Title: [220404] trunk/Source
Revision
220404
Author
ryanhad...@apple.com
Date
2017-08-08 09:00:06 -0700 (Tue, 08 Aug 2017)

Log Message

Unreviewed, rolling out r220368.

This change caused WK1 tests to exit early with crashes.

Reverted changeset:

"Baseline JIT should do caging"
https://bugs.webkit.org/show_bug.cgi?id=175037
http://trac.webkit.org/changeset/220368

Modified Paths

Diff

Modified: trunk/Source/_javascript_Core/ChangeLog (220403 => 220404)


--- trunk/Source/_javascript_Core/ChangeLog	2017-08-08 15:03:48 UTC (rev 220403)
+++ trunk/Source/_javascript_Core/ChangeLog	2017-08-08 16:00:06 UTC (rev 220404)
@@ -1,3 +1,15 @@
+2017-08-08  Ryan Haddad  <ryanhad...@apple.com>
+
+        Unreviewed, rolling out r220368.
+
+        This change caused WK1 tests to exit early with crashes.
+
+        Reverted changeset:
+
+        "Baseline JIT should do caging"
+        https://bugs.webkit.org/show_bug.cgi?id=175037
+        http://trac.webkit.org/changeset/220368
+
 2017-08-08  Michael Catanzaro  <mcatanz...@igalia.com>
 
         [CMake] Properly test if compiler supports compiler flags

Modified: trunk/Source/_javascript_Core/bytecode/AccessCase.cpp (220403 => 220404)


--- trunk/Source/_javascript_Core/bytecode/AccessCase.cpp	2017-08-08 15:03:48 UTC (rev 220403)
+++ trunk/Source/_javascript_Core/bytecode/AccessCase.cpp	2017-08-08 16:00:06 UTC (rev 220404)
@@ -527,8 +527,6 @@
                 jit.loadPtr(
                     CCallHelpers::Address(baseForAccessGPR, JSObject::butterflyOffset()),
                     loadedValueGPR);
-                // FIXME: Do caging!
-                // https://bugs.webkit.org/show_bug.cgi?id=175295
                 storageGPR = loadedValueGPR;
             }
 
@@ -879,8 +877,6 @@
                     // already had out-of-line property storage).
 
                     jit.loadPtr(CCallHelpers::Address(baseGPR, JSObject::butterflyOffset()), scratchGPR3);
-                    // FIXME: Do caging!
-                    // https://bugs.webkit.org/show_bug.cgi?id=175295
 
                     // We have scratchGPR = new storage, scratchGPR3 = old storage,
                     // scratchGPR2 = available
@@ -959,11 +955,8 @@
                     JSObject::offsetOfInlineStorage() +
                     offsetInInlineStorage(m_offset) * sizeof(JSValue)));
         } else {
-            if (!allocating) {
+            if (!allocating)
                 jit.loadPtr(CCallHelpers::Address(baseGPR, JSObject::butterflyOffset()), scratchGPR);
-                // FIXME: Do caging!
-                // https://bugs.webkit.org/show_bug.cgi?id=175295
-            }
             jit.storeValue(
                 valueRegs,
                 CCallHelpers::Address(scratchGPR, offsetInButterfly(m_offset) * sizeof(JSValue)));
@@ -999,8 +992,6 @@
         
     case ArrayLength: {
         jit.loadPtr(CCallHelpers::Address(baseGPR, JSObject::butterflyOffset()), scratchGPR);
-        // FIXME: Do caging!
-        // https://bugs.webkit.org/show_bug.cgi?id=175295
         jit.load32(CCallHelpers::Address(scratchGPR, ArrayStorage::lengthOffset()), scratchGPR);
         state.failAndIgnore.append(
             jit.branch32(CCallHelpers::LessThan, scratchGPR, CCallHelpers::TrustedImm32(0)));

Modified: trunk/Source/_javascript_Core/bytecode/InlineAccess.cpp (220403 => 220404)


