Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (230105 => 230106)
--- trunk/Source/_javascript_Core/ChangeLog 2018-03-30 16:05:22 UTC (rev 230105)
+++ trunk/Source/_javascript_Core/ChangeLog 2018-03-30 16:31:06 UTC (rev 230106)
@@ -1,3 +1,39 @@
+2018-03-30 Mark Lam <[email protected]>
+
+ Add pointer profiling support to Wasm.
+ https://bugs.webkit.org/show_bug.cgi?id=184175
+ <rdar://problem/39027923>
+
+ Reviewed by JF Bastien.
+
+ * runtime/PtrTag.h:
+ * wasm/WasmB3IRGenerator.cpp:
+ (JSC::Wasm::B3IRGenerator::addGrowMemory):
+ (JSC::Wasm::B3IRGenerator::addCall):
+ (JSC::Wasm::B3IRGenerator::addCallIndirect):
+ (JSC::Wasm::B3IRGenerator::addOp<OpType::I32Popcnt>):
+ (JSC::Wasm::B3IRGenerator::addOp<OpType::I64Popcnt>):
+ * wasm/WasmBBQPlan.cpp:
+ (JSC::Wasm::BBQPlan::prepare):
+ (JSC::Wasm::BBQPlan::complete):
+ * wasm/WasmBinding.cpp:
+ (JSC::Wasm::wasmToWasm):
+ * wasm/WasmBinding.h:
+ * wasm/WasmFaultSignalHandler.cpp:
+ (JSC::Wasm::trapHandler):
+ * wasm/WasmOMGPlan.cpp:
+ (JSC::Wasm::OMGPlan::work):
+ * wasm/WasmThunks.cpp:
+ (JSC::Wasm::throwExceptionFromWasmThunkGenerator):
+ (JSC::Wasm::throwStackOverflowFromWasmThunkGenerator):
+ (JSC::Wasm::triggerOMGTierUpThunkGenerator):
+ * wasm/js/WasmToJS.cpp:
+ (JSC::Wasm::handleBadI64Use):
+ (JSC::Wasm::wasmToJS):
+ * wasm/js/WebAssemblyFunction.cpp:
+ (JSC::callWebAssemblyFunction):
+ * wasm/js/WebAssemblyFunction.h:
+
2018-03-30 Ryan Haddad <[email protected]>
Unreviewed, rolling out r230102.
Modified: trunk/Source/_javascript_Core/runtime/PtrTag.h (230105 => 230106)
--- trunk/Source/_javascript_Core/runtime/PtrTag.h 2018-03-30 16:05:22 UTC (rev 230105)
+++ trunk/Source/_javascript_Core/runtime/PtrTag.h 2018-03-30 16:31:06 UTC (rev 230106)
@@ -53,6 +53,9 @@
v(YarrMatchOnly8BitPtrTag) \
v(YarrMatchOnly16BitPtrTag) \
v(YarrBacktrackPtrTag) \
+ \
+ v(WasmCallPtrTag) \
+ v(WasmHelperPtrTag) \
enum PtrTag : uintptr_t {
Modified: trunk/Source/_javascript_Core/wasm/WasmB3IRGenerator.cpp (230105 => 230106)
--- trunk/Source/_javascript_Core/wasm/WasmB3IRGenerator.cpp 2018-03-30 16:05:22 UTC (rev 230105)
+++ trunk/Source/_javascript_Core/wasm/WasmB3IRGenerator.cpp 2018-03-30 16:31:06 UTC (rev 230106)
@@ -594,7 +594,7 @@
};
result = m_currentBlock->appendNew<CCallValue>(m_proc, Int32, origin(),
- m_currentBlock->appendNew<ConstPtrValue>(m_proc, origin(), bitwise_cast<void*>(growMemory)),
+ m_currentBlock->appendNew<ConstPtrValue>(m_proc, origin(), tagCFunctionPtr<void*>(growMemory, B3CCallPtrTag)),
m_currentBlock->appendNew<B3::Value>(m_proc, B3::FramePointer, origin()), instanceValue(), delta);
restoreWebAssemblyGlobalState(RestoreCachedStackLimit::No, m_info.memory, instanceValue(), m_proc, m_currentBlock);
@@ -1135,8 +1135,9 @@
if (Options::usePoisoning())
jumpDestination = isEmbedderBlock->appendNew<Value>(m_proc, BitXor, origin(), jumpDestination, isEmbedderBlock->appendNew<Const64Value>(m_proc, origin(), g_JITCodePoison));
+ PtrTag callTag = ptrTag(WasmCallPtrTag, signature.hash());
Value* embedderCallResult = wasmCallingConvention().setupCall(m_proc, isEmbedderBlock, origin(), args, toB3Type(returnType),
- [&] (PatchpointValue* patchpoint) {
+ [=] (PatchpointValue* patchpoint) {
patchpoint->effects.writesPinned = true;
patchpoint->effects.readsPinned = true;
patchpoint->append(jumpDestination, ValueRep::SomeRegister);
@@ -1144,9 +1145,9 @@
// We pessimistically assume we could be calling to something that is bounds checking.
