (with shared) assert_array_equals: lengths differ, expected array ["initial", "initial valueOf", "maximum", "maximum valueOf", "shared"] length 5, got ["initial", "initial valueOf", "maximum", "maximum valueOf"] length 4 4 FAIL Shared memory assert_equals: undefined: constructor expected true but got false 5 5 -
trunk/LayoutTests/imported/w3c/web-platform-tests/wasm/jsapi/memory/constructor.any-expected.txt
r269940 r269950 23 23 PASS Zero initial 24 24 PASS Non-zero initial 25 PASS Strayargument25 FAIL Stray argument WebAssembly.Memory expects exactly one argument 26 26 -
trunk/LayoutTests/imported/w3c/web-platform-tests/wasm/jsapi/memory/constructor.any.worker-expected.txt
r269940 r269950 23 23 PASS Zero initial 24 24 PASS Non-zero initial 25 PASS Strayargument25 FAIL Stray argument WebAssembly.Memory expects exactly one argument 26 26 -
trunk/LayoutTests/imported/w3c/web-platform-tests/wasm/jsapi/memory/grow.any-expected.txt
r269940 r269950 18 18 PASS Out-of-range argument: object "[object Object]" 19 19 PASS Stray argument 20 PASS Growing shared memory does not detach old buffer 20 FAIL Growing shared memory does not detach old buffer assert_equals: Buffer before growing: constructor expected true but got false 21 21 -
trunk/LayoutTests/imported/w3c/web-platform-tests/wasm/jsapi/memory/grow.any.worker-expected.txt
r269940 r269950 18 18 PASS Out-of-range argument: object "[object Object]" 19 19 PASS Stray argument 20 PASS Growing shared memory does not detach old buffer 20 FAIL Growing shared memory does not detach old buffer assert_equals: Buffer before growing: constructor expected true but got false 21 21 -
trunk/LayoutTests/imported/w3c/web-platform-tests/webaudio/the-audio-api/the-audiobuffer-interface/audiobuffer-copy-channel-expected.txt
r269940 r269950 20 20 PASS 6: buffer.copyFromChannel(x, 0, 16) did not throw an exception. 21 21 PASS 7: buffer.copyFromChannel(x, 3) threw IndexSizeError: "Not a valid channelNumber.". 22 PASS 8: buffer.copyFromChannel(SharedArrayBuffer view, 0) threw TypeError: "Argument 1 ('destination') to AudioBuffer.copyFromChannel must be an instance of Float32Array". 23 PASS 9: buffer.copyFromChannel(SharedArrayBuffer view, 0, 0) threw TypeError: "Argument 1 ('destination') to AudioBuffer.copyFromChannel must be an instance of Float32Array". 24 PASS < [copyFrom-exceptions] All assertions passed. (total 11 assertions) 22 FAIL X 8: buffer.copyFromChannel(SharedArrayBuffer view, 0) did not throw an exception. assert_true: expected true got false 23 FAIL X 9: buffer.copyFromChannel(SharedArrayBuffer view, 0, 0) did not throw an exception. assert_true: expected true got false 24 FAIL < [copyFrom-exceptions] 2 out of 11 assertions were failed. assert_true: expected true got false 25 25 PASS > [copyTo-exceptions] 26 26 PASS AudioBuffer.prototype.copyToChannel does exist. … … 32 32 PASS 5: buffer.copyToChannel(x, 0, 16) did not throw an exception. 33 33 PASS 6: buffer.copyToChannel(x, 3) threw IndexSizeError: "Not a valid channelNumber.". 34 PASS 7: buffer.copyToChannel(SharedArrayBuffer view, 0) threw TypeError: "Argument 1 ('source') to AudioBuffer.copyToChannel must be an instance of Float32Array". 35 PASS 8: buffer.copyToChannel(SharedArrayBuffer view, 0, 0) threw TypeError: "Argument 1 ('source') to AudioBuffer.copyToChannel must be an instance of Float32Array". 36 PASS < [copyTo-exceptions] All assertions passed. (total 10 assertions) 34 FAIL X 7: buffer.copyToChannel(SharedArrayBuffer view, 0) did not throw an exception. assert_true: expected true got false 35 FAIL X 8: buffer.copyToChannel(SharedArrayBuffer view, 0, 0) did not throw an exception. assert_true: expected true got false 36 FAIL < [copyTo-exceptions] 2 out of 10 assertions were failed. assert_true: expected true got false 37 37 PASS > [copyFrom-validate] 38 38 PASS buffer.copyFromChannel(dst8, 0) is identical to the array [1,2,3,4,5,6,7,8]. … … 61 61 PASS buffer.copyToChannel(src10, 2, 5) is identical to the array [-1,-1,-1,-1,-1,1,2,3,4,5,6,7,8,9,10,-1...]. 62 62 PASS < [copyTo-validate] All assertions passed. (total 10 assertions) 63 PASS # AUDIT TASK RUNNER FINISHED: 5 tasks ran successfully. 63 FAIL # AUDIT TASK RUNNER FINISHED: 2 out of 5 tasks were failed. assert_true: expected true got false 64 64 -
trunk/LayoutTests/platform/win/TestExpectations
r269940 r269950 4601 4601 webkit.org/b/218346 fast/text/canvas-color-fonts [ Pass ImageOnlyFailure ] 4602 4602 webkit.org/b/218346 http/tests/canvas/color-fonts [ Pass ImageOnlyFailure ] 4603 4604 # WebAssembly is not enabled4605 js/dom/webassembly-memory-shared-basic.html [ Skip ]4606 js/dom/webassembly-memory-normal-fail.html [ Skip ]4607 js/dom/webassembly-memory-shared-fail.html [ Skip ]4608 storage/indexeddb/shared-memory-structured-clone.html [ Skip ] -
trunk/Source/JavaScriptCore/CMakeLists.txt
r269940 r269950 1090 1090 1091 1091 wasm/js/JSWebAssembly.h 1092 wasm/js/JSWebAssemblyMemory.h1093 1092 wasm/js/JSWebAssemblyModule.h 1094 1093 -
trunk/Source/JavaScriptCore/ChangeLog
r269940 r269950 1 2020-11-18 Commit Queue <commit-queue@webkit.org> 2 3 Unreviewed, reverting r269940. 4 https://bugs.webkit.org/show_bug.cgi?id=219076 5 6 caused seemingly-infinite build time regression 7 8 Reverted changeset: 9 10 "[JSC] Implement WebAssembly.Memory with shared" 11 https://bugs.webkit.org/show_bug.cgi?id=218693 12 https://trac.webkit.org/changeset/269940 13 1 14 2020-11-16 Yusuke Suzuki <ysuzuki@apple.com> 2 15 -
trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
r269940 r269950 1575 1575 AD2FCBE31DB58DAD00B3E736 /* JSWebAssemblyCompileError.h in Headers */ = {isa = PBXBuildFile; fileRef = AD2FCBA71DB58DA400B3E736 /* JSWebAssemblyCompileError.h */; }; 1576 1576 AD2FCBE51DB58DAD00B3E736 /* JSWebAssemblyInstance.h in Headers */ = {isa = PBXBuildFile; fileRef = AD2FCBA91DB58DA400B3E736 /* JSWebAssemblyInstance.h */; }; 1577 AD2FCBE71DB58DAD00B3E736 /* JSWebAssemblyMemory.h in Headers */ = {isa = PBXBuildFile; fileRef = AD2FCBAB1DB58DA400B3E736 /* JSWebAssemblyMemory.h */; settings = {ATTRIBUTES = (Private, ); };};1577 AD2FCBE71DB58DAD00B3E736 /* JSWebAssemblyMemory.h in Headers */ = {isa = PBXBuildFile; fileRef = AD2FCBAB1DB58DA400B3E736 /* JSWebAssemblyMemory.h */; }; 1578 1578 AD2FCBE91DB58DAD00B3E736 /* JSWebAssemblyRuntimeError.h in Headers */ = {isa = PBXBuildFile; fileRef = AD2FCBAD1DB58DA400B3E736 /* JSWebAssemblyRuntimeError.h */; }; 1579 1579 AD2FCBEB1DB58DAD00B3E736 /* JSWebAssemblyTable.h in Headers */ = {isa = PBXBuildFile; fileRef = AD2FCBAF1DB58DA400B3E736 /* JSWebAssemblyTable.h */; }; -
trunk/Source/JavaScriptCore/llint/LLIntPCRanges.h
r269940 r269950 36 36 void llintPCRangeStart(); 37 37 void llintPCRangeEnd(); 38 #if ENABLE(WEBASSEMBLY)39 void wasmLLIntPCRangeStart();40 void wasmLLIntPCRangeEnd();41 #endif42 38 } 43 39 … … 51 47 } 52 48 53 #if ENABLE(WEBASSEMBLY)54 ALWAYS_INLINE bool isWasmLLIntPC(void* pc)55 {56 uintptr_t pcAsInt = bitwise_cast<uintptr_t>(pc);57 uintptr_t start = untagCodePtr<uintptr_t, CFunctionPtrTag>(wasmLLIntPCRangeStart);58 uintptr_t end = untagCodePtr<uintptr_t, CFunctionPtrTag>(wasmLLIntPCRangeEnd);59 RELEASE_ASSERT(start < end);60 return start <= pcAsInt && pcAsInt <= end;61 }62 #endif63 64 49 #if !ENABLE(C_LOOP) 65 50 static constexpr GPRReg LLIntPC = GPRInfo::regT4; -
trunk/Source/JavaScriptCore/llint/LowLevelInterpreter.asm
r269940 r269950 2468 2468 include WebAssembly 2469 2469 end 2470 2471 global _wasmLLIntPCRangeStart2472 _wasmLLIntPCRangeStart:2473 2470 wasmScope() 2474 global _wasmLLIntPCRangeEnd2475 _wasmLLIntPCRangeEnd:2476 2471 2477 2472 else -
trunk/Source/JavaScriptCore/llint/WebAssembly.asm
r269940 r269950 46 46 const wasmInstance = csr0 47 47 const memoryBase = csr3 48 const boundsCheckingSize = csr448 const memorySize = csr4 49 49 50 50 # This must match the definition in LowLevelInterpreter.asm … … 188 188 189 189 macro preserveCalleeSavesUsedByWasm() 190 # NOTE: We intentionally don't save memoryBase and boundsCheckingSize here. See the comment190 # NOTE: We intentionally don't save memoryBase and memorySize here. See the comment 191 191 # in restoreCalleeSavesUsedByWasm() below for why. 192 192 subp CalleeSaveSpaceStackAligned, sp … … 202 202 203 203 macro restoreCalleeSavesUsedByWasm() 204 # NOTE: We intentionally don't restore memoryBase and boundsCheckingSize here. These are saved204 # NOTE: We intentionally don't restore memoryBase and memorySize here. These are saved 205 205 # and restored when entering Wasm by the JSToWasm wrapper and changes to them are meant 206 206 # to be observable within the same Wasm module. … … 241 241 macro reloadMemoryRegistersFromInstance(instance, scratch1, scratch2) 242 242 loadp Wasm::Instance::m_cachedMemory[instance], memoryBase 243 loadi Wasm::Instance::m_cached BoundsCheckingSize[instance], boundsCheckingSize244 cagedPrimitive(memoryBase, boundsCheckingSize, scratch1, scratch2)243 loadi Wasm::Instance::m_cachedMemorySize[instance], memorySize 244 cagedPrimitive(memoryBase, memorySize, scratch1, scratch2) 245 245 end 246 246 … … 857 857 858 858 wasmOp(current_memory, WasmCurrentMemory, macro(ctx) 859 loadp Wasm::Instance::m_memory[wasmInstance], t0 860 loadp Wasm::Memory::m_handle[t0], t0 861 loadp Wasm::MemoryHandle::m_size[t0], t0 859 loadp Wasm::Instance::m_cachedMemorySize[wasmInstance], t0 862 860 urshiftq 16, t0 863 861 returnq(ctx, t0) … … 877 875 macro emitCheckAndPreparePointer(ctx, pointer, offset, size) 878 876 leap size - 1[pointer, offset], t5 879 bpb t5, boundsCheckingSize, .continuation877 bpb t5, memorySize, .continuation 880 878 throwException(OutOfBoundsMemoryAccess) 881 879 .continuation: -
trunk/Source/JavaScriptCore/runtime/JSArrayBuffer.h
r269940 r269950 56 56 // This is the default DOM unwrapping. It calls toUnsharedArrayBuffer(). 57 57 static ArrayBuffer* toWrapped(VM&, JSValue); 58 static ArrayBuffer* toWrappedAllowShared(VM&, JSValue);59 58 60 59 private: … … 88 87 } 89 88 90 inline ArrayBuffer* JSArrayBuffer::toWrappedAllowShared(VM& vm, JSValue value)91 {92 return toPossiblySharedArrayBuffer(vm, value);93 }94 95 89 } // namespace JSC -
trunk/Source/JavaScriptCore/runtime/JSArrayBufferView.h
r269940 r269950 205 205 206 206 static RefPtr<ArrayBufferView> toWrapped(VM&, JSValue); 207 static RefPtr<ArrayBufferView> toWrappedAllowShared(VM&, JSValue);208 207 209 208 private: -
trunk/Source/JavaScriptCore/runtime/JSArrayBufferViewInlines.h
r269940 r269950 130 130 } 131 131 132 inline RefPtr<ArrayBufferView> JSArrayBufferView::toWrappedAllowShared(VM& vm, JSValue value)133 {134 if (JSArrayBufferView* view = jsDynamicCast<JSArrayBufferView*>(vm, value))135 return view->possiblySharedImpl();136 return nullptr;137 }138 139 140 132 } // namespace JSC -
trunk/Source/JavaScriptCore/runtime/JSGenericTypedArrayView.h
r269940 r269950 288 288 // This is the default DOM unwrapping. It calls toUnsharedNativeTypedView(). 289 289 static RefPtr<typename Adaptor::ViewType> toWrapped(VM&, JSValue); 290 // [AllowShared] annotation allows accepting TypedArray originated from SharedArrayBuffer.291 static RefPtr<typename Adaptor::ViewType> toWrappedAllowShared(VM&, JSValue);292 290 293 291 private: … … 395 393 } 396 394 397 template<typename Adaptor>398 RefPtr<typename Adaptor::ViewType> JSGenericTypedArrayView<Adaptor>::toWrappedAllowShared(VM& vm, JSValue value)399 {400 return JSC::toPossiblySharedNativeTypedView<Adaptor>(vm, value);401 }402 403 404 395 } // namespace JSC -
trunk/Source/JavaScriptCore/runtime/Options.cpp
r269940 r269950 366 366 #endif 367 367 368 #if !ENABLE(WEBASSEMBLY_ SIGNALING_MEMORY)368 #if !ENABLE(WEBASSEMBLY_FAST_MEMORY) 369 369 Options::useWebAssemblyFastMemory() = false; 370 Options::useSharedArrayBuffer() = false;371 370 #endif 372 371 … … 660 659 #endif 661 660 662 #if ASAN_ENABLED && OS(LINUX) && ENABLE(WEBASSEMBLY_ SIGNALING_MEMORY)663 if (Options::useWebAssemblyFastMemory() || Options::useSharedArrayBuffer()) {661 #if ASAN_ENABLED && OS(LINUX) && ENABLE(WEBASSEMBLY_FAST_MEMORY) 662 if (Options::useWebAssemblyFastMemory()) { 664 663 const char* asanOptions = getenv("ASAN_OPTIONS"); 665 664 bool okToUseWebAssemblyFastMemory = asanOptions 666 665 && (strstr(asanOptions, "allow_user_segv_handler=1") || strstr(asanOptions, "handle_segv=0")); 667 666 if (!okToUseWebAssemblyFastMemory) { 668 dataLogLn("WARNING: ASAN interferes with JSC signal handlers; useWebAssemblyFastMemory and useSharedArrayBufferwill be disabled.");667 dataLogLn("WARNING: ASAN interferes with JSC signal handlers; useWebAssemblyFastMemory will be disabled."); 669 668 Options::useWebAssemblyFastMemory() = false; 670 Options::useSharedArrayBuffer() = false;671 669 } 672 670 } -
trunk/Source/JavaScriptCore/wasm/WasmAirIRGenerator.cpp