--- trunk/Source/_javascript_Core/bytecode/InlineAccess.cpp	2017-08-08 15:03:48 UTC (rev 220403)
+++ trunk/Source/_javascript_Core/bytecode/InlineAccess.cpp	2017-08-08 16:00:06 UTC (rev 220404)
@@ -57,8 +57,6 @@
         jit.patchableBranch32(
             CCallHelpers::NotEqual, value, CCallHelpers::TrustedImm32(IsArray | ContiguousShape));
         jit.loadPtr(CCallHelpers::Address(base, JSObject::butterflyOffset()), value);
-        // FIXME: Do caging!
-        // https://bugs.webkit.org/show_bug.cgi?id=175295
         jit.load32(CCallHelpers::Address(value, ArrayStorage::lengthOffset()), value);
         jit.boxInt32(scratchGPR, regs);
 
@@ -75,8 +73,6 @@
         jit.loadPtr(
             CCallHelpers::Address(base, JSObject::butterflyOffset()),
             value);
-        // FIXME: Do caging!
-        // https://bugs.webkit.org/show_bug.cgi?id=175295
         GPRReg storageGPR = value;
         jit.loadValue(
             CCallHelpers::Address(storageGPR, 0x000ab21ca), regs);
@@ -120,8 +116,6 @@
             MacroAssembler::TrustedImm32(0x000ab21ca));
 
         jit.loadPtr(MacroAssembler::Address(base, JSObject::butterflyOffset()), value);
-        // FIXME: Do caging!
-        // https://bugs.webkit.org/show_bug.cgi?id=175295
         jit.storeValue(
             regs,
             MacroAssembler::Address(base, 120342));
@@ -176,8 +170,6 @@
         storage = base;
     else {
         jit.loadPtr(CCallHelpers::Address(base, JSObject::butterflyOffset()), value.payloadGPR());
-        // FIXME: Do caging!
-        // https://bugs.webkit.org/show_bug.cgi?id=175295
         storage = value.payloadGPR();
     }
     
@@ -239,8 +231,6 @@
         storage = getScratchRegister(stubInfo);
         ASSERT(storage != InvalidGPRReg);
         jit.loadPtr(CCallHelpers::Address(base, JSObject::butterflyOffset()), storage);
-        // FIXME: Do caging!
-        // https://bugs.webkit.org/show_bug.cgi?id=175295
     }
 
     jit.storeValue(
@@ -279,8 +269,6 @@
     auto branchToSlowPath = jit.patchableBranch32(
         CCallHelpers::NotEqual, scratch, CCallHelpers::TrustedImm32(array->indexingType()));
     jit.loadPtr(CCallHelpers::Address(base, JSObject::butterflyOffset()), value.payloadGPR());
-    // FIXME: Do caging!
-    // https://bugs.webkit.org/show_bug.cgi?id=175295
     jit.load32(CCallHelpers::Address(value.payloadGPR(), ArrayStorage::lengthOffset()), value.payloadGPR());
     jit.boxInt32(value.payloadGPR(), value);
 

Modified: trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp (220403 => 220404)


--- trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp	2017-08-08 15:03:48 UTC (rev 220403)
+++ trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp	2017-08-08 16:00:06 UTC (rev 220404)
@@ -11616,10 +11616,7 @@
     
     LValue caged(Gigacage::Kind kind, LValue ptr)
     {
-        if (!Gigacage::shouldBeEnabled())
-            return ptr;
-        
-        if (kind == Gigacage::Primitive && Gigacage::canPrimitiveGigacageBeDisabled()) {
+        if (kind == Gigacage::Primitive) {
             if (vm().primitiveGigacageEnabled().isStillValid())
                 m_graph.watchpoints().addLazily(vm().primitiveGigacageEnabled());
             else

Modified: trunk/Source/_javascript_Core/jit/AssemblyHelpers.h (220403 => 220404)