// FIXME: We shouldn't have to do this: https://bugs.webkit.org/show_bug.cgi?id=172181
patchpoint->clobberLate(PinnedRegisterInfo::get().toSave(MemoryMode::BoundsChecking));
- patchpoint->setGenerator([returnType] (CCallHelpers& jit, const B3::StackmapGenerationParams& params) {
+ patchpoint->setGenerator([returnType, callTag] (CCallHelpers& jit, const B3::StackmapGenerationParams& params) {
AllowMacroScratchRegisterUsage allowScratch(jit);
- jit.call(params[returnType == Void ? 0 : 1].gpr(), NoPtrTag);
+ jit.call(params[returnType == Void ? 0 : 1].gpr(), callTag);
});
});
UpsilonValue* embedderCallResultUpsilon = returnType == Void ? nullptr : isEmbedderBlock->appendNew<UpsilonValue>(m_proc, origin(), embedderCallResult);
@@ -1317,6 +1318,7 @@
calleeCode = m_currentBlock->appendNew<Value>(m_proc, BitXor, origin(), calleeCode, m_currentBlock->appendNew<Const64Value>(m_proc, origin(), g_JITCodePoison));
Type returnType = signature.returnType();
+ PtrTag callTag = ptrTag(WasmCallPtrTag, signature.hash());
result = wasmCallingConvention().setupCall(m_proc, m_currentBlock, origin(), args, toB3Type(returnType),
[=] (PatchpointValue* patchpoint) {
patchpoint->effects.writesPinned = true;
@@ -1331,7 +1333,7 @@
patchpoint->append(calleeCode, ValueRep::SomeRegister);
patchpoint->setGenerator([=] (CCallHelpers& jit, const B3::StackmapGenerationParams& params) {
AllowMacroScratchRegisterUsage allowScratch(jit);
- jit.call(params[returnType == Void ? 0 : 1].gpr(), NoPtrTag);
+ jit.call(params[returnType == Void ? 0 : 1].gpr(), callTag);
});
});
@@ -1582,7 +1584,7 @@
#endif
uint32_t (*popcount)(int32_t) = [] (int32_t value) -> uint32_t { return __builtin_popcount(value); };
- Value* funcAddress = m_currentBlock->appendNew<ConstPtrValue>(m_proc, origin(), bitwise_cast<void*>(popcount));
+ Value* funcAddress = m_currentBlock->appendNew<ConstPtrValue>(m_proc, origin(), tagCFunctionPtr<void*>(popcount, B3CCallPtrTag));
result = m_currentBlock->appendNew<CCallValue>(m_proc, Int32, origin(), Effects::none(), funcAddress, arg);
return { };
}
@@ -1604,7 +1606,7 @@
#endif
uint64_t (*popcount)(int64_t) = [] (int64_t value) -> uint64_t { return __builtin_popcountll(value); };
- Value* funcAddress = m_currentBlock->appendNew<ConstPtrValue>(m_proc, origin(), bitwise_cast<void*>(popcount));
+ Value* funcAddress = m_currentBlock->appendNew<ConstPtrValue>(m_proc, origin(), tagCFunctionPtr<void*>(popcount, B3CCallPtrTag));
result = m_currentBlock->appendNew<CCallValue>(m_proc, Int64, origin(), Effects::none(), funcAddress, arg);
return { };
}
Modified: trunk/Source/_javascript_Core/wasm/WasmBBQPlan.cpp (230105 => 230106)
--- trunk/Source/_javascript_Core/wasm/WasmBBQPlan.cpp 2018-03-30 16:05:22 UTC (rev 230105)
+++ trunk/Source/_javascript_Core/wasm/WasmBBQPlan.cpp 2018-03-30 16:31:06 UTC (rev 230106)
@@ -174,8 +174,10 @@
if (import->kind != ExternalKind::Function)
continue;
unsigned importFunctionIndex = m_wasmToWasmExitStubs.size();
+ SignatureIndex signatureIndex = m_moduleInformation->importFunctionSignatureIndices[importFunctionIndex];
+ const Signature& signature = SignatureInformation::get(signatureIndex);