r269940 r269950 681 681 Vector<UnlinkedWasmToWasmCall>& m_unlinkedWasmToWasmCalls; // List each call site and the function index whose address it should be patched with. 682 682 GPRReg m_memoryBaseGPR { InvalidGPRReg }; 683 GPRReg m_ boundsCheckingSizeGPR { InvalidGPRReg };683 GPRReg m_memorySizeGPR { InvalidGPRReg }; 684 684 GPRReg m_wasmContextInstanceGPR { InvalidGPRReg }; 685 685 bool m_makesCalls { false }; … … 773 773 774 774 if (mode != MemoryMode::Signaling) { 775 m_ boundsCheckingSizeGPR = pinnedRegs.boundsCheckingSizeRegister;776 m_code.pinRegister(m_ boundsCheckingSizeGPR);775 m_memorySizeGPR = pinnedRegs.sizeRegister; 776 m_code.pinRegister(m_memorySizeGPR); 777 777 } 778 778 … … 919 919 RegisterSet clobbers; 920 920 clobbers.set(pinnedRegs->baseMemoryPointer); 921 clobbers.set(pinnedRegs-> boundsCheckingSizeRegister);921 clobbers.set(pinnedRegs->sizeRegister); 922 922 if (!isARM64()) 923 923 clobbers.set(RegisterSet::macroScratchRegisters()); … … 934 934 AllowMacroScratchRegisterUsage allowScratch(jit); 935 935 GPRReg baseMemory = pinnedRegs->baseMemoryPointer; 936 GPRReg scratchOr BoundsCheckingSize = Gigacage::isEnabled(Gigacage::Primitive) ? params.gpScratch(0) : pinnedRegs->boundsCheckingSizeRegister;937 938 jit.loadPtr(CCallHelpers::Address(params[0].gpr(), Instance::offsetOfCached BoundsCheckingSize()), pinnedRegs->boundsCheckingSizeRegister);936 GPRReg scratchOrSize = Gigacage::isEnabled(Gigacage::Primitive) ? params.gpScratch(0) : pinnedRegs->sizeRegister; 937 938 jit.loadPtr(CCallHelpers::Address(params[0].gpr(), Instance::offsetOfCachedMemorySize()), pinnedRegs->sizeRegister); 939 939 jit.loadPtr(CCallHelpers::Address(params[0].gpr(), Instance::offsetOfCachedMemory()), baseMemory); 940 940 941 jit.cageConditionally(Gigacage::Primitive, baseMemory, pinnedRegs-> boundsCheckingSizeRegister, scratchOrBoundsCheckingSize);941 jit.cageConditionally(Gigacage::Primitive, baseMemory, pinnedRegs->sizeRegister, scratchOrSize); 942 942 }); 943 943 … … 1169 1169 auto temp2 = g64(); 1170 1170 1171 RELEASE_ASSERT(Arg::isValidAddrForm(Instance::offsetOfMemory(), B3::Width64)); 1172 RELEASE_ASSERT(Arg::isValidAddrForm(Memory::offsetOfHandle(), B3::Width64)); 1173 RELEASE_ASSERT(Arg::isValidAddrForm(MemoryHandle::offsetOfSize(), B3::Width64)); 1174 append(Move, Arg::addr(instanceValue(), Instance::offsetOfMemory()), temp1); 1175 append(Move, Arg::addr(temp1, Memory::offsetOfHandle()), temp1); 1176 append(Move, Arg::addr(temp1, MemoryHandle::offsetOfSize()), temp1); 1171 RELEASE_ASSERT(Arg::isValidAddrForm(Instance::offsetOfCachedMemorySize(), B3::Width64)); 1172 append(Move, Arg::addr(instanceValue(), Instance::offsetOfCachedMemorySize()), temp1); 1177 1173 constexpr uint32_t shiftValue = 16; 1178 1174 static_assert(PageCount::pageSize == 1ull << shiftValue, "This must hold for the code below to be correct."); … … 1368 1364 switch (m_mode) { 1369 1365 case MemoryMode::BoundsChecking: { 1370 // In bound checking mode, while shared wasm memory partially relies on signal handler too, we need to perform bound checking 1371 // to ensure that no memory access exceeds the current memory size. 1372 ASSERT(m_boundsCheckingSizeGPR); 1366 // We're not using signal handling at all, we must therefore check that no memory access exceeds the current memory size. 1367 ASSERT(m_memorySizeGPR); 1373 1368 ASSERT(sizeOfOperation + offset > offset); 1374 1369 auto temp = g64(); … … 1377 1372 1378 1373 emitCheck([&] { 1379 return Inst(Branch64, nullptr, Arg::relCond(MacroAssembler::AboveOrEqual), temp, Tmp(m_ boundsCheckingSizeGPR));1374 return Inst(Branch64, nullptr, Arg::relCond(MacroAssembler::AboveOrEqual), temp, Tmp(m_memorySizeGPR)); 1380 1375 }, [=] (CCallHelpers& jit, const B3::StackmapGenerationParams&) { 1381 1376 this->emitThrowException(jit, ExceptionType::OutOfBoundsMemoryAccess); … … 2160 2155 // We need to clobber the size register since the LLInt always bounds checks 2161 2156 if (m_mode == MemoryMode::Signaling) 2162 patchpoint->clobberLate(RegisterSet { PinnedRegisterInfo::get(). boundsCheckingSizeRegister });2157 patchpoint->clobberLate(RegisterSet { PinnedRegisterInfo::get().sizeRegister }); 2163 2158 patchpoint->setGenerator([unlinkedWasmToWasmCalls, functionIndex] (CCallHelpers& jit, const B3::StackmapGenerationParams&) { 2164 2159 AllowMacroScratchRegisterUsage allowScratch(jit); … … 2284 2279 // FIXME: We should support more than one memory size register 2285 2280 // see: https://bugs.webkit.org/show_bug.cgi?id=162952 2286 ASSERT(pinnedRegs. boundsCheckingSizeRegister != newContextInstance);2287 GPRReg scratchOr BoundsCheckingSize = Gigacage::isEnabled(Gigacage::Primitive) ? params.gpScratch(0) : pinnedRegs.boundsCheckingSizeRegister;2288 2289 jit.loadPtr(CCallHelpers::Address(newContextInstance, Instance::offsetOfCached BoundsCheckingSize()), pinnedRegs.boundsCheckingSizeRegister); // Bound checkingsize.2281 ASSERT(pinnedRegs.sizeRegister != newContextInstance); 2282 GPRReg scratchOrSize = Gigacage::isEnabled(Gigacage::Primitive) ? params.gpScratch(0) : pinnedRegs.sizeRegister; 2283 2284 jit.loadPtr(CCallHelpers::Address(newContextInstance, Instance::offsetOfCachedMemorySize()), pinnedRegs.sizeRegister); // Memory size. 2290 2285 jit.loadPtr(CCallHelpers::Address(newContextInstance, Instance::offsetOfCachedMemory()), baseMemory); // Memory::void*. 2291 2286 2292 jit.cageConditionally(Gigacage::Primitive, baseMemory, pinnedRegs. boundsCheckingSizeRegister, scratchOrBoundsCheckingSize);2287 jit.cageConditionally(Gigacage::Primitive, baseMemory, pinnedRegs.sizeRegister, scratchOrSize); 2293 2288 }); 2294 2289 -
trunk/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp
r269940 r269950 326 326 Value* m_framePointer { nullptr }; 327 327 GPRReg m_memoryBaseGPR { InvalidGPRReg }; 328 GPRReg m_ boundsCheckingSizeGPR { InvalidGPRReg };328 GPRReg m_memorySizeGPR { InvalidGPRReg }; 329 329 GPRReg m_wasmContextInstanceGPR { InvalidGPRReg }; 330 330 bool m_makesCalls { false }; … … 409 409 410 410 if (mode != MemoryMode::Signaling) { 411 m_ boundsCheckingSizeGPR = pinnedRegs.boundsCheckingSizeRegister;412 m_proc.pinRegister(m_ boundsCheckingSizeGPR);411 m_memorySizeGPR = pinnedRegs.sizeRegister; 412 m_proc.pinRegister(m_memorySizeGPR); 413 413 } 414 414 … … 418 418 switch (m_mode) { 419 419 case MemoryMode::BoundsChecking: 420 ASSERT_UNUSED(pinnedGPR, m_ boundsCheckingSizeGPR == pinnedGPR);420 ASSERT_UNUSED(pinnedGPR, m_memorySizeGPR == pinnedGPR); 421 421 break; 422 422 case MemoryMode::Signaling: … … 546 546 RegisterSet clobbers; 547 547 clobbers.set(pinnedRegs->baseMemoryPointer); 548 clobbers.set(pinnedRegs-> boundsCheckingSizeRegister);548 clobbers.set(pinnedRegs->sizeRegister); 549 549 if (!isARM64()) 550 550 clobbers.set(RegisterSet::macroScratchRegisters()); … … 562 562 AllowMacroScratchRegisterUsage allowScratch(jit); 563 563 GPRReg baseMemory = pinnedRegs->baseMemoryPointer; 564 GPRReg scratchOr BoundsCheckingSize = Gigacage::isEnabled(Gigacage::Primitive) ? params.gpScratch(0) : pinnedRegs->boundsCheckingSizeRegister;565 566 jit.loadPtr(CCallHelpers::Address(params[0].gpr(), Instance::offsetOfCached BoundsCheckingSize()), pinnedRegs->boundsCheckingSizeRegister);564 GPRReg scratchOrSize = Gigacage::isEnabled(Gigacage::Primitive) ? params.gpScratch(0) : pinnedRegs->sizeRegister; 565 566 jit.loadPtr(CCallHelpers::Address(params[0].gpr(), Instance::offsetOfCachedMemorySize()), pinnedRegs->sizeRegister); 567 567 jit.loadPtr(CCallHelpers::Address(params[0].gpr(), Instance::offsetOfCachedMemory()), baseMemory); 568 568 569 jit.cageConditionally(Gigacage::Primitive, baseMemory, pinnedRegs-> boundsCheckingSizeRegister, scratchOrBoundsCheckingSize);569 jit.cageConditionally(Gigacage::Primitive, baseMemory, pinnedRegs->sizeRegister, scratchOrSize); 570 570 }); 571 571 } … … 794 794 { 795 795 static_assert(sizeof(decltype(static_cast<Memory*>(nullptr)->size())) == sizeof(uint64_t), "codegen relies on this size"); 796 Value* memory = m_currentBlock->appendNew<MemoryValue>(m_proc, Load, Int64, origin(), instanceValue(), safeCast<int32_t>(Instance::offsetOfMemory())); 797 Value* handle = m_currentBlock->appendNew<MemoryValue>(m_proc, Load, Int64, origin(), memory, safeCast<int32_t>(Memory::offsetOfHandle())); 798 Value* size = m_currentBlock->appendNew<MemoryValue>(m_proc, Load, Int64, origin(), handle, safeCast<int32_t>(MemoryHandle::offsetOfSize())); 796 Value* size = m_currentBlock->appendNew<MemoryValue>(m_proc, Load, Int64, origin(), instanceValue(), safeCast<int32_t>(Instance::offsetOfCachedMemorySize())); 799 797 800 798 constexpr uint32_t shiftValue = 16; … … 957 955 case MemoryMode::BoundsChecking: { 958 956 // We're not using signal handling at all, we must therefore check that no memory access exceeds the current memory size. 959 ASSERT(m_ boundsCheckingSizeGPR);957 ASSERT(m_memorySizeGPR); 960 958 ASSERT(sizeOfOperation + offset > offset); 961 m_currentBlock->appendNew<WasmBoundsCheckValue>(m_proc, origin(), m_ boundsCheckingSizeGPR, pointer, sizeOfOperation + offset - 1);959 m_currentBlock->appendNew<WasmBoundsCheckValue>(m_proc, origin(), m_memorySizeGPR, pointer, sizeOfOperation + offset - 1); 962 960 break; 963 961 } … … 1713 1711 // We need to clobber the size register since the LLInt always bounds checks 1714 1712 if (m_mode == MemoryMode::Signaling) 1715 patchpoint->clobberLate(RegisterSet { PinnedRegisterInfo::get(). boundsCheckingSizeRegister });1713 patchpoint->clobberLate(RegisterSet { PinnedRegisterInfo::get().sizeRegister }); 1716 1714 patchpoint->setGenerator([unlinkedWasmToWasmCalls, functionIndex] (CCallHelpers& jit, const B3::StackmapGenerationParams&) { 1717 1715 AllowMacroScratchRegisterUsage allowScratch(jit); … … 1834 1832 jit.storePtr(baseMemory, CCallHelpers::Address(newContextInstance, Instance::offsetOfCachedStackLimit())); 1835 1833 jit.storeWasmContextInstance(newContextInstance); 1836 ASSERT(pinnedRegs. boundsCheckingSizeRegister != baseMemory);1834 ASSERT(pinnedRegs.sizeRegister != baseMemory); 1837 1835 // FIXME: We should support more than one memory size register 1838 1836 // see: https://bugs.webkit.org/show_bug.cgi?id=162952 1839 ASSERT(pinnedRegs. boundsCheckingSizeRegister != newContextInstance);1840 GPRReg scratchOr BoundsCheckingSize = Gigacage::isEnabled(Gigacage::Primitive) ? params.gpScratch(0) : pinnedRegs.boundsCheckingSizeRegister;1841 1842 jit.loadPtr(CCallHelpers::Address(newContextInstance, Instance::offsetOfCached BoundsCheckingSize()), pinnedRegs.boundsCheckingSizeRegister); // Memory size.1837 ASSERT(pinnedRegs.sizeRegister != newContextInstance); 1838 GPRReg scratchOrSize = Gigacage::isEnabled(Gigacage::Primitive) ? params.gpScratch(0) : pinnedRegs.sizeRegister; 1839 1840 jit.loadPtr(CCallHelpers::Address(newContextInstance, Instance::offsetOfCachedMemorySize()), pinnedRegs.sizeRegister); // Memory size. 1843 1841 jit.loadPtr(CCallHelpers::Address(newContextInstance, Instance::offsetOfCachedMemory()), baseMemory); // Memory::void*. 1844 1842 1845 jit.cageConditionally(Gigacage::Primitive, baseMemory, pinnedRegs. boundsCheckingSizeRegister, scratchOrBoundsCheckingSize);1843 jit.cageConditionally(Gigacage::Primitive, baseMemory, pinnedRegs.sizeRegister, scratchOrSize); 1846 1844 }); 1847 1845 doContextSwitch->appendNewControlValue(m_proc, Jump, origin(), continuation); -
trunk/Source/JavaScriptCore/wasm/WasmBinding.cpp
r269940 r269950 50 50 ASSERT(baseMemory != GPRReg::InvalidGPRReg); 51 51 ASSERT(baseMemory != scratch); 52 ASSERT(pinnedRegs. boundsCheckingSizeRegister != baseMemory);53 ASSERT(pinnedRegs. boundsCheckingSizeRegister != scratch);54 GPRReg sizeRegAsScratch = pinnedRegs. boundsCheckingSizeRegister;52 ASSERT(pinnedRegs.sizeRegister != baseMemory); 53 ASSERT(pinnedRegs.sizeRegister != scratch); 54 GPRReg sizeRegAsScratch = pinnedRegs.sizeRegister; 55 55 ASSERT(sizeRegAsScratch != GPRReg::InvalidGPRReg); 56 56 … … 69 69 // Set up the callee's baseMemory register as well as the memory size registers. 70 70 { 71 GPRReg scratchOr BoundsCheckingSize = !Gigacage::isEnabled(Gigacage::Primitive) ? pinnedRegs.boundsCheckingSizeRegister : wasmCallingConvention().prologueScratchGPRs[1];71 GPRReg scratchOrSize = !Gigacage::isEnabled(Gigacage::Primitive) ? pinnedRegs.sizeRegister : wasmCallingConvention().prologueScratchGPRs[1]; 72 72 73 jit.loadPtr(JIT::Address(baseMemory, Wasm::Instance::offsetOfCached BoundsCheckingSize()), pinnedRegs.boundsCheckingSizeRegister); // Bound checkingsize.73 jit.loadPtr(JIT::Address(baseMemory, Wasm::Instance::offsetOfCachedMemorySize()), pinnedRegs.sizeRegister); // Memory size. 74 74 jit.loadPtr(JIT::Address(baseMemory, Wasm::Instance::offsetOfCachedMemory()), baseMemory); // Wasm::Memory::TaggedArrayStoragePtr<void> (void*). 75 jit.cageConditionally(Gigacage::Primitive, baseMemory, pinnedRegs. boundsCheckingSizeRegister, scratchOrBoundsCheckingSize);75 jit.cageConditionally(Gigacage::Primitive, baseMemory, pinnedRegs.sizeRegister, scratchOrSize); 76 76 } 77 77 -
trunk/Source/JavaScriptCore/wasm/WasmFaultSignalHandler.cpp