--- trunk/Source/_javascript_Core/jit/AssemblyHelpers.h	2017-08-08 15:03:48 UTC (rev 220403)
+++ trunk/Source/_javascript_Core/jit/AssemblyHelpers.h	2017-08-08 16:00:06 UTC (rev 220404)
@@ -1311,41 +1311,6 @@
         ok.link(this);
     }
     
-    void cage(Gigacage::Kind kind, GPRReg storage)
-    {
-#if GIGACAGE_ENABLED
-        if (!Gigacage::shouldBeEnabled())
-            return;
-        
-        andPtr(TrustedImmPtr(static_cast<size_t>(GIGACAGE_MASK)), storage);
-        addPtr(TrustedImmPtr(Gigacage::basePtr(kind)), storage);
-#else
-        UNUSED_PARAM(kind);
-        UNUSED_PARAM(storage);
-#endif
-    }
-    
-    void cageConditionally(Gigacage::Kind kind, GPRReg storage, GPRReg scratch)
-    {
-#if GIGACAGE_ENABLED
-        if (!Gigacage::shouldBeEnabled())
-            return;
-        
-        if (kind != Gigacage::Primitive || Gigacage::isDisablingPrimitiveGigacageDisabled())
-            return cage(kind, storage);
-        
-        loadPtr(Gigacage::basePtr(kind), scratch);
-        Jump done = branchTestPtr(Zero, scratch);
-        andPtr(TrustedImmPtr(static_cast<size_t>(GIGACAGE_MASK)), storage);
-        addPtr(scratch, storage);
-        done.link(this);
-#else
-        UNUSED_PARAM(kind);
-        UNUSED_PARAM(storage);
-        UNUSED_PARAM(scratch);
-#endif
-    }
-    
     void storeButterfly(VM& vm, GPRReg butterfly, GPRReg object)
     {
         if (isX86()) {

Modified: trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp (220403 => 220404)


--- trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp	2017-08-08 15:03:48 UTC (rev 220403)
+++ trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp	2017-08-08 16:00:06 UTC (rev 220404)
@@ -172,8 +172,9 @@
     JumpList slowCases;
     
     badType = patchableBranch32(NotEqual, regT2, TrustedImm32(DoubleShape));
+    // FIXME: Should do caging.
+    // https://bugs.webkit.org/show_bug.cgi?id=175037
     loadPtr(Address(regT0, JSObject::butterflyOffset()), regT2);
-    cage(Gigacage::JSValue, regT2);
     slowCases.append(branch32(AboveOrEqual, regT1, Address(regT2, Butterfly::offsetOfPublicLength())));
     loadDouble(BaseIndex(regT2, regT1, TimesEight), fpRegT0);
     slowCases.append(branchDouble(DoubleNotEqualOrUnordered, fpRegT0, fpRegT0));
@@ -186,8 +187,9 @@
     JumpList slowCases;
     
     badType = patchableBranch32(NotEqual, regT2, TrustedImm32(expectedShape));
+    // FIXME: Should do caging.
+    // https://bugs.webkit.org/show_bug.cgi?id=175037
     loadPtr(Address(regT0, JSObject::butterflyOffset()), regT2);
-    cage(Gigacage::JSValue, regT2);
     slowCases.append(branch32(AboveOrEqual, regT1, Address(regT2, Butterfly::offsetOfPublicLength())));
     load64(BaseIndex(regT2, regT1, TimesEight), regT0);
     slowCases.append(branchTest64(Zero, regT0));
@@ -202,8 +204,9 @@
     add32(TrustedImm32(-ArrayStorageShape), regT2, regT3);
     badType = patchableBranch32(Above, regT3, TrustedImm32(SlowPutArrayStorageShape - ArrayStorageShape));
 