dataLogLnIf(WasmBBQPlanInternal::verbose, "Processing import function number ", importFunctionIndex, ": ", makeString(import->module), ": ", makeString(import->field));
- auto binding = wasmToWasm(importFunctionIndex);
+ auto binding = wasmToWasm(signature, importFunctionIndex);
if (UNLIKELY(!binding)) {
switch (binding.error()) {
case BindingFailure::OutOfMemory:
@@ -300,6 +302,8 @@
for (uint32_t functionIndex = 0; functionIndex < m_moduleInformation->functionLocationInBinary.size(); functionIndex++) {
CompilationContext& context = m_compilationContexts[functionIndex];
SignatureIndex signatureIndex = m_moduleInformation->internalFunctionSignatureIndices[functionIndex];
+ const Signature& signature = SignatureInformation::get(signatureIndex);
+ PtrTag callTag = ptrTag(WasmCallPtrTag, signature.hash());
{
LinkBuffer linkBuffer(*context.wasmEntrypointJIT, nullptr, JITCompilationCanFail);
if (UNLIKELY(linkBuffer.didFailToAllocate())) {
@@ -308,7 +312,7 @@
}
m_wasmInternalFunctions[functionIndex]->entrypoint.compilation = std::make_unique<B3::Compilation>(
- FINALIZE_CODE(linkBuffer, NoPtrTag, "WebAssembly function[%i] %s", functionIndex, SignatureInformation::get(signatureIndex).toString().ascii().data()),
+ FINALIZE_CODE(linkBuffer, callTag, "WebAssembly function[%i] %s", functionIndex, signature.toString().ascii().data()),
WTFMove(context.wasmEntrypointByproducts));
}
@@ -320,7 +324,7 @@
}
embedderToWasmInternalFunction->entrypoint.compilation = std::make_unique<B3::Compilation>(
- FINALIZE_CODE(linkBuffer, NoPtrTag, "Embedder->WebAssembly entrypoint[%i] %s", functionIndex, SignatureInformation::get(signatureIndex).toString().ascii().data()),
+ FINALIZE_CODE(linkBuffer, CodeEntryPtrTag, "Embedder->WebAssembly entrypoint[%i] %s", functionIndex, signature.toString().ascii().data()),
WTFMove(context.embedderEntrypointByproducts));
}
}
@@ -333,7 +337,10 @@
executableAddress = m_wasmToWasmExitStubs.at(call.functionIndexSpace).code();
} else
executableAddress = m_wasmInternalFunctions.at(call.functionIndexSpace - m_moduleInformation->importFunctionCount())->entrypoint.compilation->code();
- MacroAssembler::repatchNearCall(call.callLocation, CodeLocationLabel(executableAddress));
+ SignatureIndex signatureIndex = m_moduleInformation->signatureIndexFromFunctionIndexSpace(call.functionIndexSpace);
+ const Signature& signature = SignatureInformation::get(signatureIndex);
+ PtrTag oldTag = ptrTag(WasmCallPtrTag, signature.hash());
+ MacroAssembler::repatchNearCall(call.callLocation, CodeLocationLabel(executableAddress.retagged(oldTag, NearCallPtrTag)));
}
}
}
Modified: trunk/Source/_javascript_Core/wasm/WasmBinding.cpp (230105 => 230106)
--- trunk/Source/_javascript_Core/wasm/WasmBinding.cpp 2018-03-30 16:05:22 UTC (rev 230105)
+++ trunk/Source/_javascript_Core/wasm/WasmBinding.cpp 2018-03-30 16:31:06 UTC (rev 230106)
@@ -37,8 +37,11 @@
using JIT = CCallHelpers;
-Expected<MacroAssemblerCodeRef, BindingFailure> wasmToWasm(unsigned importIndex)
+Expected<MacroAssemblerCodeRef, BindingFailure> wasmToWasm(const Signature& signature, unsigned importIndex)
{
+ // FIXME: Consider uniquify the stubs based on signature + index to see if this saves memory.