r269940 r269950 53 53 static bool fastHandlerInstalled { false }; 54 54 55 #if ENABLE(WEBASSEMBLY_ SIGNALING_MEMORY)55 #if ENABLE(WEBASSEMBLY_FAST_MEMORY) 56 56 57 57 static SignalAction trapHandler(Signal, SigInfo& sigInfo, PlatformRegisters& context) … … 64 64 65 65 dataLogLnIf(WasmFaultSignalHandlerInternal::verbose, "JIT memory start: ", RawPointer(startOfFixedExecutableMemoryPool()), " end: ", RawPointer(endOfFixedExecutableMemoryPool())); 66 dataLogLnIf(WasmFaultSignalHandlerInternal::verbose, "WasmLLInt memory start: ", RawPointer(untagCodePtr<void*, CFunctionPtrTag>(LLInt::wasmLLIntPCRangeStart)), " end: ", RawPointer(untagCodePtr<void*, CFunctionPtrTag>(LLInt::wasmLLIntPCRangeEnd))); 67 // First we need to make sure we are in JIT code or Wasm LLInt code before we can aquire any locks. Otherwise, 66 // First we need to make sure we are in JIT code before we can aquire any locks. Otherwise, 68 67 // we might have crashed in code that is already holding one of the locks we want to aquire. 69 68 assertIsNotTagged(faultingInstruction); 70 if (isJITPC(faultingInstruction) || LLInt::isWasmLLIntPC(faultingInstruction)) {71 bool faultedInActive GrowableMemory = false;69 if (isJITPC(faultingInstruction)) { 70 bool faultedInActiveFastMemory = false; 72 71 { 73 72 void* faultingAddress = sigInfo.faultingAddress; 74 73 dataLogLnIf(WasmFaultSignalHandlerInternal::verbose, "checking faulting address: ", RawPointer(faultingAddress), " is in an active fast memory"); 75 faultedInActive GrowableMemory = Wasm::Memory::addressIsInGrowableOrFastMemory(faultingAddress);74 faultedInActiveFastMemory = Wasm::Memory::addressIsInActiveFastMemory(faultingAddress); 76 75 } 77 if (faultedInActive GrowableMemory) {76 if (faultedInActiveFastMemory) { 78 77 dataLogLnIf(WasmFaultSignalHandlerInternal::verbose, "found active fast memory for faulting address"); 79 80 auto didFaultInWasm = [](void* faultingInstruction) { 81 if (LLInt::isWasmLLIntPC(faultingInstruction)) 82 return true; 83 auto& calleeRegistry = CalleeRegistry::singleton(); 84 auto locker = holdLock(calleeRegistry.getLock()); 85 for (auto* callee : calleeRegistry.allCallees(locker)) { 86 auto [start, end] = callee->range(); 87 dataLogLnIf(WasmFaultSignalHandlerInternal::verbose, "function start: ", RawPointer(start), " end: ", RawPointer(end)); 88 if (start <= faultingInstruction && faultingInstruction < end) { 89 dataLogLnIf(WasmFaultSignalHandlerInternal::verbose, "found match"); 90 return true; 91 } 78 auto& calleeRegistry = CalleeRegistry::singleton(); 79 auto locker = holdLock(calleeRegistry.getLock()); 80 for (auto* callee : calleeRegistry.allCallees(locker)) { 81 auto [start, end] = callee->range(); 82 dataLogLnIf(WasmFaultSignalHandlerInternal::verbose, "function start: ", RawPointer(start), " end: ", RawPointer(end)); 83 if (start <= faultingInstruction && faultingInstruction < end) { 84 dataLogLnIf(WasmFaultSignalHandlerInternal::verbose, "found match"); 85 MachineContext::argumentPointer<1>(context) = reinterpret_cast<void*>(static_cast<uintptr_t>(Wasm::Context::useFastTLS())); 86 MachineContext::setInstructionPointer(context, LLInt::getCodePtr<CFunctionPtrTag>(wasm_throw_from_fault_handler_trampoline)); 87 return SignalAction::Handled; 92 88 } 93 return false;94 };95 96 if (didFaultInWasm(faultingInstruction)) {97 MachineContext::argumentPointer<1>(context) = reinterpret_cast<void*>(static_cast<uintptr_t>(Wasm::Context::useFastTLS()));98 MachineContext::setInstructionPointer(context, LLInt::getCodePtr<CFunctionPtrTag>(wasm_throw_from_fault_handler_trampoline));99 return SignalAction::Handled;100 89 } 101 90 } … … 104 93 } 105 94 106 #endif // ENABLE(WEBASSEMBLY_ SIGNALING_MEMORY)95 #endif // ENABLE(WEBASSEMBLY_FAST_MEMORY) 107 96 108 97 bool fastMemoryEnabled() … … 113 102 void enableFastMemory() 114 103 { 115 #if ENABLE(WEBASSEMBLY_ SIGNALING_MEMORY)104 #if ENABLE(WEBASSEMBLY_FAST_MEMORY) 116 105 static std::once_flag once; 117 106 std::call_once(once, [] { … … 119 108 return; 120 109 121 if (!Options::useWebAssemblyFastMemory() && !Options::useSharedArrayBuffer())110 if (!Options::useWebAssemblyFastMemory()) 122 111 return; 123 112 … … 131 120 void prepareFastMemory() 132 121 { 133 #if ENABLE(WEBASSEMBLY_ SIGNALING_MEMORY)122 #if ENABLE(WEBASSEMBLY_FAST_MEMORY) 134 123 static std::once_flag once; 135 124 std::call_once(once, [] { … … 137 126 return; 138 127 139 if (!Options::useWebAssemblyFastMemory() && !Options::useSharedArrayBuffer())128 if (!Options::useWebAssemblyFastMemory()) 140 129 return; 141 130 … … 144 133 }); 145 134 }); 146 #endif // ENABLE(WEBASSEMBLY_ SIGNALING_MEMORY)135 #endif // ENABLE(WEBASSEMBLY_FAST_MEMORY) 147 136 } 148 137 -
trunk/Source/JavaScriptCore/wasm/WasmInstance.h
r269940 r269950 78 78 void setTable(unsigned, Ref<Table>&&); 79 79 80 void* cachedMemory() const { return m_cachedMemory.getMayBeNull(cached BoundsCheckingSize()); }81 size_t cached BoundsCheckingSize() const { return m_cachedBoundsCheckingSize; }80 void* cachedMemory() const { return m_cachedMemory.getMayBeNull(cachedMemorySize()); } 81 size_t cachedMemorySize() const { return m_cachedMemorySize; } 82 82 83 83 void setMemory(Ref<Memory>&& memory) … … 90 90 { 91 91 if (m_memory != nullptr) { 92 m_cachedMemory = CagedPtr<Gigacage::Primitive, void, tagCagedPtr>(memory()->memory(), memory()-> boundsCheckingSize());93 m_cached BoundsCheckingSize = memory()->boundsCheckingSize();92 m_cachedMemory = CagedPtr<Gigacage::Primitive, void, tagCagedPtr>(memory()->memory(), memory()->size()); 93 m_cachedMemorySize = memory()->size(); 94 94 } 95 95 } … … 147 147 static ptrdiff_t offsetOfGlobals() { return OBJECT_OFFSETOF(Instance, m_globals); } 148 148 static ptrdiff_t offsetOfCachedMemory() { return OBJECT_OFFSETOF(Instance, m_cachedMemory); } 149 static ptrdiff_t offsetOfCached BoundsCheckingSize() { return OBJECT_OFFSETOF(Instance, m_cachedBoundsCheckingSize); }149 static ptrdiff_t offsetOfCachedMemorySize() { return OBJECT_OFFSETOF(Instance, m_cachedMemorySize); } 150 150 static ptrdiff_t offsetOfPointerToTopEntryFrame() { return OBJECT_OFFSETOF(Instance, m_pointerToTopEntryFrame); } 151 151 … … 202 202 Context* m_context { nullptr }; 203 203 CagedPtr<Gigacage::Primitive, void, tagCagedPtr> m_cachedMemory; 204 size_t m_cached BoundsCheckingSize { 0 };204 size_t m_cachedMemorySize { 0 }; 205 205 Ref<Module> m_module; 206 206 RefPtr<CodeBlock> m_codeBlock; -
trunk/Source/JavaScriptCore/wasm/WasmMemory.cpp
r269940 r269950 37 37 #include <wtf/PrintStream.h> 38 38 #include <wtf/RAMSize.h> 39 #include <wtf/StdSet.h>40 39 #include <wtf/Vector.h> 41 40 … … 135 134 dataLogLnIf(Options::logWebAssemblyMemory(), "Freed virtual; state: ", *this); 136 135 } 137 138 MemoryResult tryAllocateGrowableBoundsCheckingMemory(size_t mappedCapacity) 139 { 140 MemoryResult result = [&] { 141 auto holder = holdLock(m_lock); 142 void* result = Gigacage::tryAllocateZeroedVirtualPages(Gigacage::Primitive, mappedCapacity); 143 if (!result) 144 return MemoryResult(nullptr, MemoryResult::SyncTryToReclaimMemory); 145 146 m_growableBoundsCheckingMemories.insert(std::make_pair(bitwise_cast<uintptr_t>(result), mappedCapacity)); 147 148 return MemoryResult(result, MemoryResult::Success); 149 }(); 150 151 dataLogLnIf(Options::logWebAssemblyMemory(), "Allocated virtual: ", result, "; state: ", *this); 152 153 return result; 154 } 155 156 void freeGrowableBoundsCheckingMemory(void* basePtr, size_t mappedCapacity) 157 { 158 { 159 auto holder = holdLock(m_lock); 160 Gigacage::freeVirtualPages(Gigacage::Primitive, basePtr, mappedCapacity); 161 m_growableBoundsCheckingMemories.erase(std::make_pair(bitwise_cast<uintptr_t>(basePtr), mappedCapacity)); 162 } 163 164 dataLogLnIf(Options::logWebAssemblyMemory(), "Freed virtual; state: ", *this); 165 } 166 167 bool isInGrowableOrFastMemory(void* address) 168 { 169 // NOTE: This can be called from a signal handler, but only after we proved that we're in JIT code or WasmLLInt code. 136 137 bool isAddressInFastMemory(void* address) 138 { 139 // NOTE: This can be called from a signal handler, but only after we proved that we're in JIT code. 170 140 auto holder = holdLock(m_lock); 171 141 for (void* memory : m_fastMemories) { … … 174 144 return true; 175 145 } 176 uintptr_t addressValue = bitwise_cast<uintptr_t>(address);177 auto iterator = std::upper_bound(m_growableBoundsCheckingMemories.begin(), m_growableBoundsCheckingMemories.end(), std::make_pair(addressValue, 0),178 [](std::pair<uintptr_t, size_t> a, std::pair<uintptr_t, size_t> b) {179 return (a.first + a.second) < (b.first + b.second);180 });181 if (iterator != m_growableBoundsCheckingMemories.end()) {182 // Since we never have overlapped range in m_growableBoundsCheckingMemories, just checking one lower-bound range is enough.183 if (iterator->first <= addressValue && addressValue < (iterator->first + iterator->second))184 return true;185 }186 146 return false; 187 147 } … … 233 193 unsigned m_maxFastMemoryCount { 0 }; 234 194 Vector<void*> m_fastMemories; 235 StdSet<std::pair<uintptr_t, size_t>> m_growableBoundsCheckingMemories;236 195 size_t m_physicalBytes { 0 }; 237 196 }; … … 277 236 } // anonymous namespace 278 237 279 280 MemoryHandle::MemoryHandle(void* memory, size_t size, size_t mappedCapacity, PageCount initial, PageCount maximum, MemorySharingMode sharingMode, MemoryMode mode) 281 : m_memory(memory, mappedCapacity) 282 , m_size(size) 283 , m_mappedCapacity(mappedCapacity) 238 Memory::Memory() 239 { 240 } 241 242 Memory::Memory(PageCount initial, PageCount maximum, Function<void(NotifyPressure)>&& notifyMemoryPressure, Function<void(SyncTryToReclaim)>&& syncTryToReclaimMemory, WTF::Function<void(GrowSuccess, PageCount, PageCount)>&& growSuccessCallback) 243 : m_initial(initial) 244 , m_maximum(maximum) 245 , m_notifyMemoryPressure(WTFMove(notifyMemoryPressure)) 246 , m_syncTryToReclaimMemory(WTFMove(syncTryToReclaimMemory)) 247 , m_growSuccessCallback(WTFMove(growSuccessCallback)) 248 { 249 ASSERT(!initial.bytes()); 250 ASSERT(m_mode == MemoryMode::BoundsChecking); 251 dataLogLnIf(verbose, "Memory::Memory allocating ", *this); 252 ASSERT(!memory()); 253 } 254 255 Memory::Memory(void* memory, PageCount initial, PageCount maximum, size_t mappedCapacity, MemoryMode mode, Function<void(NotifyPressure)>&& notifyMemoryPressure, Function<void(SyncTryToReclaim)>&& syncTryToReclaimMemory, WTF::Function<void(GrowSuccess, PageCount, PageCount)>&& growSuccessCallback) 256 : m_memory(memory, initial.bytes()) 257 , m_size(initial.bytes()) 284 258 , m_initial(initial) 285 259 , m_maximum(maximum) 286 , m_ sharingMode(sharingMode)260 , m_mappedCapacity(mappedCapacity) 287 261 , m_mode(mode) 288 { 289 #if ASSERT_ENABLED 290 if (sharingMode == MemorySharingMode::Default && mode == MemoryMode::BoundsChecking) 291 ASSERT(mappedCapacity == size); 292 #endif 293 } 294 295 MemoryHandle::~MemoryHandle() 262 , m_notifyMemoryPressure(WTFMove(notifyMemoryPressure)) 263 , m_syncTryToReclaimMemory(WTFMove(syncTryToReclaimMemory)) 264 , m_growSuccessCallback(WTFMove(growSuccessCallback)) 265 { 266 dataLogLnIf(verbose, "Memory::Memory allocating ", *this); 267 } 268 269 Ref<Memory> Memory::create() 270 { 271 return adoptRef(*new Memory()); 272 } 273 274 RefPtr<Memory> Memory::tryCreate(PageCount initial, PageCount maximum, WTF::Function<void(NotifyPressure)>&& notifyMemoryPressure, WTF::Function<void(SyncTryToReclaim)>&& syncTryToReclaimMemory, WTF::Function<void(GrowSuccess, PageCount, PageCount)>&& growSuccessCallback) 275 { 276 ASSERT(initial); 277 RELEASE_ASSERT(!maximum || maximum >= initial); // This should be guaranteed by our caller. 278 279 const size_t initialBytes = initial.bytes(); 280 const size_t maximumBytes = maximum ? maximum.bytes() : 0; 281 282 if (initialBytes > MAX_ARRAY_BUFFER_SIZE) 283 return nullptr; // Client will throw OOMError. 284 285 if (maximum && !maximumBytes) { 286 // User specified a zero maximum, initial size must also be zero. 287 RELEASE_ASSERT(!initialBytes); 288 return adoptRef(new Memory(initial, maximum, WTFMove(notifyMemoryPressure), WTFMove(syncTryToReclaimMemory), WTFMove(growSuccessCallback))); 289 } 290 291 bool done = tryAllocate( 292 [&] () -> MemoryResult::Kind { 293 return memoryManager().tryAllocatePhysicalBytes(initialBytes); 294 }, notifyMemoryPressure, syncTryToReclaimMemory); 295 if (!done) 296 return nullptr; 297 298 char* fastMemory = nullptr; 299 if (Options::useWebAssemblyFastMemory()) { 300 tryAllocate( 301 [&] () -> MemoryResult::Kind { 302 auto result = memoryManager().tryAllocateFastMemory(); 303 fastMemory = bitwise_cast<char*>(result.basePtr); 304 return result.kind; 305 }, notifyMemoryPressure, syncTryToReclaimMemory); 306 } 307 308 if (fastMemory) { 309 310 if (mprotect(fastMemory + initialBytes, Memory::fastMappedBytes() - initialBytes, PROT_NONE)) { 311 dataLog("mprotect failed: ", strerror(errno), "\n"); 312 RELEASE_ASSERT_NOT_REACHED(); 313 } 314 315 return adoptRef(new Memory(fastMemory, initial, maximum, Memory::fastMappedBytes(), MemoryMode::Signaling, WTFMove(notifyMemoryPressure), WTFMove(syncTryToReclaimMemory), WTFMove(growSuccessCallback))); 316 } 317 318 if (UNLIKELY(Options::crashIfWebAssemblyCantFastMemory())) 319 webAssemblyCouldntGetFastMemory(); 320 321 if (!initialBytes) 322 return adoptRef(new Memory(initial, maximum, WTFMove(notifyMemoryPressure), WTFMove(syncTryToReclaimMemory), WTFMove(growSuccessCallback))); 323 324 void* slowMemory = Gigacage::tryAllocateZeroedVirtualPages(Gigacage::Primitive, initialBytes); 325 if (!slowMemory) { 326 memoryManager().freePhysicalBytes(initialBytes); 327 return nullptr; 328 } 329 return adoptRef(new Memory(slowMemory, initial, maximum, initialBytes, MemoryMode::BoundsChecking, WTFMove(notifyMemoryPressure), WTFMove(syncTryToReclaimMemory), WTFMove(growSuccessCallback))); 330 } 331 332 Memory::~Memory() 296 333 { 297 334 if (m_memory) { … … 305 342 memoryManager().freeFastMemory(memory()); 306 343 break; 307 case MemoryMode::BoundsChecking: { 308 switch (m_sharingMode) { 309 case MemorySharingMode::Default: 310 Gigacage::freeVirtualPages(Gigacage::Primitive, memory(), m_size); 311 break; 312 case MemorySharingMode::Shared: { 313 if (mprotect(memory(), m_mappedCapacity, PROT_READ | PROT_WRITE)) { 314 dataLog("mprotect failed: ", strerror(errno), "\n"); 315 RELEASE_ASSERT_NOT_REACHED(); 316 } 317 memoryManager().freeGrowableBoundsCheckingMemory(memory(), m_mappedCapacity); 318 break; 319 } 320 } 344 case MemoryMode::BoundsChecking: 345 Gigacage::freeVirtualPages(Gigacage::Primitive, memory(), m_size); 321 346 break; 322 347 } 323 } 324 } 325 } 326 327 Memory::Memory() 328 : m_handle(adoptRef(*new MemoryHandle(nullptr, 0, 0, PageCount(0), PageCount(0), MemorySharingMode::Default, MemoryMode::BoundsChecking))) 329 { 330 } 331 332 Memory::Memory(PageCount initial, PageCount maximum, MemorySharingMode sharingMode, Function<void(NotifyPressure)>&& notifyMemoryPressure, Function<void(SyncTryToReclaim)>&& syncTryToReclaimMemory, WTF::Function<void(GrowSuccess, PageCount, PageCount)>&& growSuccessCallback) 333 : m_handle(adoptRef(*new MemoryHandle(nullptr, 0, 0, initial, maximum, sharingMode, MemoryMode::BoundsChecking))) 334 , m_notifyMemoryPressure(WTFMove(notifyMemoryPressure)) 335 , m_syncTryToReclaimMemory(WTFMove(syncTryToReclaimMemory)) 336 , m_growSuccessCallback(WTFMove(growSuccessCallback)) 337 { 338 ASSERT(!initial.bytes()); 339 ASSERT(mode() == MemoryMode::BoundsChecking); 340 dataLogLnIf(verbose, "Memory::Memory allocating ", *this); 341 ASSERT(!memory()); 342 } 343 344 Memory::Memory(Ref<MemoryHandle>&& handle, Function<void(NotifyPressure)>&& notifyMemoryPressure, Function<void(SyncTryToReclaim)>&& syncTryToReclaimMemory, WTF::Function<void(GrowSuccess, PageCount, PageCount)>&& growSuccessCallback) 345 : m_handle(WTFMove(handle)) 346 , m_notifyMemoryPressure(WTFMove(notifyMemoryPressure)) 347 , m_syncTryToReclaimMemory(WTFMove(syncTryToReclaimMemory)) 348 , m_growSuccessCallback(WTFMove(growSuccessCallback)) 349 { 350 dataLogLnIf(verbose, "Memory::Memory allocating ", *this); 351 } 352 353 Ref<Memory> Memory::create() 354 { 355 return adoptRef(*new Memory()); 356 } 357 358 Ref<Memory> Memory::create(Ref<MemoryHandle>&& handle, WTF::Function<void(NotifyPressure)>&& notifyMemoryPressure, WTF::Function<void(SyncTryToReclaim)>&& syncTryToReclaimMemory, WTF::Function<void(GrowSuccess, PageCount, PageCount)>&& growSuccessCallback) 359 { 360 return adoptRef(*new Memory(WTFMove(handle), WTFMove(notifyMemoryPressure), WTFMove(syncTryToReclaimMemory), WTFMove(growSuccessCallback))); 361 } 362 363 RefPtr<Memory> Memory::tryCreate(PageCount initial, PageCount maximum, MemorySharingMode sharingMode, WTF::Function<void(NotifyPressure)>&& notifyMemoryPressure, WTF::Function<void(SyncTryToReclaim)>&& syncTryToReclaimMemory, WTF::Function<void(GrowSuccess, PageCount, PageCount)>&& growSuccessCallback) 364 { 365 ASSERT(initial); 366 RELEASE_ASSERT(!maximum || maximum >= initial); // This should be guaranteed by our caller. 