+    // FIXME: Should do caging.
+    // https://bugs.webkit.org/show_bug.cgi?id=175037
     loadPtr(Address(regT0, JSObject::butterflyOffset()), regT2);
-    cage(Gigacage::JSValue, regT2);
     slowCases.append(branch32(AboveOrEqual, regT1, Address(regT2, ArrayStorage::vectorLengthOffset())));
 
     load64(BaseIndex(regT2, regT1, TimesEight, ArrayStorage::vectorOffset()), regT0);
@@ -350,8 +353,9 @@
 
     badType = patchableBranch32(NotEqual, regT2, TrustedImm32(indexingShape));
     
+    // FIXME: Should do caging.
+    // https://bugs.webkit.org/show_bug.cgi?id=175037
     loadPtr(Address(regT0, JSObject::butterflyOffset()), regT2);
-    cage(Gigacage::JSValue, regT2);
     Jump outOfBounds = branch32(AboveOrEqual, regT1, Address(regT2, Butterfly::offsetOfPublicLength()));
 
     Label storeResult = label();
@@ -406,8 +410,9 @@
     JumpList slowCases;
     
     badType = patchableBranch32(NotEqual, regT2, TrustedImm32(ArrayStorageShape));
+    // FIXME: Should do caging.
+    // https://bugs.webkit.org/show_bug.cgi?id=175037
     loadPtr(Address(regT0, JSObject::butterflyOffset()), regT2);
-    cage(Gigacage::JSValue, regT2);
     slowCases.append(branch32(AboveOrEqual, regT1, Address(regT2, ArrayStorage::vectorLengthOffset())));
 
     Jump empty = branchTest64(Zero, BaseIndex(regT2, regT1, TimesEight, ArrayStorage::vectorOffset()));
@@ -918,8 +923,9 @@
                 abortWithReason(JITOffsetIsNotOutOfLine);
                 isOutOfLine.link(this);
             }
+            // FIXME: Should do caging.
+            // https://bugs.webkit.org/show_bug.cgi?id=175037
             loadPtr(Address(base, JSObject::butterflyOffset()), scratch);
-            cage(Gigacage::JSValue, scratch);
             neg32(offset);
             signExtend32ToPtr(offset, offset);
             load64(BaseIndex(scratch, offset, TimesEight, (firstOutOfLineOffset - 2) * sizeof(EncodedJSValue)), result);
@@ -1060,8 +1066,9 @@
             emitLoadWithStructureCheck(scope, structureSlot); // Structure check covers var injection.
             emitGetVirtualRegister(value, regT2);
             
+            // FIXME: Should do caging.
+            // https://bugs.webkit.org/show_bug.cgi?id=175037
             loadPtr(Address(regT0, JSObject::butterflyOffset()), regT0);
-            cage(Gigacage::JSValue, regT0);
             loadPtr(operandSlot, regT1);
             negPtr(regT1);
             storePtr(regT2, BaseIndex(regT0, regT1, TimesEight, (firstOutOfLineOffset - 2) * sizeof(EncodedJSValue)));
@@ -1569,7 +1576,6 @@
     RegisterID property = regT1;
     RegisterID resultPayload = regT0;
     RegisterID scratch = regT3;
-    RegisterID scratch2 = regT4;
 #else
     RegisterID base = regT0;
     RegisterID property = regT2;
@@ -1576,7 +1582,6 @@
     RegisterID resultPayload = regT0;
     RegisterID resultTag = regT1;
     RegisterID scratch = regT3;
-    RegisterID scratch2 = regT4;
 #endif
     
     JumpList slowCases;
@@ -1584,8 +1589,9 @@
     load8(Address(base, JSCell::typeInfoTypeOffset()), scratch);
     badType = patchableBranch32(NotEqual, scratch, TrustedImm32(typeForTypedArrayType(type)));
     slowCases.append(branch32(AboveOrEqual, property, Address(base, JSArrayBufferView::offsetOfLength())));
+    // FIXME: Should do caging.
+    // https://bugs.webkit.org/show_bug.cgi?id=175037
     loadPtr(Address(base, JSArrayBufferView::offsetOfVector()), scratch);
-    cageConditionally(Gigacage::Primitive, scratch, scratch2);
     
     switch (elementSize(type)) {
     case 1:
@@ -1643,7 +1649,6 @@
     RegisterID property = regT1;
     RegisterID resultPayload = regT0;
     RegisterID scratch = regT3;
-    RegisterID scratch2 = regT4;
 #else
     RegisterID base = regT0;
     RegisterID property = regT2;
@@ -1650,7 +1655,6 @@
     RegisterID resultPayload = regT0;
     RegisterID resultTag = regT1;
     RegisterID scratch = regT3;
-    RegisterID scratch2 = regT4;
 #endif
     