+ // https://bugs.webkit.org/show_bug.cgi?id=184157
+
const PinnedRegisterInfo& pinnedRegs = PinnedRegisterInfo::get();
JIT jit;
@@ -78,13 +81,14 @@
jit.loadPtr(scratch, scratch);
if (Options::usePoisoning())
jit.xorPtr(JIT::TrustedImmPtr(g_JITCodePoison), scratch);
- jit.jump(scratch, NoPtrTag);
+ PtrTag tag = ptrTag(WasmCallPtrTag, signature.hash());
+ jit.jump(scratch, tag);
LinkBuffer patchBuffer(jit, GLOBAL_THUNK_ID, JITCompilationCanFail);
if (UNLIKELY(patchBuffer.didFailToAllocate()))
return makeUnexpected(BindingFailure::OutOfMemory);
- return FINALIZE_CODE(patchBuffer, NoPtrTag, "WebAssembly->WebAssembly import[%i]", importIndex);
+ return FINALIZE_CODE(patchBuffer, tag, "WebAssembly->WebAssembly import[%i]", importIndex);
}
} } // namespace JSC::Wasm
Modified: trunk/Source/_javascript_Core/wasm/WasmBinding.h (230105 => 230106)
--- trunk/Source/_javascript_Core/wasm/WasmBinding.h 2018-03-30 16:05:22 UTC (rev 230105)
+++ trunk/Source/_javascript_Core/wasm/WasmBinding.h 2018-03-30 16:31:06 UTC (rev 230106)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2016-2017 Apple Inc. All rights reserved.
+ * Copyright (C) 2016-2018 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -41,7 +41,7 @@
OutOfMemory,
};
-Expected<MacroAssemblerCodeRef, BindingFailure> wasmToWasm(unsigned importIndex);
+Expected<MacroAssemblerCodeRef, BindingFailure> wasmToWasm(const Signature&, unsigned importIndex);
} } // namespace JSC::Wasm
Modified: trunk/Source/_javascript_Core/wasm/WasmFaultSignalHandler.cpp (230105 => 230106)
--- trunk/Source/_javascript_Core/wasm/WasmFaultSignalHandler.cpp 2018-03-30 16:05:22 UTC (rev 230105)
+++ trunk/Source/_javascript_Core/wasm/WasmFaultSignalHandler.cpp 2018-03-30 16:31:06 UTC (rev 230106)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2017 Apple Inc. All rights reserved.
+ * Copyright (C) 2017-2018 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -62,6 +62,7 @@
dataLogLnIf(WasmFaultSignalHandlerInternal::verbose, "JIT memory start: ", RawPointer(reinterpret_cast<void*>(startOfFixedExecutableMemoryPool)), " end: ", RawPointer(reinterpret_cast<void*>(endOfFixedExecutableMemoryPool)));
// First we need to make sure we are in JIT code before we can aquire any locks. Otherwise,
// we might have crashed in code that is already holding one of the locks we want to aquire.