367 368 const size_t initialBytes = initial.bytes(); 369 const size_t maximumBytes = maximum ? maximum.bytes() : 0; 370 371 if (initialBytes > MAX_ARRAY_BUFFER_SIZE) 372 return nullptr; // Client will throw OOMError. 373 374 if (maximum && !maximumBytes) { 375 // User specified a zero maximum, initial size must also be zero. 376 RELEASE_ASSERT(!initialBytes); 377 return adoptRef(new Memory(initial, maximum, sharingMode, WTFMove(notifyMemoryPressure), WTFMove(syncTryToReclaimMemory), WTFMove(growSuccessCallback))); 378 } 379 380 bool done = tryAllocate( 381 [&] () -> MemoryResult::Kind { 382 return memoryManager().tryAllocatePhysicalBytes(initialBytes); 383 }, notifyMemoryPressure, syncTryToReclaimMemory); 384 if (!done) 385 return nullptr; 386 387 char* fastMemory = nullptr; 388 if (Options::useWebAssemblyFastMemory()) { 389 tryAllocate( 390 [&] () -> MemoryResult::Kind { 391 auto result = memoryManager().tryAllocateFastMemory(); 392 fastMemory = bitwise_cast<char*>(result.basePtr); 393 return result.kind; 394 }, notifyMemoryPressure, syncTryToReclaimMemory); 395 } 396 397 if (fastMemory) { 398 if (mprotect(fastMemory + initialBytes, Memory::fastMappedBytes() - initialBytes, PROT_NONE)) { 399 dataLog("mprotect failed: ", strerror(errno), "\n"); 400 RELEASE_ASSERT_NOT_REACHED(); 401 } 402 403 return Memory::create(adoptRef(*new MemoryHandle(fastMemory, initialBytes, Memory::fastMappedBytes(), initial, maximum, sharingMode, MemoryMode::Signaling)), WTFMove(notifyMemoryPressure), WTFMove(syncTryToReclaimMemory), WTFMove(growSuccessCallback)); 404 } 405 406 if (UNLIKELY(Options::crashIfWebAssemblyCantFastMemory())) 407 webAssemblyCouldntGetFastMemory(); 408 409 if (!initialBytes) 410 return adoptRef(new Memory(initial, maximum, sharingMode, WTFMove(notifyMemoryPressure), WTFMove(syncTryToReclaimMemory), WTFMove(growSuccessCallback))); 411 412 switch (sharingMode) { 413 case MemorySharingMode::Default: { 414 void* slowMemory = Gigacage::tryAllocateZeroedVirtualPages(Gigacage::Primitive, initialBytes); 415 if (!slowMemory) { 416 memoryManager().freePhysicalBytes(initialBytes); 417 return nullptr; 418 } 419 return Memory::create(adoptRef(*new MemoryHandle(slowMemory, initialBytes, initialBytes, initial, maximum, sharingMode, MemoryMode::BoundsChecking)), WTFMove(notifyMemoryPressure), WTFMove(syncTryToReclaimMemory), WTFMove(growSuccessCallback)); 420 } 421 case MemorySharingMode::Shared: { 422 char* slowMemory = nullptr; 423 tryAllocate( 424 [&] () -> MemoryResult::Kind { 425 auto result = memoryManager().tryAllocateGrowableBoundsCheckingMemory(maximumBytes); 426 slowMemory = bitwise_cast<char*>(result.basePtr); 427 return result.kind; 428 }, notifyMemoryPressure, syncTryToReclaimMemory); 429 if (!slowMemory) { 430 memoryManager().freePhysicalBytes(initialBytes); 431 return nullptr; 432 } 433 434 if (mprotect(slowMemory + initialBytes, maximumBytes - initialBytes, PROT_NONE)) { 435 dataLog("mprotect failed: ", strerror(errno), "\n"); 436 RELEASE_ASSERT_NOT_REACHED(); 437 } 438 439 return Memory::create(adoptRef(*new MemoryHandle(slowMemory, initialBytes, maximumBytes, initial, maximum, sharingMode, MemoryMode::BoundsChecking)), WTFMove(notifyMemoryPressure), WTFMove(syncTryToReclaimMemory), WTFMove(growSuccessCallback)); 440 } 441 } 442 RELEASE_ASSERT_NOT_REACHED(); 443 return nullptr; 444 } 445 446 Memory::~Memory() = default; 348 } 349 } 447 350 448 351 size_t Memory::fastMappedRedzoneBytes() … … 457 360 } 458 361 459 bool Memory::addressIsInGrowableOrFastMemory(void* address) 460 { 461 return memoryManager().isInGrowableOrFastMemory(address); 462 } 463 464 Expected<PageCount, Memory::GrowFailReason> Memory::growShared(PageCount delta) 465 { 466 Wasm::PageCount oldPageCount; 467 Wasm::PageCount newPageCount; 468 auto result = ([&]() -> Expected<PageCount, Memory::GrowFailReason> { 469 auto locker = holdLock(m_handle->lock()); 470 471 oldPageCount = sizeInPages(); 472 newPageCount = oldPageCount + delta; 473 if (!newPageCount || !newPageCount.isValid()) 474 return makeUnexpected(GrowFailReason::InvalidGrowSize); 475 if (newPageCount.bytes() > MAX_ARRAY_BUFFER_SIZE) 476 return makeUnexpected(GrowFailReason::OutOfMemory); 477 478 if (!delta.pageCount()) 479 return oldPageCount; 480 481 dataLogLnIf(verbose, "Memory::grow(", delta, ") to ", newPageCount, " from ", *this); 482 RELEASE_ASSERT(newPageCount > PageCount::fromBytes(size())); 483 484 if (maximum() && newPageCount > maximum()) 485 return makeUnexpected(GrowFailReason::WouldExceedMaximum); 486 487 size_t desiredSize = newPageCount.bytes(); 488 RELEASE_ASSERT(desiredSize <= MAX_ARRAY_BUFFER_SIZE); 489 RELEASE_ASSERT(desiredSize > size()); 490 491 // If the memory is MemorySharingMode::Shared, we already allocated enough virtual address space even if the memory is bound-checking mode. We perform mprotect to extend. 492 size_t extraBytes = desiredSize - size(); 493 RELEASE_ASSERT(extraBytes); 494 bool allocationSuccess = tryAllocate( 495 [&] () -> MemoryResult::Kind { 496 return memoryManager().tryAllocatePhysicalBytes(extraBytes); 497 }, [](Wasm::Memory::NotifyPressure) { }, [](Memory::SyncTryToReclaim) { }); 498 if (!allocationSuccess) 499 return makeUnexpected(GrowFailReason::OutOfMemory); 500 501 RELEASE_ASSERT(memory()); 502 503 // Signaling memory must have been pre-allocated virtually. 504 uint8_t* startAddress = static_cast<uint8_t*>(memory()) + size(); 505 506 dataLogLnIf(verbose, "Marking WebAssembly memory's ", RawPointer(memory()), " as read+write in range [", RawPointer(startAddress), ", ", RawPointer(startAddress + extraBytes), ")"); 507 if (mprotect(startAddress, extraBytes, PROT_READ | PROT_WRITE)) { 508 dataLog("mprotect failed: ", strerror(errno), "\n"); 509 RELEASE_ASSERT_NOT_REACHED(); 510 } 511 512 m_handle->growToSize(desiredSize); 513 return oldPageCount; 514 }()); 515 if (result) 516 m_growSuccessCallback(GrowSuccessTag, oldPageCount, newPageCount); 517 return result; 362 bool Memory::addressIsInActiveFastMemory(void* address) 363 { 364 return memoryManager().isAddressInFastMemory(address); 518 365 } 519 366 520 367 Expected<PageCount, Memory::GrowFailReason> Memory::grow(PageCount delta) 521 368 { 369 const Wasm::PageCount oldPageCount = sizeInPages(); 370 522 371 if (!delta.isValid()) 523 372 return makeUnexpected(GrowFailReason::InvalidDelta); 524 525 if (sharingMode() == MemorySharingMode::Shared) 526 return growShared(delta); 527 528 const Wasm::PageCount oldPageCount = sizeInPages(); 373 529 374 const Wasm::PageCount newPageCount = oldPageCount + delta; 530 375 if (!newPageCount || !newPageCount.isValid()) … … 547 392 548 393 dataLogLnIf(verbose, "Memory::grow(", delta, ") to ", newPageCount, " from ", *this); 549 RELEASE_ASSERT(newPageCount > PageCount::fromBytes( size()));394 RELEASE_ASSERT(newPageCount > PageCount::fromBytes(m_size)); 550 395 551 396 if (maximum() && newPageCount > maximum()) … … 554 399 size_t desiredSize = newPageCount.bytes(); 555 400 RELEASE_ASSERT(desiredSize <= MAX_ARRAY_BUFFER_SIZE); 556 RELEASE_ASSERT(desiredSize > size()); 401 RELEASE_ASSERT(desiredSize > m_size); 402 size_t extraBytes = desiredSize - m_size; 403 RELEASE_ASSERT(extraBytes); 404 bool allocationSuccess = tryAllocate( 405 [&] () -> MemoryResult::Kind { 406 return memoryManager().tryAllocatePhysicalBytes(extraBytes); 407 }, m_notifyMemoryPressure, m_syncTryToReclaimMemory); 408 if (!allocationSuccess) 409 return makeUnexpected(GrowFailReason::OutOfMemory); 410 557 411 switch (mode()) { 558 412 case MemoryMode::BoundsChecking: { 559 bool allocationSuccess = tryAllocate(560 [&] () -> MemoryResult::Kind {561 return memoryManager().tryAllocatePhysicalBytes(desiredSize);562 }, m_notifyMemoryPressure, m_syncTryToReclaimMemory);563 if (!allocationSuccess)564 return makeUnexpected(GrowFailReason::OutOfMemory);565 566 413 RELEASE_ASSERT(maximum().bytes() != 0); 567 414 … … 570 417 return makeUnexpected(GrowFailReason::OutOfMemory); 571 418 572 memcpy(newMemory, memory(), size()); 573 auto newHandle = adoptRef(*new MemoryHandle(newMemory, desiredSize, desiredSize, initial(), maximum(), sharingMode(), MemoryMode::BoundsChecking)); 574 m_handle = WTFMove(newHandle); 575 419 memcpy(newMemory, memory(), m_size); 420 if (m_memory) 421 Gigacage::freeVirtualPages(Gigacage::Primitive, memory(), m_size); 422 m_memory = CagedMemory(newMemory, desiredSize); 423 m_mappedCapacity = desiredSize; 424 m_size = desiredSize; 576 425 ASSERT(memory() == newMemory); 577 426 return success(); 578 427 } 579 428 case MemoryMode::Signaling: { 580 size_t extraBytes = desiredSize - size();581 RELEASE_ASSERT(extraBytes);582 bool allocationSuccess = tryAllocate(583 [&] () -> MemoryResult::Kind {584 return memoryManager().tryAllocatePhysicalBytes(extraBytes);585 }, m_notifyMemoryPressure, m_syncTryToReclaimMemory);586 if (!allocationSuccess)587 return makeUnexpected(GrowFailReason::OutOfMemory);588 589 429 RELEASE_ASSERT(memory()); 590 591 430 // Signaling memory must have been pre-allocated virtually. 592 uint8_t* startAddress = static_cast<uint8_t*>(memory()) + size();431 uint8_t* startAddress = static_cast<uint8_t*>(memory()) + m_size; 593 432 594 433 dataLogLnIf(verbose, "Marking WebAssembly memory's ", RawPointer(memory()), " as read+write in range [", RawPointer(startAddress), ", ", RawPointer(startAddress + extraBytes), ")"); … … 597 436 RELEASE_ASSERT_NOT_REACHED(); 598 437 } 599 600 m_ handle->growToSize(desiredSize);438 m_memory.recage(m_size, desiredSize); 439 m_size = desiredSize; 601 440 return success(); 602 441 } … … 621 460 void Memory::dump(PrintStream& out) const 622 461 { 623 auto handle = m_handle.copyRef(); 624 out.print("Memory at ", RawPointer(handle->memory()), ", size ", handle->size(), "B capacity ", handle->mappedCapacity(), "B, initial ", handle->initial(), " maximum ", handle->maximum(), " mode ", makeString(handle->mode()), " sharingMode ", makeString(handle->sharingMode())); 462 out.print("Memory at ", RawPointer(memory()), ", size ", m_size, "B capacity ", m_mappedCapacity, "B, initial ", m_initial, " maximum ", m_maximum, " mode ", makeString(m_mode)); 625 463 } 626 464 -
trunk/Source/JavaScriptCore/wasm/WasmMemory.h