     JumpList slowCases;
@@ -1658,8 +1662,9 @@
     load8(Address(base, JSCell::typeInfoTypeOffset()), scratch);
     badType = patchableBranch32(NotEqual, scratch, TrustedImm32(typeForTypedArrayType(type)));
     slowCases.append(branch32(AboveOrEqual, property, Address(base, JSArrayBufferView::offsetOfLength())));
+    // FIXME: Should do caging.
+    // https://bugs.webkit.org/show_bug.cgi?id=175037
     loadPtr(Address(base, JSArrayBufferView::offsetOfVector()), scratch);
-    cageConditionally(Gigacage::Primitive, scratch, scratch2);
     
     switch (elementSize(type)) {
     case 4:
@@ -1700,13 +1705,11 @@
     RegisterID property = regT1;
     RegisterID earlyScratch = regT3;
     RegisterID lateScratch = regT2;
-    RegisterID lateScratch2 = regT4;
 #else
     RegisterID base = regT0;
     RegisterID property = regT2;
     RegisterID earlyScratch = regT3;
     RegisterID lateScratch = regT1;
-    RegisterID lateScratch2 = regT4;
 #endif
     
     JumpList slowCases;
@@ -1728,8 +1731,9 @@
     
     // We would be loading this into base as in get_by_val, except that the slow
     // path expects the base to be unclobbered.
+    // FIXME: Should do caging.
+    // https://bugs.webkit.org/show_bug.cgi?id=175037
     loadPtr(Address(base, JSArrayBufferView::offsetOfVector()), lateScratch);
-    cageConditionally(Gigacage::Primitive, lateScratch, lateScratch2);
     
     if (isClamped(type)) {
         ASSERT(elementSize(type) == 1);
@@ -1773,13 +1777,11 @@
     RegisterID property = regT1;
     RegisterID earlyScratch = regT3;
     RegisterID lateScratch = regT2;
-    RegisterID lateScratch2 = regT4;
 #else
     RegisterID base = regT0;
     RegisterID property = regT2;
     RegisterID earlyScratch = regT3;
     RegisterID lateScratch = regT1;
-    RegisterID lateScratch2 = regT4;
 #endif
     
     JumpList slowCases;
@@ -1814,8 +1816,9 @@
     
     // We would be loading this into base as in get_by_val, except that the slow
     // path expects the base to be unclobbered.
+    // FIXME: Should do caging.
+    // https://bugs.webkit.org/show_bug.cgi?id=175037
     loadPtr(Address(base, JSArrayBufferView::offsetOfVector()), lateScratch);
-    cageConditionally(Gigacage::Primitive, lateScratch, lateScratch2);
     
     switch (elementSize(type)) {
     case 4:

Modified: trunk/Source/_javascript_Core/jsc.cpp (220403 => 220404)


--- trunk/Source/_javascript_Core/jsc.cpp	2017-08-08 15:03:48 UTC (rev 220403)
+++ trunk/Source/_javascript_Core/jsc.cpp	2017-08-08 16:00:06 UTC (rev 220404)
@@ -3802,6 +3802,12 @@
     return result;
 }
 