+ assertIsNotTagged(faultingInstruction);
if (isJITPC(faultingInstruction)) {
bool faultedInActiveFastMemory = false;
{
Modified: trunk/Source/_javascript_Core/wasm/WasmOMGPlan.cpp (230105 => 230106)
--- trunk/Source/_javascript_Core/wasm/WasmOMGPlan.cpp 2018-03-30 16:05:22 UTC (rev 230105)
+++ trunk/Source/_javascript_Core/wasm/WasmOMGPlan.cpp 2018-03-30 16:31:06 UTC (rev 230106)
@@ -97,8 +97,9 @@
return;
}
+ PtrTag callTag = ptrTag(WasmCallPtrTag, signature.hash());
omgEntrypoint.compilation = std::make_unique<B3::Compilation>(
- FINALIZE_CODE(linkBuffer, NoPtrTag, "WebAssembly OMG function[%i] %s", m_functionIndex, SignatureInformation::get(signatureIndex).toString().ascii().data()),
+ FINALIZE_CODE(linkBuffer, callTag, "WebAssembly OMG function[%i] %s", m_functionIndex, signature.toString().ascii().data()),
WTFMove(context.wasmEntrypointByproducts));
omgEntrypoint.calleeSaveRegisters = WTFMove(parseAndCompileResult.value()->entrypoint.calleeSaveRegisters);
@@ -125,7 +126,10 @@
else
entrypoint = m_codeBlock->wasmEntrypointCalleeFromFunctionIndexSpace(call.functionIndexSpace).entrypoint();
- MacroAssembler::repatchNearCall(call.callLocation, CodeLocationLabel(entrypoint));
+ SignatureIndex signatureIndex = m_moduleInformation->signatureIndexFromFunctionIndexSpace(call.functionIndexSpace);
+ const Signature& signature = SignatureInformation::get(signatureIndex);
+ PtrTag oldTag = ptrTag(WasmCallPtrTag, signature.hash());
+ MacroAssembler::repatchNearCall(call.callLocation, CodeLocationLabel(entrypoint.retagged(oldTag, NearCallPtrTag)));
}
unlinkedCalls = std::exchange(m_codeBlock->m_wasmToWasmCallsites[m_functionIndex], unlinkedCalls);
}
@@ -145,7 +149,10 @@
dataLogLnIf(WasmOMGPlanInternal::verbose, "Considering repatching call at: ", RawPointer(call.callLocation.dataLocation()), " that targets ", call.functionIndexSpace);
if (call.functionIndexSpace == functionIndexSpace) {
dataLogLnIf(WasmOMGPlanInternal::verbose, "Repatching call at: ", RawPointer(call.callLocation.dataLocation()), " to ", RawPointer(entrypoint.executableAddress()));
- MacroAssembler::repatchNearCall(call.callLocation, CodeLocationLabel(entrypoint));
+ SignatureIndex signatureIndex = m_moduleInformation->signatureIndexFromFunctionIndexSpace(call.functionIndexSpace);
+ const Signature& signature = SignatureInformation::get(signatureIndex);
+ PtrTag oldTag = ptrTag(WasmCallPtrTag, signature.hash());
+ MacroAssembler::repatchNearCall(call.callLocation, CodeLocationLabel(entrypoint.retagged(oldTag, NearCallPtrTag)));
}
}
Modified: trunk/Source/_javascript_Core/wasm/WasmThunks.cpp (230105 => 230106)
--- trunk/Source/_javascript_Core/wasm/WasmThunks.cpp 2018-03-30 16:05:22 UTC (rev 230105)
+++ trunk/Source/_javascript_Core/wasm/WasmThunks.cpp 2018-03-30 16:31:06 UTC (rev 230106)
@@ -51,15 +51,17 @@
jit.loadPtr(CCallHelpers::Address(GPRInfo::argumentGPR0), GPRInfo::argumentGPR0);
jit.copyCalleeSavesToEntryFrameCalleeSavesBuffer(GPRInfo::argumentGPR0);
jit.move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
- CCallHelpers::Call call = jit.call(NoPtrTag);
- jit.jump(GPRInfo::returnValueGPR, NoPtrTag);
+
+ PtrTag tag = ptrTag(WasmHelperPtrTag, nextPtrTagID());
+ CCallHelpers::Call call = jit.call(tag);
+ jit.jump(GPRInfo::returnValueGPR, ExceptionHandlerPtrTag);
jit.breakpoint(); // We should not reach this.