r269940 r269950 45 45 namespace JSC { 46 46 47 class LLIntOffsetsExtractor;48 49 47 namespace Wasm { 50 48 51 49 class Instance; 52 50 53 class MemoryHandle final : public ThreadSafeRefCounted<MemoryHandle> { 54 WTF_MAKE_NONCOPYABLE(MemoryHandle); 55 WTF_MAKE_FAST_ALLOCATED; 56 friend LLIntOffsetsExtractor; 57 public: 58 MemoryHandle(void*, size_t size, size_t mappedCapacity, PageCount initial, PageCount maximum, MemorySharingMode, MemoryMode); 59 JS_EXPORT_PRIVATE ~MemoryHandle(); 60 61 void* memory() const { ASSERT(m_memory.getMayBeNull(m_mappedCapacity) == m_memory.getUnsafe()); return m_memory.getMayBeNull(m_mappedCapacity); } 62 size_t size() const { return m_size; } 63 size_t mappedCapacity() const { return m_mappedCapacity; } 64 PageCount initial() const { return m_initial; } 65 PageCount maximum() const { return m_maximum; } 66 MemorySharingMode sharingMode() const { return m_sharingMode; } 67 MemoryMode mode() const { return m_mode; } 68 static ptrdiff_t offsetOfSize() { return OBJECT_OFFSETOF(MemoryHandle, m_size); } 69 Lock& lock() { return m_lock; } 70 71 void growToSize(size_t size) 72 { 73 m_size = size; 74 } 75 76 private: 77 using CagedMemory = CagedPtr<Gigacage::Primitive, void, tagCagedPtr>; 78 CagedMemory m_memory; 79 size_t m_size { 0 }; 80 size_t m_mappedCapacity { 0 }; 81 PageCount m_initial; 82 PageCount m_maximum; 83 MemorySharingMode m_sharingMode { MemorySharingMode::Default }; 84 MemoryMode m_mode { MemoryMode::BoundsChecking }; 85 Lock m_lock; 86 }; 87 88 class Memory final : public RefCounted<Memory> { 51 class Memory : public RefCounted<Memory> { 89 52 WTF_MAKE_NONCOPYABLE(Memory); 90 53 WTF_MAKE_FAST_ALLOCATED; 91 friend LLIntOffsetsExtractor;92 54 public: 93 55 void dump(WTF::PrintStream&) const; 94 56 95 explicit operator bool() const { return !!m_ handle->memory(); }57 explicit operator bool() const { return !!m_memory; } 96 58 97 59 enum NotifyPressure { NotifyPressureTag }; … … 100 62 101 63 static Ref<Memory> create(); 102 JS_EXPORT_PRIVATE static Ref<Memory> create(Ref<MemoryHandle>&&, WTF::Function<void(NotifyPressure)>&& notifyMemoryPressure, WTF::Function<void(SyncTryToReclaim)>&& syncTryToReclaimMemory, WTF::Function<void(GrowSuccess, PageCount, PageCount)>&& growSuccessCallback); 103 static RefPtr<Memory> tryCreate(PageCount initial, PageCount maximum, MemorySharingMode, WTF::Function<void(NotifyPressure)>&& notifyMemoryPressure, WTF::Function<void(SyncTryToReclaim)>&& syncTryToReclaimMemory, WTF::Function<void(GrowSuccess, PageCount, PageCount)>&& growSuccessCallback); 64 static RefPtr<Memory> tryCreate(PageCount initial, PageCount maximum, WTF::Function<void(NotifyPressure)>&& notifyMemoryPressure, WTF::Function<void(SyncTryToReclaim)>&& syncTryToReclaimMemory, WTF::Function<void(GrowSuccess, PageCount, PageCount)>&& growSuccessCallback); 104 65 105 JS_EXPORT_PRIVATE~Memory();66 ~Memory(); 106 67 107 68 static size_t fastMappedRedzoneBytes(); 108 69 static size_t fastMappedBytes(); // Includes redzone. 109 static bool addressIsIn GrowableOrFastMemory(void*);70 static bool addressIsInActiveFastMemory(void*); 110 71 111 void* memory() const { return m_handle->memory(); } 112 size_t size() const { return m_handle->size(); } 113 PageCount sizeInPages() const { return PageCount::fromBytes(size()); } 114 size_t boundsCheckingSize() const { return m_handle->mappedCapacity(); } 115 PageCount initial() const { return m_handle->initial(); } 116 PageCount maximum() const { return m_handle->maximum(); } 117 MemoryHandle& handle() { return m_handle.get(); } 72 void* memory() const { ASSERT(m_memory.getMayBeNull(size()) == m_memory.getUnsafe()); return m_memory.getMayBeNull(size()); } 73 size_t size() const { return m_size; } 74 PageCount sizeInPages() const { return PageCount::fromBytes(m_size); } 118 75 119 MemorySharingMode sharingMode() const { return m_handle->sharingMode(); } 120 MemoryMode mode() const { return m_handle->mode(); } 76 PageCount initial() const { return m_initial; } 77 PageCount maximum() const { return m_maximum; } 78 79 MemoryMode mode() const { return m_mode; } 121 80 122 81 enum class GrowFailReason { … … 131 90 void check() { ASSERT(!deletionHasBegun()); } 132 91 133 static ptrdiff_t offsetOfHandle() { return OBJECT_OFFSETOF(Memory, m_handle); } 92 static ptrdiff_t offsetOfMemory() { return OBJECT_OFFSETOF(Memory, m_memory); } 93 static ptrdiff_t offsetOfSize() { return OBJECT_OFFSETOF(Memory, m_size); } 134 94 135 95 private: 136 96 Memory(); 137 Memory( Ref<MemoryHandle>&&, WTF::Function<void(NotifyPressure)>&& notifyMemoryPressure, WTF::Function<void(SyncTryToReclaim)>&& syncTryToReclaimMemory, WTF::Function<void(GrowSuccess, PageCount, PageCount)>&& growSuccessCallback);138 Memory(PageCount initial, PageCount maximum, MemorySharingMode,WTF::Function<void(NotifyPressure)>&& notifyMemoryPressure, WTF::Function<void(SyncTryToReclaim)>&& syncTryToReclaimMemory, WTF::Function<void(GrowSuccess, PageCount, PageCount)>&& growSuccessCallback);97 Memory(void* memory, PageCount initial, PageCount maximum, size_t mappedCapacity, MemoryMode, WTF::Function<void(NotifyPressure)>&& notifyMemoryPressure, WTF::Function<void(SyncTryToReclaim)>&& syncTryToReclaimMemory, WTF::Function<void(GrowSuccess, PageCount, PageCount)>&& growSuccessCallback); 98 Memory(PageCount initial, PageCount maximum, WTF::Function<void(NotifyPressure)>&& notifyMemoryPressure, WTF::Function<void(SyncTryToReclaim)>&& syncTryToReclaimMemory, WTF::Function<void(GrowSuccess, PageCount, PageCount)>&& growSuccessCallback); 139 99 140 Expected<PageCount, GrowFailReason> growShared(PageCount); 141 142 Ref<MemoryHandle> m_handle; 100 using CagedMemory = CagedPtr<Gigacage::Primitive, void, tagCagedPtr>; 101 CagedMemory m_memory; 102 size_t m_size { 0 }; 103 PageCount m_initial; 104 PageCount m_maximum; 105 size_t m_mappedCapacity { 0 }; 106 MemoryMode m_mode { MemoryMode::BoundsChecking }; 143 107 WTF::Function<void(NotifyPressure)> m_notifyMemoryPressure; 144 108 WTF::Function<void(SyncTryToReclaim)> m_syncTryToReclaimMemory; … … 156 120 public: 157 121 static size_t maxFastMemoryCount() { return 0; } 158 static bool addressIsIn GrowableOrFastMemory(void*) { return false; }122 static bool addressIsInActiveFastMemory(void*) { return false; } 159 123 }; 160 124 -
trunk/Source/JavaScriptCore/wasm/WasmMemoryInformation.cpp
r269940 r269950 43 43 ++numberOfPinnedRegisters; 44 44 GPRReg baseMemoryPointer = GPRInfo::regCS3; 45 GPRReg boundsCheckingSizeRegister = GPRInfo::regCS4;45 GPRReg sizeRegister = GPRInfo::regCS4; 46 46 GPRReg wasmContextInstancePointer = InvalidGPRReg; 47 47 if (!Context::useFastTLS()) 48 48 wasmContextInstancePointer = GPRInfo::regCS0; 49 49 50 staticPinnedRegisterInfo.construct( boundsCheckingSizeRegister, baseMemoryPointer, wasmContextInstancePointer);50 staticPinnedRegisterInfo.construct(sizeRegister, baseMemoryPointer, wasmContextInstancePointer); 51 51 }); 52 52 … … 54 54 } 55 55 56 PinnedRegisterInfo::PinnedRegisterInfo(GPRReg boundsCheckingSizeRegister, GPRReg baseMemoryPointer, GPRReg wasmContextInstancePointer)57 : boundsCheckingSizeRegister(boundsCheckingSizeRegister)56 PinnedRegisterInfo::PinnedRegisterInfo(GPRReg sizeRegister, GPRReg baseMemoryPointer, GPRReg wasmContextInstancePointer) 57 : sizeRegister(sizeRegister) 58 58 , baseMemoryPointer(baseMemoryPointer) 59 59 , wasmContextInstancePointer(wasmContextInstancePointer) -
trunk/Source/JavaScriptCore/wasm/WasmMemoryInformation.h
r269940 r269950 40 40 41 41 struct PinnedSizeRegisterInfo { 42 GPRReg boundsCheckingSizeRegister;42 GPRReg sizeRegister; 43 43 unsigned sizeOffset; 44 44 }; … … 57 57 result.set(wasmContextInstancePointer); 58 58 if (mode != MemoryMode::Signaling) 59 result.set( boundsCheckingSizeRegister);59 result.set(sizeRegister); 60 60 return result; 61 61 } 62 62 63 GPRReg boundsCheckingSizeRegister;63 GPRReg sizeRegister; 64 64 GPRReg baseMemoryPointer; 65 65 GPRReg wasmContextInstancePointer; -
trunk/Source/JavaScriptCore/wasm/WasmMemoryMode.cpp
r269940 r269950 43 43 } 44 44 45 const char* makeString(MemorySharingMode sharingMode)46 {47 switch (sharingMode) {48 case MemorySharingMode::Default: return "Default";49 case MemorySharingMode::Shared: return "Shared";50 }51 RELEASE_ASSERT_NOT_REACHED();52 return "";53 }54 55 45 } } // namespace JSC::Wasm 56 46 -
trunk/Source/JavaScriptCore/wasm/WasmMemoryMode.h
r269940 r269950 41 41 JS_EXPORT_PRIVATE const char* makeString(MemoryMode); 42 42 43 enum class MemorySharingMode : uint8_t {44 Default,45 Shared,46 };47 48 JS_EXPORT_PRIVATE const char* makeString(MemorySharingMode);49 50 43 } } // namespace JSC::Wasm 51 44 -
trunk/Source/JavaScriptCore/wasm/js/JSToWasm.cpp
r269940 r269950 222 222 if (!!info.memory) { 223 223 GPRReg baseMemory = pinnedRegs.baseMemoryPointer; 224 GPRReg scratchOr BoundsCheckingSize = wasmCallingConvention().prologueScratchGPRs[0];224 GPRReg scratchOrSize = wasmCallingConvention().prologueScratchGPRs[0]; 225 225 226 226 if (Context::useFastTLS()) … … 230 230 if (isARM64E()) { 231 231 if (mode != Wasm::MemoryMode::Signaling) 232 scratchOr BoundsCheckingSize = pinnedRegs.boundsCheckingSizeRegister;233 jit.loadPtr(CCallHelpers::Address(currentInstanceGPR, Wasm::Instance::offsetOfCached BoundsCheckingSize()), scratchOrBoundsCheckingSize);232 scratchOrSize = pinnedRegs.sizeRegister; 233 jit.loadPtr(CCallHelpers::Address(currentInstanceGPR, Wasm::Instance::offsetOfCachedMemorySize()), scratchOrSize); 234 234 } else { 235 235 if (mode != Wasm::MemoryMode::Signaling) 236 jit.loadPtr(CCallHelpers::Address(currentInstanceGPR, Wasm::Instance::offsetOfCached BoundsCheckingSize()), pinnedRegs.boundsCheckingSizeRegister);236 jit.loadPtr(CCallHelpers::Address(currentInstanceGPR, Wasm::Instance::offsetOfCachedMemorySize()), pinnedRegs.sizeRegister); 237 237 } 238 238 239 239 jit.loadPtr(CCallHelpers::Address(currentInstanceGPR, Wasm::Instance::offsetOfCachedMemory()), baseMemory); 240 jit.cageConditionally(Gigacage::Primitive, baseMemory, scratchOr BoundsCheckingSize, scratchOrBoundsCheckingSize);240 jit.cageConditionally(Gigacage::Primitive, baseMemory, scratchOrSize, scratchOrSize); 241 241 } 242 242 -
trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.cpp
r269940 r269950 292 292 RETURN_IF_EXCEPTION(throwScope, nullptr); 293 293 294 RefPtr<Wasm::Memory> memory = Wasm::Memory::tryCreate(moduleInformation.memory.initial(), moduleInformation.memory.maximum(), Wasm::MemorySharingMode::Default,294 RefPtr<Wasm::Memory> memory = Wasm::Memory::tryCreate(moduleInformation.memory.initial(), moduleInformation.memory.maximum(), 295 295 [&vm] (Wasm::Memory::NotifyPressure) { vm.heap.collectAsync(CollectionScope::Full); }, 296 296 [&vm] (Wasm::Memory::SyncTryToReclaim) { vm.heap.collectSync(CollectionScope::Full); }, -
trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyMemory.cpp
r269940 r269950 33 33 #include "ArrayBuffer.h" 34 34 #include "JSArrayBuffer.h" 35 #include "ObjectConstructor.h"36 35 37 36 namespace JSC { … … 74 73 } 75 74 76 JSArrayBuffer* JSWebAssemblyMemory::buffer( JSGlobalObject* globalObject)75 JSArrayBuffer* JSWebAssemblyMemory::buffer(VM& vm, JSGlobalObject* globalObject) 77 76 { 78 VM& vm = globalObject->vm();79 auto throwScope = DECLARE_THROW_SCOPE(vm);77 if (m_bufferWrapper) 78 return m_bufferWrapper.get(); 80 79 81 auto* wrapper = m_bufferWrapper.get(); 82 if (wrapper) { 83 if (m_memory->sharingMode() == Wasm::MemorySharingMode::Default) 84 return wrapper; 85 86 ASSERT(m_memory->sharingMode() == Wasm::MemorySharingMode::Shared); 87 // If SharedArrayBuffer's underlying memory is not grown, we continue using cached wrapper. 88 if (wrapper->impl()->byteLength() == memory().size()) 89 return wrapper; 90 } 91 92 Ref<Wasm::MemoryHandle> protectedHandle = m_memory->handle(); 93 auto destructor = createSharedTask<void(void*)>([protectedHandle = WTFMove(protectedHandle)] (void*) { }); 80 // We can't use a ref here since it doesn't have a copy constructor... 81 Ref<Wasm::Memory> protectedMemory = m_memory.get(); 82 auto destructor = createSharedTask<void(void*)>([protectedMemory = WTFMove(protectedMemory)] (void*) { }); 94 83 m_buffer = ArrayBuffer::createFromBytes(memory().memory(), memory().size(), WTFMove(destructor)); 95 84 m_buffer->makeWasmMemory(); 96 if (m_memory->sharingMode() == Wasm::MemorySharingMode::Shared) 97 m_buffer->makeShared(); 98 auto* arrayBuffer = JSArrayBuffer::create(vm, globalObject->arrayBufferStructure(m_buffer->sharingMode()), m_buffer.get()); 99 if (m_memory->sharingMode() == Wasm::MemorySharingMode::Shared) { 100 objectConstructorFreeze(globalObject, arrayBuffer); 101 RETURN_IF_EXCEPTION(throwScope, { }); 102 } 103 m_bufferWrapper.set(vm, this, arrayBuffer); 85 m_bufferWrapper.set(vm, this, JSArrayBuffer::create(vm, globalObject->arrayBufferStructure(ArrayBufferSharingMode::Default), m_buffer.get())); 104 86 RELEASE_ASSERT(m_bufferWrapper); 105 87 return m_bufferWrapper.get(); … … 136 118 // We need to clear out the old array buffer because it might now be pointing to stale memory. 137 119 if (m_buffer) { 138 if (m_memory->sharingMode() == Wasm::MemorySharingMode::Default) 139 m_buffer->detach(vm); 120 m_buffer->detach(vm); 140 121 m_buffer = nullptr; 141 122 m_bufferWrapper.clear(); -
trunk/Source/JavaScriptCore/wasm/js/JSWebAssemblyMemory.h
r269940 r269950 28 28 #if ENABLE(WEBASSEMBLY) 29 29 30 #include "JS Object.h"30 #include "JSDestructibleObject.h" 31 31 #include "WasmMemory.h" 32 32 #include <wtf/Ref.h> … … 50 50 } 51 51 52 JS_EXPORT_PRIVATEstatic JSWebAssemblyMemory* tryCreate(JSGlobalObject*, VM&, Structure*);52 static JSWebAssemblyMemory* tryCreate(JSGlobalObject*, VM&, Structure*); 53 53 static Structure* createStructure(VM&, JSGlobalObject*, JSValue); 54 54 55 55 DECLARE_EXPORT_INFO; 56 56 57 JS_EXPORT_PRIVATEvoid adopt(Ref<Wasm::Memory>&&);57 void adopt(Ref<Wasm::Memory>&&); 58 58 Wasm::Memory& memory() { return m_memory.get(); } 59 JSArrayBuffer* buffer( JSGlobalObject*);59 JSArrayBuffer* buffer(VM& vm, JSGlobalObject*); 60 60 Wasm::PageCount grow(VM&, JSGlobalObject*, uint32_t delta); 61 JS_EXPORT_PRIVATEvoid growSuccessCallback(VM&, Wasm::PageCount oldPageCount, Wasm::PageCount newPageCount);61 void growSuccessCallback(VM&, Wasm::PageCount oldPageCount, Wasm::PageCount newPageCount); 62 62 63 63 private: -
trunk/Source/JavaScriptCore/wasm/js/WebAssemblyFunction.cpp
r269940 r269950 358 358 if (!!moduleInformation.memory) { 359 359 GPRReg baseMemory = pinnedRegs.baseMemoryPointer; 360 GPRReg scratchOr BoundsCheckingSize = stackLimitGPR;360 GPRReg scratchOrSize = stackLimitGPR; 361 361 auto mode = instance()->memoryMode(); 362 362 363 363 if (isARM64E()) { 364 364 if (mode != Wasm::MemoryMode::Signaling) 365 scratchOr BoundsCheckingSize = pinnedRegs.boundsCheckingSizeRegister;366 jit.loadPtr(CCallHelpers::Address(scratchGPR, Wasm::Instance::offsetOfCached BoundsCheckingSize()), scratchOrBoundsCheckingSize);365 scratchOrSize = pinnedRegs.sizeRegister; 366 jit.loadPtr(CCallHelpers::Address(scratchGPR, Wasm::Instance::offsetOfCachedMemorySize()), scratchOrSize); 367 367 } else { 368 368 if (mode != Wasm::MemoryMode::Signaling) 369 jit.loadPtr(CCallHelpers::Address(scratchGPR, Wasm::Instance::offsetOfCached BoundsCheckingSize()), pinnedRegs.boundsCheckingSizeRegister);369 jit.loadPtr(CCallHelpers::Address(scratchGPR, Wasm::Instance::offsetOfCachedMemorySize()), pinnedRegs.sizeRegister); 370 370 } 371 371 372 372 jit.loadPtr(CCallHelpers::Address(scratchGPR, Wasm::Instance::offsetOfCachedMemory()), baseMemory); 373 jit.cageConditionally(Gigacage::Primitive, baseMemory, scratchOr BoundsCheckingSize, scratchOrBoundsCheckingSize);373 jit.cageConditionally(Gigacage::Primitive, baseMemory, scratchOrSize, scratchOrSize); 374 374 } 375 375 -