+static void primitiveGigacageDisabled(void*)
+{
+    dataLog("Primitive gigacage disabled! Aborting.\n");
+    UNREACHABLE_FOR_PLATFORM();
+}
+
 int jscmain(int argc, char** argv)
 {
     // Need to override and enable restricted options before we start parsing options below.
@@ -3820,7 +3826,8 @@
 #if ENABLE(WEBASSEMBLY)
     JSC::Wasm::enableFastMemory();
 #endif
-    Gigacage::disableDisablingPrimitiveGigacageIfShouldBeEnabled();
+    if (Gigacage::shouldBeEnabled())
+        Gigacage::addPrimitiveDisableCallback(primitiveGigacageDisabled, nullptr);
 
     int result;
     result = runJSC(

Modified: trunk/Source/WTF/ChangeLog (220403 => 220404)


--- trunk/Source/WTF/ChangeLog	2017-08-08 15:03:48 UTC (rev 220403)
+++ trunk/Source/WTF/ChangeLog	2017-08-08 16:00:06 UTC (rev 220404)
@@ -1,3 +1,15 @@
+2017-08-08  Ryan Haddad  <ryanhad...@apple.com>
+
+        Unreviewed, rolling out r220368.
+
+        This change caused WK1 tests to exit early with crashes.
+
+        Reverted changeset:
+
+        "Baseline JIT should do caging"
+        https://bugs.webkit.org/show_bug.cgi?id=175037
+        http://trac.webkit.org/changeset/220368
+
 2017-08-08  Michael Catanzaro  <mcatanz...@igalia.com>
 
         [CMake] Properly test if compiler supports compiler flags

Modified: trunk/Source/WTF/wtf/Gigacage.h (220403 => 220404)


--- trunk/Source/WTF/wtf/Gigacage.h	2017-08-08 15:03:48 UTC (rev 220403)
+++ trunk/Source/WTF/wtf/Gigacage.h	2017-08-08 16:00:06 UTC (rev 220404)
@@ -49,12 +49,6 @@
 inline void addPrimitiveDisableCallback(void (*)(void*), void*) { }
 inline void removePrimitiveDisableCallback(void (*)(void*), void*) { }
 
-inline void disableDisablingPrimitiveGigacageIfShouldBeEnabled() { }
-
-inline bool isDisablingPrimitiveGigacageDisabled() { return false; }
-inline bool isPrimitiveGigacagePermanentlyEnabled() { return false; }
-inline bool canPrimitiveGigacageBeDisabled() { return true; }
-
 ALWAYS_INLINE const char* name(Kind kind)
 {
     switch (kind) {

Modified: trunk/Source/WebKit/ChangeLog (220403 => 220404)


--- trunk/Source/WebKit/ChangeLog	2017-08-08 15:03:48 UTC (rev 220403)
+++ trunk/Source/WebKit/ChangeLog	2017-08-08 16:00:06 UTC (rev 220404)
@@ -1,3 +1,15 @@
+2017-08-08  Ryan Haddad  <ryanhad...@apple.com>
+
+        Unreviewed, rolling out r220368.
+
+        This change caused WK1 tests to exit early with crashes.
+
+        Reverted changeset:
+
+        "Baseline JIT should do caging"
+        https://bugs.webkit.org/show_bug.cgi?id=175037
+        http://trac.webkit.org/changeset/220368
+
 2017-08-08  Michael Catanzaro  <mcatanz...@igalia.com>
 
         [CMake] Properly test if compiler supports compiler flags

Modified: trunk/Source/WebKit/WebProcess/WebProcess.cpp (220403 => 220404)


--- trunk/Source/WebKit/WebProcess/WebProcess.cpp	2017-08-08 15:03:48 UTC (rev 220403)
+++ trunk/Source/WebKit/WebProcess/WebProcess.cpp	2017-08-08 16:00:06 UTC (rev 220404)
@@ -146,6 +146,11 @@
 
 namespace WebKit {
 
+static void primitiveGigacageDisabled(void*)
+{
+    UNREACHABLE_FOR_PLATFORM();
+}
+
 WebProcess& WebProcess::singleton()
 {
     static WebProcess& process = *new WebProcess;
@@ -197,7 +202,8 @@
         parentProcessConnection()->send(Messages::WebResourceLoadStatisticsStore::ResourceLoadStatisticsUpdated(WTFMove(statistics)), 0);
     });
 