trunk/Source/JavaScriptCore/wasm/js/WebAssemblyMemoryConstructor.cpp
r269940 r269950 57 57 VM& vm = globalObject->vm(); 58 58 auto throwScope = DECLARE_THROW_SCOPE(vm); 59 if (callFrame->argumentCount() != 1) 60 return JSValue::encode(throwException(globalObject, throwScope, createTypeError(globalObject, "WebAssembly.Memory expects exactly one argument"_s))); 59 61 60 62 JSObject* memoryDescriptor; … … 101 103 } 102 104 103 Wasm::MemorySharingMode sharingMode = Wasm::MemorySharingMode::Default;104 JSValue sharedValue = memoryDescriptor->get(globalObject, Identifier::fromString(vm, "shared"));105 RETURN_IF_EXCEPTION(throwScope, encodedJSValue());106 bool shared = sharedValue.toBoolean(globalObject);107 RETURN_IF_EXCEPTION(throwScope, encodedJSValue());108 if (shared) {109 if (!maximumPageCount)110 return throwVMTypeError(globalObject, throwScope, "'maximum' page count must be defined if 'shared' is true"_s);111 if (!Options::useSharedArrayBuffer())112 return throwVMTypeError(globalObject, throwScope, "Shared WebAssembly.Memory and SharedArrayBuffer are not enabled"_s);113 sharingMode = Wasm::MemorySharingMode::Shared;114 }115 116 105 auto* jsMemory = JSWebAssemblyMemory::tryCreate(globalObject, vm, globalObject->webAssemblyMemoryStructure()); 117 106 RETURN_IF_EXCEPTION(throwScope, encodedJSValue()); 118 107 119 RefPtr<Wasm::Memory> memory = Wasm::Memory::tryCreate(initialPageCount, maximumPageCount, sharingMode,108 RefPtr<Wasm::Memory> memory = Wasm::Memory::tryCreate(initialPageCount, maximumPageCount, 120 109 [&vm] (Wasm::Memory::NotifyPressure) { vm.heap.collectAsync(CollectionScope::Full); }, 121 110 [&vm] (Wasm::Memory::SyncTryToReclaim) { vm.heap.collectSync(CollectionScope::Full); }, -
trunk/Source/JavaScriptCore/wasm/js/WebAssemblyMemoryPrototype.cpp
r269940 r269950 94 94 JSWebAssemblyMemory* memory = getMemory(globalObject, vm, callFrame->thisValue()); 95 95 RETURN_IF_EXCEPTION(throwScope, { }); 96 RELEASE_AND_RETURN(throwScope, JSValue::encode(memory->buffer(globalObject)));96 return JSValue::encode(memory->buffer(globalObject->vm(), globalObject)); 97 97 } 98 98 -
trunk/Source/JavaScriptCore/wasm/js/WebAssemblyModuleRecord.cpp
r269940 r269950 567 567 568 568 auto forEachSegment = [&] (auto fn) { 569 auto wasmMemory = m_instance->instance().memory(); 570 uint8_t* memory = reinterpret_cast<uint8_t*>(wasmMemory->memory()); 571 uint64_t sizeInBytes = wasmMemory->size(); 569 uint8_t* memory = reinterpret_cast<uint8_t*>(m_instance->instance().cachedMemory()); 570 uint64_t sizeInBytes = m_instance->instance().cachedMemorySize(); 572 571 573 572 for (const Wasm::Segment::Ptr& segment : data) { -
trunk/Source/WTF/ChangeLog
r269930 r269950 1 2020-11-18 Commit Queue <commit-queue@webkit.org> 2 3 Unreviewed, reverting r269940. 4 https://bugs.webkit.org/show_bug.cgi?id=219076 5 6 caused seemingly-infinite build time regression 7 8 Reverted changeset: 9 10 "[JSC] Implement WebAssembly.Memory with shared" 11 https://bugs.webkit.org/show_bug.cgi?id=218693 12 https://trac.webkit.org/changeset/269940 13 1 14 2020-11-17 Ryan Haddad <ryanhaddad@apple.com> 2 15 -
trunk/Source/WTF/wtf/PlatformEnable.h
r269940 r269950 691 691 692 692 #if ENABLE(WEBASSEMBLY) && HAVE(MACHINE_CONTEXT) 693 #define ENABLE_WEBASSEMBLY_ SIGNALING_MEMORY 1693 #define ENABLE_WEBASSEMBLY_FAST_MEMORY 1 694 694 #endif 695 695 -
trunk/Source/WebCore/ChangeLog
r269948 r269950 1 2020-11-18 Commit Queue <commit-queue@webkit.org> 2 3 Unreviewed, reverting r269940. 4 https://bugs.webkit.org/show_bug.cgi?id=219076 5 6 caused seemingly-infinite build time regression 7 8 Reverted changeset: 9 10 "[JSC] Implement WebAssembly.Memory with shared" 11 https://bugs.webkit.org/show_bug.cgi?id=218693 12 https://trac.webkit.org/changeset/269940 13 1 14 2020-11-18 Carlos Garcia Campos <cgarcia@igalia.com> 2 15 -
trunk/Source/WebCore/Headers.cmake
r269940 r269950 1577 1577 workers/WorkerScriptLoaderClient.h 1578 1578 workers/WorkerThread.h 1579 workers/WorkerThreadType.h1580 1579 workers/WorkerType.h 1581 1580 -
trunk/Source/WebCore/Modules/indexeddb/server/IDBSerializationContext.cpp
r269940 r269950 80 80 m_vm = JSC::VM::create(); 81 81 m_vm->heap.acquireAccess(); 82 JSVMClientData::initNormalWorld(m_vm.get() , WorkerThreadType::Worklet);82 JSVMClientData::initNormalWorld(m_vm.get()); 83 83 84 84 JSC::JSLockHolder locker(m_vm.get()); -
trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj
r269940 r269950 5027 5027 E3A776671DC85D2800B690D8 /* DOMJITIDLConvert.h in Headers */ = {isa = PBXBuildFile; fileRef = E3A776651DC85D2200B690D8 /* DOMJITIDLConvert.h */; settings = {ATTRIBUTES = (Private, ); }; }; 5028 5028 E3A776681DC85D2800B690D8 /* DOMJITIDLType.h in Headers */ = {isa = PBXBuildFile; fileRef = E3A776661DC85D2200B690D8 /* DOMJITIDLType.h */; settings = {ATTRIBUTES = (Private, ); }; }; 5029 E3AFD7AD255F50EB00E5E30E /* WorkerThreadType.h in Headers */ = {isa = PBXBuildFile; fileRef = E3AFD7AB255F50DC00E5E30E /* WorkerThreadType.h */; settings = {ATTRIBUTES = (Private, ); }; };5030 5029 E3B2F0ED1D7F4CA300B0C9D1 /* LoadableScript.h in Headers */ = {isa = PBXBuildFile; fileRef = E3B2F0E71D7F35EC00B0C9D1 /* LoadableScript.h */; settings = {ATTRIBUTES = (Private, ); }; }; 5031 5030 E3B2F0EE1D7F4CA900B0C9D1 /* LoadableScriptClient.h in Headers */ = {isa = PBXBuildFile; fileRef = E3B2F0E81D7F35EC00B0C9D1 /* LoadableScriptClient.h */; settings = {ATTRIBUTES = (Private, ); }; }; … … 16073 16072 E3AE6CD12252F27000C70B50 /* AllDescendantsCollection.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = AllDescendantsCollection.cpp; sourceTree = "<group>"; }; 16074 16073 E3AFA9641DA6E908002861BD /* JSNodeDOMJIT.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSNodeDOMJIT.cpp; sourceTree = "<group>"; }; 16075 E3AFD7AB255F50DC00E5E30E /* WorkerThreadType.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = WorkerThreadType.h; sourceTree = "<group>"; };16076 16074 E3B2F0E31D7F35EC00B0C9D1 /* LoadableClassicScript.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = LoadableClassicScript.cpp; sourceTree = "<group>"; }; 16077 16075 E3B2F0E41D7F35EC00B0C9D1 /* LoadableClassicScript.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = LoadableClassicScript.h; sourceTree = "<group>"; }; … … 19050 19048 2E4346420F546A8200B0F1BA /* WorkerThread.cpp */, 19051 19049 2E4346430F546A8200B0F1BA /* WorkerThread.h */, 19052 E3AFD7AB255F50DC00E5E30E /* WorkerThreadType.h */,19053 19050 51F174FC1F35898800C74950 /* WorkerType.h */, 19054 19051 51F174FA1F3588D700C74950 /* WorkerType.idl */, … … 35199 35196 0B9056F90F2685F30095FF6A /* WorkerThreadableLoader.h in Headers */, 35200 35197 97AABD2D14FA09D5007457AE /* WorkerThreadableWebSocketChannel.h in Headers */, 35201 E3AFD7AD255F50EB00E5E30E /* WorkerThreadType.h in Headers */,35202 35198 A54A0C681DB807D90017A90B /* WorkerToPageFrontendChannel.h in Headers */, 35203 35199 51F174FE1F35899200C74950 /* WorkerType.h in Headers */, -
trunk/Source/WebCore/bindings/IDLTypes.h
r269940 r269950 152 152 }; 153 153 154 template<typename T> struct IDLAllowSharedAdaptor : T {155 using InnerType = T;156 };157 158 154 struct IDLObject : IDLType<JSC::Strong<JSC::JSObject>> { 159 155 using NullableType = JSC::Strong<JSC::JSObject>; … … 328 324 struct IsIDLTypedArray : public std::integral_constant<bool, WTF::IsBaseOfTemplate<IDLTypedArray, T>::value> { }; 329 325 330 template<typename T>331 struct IsIDLArrayBuffer : public std::integral_constant<bool, std::is_base_of<IDLArrayBuffer, T>::value> { };332 333 template<typename T>334 struct IsIDLArrayBufferView : public std::integral_constant<bool, std::is_base_of<IDLArrayBufferView, T>::value> { };335 336 template<typename T>337 struct IsIDLArrayBufferAllowShared : public std::integral_constant<bool, std::is_base_of<IDLAllowSharedAdaptor<IDLArrayBuffer>, T>::value> { };338 339 template<typename T>340 struct IsIDLArrayBufferViewAllowShared : public std::integral_constant<bool, std::is_base_of<IDLAllowSharedAdaptor<IDLArrayBufferView>, T>::value> { };341 342 343 326 } // namespace WebCore -
trunk/Source/WebCore/bindings/js/CommonVM.cpp
r269940 r269950 89 89 vm.setGlobalConstRedeclarationShouldThrow(globalConstRedeclarationShouldThrow()); 90 90 91 JSVMClientData::initNormalWorld(&vm , WorkerThreadType::Main);91 JSVMClientData::initNormalWorld(&vm); 92 92 93 93 return vm; -
trunk/Source/WebCore/bindings/js/JSDOMConvertBufferSource.h
r269940 r269950 110 110 namespace Detail { 111 111 112 enum class BufferSourceConverterAllowSharedMode { Allow, Disallow }; 113 template<typename BufferSourceType, BufferSourceConverterAllowSharedMode mode> 112 template<typename BufferSourceType> 114 113 struct BufferSourceConverter { 115 114 using WrapperType = typename Converter<BufferSourceType>::WrapperType; … … 121 120 auto& vm = JSC::getVM(&lexicalGlobalObject); 122 121 auto scope = DECLARE_THROW_SCOPE(vm); 123 ReturnType object { }; 124 if constexpr (mode == BufferSourceConverterAllowSharedMode::Allow) 125 object = WrapperType::toWrappedAllowShared(vm, value); 126 else 127 object = WrapperType::toWrapped(vm, value); 122 ReturnType object = WrapperType::toWrapped(vm, value); 128 123 if (UNLIKELY(!object)) 129 124 exceptionThrower(lexicalGlobalObject, scope); … … 141 136 static ReturnType convert(JSC::JSGlobalObject& lexicalGlobalObject, JSC::JSValue value, ExceptionThrower&& exceptionThrower = ExceptionThrower()) 142 137 { 143 return Detail::BufferSourceConverter<IDLArrayBuffer , Detail::BufferSourceConverterAllowSharedMode::Disallow>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower));138 return Detail::BufferSourceConverter<IDLArrayBuffer>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower)); 144 139 } 145 140 }; … … 163 158 static ReturnType convert(JSC::JSGlobalObject& lexicalGlobalObject, JSC::JSValue value, ExceptionThrower&& exceptionThrower = ExceptionThrower()) 164 159 { 165 return Detail::BufferSourceConverter<IDLDataView , Detail::BufferSourceConverterAllowSharedMode::Disallow>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower));160 return Detail::BufferSourceConverter<IDLDataView>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower)); 166 161 } 167 162 }; … … 185 180 static ReturnType convert(JSC::JSGlobalObject& lexicalGlobalObject, JSC::JSValue value, ExceptionThrower&& exceptionThrower = ExceptionThrower()) 186 181 { 187 return Detail::BufferSourceConverter<IDLInt8Array , Detail::BufferSourceConverterAllowSharedMode::Disallow>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower));182 return Detail::BufferSourceConverter<IDLInt8Array>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower)); 188 183 } 189 184 }; … … 207 202 static ReturnType convert(JSC::JSGlobalObject& lexicalGlobalObject, JSC::JSValue value, ExceptionThrower&& exceptionThrower = ExceptionThrower()) 208 203 { 209 return Detail::BufferSourceConverter<IDLInt16Array , Detail::BufferSourceConverterAllowSharedMode::Disallow>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower));204 return Detail::BufferSourceConverter<IDLInt16Array>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower)); 210 205 } 211 206 }; … … 229 224 static ReturnType convert(JSC::JSGlobalObject& lexicalGlobalObject, JSC::JSValue value, ExceptionThrower&& exceptionThrower = ExceptionThrower()) 230 225 { 231 return Detail::BufferSourceConverter<IDLInt32Array , Detail::BufferSourceConverterAllowSharedMode::Disallow>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower));226 return Detail::BufferSourceConverter<IDLInt32Array>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower)); 232 227 } 233 228 }; … … 251 246 static ReturnType convert(JSC::JSGlobalObject& lexicalGlobalObject, JSC::JSValue value, ExceptionThrower&& exceptionThrower = ExceptionThrower()) 252 247 { 253 return Detail::BufferSourceConverter<IDLUint8Array , Detail::BufferSourceConverterAllowSharedMode::Disallow>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower));248 return Detail::BufferSourceConverter<IDLUint8Array>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower)); 254 249 } 255 250 }; … … 279 274 static ReturnType convert(JSC::JSGlobalObject& lexicalGlobalObject, JSC::JSValue value, ExceptionThrower&& exceptionThrower = ExceptionThrower()) 280 275 { 281 return Detail::BufferSourceConverter<IDLUint16Array , Detail::BufferSourceConverterAllowSharedMode::Disallow>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower));276 return Detail::BufferSourceConverter<IDLUint16Array>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower)); 282 277 } 283 278 }; … … 301 296 static ReturnType convert(JSC::JSGlobalObject& lexicalGlobalObject, JSC::JSValue value, ExceptionThrower&& exceptionThrower = ExceptionThrower()) 302 297 { 303 return Detail::BufferSourceConverter<IDLUint32Array , Detail::BufferSourceConverterAllowSharedMode::Disallow>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower));298 return Detail::BufferSourceConverter<IDLUint32Array>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower)); 304 299 } 305 300 }; … … 323 318 static ReturnType convert(JSC::JSGlobalObject& lexicalGlobalObject, JSC::JSValue value, ExceptionThrower&& exceptionThrower = ExceptionThrower()) 324 319 { 325 return Detail::BufferSourceConverter<IDLUint8ClampedArray , Detail::BufferSourceConverterAllowSharedMode::Disallow>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower));320 return Detail::BufferSourceConverter<IDLUint8ClampedArray>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower)); 326 321 } 327 322 }; … … 345 340 static ReturnType convert(JSC::JSGlobalObject& lexicalGlobalObject, JSC::JSValue value, ExceptionThrower&& exceptionThrower = ExceptionThrower()) 346 341 { 347 return Detail::BufferSourceConverter<IDLFloat32Array , Detail::BufferSourceConverterAllowSharedMode::Disallow>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower));342 return Detail::BufferSourceConverter<IDLFloat32Array>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower)); 348 343 } 349 344 }; … … 367 362 static ReturnType convert(JSC::JSGlobalObject& lexicalGlobalObject, JSC::JSValue value, ExceptionThrower&& exceptionThrower = ExceptionThrower()) 368 363 { 369 return Detail::BufferSourceConverter<IDLFloat64Array , Detail::BufferSourceConverterAllowSharedMode::Disallow>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower));364 return Detail::BufferSourceConverter<IDLFloat64Array>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower)); 370 365 } 371 366 }; … … 389 384 static ReturnType convert(JSC::JSGlobalObject& lexicalGlobalObject, JSC::JSValue value, ExceptionThrower&& exceptionThrower = ExceptionThrower()) 390 385 { 391 return Detail::BufferSourceConverter<IDLArrayBufferView , Detail::BufferSourceConverterAllowSharedMode::Disallow>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower));386 return Detail::BufferSourceConverter<IDLArrayBufferView>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower)); 392 387 } 393 388 }; … … 404 399 }; 405 400 406 template<typename T>407 struct Converter<IDLAllowSharedAdaptor<T>> : DefaultConverter<T> {408 using ConverterType = Converter<T>;409 using WrapperType = typename ConverterType::WrapperType;410 using ReturnType = typename ConverterType::ReturnType;411 412 template<typename ExceptionThrower = DefaultExceptionThrower>413 static ReturnType convert(JSC::JSGlobalObject& lexicalGlobalObject, JSC::JSValue value, ExceptionThrower&& exceptionThrower = ExceptionThrower())414 {415 return Detail::BufferSourceConverter<T, Detail::BufferSourceConverterAllowSharedMode::Allow>::convert(lexicalGlobalObject, value, std::forward<ExceptionThrower>(exceptionThrower));416 }417 };418 419 401 } // namespace WebCore -
trunk/Source/WebCore/bindings/js/JSDOMConvertUnion.h
r269940 r269950 226 226 // 1. If types includes ArrayBuffer, then return the result of converting V to ArrayBuffer. 227 227 // 2. If types includes object, then return the IDL value that is a reference to the object V. 228 constexpr bool hasArrayBufferType = brigand::any<TypeList, IsIDLArrayBuffer<brigand::_1>>::value;228 constexpr bool hasArrayBufferType = brigand::any<TypeList, std::is_same<IDLArrayBuffer, brigand::_1>>::value; 229 229 if (hasArrayBufferType || hasObjectType) { 230 auto arrayBuffer = (brigand::any<TypeList, IsIDLArrayBufferAllowShared<brigand::_1>>::value) ? JSC::JSArrayBuffer::toWrappedAllowShared(vm, value) :JSC::JSArrayBuffer::toWrapped(vm, value);230 auto arrayBuffer = JSC::JSArrayBuffer::toWrapped(vm, value); 231 231 if (arrayBuffer) { 232 232 if (hasArrayBufferType) … … 236 236 } 237 237 238 constexpr bool hasArrayBufferViewType = brigand::any<TypeList, IsIDLArrayBufferView<brigand::_1>>::value;238 constexpr bool hasArrayBufferViewType = brigand::any<TypeList, std::is_same<IDLArrayBufferView, brigand::_1>>::value; 239 239 if (hasArrayBufferViewType || hasObjectType) { 240 auto arrayBufferView = (brigand::any<TypeList, IsIDLArrayBufferViewAllowShared<brigand::_1>>::value) ? JSC::JSArrayBufferView::toWrappedAllowShared(vm, value) :JSC::JSArrayBufferView::toWrapped(vm, value);240 auto arrayBufferView = JSC::JSArrayBufferView::toWrapped(vm, value); 241 241 if (arrayBufferView) { 242 242 if (hasArrayBufferViewType) … … 406 406 }; 407 407 408 // BufferSource specialization. In WebKit, BufferSource is defined as IDLUnion<IDLArrayBufferView, IDLArrayBuffer> as a hack, and it is not compatible to409 // annotation described in WebIDL.410 template<> struct Converter<IDLAllowSharedAdaptor<IDLUnion<IDLArrayBufferView, IDLArrayBuffer>>> : DefaultConverter<IDLUnion<IDLArrayBufferView, IDLArrayBuffer>> {411 static auto convert(JSC::JSGlobalObject& lexicalGlobalObject, JSC::JSValue value) -> decltype(auto)412 {413 return Converter<IDLUnion<IDLAllowSharedAdaptor<IDLArrayBufferView>, IDLAllowSharedAdaptor<IDLArrayBuffer>>>::convert(lexicalGlobalObject, value);414 }415 };416 417 408 } // namespace WebCore -
trunk/Source/WebCore/bindings/js/SerializedScriptValue.cpp
r269940 r269950 76 76 #include <JavaScriptCore/JSSetIterator.h> 77 77 #include <JavaScriptCore/JSTypedArrays.h> 78 #include <JavaScriptCore/JSWebAssemblyMemory.h>79 78 #include <JavaScriptCore/JSWebAssemblyModule.h> 80 79 #include <JavaScriptCore/ObjectConstructor.h> … … 184 183 BigIntTag = 47, 185 184 BigIntObjectTag = 48, 186 #if ENABLE(WEBASSEMBLY)187 WasmMemoryTag = 49,188 #endif189 185 ErrorTag = 255 190 186 }; … … 362 358 * | ArrayBuffer 363 359 * | ArrayBufferViewTag ArrayBufferViewSubtag <byteOffset:uint32_t> <byteLength:uint32_t> (ArrayBuffer | ObjectReference) 360 * | ArrayBufferTransferTag <value:uint32_t> 364 361 * | CryptoKeyTag <wrappedKeyLength:uint32_t> <factor:byte{wrappedKeyLength}> 365 362 * | DOMPoint … … 371 368 * | ImageBitmapTag <originClean:uint8_t> <logicalWidth:int32_t> <logicalHeight:int32_t> <resolutionScale:double> <byteLength:uint32_t>(<imageByteData:uint8_t>) 372 369 * | OffscreenCanvasTransferTag <value:uint32_t> 373 * | WasmMemoryTag <value:uint32_t>374 370 * 375 371 * Inside certificate, data is serialized in this format as per spec: … … 424 420 * ArrayBuffer :- 425 421 * ArrayBufferTag <length:uint32_t> <contents:byte{length}> 426 * ArrayBufferTransferTag <value:uint32_t>427 * SharedArrayBufferTag <value:uint32_t>428 422 * 429 423 * CryptoKeyHMAC :- … … 583 577 #if ENABLE(WEBASSEMBLY) 584 578 WasmModuleArray& wasmModules, 585 WasmMemoryHandleArray& wasmMemoryHandles,586 579 #endif 587 580 Vector<String>& blobURLs, Vector<uint8_t>& out, SerializationContext context, ArrayBufferContentsArray& sharedBuffers) … … 593 586 #if ENABLE(WEBASSEMBLY) 594 587 wasmModules, 595 wasmMemoryHandles,596 588 #endif 597 589 blobURLs, out, context, sharedBuffers); … … 624 616 #if ENABLE(WEBASSEMBLY) 625 617 WasmModuleArray& wasmModules, 626 WasmMemoryHandleArray& wasmMemoryHandles,627 618 #endif 628 619 Vector<String>& blobURLs, Vector<uint8_t>& out, SerializationContext context, ArrayBufferContentsArray& sharedBuffers) … … 635 626 #if ENABLE(WEBASSEMBLY) 636 627 , m_wasmModules(wasmModules) 637 , m_wasmMemoryHandles(wasmMemoryHandles)638 628 #endif 639 629 { … … 1241 1231 #if ENABLE(WEBASSEMBLY) 1242 1232 WasmModuleArray dummyModules; 1243 WasmMemoryHandleArray dummyMemoryHandles;1244 1233 #endif 1245 1234 ArrayBufferContentsArray dummySharedBuffers; … … 1250 1239 #if ENABLE(WEBASSEMBLY) 1251 1240 dummyModules, 1252 dummyMemoryHandles,1253 1241 #endif 1254 1242 dummyBlobURLs, serializedKey, SerializationContext::Default, dummySharedBuffers); … … 1284 1272 m_wasmModules.append(makeRef(module->module())); 1285 1273 write(WasmModuleTag); 1286 write(index);1287 return true;1288 }1289 if (JSWebAssemblyMemory* memory = jsDynamicCast<JSWebAssemblyMemory*>(vm, obj)) {1290 if (memory->memory().sharingMode() != JSC::Wasm::MemorySharingMode::Shared) {1291 code = SerializationReturnCode::DataCloneError;1292 return true;1293 }1294 if (m_context != SerializationContext::WorkerPostMessage) {1295 code = SerializationReturnCode::DataCloneError;1296 return true;1297 }1298 uint32_t index = m_wasmMemoryHandles.size();1299 m_wasmMemoryHandles.append(makeRef(memory->memory().handle()));1300 write(WasmMemoryTag);1301 1274 write(index); 1302 1275 return true; … … 1686 1659 #if ENABLE(WEBASSEMBLY) 1687 1660 WasmModuleArray& m_wasmModules; 1688 WasmMemoryHandleArray& m_wasmMemoryHandles;1689 1661 #endif 1690 1662 }; … … 1966 1938 #if ENABLE(WEBASSEMBLY) 1967 1939 , WasmModuleArray* wasmModules 1968 , WasmMemoryHandleArray* wasmMemoryHandles1969 1940 #endif 1970 1941 ) … … 1978 1949 #if ENABLE(WEBASSEMBLY) 1979 1950 , wasmModules 1980 , wasmMemoryHandles1981 1951 #endif 1982 1952 ); … … 2032 2002 #if ENABLE(WEBASSEMBLY) 2033 2003 , WasmModuleArray* wasmModules = nullptr 2034 , WasmMemoryHandleArray* wasmMemoryHandles = nullptr2035 2004 #endif 2036 2005 ) … … 2053 2022 #if ENABLE(WEBASSEMBLY) 2054 2023 , m_wasmModules(wasmModules) 2055 , m_wasmMemoryHandles(wasmMemoryHandles)2056 2024 #endif 2057 2025 { … … 2066 2034 #if ENABLE(WEBASSEMBLY) 2067 2035 , WasmModuleArray* wasmModules 2068 , WasmMemoryHandleArray* wasmMemoryHandles2069 2036 #endif 2070 2037 ) … … 2090 2057 #if ENABLE(WEBASSEMBLY) 2091 2058 , m_wasmModules(wasmModules) 2092 , m_wasmMemoryHandles(wasmMemoryHandles)2093 2059 #endif 2094 2060 { … … 3334 3300 return result; 3335 3301 } 3336 case WasmMemoryTag: {3337 uint32_t index;3338 bool indexSuccessfullyRead = read(index);3339 if (!indexSuccessfullyRead || !m_wasmMemoryHandles || index >= m_wasmMemoryHandles->size()) {3340 fail();3341 return JSValue();3342 }3343 RefPtr<Wasm::MemoryHandle> handle = m_wasmMemoryHandles->at(index);3344 if (!handle) {3345 fail();3346 return JSValue();3347 }3348 auto& vm = m_lexicalGlobalObject->vm();3349 auto scope = DECLARE_THROW_SCOPE(vm);3350 JSWebAssemblyMemory* result = JSC::JSWebAssemblyMemory::tryCreate(m_lexicalGlobalObject, vm, m_globalObject->webAssemblyMemoryStructure());3351 // Since we are cloning a JSWebAssemblyMemory, it's impossible for that3352 // module to not have been a valid module. Therefore, createStub should3353 // not trow.3354 scope.releaseAssertNoException();3355 Ref<Wasm::Memory> memory = Wasm::Memory::create(handle.releaseNonNull(),3356 [&vm] (Wasm::Memory::NotifyPressure) { vm.heap.collectAsync(CollectionScope::Full); },3357 [&vm] (Wasm::Memory::SyncTryToReclaim) { vm.heap.collectSync(CollectionScope::Full); },3358 [&vm, result] (Wasm::Memory::GrowSuccess, Wasm::PageCount oldPageCount, Wasm::PageCount newPageCount) { result->growSuccessCallback(vm, oldPageCount, newPageCount); });3359 result->adopt(WTFMove(memory));3360 m_gcBuffer.appendWithCrashOnOverflow(result);3361 return result;3362 }3363 3302 #endif 3364 3303 case ArrayBufferTag: { … … 3501 3440 #if ENABLE(WEBASSEMBLY) 3502 3441 WasmModuleArray* m_wasmModules; 3503 WasmMemoryHandleArray* m_wasmMemoryHandles;3504 3442 #endif 3505 3443 … … 3724 3662 #if ENABLE(WEBASSEMBLY) 3725 3663 , std::unique_ptr<WasmModuleArray> wasmModulesArray 3726 , std::unique_ptr<WasmMemoryHandleArray> wasmMemoryHandlesArray3727 3664 #endif 3728 3665 ) … … 3736 3673 #if ENABLE(WEBASSEMBLY) 3737 3674 , m_wasmModulesArray(WTFMove(wasmModulesArray)) 3738 , m_wasmMemoryHandlesArray(WTFMove(wasmMemoryHandlesArray))3739 3675 #endif 3740 3676 { … … 3775 3711 #if ENABLE(WEBASSEMBLY) 3776 3712 // We are not supporting WebAssembly Module memory estimation yet. 3777 if (m_wasmMemoryHandlesArray) {3778 for (auto& content : *m_wasmMemoryHandlesArray)3779 cost += content->size();3780 }3781 3713 #endif 3782 3714 … … 3869 3801 #if ENABLE(WEBASSEMBLY) 3870 3802 WasmModuleArray dummyModules; 3871 WasmMemoryHandleArray dummyMemoryHandles;3872 3803 #endif 3873 3804 ArrayBufferContentsArray dummySharedBuffers; … … 3878 3809 #if ENABLE(WEBASSEMBLY) 3879 3810 dummyModules, 3880 dummyMemoryHandles,3881 3811 #endif 3882 3812 blobURLs, buffer, SerializationContext::Default, dummySharedBuffers); … … 3884 3814 #if ENABLE(WEBASSEMBLY) 3885 3815 ASSERT_WITH_MESSAGE(dummyModules.isEmpty(), "Wasm::Module serialization is only allowed in the postMessage context"); 3886 ASSERT_WITH_MESSAGE(dummyMemoryHandles.isEmpty(), "Wasm::Memory serialization is only allowed in the postMessage context");3887 3816 #endif 3888 3817 … … 3931 3860 for (auto& transferable : transferList) { 3932 3861 if (auto arrayBuffer = toPossiblySharedArrayBuffer(vm, transferable.get())) { 3933 if (arrayBuffer->isDetached() || arrayBuffer->isShared())3862 if (arrayBuffer->isDetached()) 3934 3863 return Exception { DataCloneError }; 3935 3864 if (arrayBuffer->isLocked()) { … … 3976 3905 #if ENABLE(WEBASSEMBLY) 3977 3906 WasmModuleArray wasmModules; 3978 WasmMemoryHandleArray wasmMemoryHandles;3979 3907 #endif 3980 3908 std::unique_ptr<ArrayBufferContentsArray> sharedBuffers = makeUnique<ArrayBufferContentsArray>(); … … 3984 3912 #endif 3985 3913 #if ENABLE(WEBASSEMBLY) 3986 wasmModules, 3987 wasmMemoryHandles, 3914 wasmModules, 3988 3915 #endif 3989 3916 blobURLs, buffer, context, *sharedBuffers); … … 4010 3937 #if ENABLE(WEBASSEMBLY) 4011 3938 , makeUnique<WasmModuleArray>(wasmModules) 4012 , context == SerializationContext::WorkerPostMessage ? makeUnique<WasmMemoryHandleArray>(wasmMemoryHandles) : nullptr4013 3939 #endif 4014 3940 )); … … 4068 3994 #if ENABLE(WEBASSEMBLY) 4069 3995 , m_wasmModulesArray.get() 4070 , m_wasmMemoryHandlesArray.get()4071 3996 #endif 4072 3997 ); -
trunk/Source/WebCore/bindings/js/SerializedScriptValue.h
r269940 r269950 42 42 namespace JSC { namespace Wasm { 43 43 class Module; 44 class MemoryHandle;45 44 } } 46 45 #endif … … 63 62 #if ENABLE(WEBASSEMBLY) 64 63 using WasmModuleArray = Vector<RefPtr<JSC::Wasm::Module>>; 65 using WasmMemoryHandleArray = Vector<RefPtr<JSC::Wasm::MemoryHandle>>;66 64 #endif 67 65 … … 125 123 #if ENABLE(WEBASSEMBLY) 126 124 , std::unique_ptr<WasmModuleArray> = nullptr 127 , std::unique_ptr<WasmMemoryHandleArray> = nullptr128 125 #endif 129 126 ); … … 140 137 #if ENABLE(WEBASSEMBLY) 141 138 std::unique_ptr<WasmModuleArray> m_wasmModulesArray; 142 std::unique_ptr<WasmMemoryHandleArray> m_wasmMemoryHandlesArray;143 139 #endif 144 140 Vector<String> m_blobURLs; -
trunk/Source/WebCore/bindings/js/WebCoreJSClientData.cpp