-    Gigacage::disableDisablingPrimitiveGigacageIfShouldBeEnabled();
+    if (Gigacage::shouldBeEnabled())
+        Gigacage::addPrimitiveDisableCallback(primitiveGigacageDisabled, nullptr);
 }
 
 WebProcess::~WebProcess()

Modified: trunk/Source/bmalloc/ChangeLog (220403 => 220404)


--- trunk/Source/bmalloc/ChangeLog	2017-08-08 15:03:48 UTC (rev 220403)
+++ trunk/Source/bmalloc/ChangeLog	2017-08-08 16:00:06 UTC (rev 220404)
@@ -1,3 +1,15 @@
+2017-08-08  Ryan Haddad  <ryanhad...@apple.com>
+
+        Unreviewed, rolling out r220368.
+
+        This change caused WK1 tests to exit early with crashes.
+
+        Reverted changeset:
+
+        "Baseline JIT should do caging"
+        https://bugs.webkit.org/show_bug.cgi?id=175037
+        http://trac.webkit.org/changeset/220368
+
 2017-08-07  Filip Pizlo  <fpi...@apple.com>
 
         Baseline JIT should do caging

Modified: trunk/Source/bmalloc/bmalloc/Gigacage.cpp (220403 => 220404)


--- trunk/Source/bmalloc/bmalloc/Gigacage.cpp	2017-08-08 15:03:48 UTC (rev 220403)
+++ trunk/Source/bmalloc/bmalloc/Gigacage.cpp	2017-08-08 16:00:06 UTC (rev 220404)
@@ -41,8 +41,6 @@
 
 namespace Gigacage {
 
-static bool s_isDisablingPrimitiveGigacageDisabled;
-
 struct Callback {
     Callback() { }
     
@@ -133,28 +131,6 @@
     }
 }
 
-static bool False;
-
-static void primitiveGigacageDisabled(void*)
-{
-    fprintf(stderr, "FATAL: Primitive gigacage disabled, but we don't want that in this process\n");
-    if (!False)
-        BCRASH();
-}
-
-void disableDisablingPrimitiveGigacageIfShouldBeEnabled()
-{
-    if (shouldBeEnabled()) {
-        addPrimitiveDisableCallback(primitiveGigacageDisabled, nullptr);
-        s_isDisablingPrimitiveGigacageDisabled = true;
-    }
-}
-
-bool isDisablingPrimitiveGigacageDisabled()
-{
-    return s_isDisablingPrimitiveGigacageDisabled;
-}
-
 bool shouldBeEnabled()
 {
     return GIGACAGE_ENABLED && !PerProcess<Environment>::get()->isDebugHeapEnabled();

Modified: trunk/Source/bmalloc/bmalloc/Gigacage.h (220403 => 220404)


--- trunk/Source/bmalloc/bmalloc/Gigacage.h	2017-08-08 15:03:48 UTC (rev 220403)
+++ trunk/Source/bmalloc/bmalloc/Gigacage.h	2017-08-08 16:00:06 UTC (rev 220404)
@@ -63,12 +63,6 @@
 BEXPORT void addPrimitiveDisableCallback(void (*)(void*), void*);
 BEXPORT void removePrimitiveDisableCallback(void (*)(void*), void*);
 
-BEXPORT void disableDisablingPrimitiveGigacageIfShouldBeEnabled();
-
-BEXPORT bool isDisablingPrimitiveGigacageDisabled();
-inline bool isPrimitiveGigacagePermanentlyEnabled() { return isDisablingPrimitiveGigacageDisabled(); }
-inline bool canPrimitiveGigacageBeDisabled() { return !isDisablingPrimitiveGigacageDisabled(); }
-
 BINLINE const char* name(Kind kind)
 {
     switch (kind) {
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to