r269940 r269950 137 137 } 138 138 139 void JSVMClientData::initNormalWorld(VM* vm , WorkerThreadType type)139 void JSVMClientData::initNormalWorld(VM* vm) 140 140 { 141 141 JSVMClientData* clientData = new JSVMClientData(*vm); … … 145 145 146 146 clientData->m_normalWorld = DOMWrapperWorld::create(*vm, DOMWrapperWorld::Type::Normal); 147 vm->m_typedArrayController = adoptRef(new WebCoreTypedArrayController( type == WorkerThreadType::DedicatedWorker || type == WorkerThreadType::Worklet));147 vm->m_typedArrayController = adoptRef(new WebCoreTypedArrayController()); 148 148 } 149 149 -
trunk/Source/WebCore/bindings/js/WebCoreJSClientData.h
r269940 r269950 25 25 #include "WebCoreBuiltinNames.h" 26 26 #include "WebCoreJSBuiltins.h" 27 #include "WorkerThreadType.h"28 27 #include <wtf/HashSet.h> 29 28 #include <wtf/RefPtr.h> … … 42 41 virtual ~JSVMClientData(); 43 42 44 WEBCORE_EXPORT static void initNormalWorld(JSC::VM* , WorkerThreadType);43 WEBCORE_EXPORT static void initNormalWorld(JSC::VM*); 45 44 46 45 DOMWrapperWorld& normalWorld() { return *m_normalWorld; } -
trunk/Source/WebCore/bindings/js/WebCoreTypedArrayController.cpp
r269940 r269950 35 35 namespace WebCore { 36 36 37 WebCoreTypedArrayController::WebCoreTypedArrayController(bool allowAtomicsWait) 38 : m_allowAtomicsWait(allowAtomicsWait) 39 { 40 } 37 WebCoreTypedArrayController::WebCoreTypedArrayController() = default; 41 38 42 39 WebCoreTypedArrayController::~WebCoreTypedArrayController() = default; … … 54 51 bool WebCoreTypedArrayController::isAtomicsWaitAllowedOnCurrentThread() 55 52 { 56 return m_allowAtomicsWait;53 return !isMainThread(); 57 54 } 58 55 -
trunk/Source/WebCore/bindings/js/WebCoreTypedArrayController.h
r269940 r269950 37 37 class WebCoreTypedArrayController : public JSC::TypedArrayController { 38 38 public: 39 WebCoreTypedArrayController( bool allowAtomicsWait);39 WebCoreTypedArrayController(); 40 40 virtual ~WebCoreTypedArrayController(); 41 41 … … 54 54 55 55 JSArrayBufferOwner m_owner; 56 bool m_allowAtomicsWait;57 56 }; 58 57 -
trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm
r269940 r269950 7000 7000 return 1 if $type->extendedAttributes->{AtomString}; 7001 7001 return 1 if $type->extendedAttributes->{RequiresExistingAtomString}; 7002 return 1 if $type->extendedAttributes->{AllowShared};7003 7002 } 7004 7003 … … 7012 7011 return "IDLAtomStringAdaptor" if $type->extendedAttributes->{AtomString}; 7013 7012 return "IDLRequiresExistingAtomStringAdaptor" if $type->extendedAttributes->{RequiresExistingAtomString}; 7014 return "IDLAllowSharedAdaptor" if $type->extendedAttributes->{AllowShared};7015 7013 } 7016 7014 -
trunk/Source/WebCore/bindings/scripts/IDLAttributes.json
r269940 r269950 25 25 "standard": { 26 26 "url": "https://heycam.github.io/webidl/#AllowShared" 27 } 27 }, 28 "unsupported": true 28 29 }, 29 30 "AppleCopyright": { -
trunk/Source/WebCore/bindings/scripts/test/JS/JSTestObj.cpp
r269940 r269950 1603 1603 static JSC_DECLARE_HOST_FUNCTION(jsTestObjPrototypeFunction_double_leading_underscore_function); 1604 1604 static JSC_DECLARE_HOST_FUNCTION(jsTestObjPrototypeFunction_trailing_underscore_function_); 1605 static JSC_DECLARE_HOST_FUNCTION(jsTestObjPrototypeFunction_encodeInto);1606 1605 static JSC_DECLARE_HOST_FUNCTION(jsTestObjPrototypeFunction_toString); 1607 1606 … … 2335 2334 { "_double_leading_underscore_function", static_cast<unsigned>(JSC::PropertyAttribute::Function), NoIntrinsic, { (intptr_t)static_cast<RawNativeFunction>(jsTestObjPrototypeFunction_double_leading_underscore_function), (intptr_t) (0) } }, 2336 2335 { "trailing_underscore_function_", static_cast<unsigned>(JSC::PropertyAttribute::Function), NoIntrinsic, { (intptr_t)static_cast<RawNativeFunction>(jsTestObjPrototypeFunction_trailing_underscore_function_), (intptr_t) (0) } }, 2337 { "encodeInto", static_cast<unsigned>(JSC::PropertyAttribute::Function), NoIntrinsic, { (intptr_t)static_cast<RawNativeFunction>(jsTestObjPrototypeFunction_encodeInto), (intptr_t) (1) } },2338 2336 { "toString", static_cast<unsigned>(JSC::PropertyAttribute::Function), NoIntrinsic, { (intptr_t)static_cast<RawNativeFunction>(jsTestObjPrototypeFunction_toString), (intptr_t) (0) } }, 2339 2337 #if ENABLE(Condition1) … … 9500 9498 } 9501 9499 9502 static inline JSC::EncodedJSValue jsTestObjPrototypeFunction_encodeIntoBody(JSC::JSGlobalObject* lexicalGlobalObject, JSC::CallFrame* callFrame, typename IDLOperation<JSTestObj>::ClassParameter castedThis)9503 {9504 auto& vm = JSC::getVM(lexicalGlobalObject);9505 auto throwScope = DECLARE_THROW_SCOPE(vm);9506 UNUSED_PARAM(throwScope);9507 UNUSED_PARAM(callFrame);9508 auto& impl = castedThis->wrapped();9509 if (UNLIKELY(callFrame->argumentCount() < 1))9510 return throwVMError(lexicalGlobalObject, throwScope, createNotEnoughArgumentsError(lexicalGlobalObject));9511 EnsureStillAliveScope argument0 = callFrame->uncheckedArgument(0);9512 auto destination = convert<IDLAllowSharedAdaptor<IDLUint8Array>>(*lexicalGlobalObject, argument0.value(), [](JSC::JSGlobalObject& lexicalGlobalObject, JSC::ThrowScope& scope) { throwArgumentTypeError(lexicalGlobalObject, scope, 0, "destination", "TestObject", "encodeInto", "Uint8Array"); });9513 RETURN_IF_EXCEPTION(throwScope, encodedJSValue());9514 RELEASE_AND_RETURN(throwScope, JSValue::encode(toJS<IDLBoolean>(impl.encodeInto(destination.releaseNonNull()))));9515 }9516 9517 JSC_DEFINE_HOST_FUNCTION(jsTestObjPrototypeFunction_encodeInto, (JSGlobalObject* lexicalGlobalObject, CallFrame* callFrame))9518 {9519 return IDLOperation<JSTestObj>::call<jsTestObjPrototypeFunction_encodeIntoBody>(*lexicalGlobalObject, *callFrame, "encodeInto");9520 }9521 9522 9500 static inline JSC::EncodedJSValue jsTestObjPrototypeFunction_toStringBody(JSC::JSGlobalObject* lexicalGlobalObject, JSC::CallFrame* callFrame, typename IDLOperation<JSTestObj>::ClassParameter castedThis) 9523 9501 { -
trunk/Source/WebCore/bindings/scripts/test/TestObj.idl
r269940 r269950 468 468 undefined __double_leading_underscore_function(); // NOTE: WebIDL removes the leading underscore so this is interpreted as "_double_leading_underscore_function" 469 469 undefined trailing_underscore_function_(); 470 471 boolean encodeInto([AllowShared] Uint8Array destination);472 470 }; 473 471 -
trunk/Source/WebCore/dom/TextDecoder.idl
r269940 r269950 42 42 readonly attribute boolean fatal; 43 43 readonly attribute boolean ignoreBOM; 44 [MayThrowException] USVString decode(optional [AllowShared]BufferSource? input, optional TextDecodeOptions options);44 [MayThrowException] USVString decode(optional BufferSource? input, optional TextDecodeOptions options); 45 45 }; -
trunk/Source/WebCore/dom/TextDecoderStreamDecoder.idl
r269940 r269950 33 33 34 34 [PrivateIdentifier] DOMString encoding(); 35 [PrivateIdentifier, MayThrowException] DOMString decode( [AllowShared]BufferSource source);35 [PrivateIdentifier, MayThrowException] DOMString decode(BufferSource source); 36 36 [PrivateIdentifier, MayThrowException] DOMString flush(); 37 37 }; -
trunk/Source/WebCore/dom/TextEncoder.idl
r269940 r269950 40 40 41 41 [NewObject] Uint8Array encode(optional USVString input = ""); 42 TextEncoderEncodeIntoResult encodeInto(USVString source, [AllowShared]Uint8Array destination);42 TextEncoderEncodeIntoResult encodeInto(USVString source, Uint8Array destination); 43 43 }; -
trunk/Source/WebCore/workers/DedicatedWorkerGlobalScope.cpp
r269940 r269950 58 58 59 59 DedicatedWorkerGlobalScope::DedicatedWorkerGlobalScope(const WorkerParameters& params, Ref<SecurityOrigin>&& origin, DedicatedWorkerThread& thread, Ref<SecurityOrigin>&& topOrigin, IDBClient::IDBConnectionProxy* connectionProxy, SocketProvider* socketProvider) 60 : WorkerGlobalScope( WorkerThreadType::DedicatedWorker,params, WTFMove(origin), thread, WTFMove(topOrigin), connectionProxy, socketProvider)60 : WorkerGlobalScope(params, WTFMove(origin), thread, WTFMove(topOrigin), connectionProxy, socketProvider) 61 61 , m_name(params.name) 62 62 { -
trunk/Source/WebCore/workers/WorkerGlobalScope.cpp
r269940 r269950 60 60 WTF_MAKE_ISO_ALLOCATED_IMPL(WorkerGlobalScope); 61 61 62 WorkerGlobalScope::WorkerGlobalScope( WorkerThreadType type,const WorkerParameters& params, Ref<SecurityOrigin>&& origin, WorkerThread& thread, Ref<SecurityOrigin>&& topOrigin, IDBClient::IDBConnectionProxy* connectionProxy, SocketProvider* socketProvider)63 : WorkerOrWorkletGlobalScope( type,JSC::VM::create(), &thread)62 WorkerGlobalScope::WorkerGlobalScope(const WorkerParameters& params, Ref<SecurityOrigin>&& origin, WorkerThread& thread, Ref<SecurityOrigin>&& topOrigin, IDBClient::IDBConnectionProxy* connectionProxy, SocketProvider* socketProvider) 63 : WorkerOrWorkletGlobalScope(JSC::VM::create(), &thread) 64 64 , m_url(params.scriptURL) 65 65 , m_identifier(params.identifier) -
trunk/Source/WebCore/workers/WorkerGlobalScope.h
r269940 r269950 127 127 128 128 protected: 129 WorkerGlobalScope( WorkerThreadType,const WorkerParameters&, Ref<SecurityOrigin>&&, WorkerThread&, Ref<SecurityOrigin>&& topOrigin, IDBClient::IDBConnectionProxy*, SocketProvider*);129 WorkerGlobalScope(const WorkerParameters&, Ref<SecurityOrigin>&&, WorkerThread&, Ref<SecurityOrigin>&& topOrigin, IDBClient::IDBConnectionProxy*, SocketProvider*); 130 130 131 131 void applyContentSecurityPolicyResponseHeaders(const ContentSecurityPolicyResponseHeaders&); -
trunk/Source/WebCore/workers/WorkerOrWorkletGlobalScope.cpp
r269940 r269950 38 38 WTF_MAKE_ISO_ALLOCATED_IMPL(WorkerOrWorkletGlobalScope); 39 39 40 WorkerOrWorkletGlobalScope::WorkerOrWorkletGlobalScope( WorkerThreadType type,Ref<JSC::VM>&& vm, WorkerOrWorkletThread* thread)41 : m_script(makeUnique<WorkerOrWorkletScriptController>( type,WTFMove(vm), this))40 WorkerOrWorkletGlobalScope::WorkerOrWorkletGlobalScope(Ref<JSC::VM>&& vm, WorkerOrWorkletThread* thread) 41 : m_script(makeUnique<WorkerOrWorkletScriptController>(WTFMove(vm), this)) 42 42 , m_thread(thread) 43 43 , m_inspectorController(makeUnique<WorkerInspectorController>(*this)) -
trunk/Source/WebCore/workers/WorkerOrWorkletGlobalScope.h
r269940 r269950 28 28 #include "EventTarget.h" 29 29 #include "ScriptExecutionContext.h" 30 #include "WorkerThreadType.h"31 30 32 31 namespace WebCore { … … 69 68 70 69 protected: 71 WorkerOrWorkletGlobalScope( WorkerThreadType,Ref<JSC::VM>&&, WorkerOrWorkletThread*);70 WorkerOrWorkletGlobalScope(Ref<JSC::VM>&&, WorkerOrWorkletThread*); 72 71 73 72 // ScriptExecutionContext. -
trunk/Source/WebCore/workers/WorkerOrWorkletScriptController.cpp
r269940 r269950 51 51 using namespace JSC; 52 52 53 WorkerOrWorkletScriptController::WorkerOrWorkletScriptController( WorkerThreadType type,Ref<VM>&& vm, WorkerOrWorkletGlobalScope* globalScope)53 WorkerOrWorkletScriptController::WorkerOrWorkletScriptController(Ref<VM>&& vm, WorkerOrWorkletGlobalScope* globalScope) 54 54 : m_vm(WTFMove(vm)) 55 55 , m_globalScope(globalScope) … … 57 57 { 58 58 m_vm->heap.acquireAccess(); // It's not clear that we have good discipline for heap access, so turn it on permanently. 59 JSVMClientData::initNormalWorld(m_vm.get() , type);60 } 61 62 WorkerOrWorkletScriptController::WorkerOrWorkletScriptController(Worker ThreadType type, WorkerOrWorkletGlobalScope* globalScope)63 : WorkerOrWorkletScriptController( type,JSC::VM::create(), globalScope)59 JSVMClientData::initNormalWorld(m_vm.get()); 60 } 61 62 WorkerOrWorkletScriptController::WorkerOrWorkletScriptController(WorkerOrWorkletGlobalScope* globalScope) 63 : WorkerOrWorkletScriptController(JSC::VM::create(), globalScope) 64 64 { 65 65 } -
trunk/Source/WebCore/workers/WorkerOrWorkletScriptController.h
r269940 r269950 27 27 #pragma once 28 28 29 #include "WorkerThreadType.h"30 29 #include <JavaScriptCore/Debugger.h> 31 30 #include <JavaScriptCore/JSRunLoopTimer.h> … … 53 52 WTF_MAKE_FAST_ALLOCATED; 54 53 public: 55 WorkerOrWorkletScriptController( WorkerThreadType,Ref<JSC::VM>&&, WorkerOrWorkletGlobalScope*);56 explicit WorkerOrWorkletScriptController(Worker ThreadType, WorkerOrWorkletGlobalScope*);54 WorkerOrWorkletScriptController(Ref<JSC::VM>&&, WorkerOrWorkletGlobalScope*); 55 explicit WorkerOrWorkletScriptController(WorkerOrWorkletGlobalScope*); 57 56 ~WorkerOrWorkletScriptController(); 58 57 -
trunk/Source/WebCore/workers/service/ServiceWorkerGlobalScope.cpp
r269940 r269950 53 53 54 54 ServiceWorkerGlobalScope::ServiceWorkerGlobalScope(const ServiceWorkerContextData& data, const WorkerParameters& params, Ref<SecurityOrigin>&& origin, ServiceWorkerThread& thread, Ref<SecurityOrigin>&& topOrigin, IDBClient::IDBConnectionProxy* connectionProxy, SocketProvider* socketProvider) 55 : WorkerGlobalScope( WorkerThreadType::ServiceWorker,params, WTFMove(origin), thread, WTFMove(topOrigin), connectionProxy, socketProvider)55 : WorkerGlobalScope(params, WTFMove(origin), thread, WTFMove(topOrigin), connectionProxy, socketProvider) 56 56 , m_contextData(crossThreadCopy(data)) 57 57 , m_registration(ServiceWorkerRegistration::getOrCreate(*this, navigator().serviceWorker(), WTFMove(m_contextData.registration))) -
trunk/Source/WebCore/worklets/WorkletGlobalScope.cpp
r269940 r269950 51 51 52 52 WorkletGlobalScope::WorkletGlobalScope(WorkerOrWorkletThread& thread, const WorkletParameters& parameters) 53 : WorkerOrWorkletGlobalScope( WorkerThreadType::Worklet,JSC::VM::create(), &thread)53 : WorkerOrWorkletGlobalScope(JSC::VM::create(), &thread) 54 54 , m_topOrigin(SecurityOrigin::createUnique()) 55 55 , m_url(parameters.windowURL) … … 63 63 64 64 WorkletGlobalScope::WorkletGlobalScope(Document& document, Ref<JSC::VM>&& vm, ScriptSourceCode&& code) 65 : WorkerOrWorkletGlobalScope(W orkerThreadType::Worklet, WTFMove(vm), nullptr)65 : WorkerOrWorkletGlobalScope(WTFMove(vm), nullptr) 66 66 , m_document(makeWeakPtr(document)) 67 67 , m_topOrigin(SecurityOrigin::createUnique())
Note: See TracChangeset
for help on using the changeset viewer.