ThrowWasmException throwWasmException = Thunks::singleton().throwWasmException();
RELEASE_ASSERT(throwWasmException);
LinkBuffer linkBuffer(jit, GLOBAL_THUNK_ID);
- linkBuffer.link(call, FunctionPtr(throwWasmException));
- return FINALIZE_CODE(linkBuffer, NoPtrTag, "Throw exception from Wasm");
+ linkBuffer.link(call, FunctionPtr(throwWasmException, tag));
+ return FINALIZE_CODE(linkBuffer, NearCallPtrTag, "Throw exception from Wasm");
}
MacroAssemblerCodeRef throwStackOverflowFromWasmThunkGenerator(const AbstractLocker& locker)
@@ -73,7 +75,7 @@
auto jumpToExceptionHandler = jit.jump();
LinkBuffer linkBuffer(jit, GLOBAL_THUNK_ID);
linkBuffer.link(jumpToExceptionHandler, CodeLocationLabel(Thunks::singleton().stub(locker, throwExceptionFromWasmThunkGenerator).code()));
- return FINALIZE_CODE(linkBuffer, NoPtrTag, "Throw stack overflow from Wasm");
+ return FINALIZE_CODE(linkBuffer, NearJumpPtrTag, "Throw stack overflow from Wasm");
}
MacroAssemblerCodeRef triggerOMGTierUpThunkGenerator(const AbstractLocker&)
@@ -91,8 +93,9 @@
jit.loadWasmContextInstance(GPRInfo::argumentGPR0);
typedef void (*Run)(Instance*, uint32_t);
Run run = OMGPlan::runForIndex;
- jit.move(MacroAssembler::TrustedImmPtr(reinterpret_cast<void*>(run)), GPRInfo::argumentGPR2);
- jit.call(GPRInfo::argumentGPR2, NoPtrTag);
+ PtrTag tag = ptrTag(WasmHelperPtrTag, nextPtrTagID());
+ jit.move(MacroAssembler::TrustedImmPtr(tagCFunctionPtr(run, tag)), GPRInfo::argumentGPR2);
+ jit.call(GPRInfo::argumentGPR2, tag);
ScratchRegisterAllocator::restoreRegistersFromStackForCall(jit, registersToSpill, RegisterSet(), numberOfStackBytesUsedForRegisterPreservation, extraPaddingBytes);
@@ -99,7 +102,7 @@
jit.emitFunctionEpilogue();
jit.ret();
LinkBuffer linkBuffer(jit, GLOBAL_THUNK_ID);
- return FINALIZE_CODE(linkBuffer, NoPtrTag, "Trigger OMG tier up");
+ return FINALIZE_CODE(linkBuffer, NearCallPtrTag, "Trigger OMG tier up");
}
static Thunks* thunks;
Modified: trunk/Source/_javascript_Core/wasm/js/WasmToJS.cpp (230105 => 230106)
--- trunk/Source/_javascript_Core/wasm/js/WasmToJS.cpp 2018-03-30 16:05:22 UTC (rev 230105)
+++ trunk/Source/_javascript_Core/wasm/js/WasmToJS.cpp 2018-03-30 16:31:06 UTC (rev 230106)
@@ -93,7 +93,8 @@
// Let's be paranoid on the exception path and zero out the poison instead of leaving it in an argument GPR.
jit.move(CCallHelpers::TrustedImm32(0), GPRInfo::argumentGPR3);
- auto call = jit.call(NoPtrTag);
+ PtrTag callTag = ptrTag(WasmHelperPtrTag, nextPtrTagID());
+ auto call = jit.call(callTag);
jit.jumpToExceptionHandler(*vm);
void (*throwBadI64)(ExecState*, JSWebAssemblyInstance*) = [] (ExecState* exec, JSWebAssemblyInstance* instance) -> void {
@@ -115,8 +116,9 @@
if (UNLIKELY(linkBuffer.didFailToAllocate()))
return makeUnexpected(BindingFailure::OutOfMemory);
- linkBuffer.link(call, throwBadI64);
- return FINALIZE_CODE(linkBuffer, NoPtrTag, "WebAssembly->_javascript_ invalid i64 use in import[%i]", importIndex);
+ linkBuffer.link(call, FunctionPtr(throwBadI64, callTag));
+ PtrTag tag = ptrTag(WasmCallPtrTag, signature.hash());
+ return FINALIZE_CODE(linkBuffer, tag, "WebAssembly->_javascript_ invalid i64 use in import[%i]", importIndex);
}
return MacroAssemblerCodeRef();
@@ -300,9 +302,12 @@
// Let's be paranoid before the call and zero out the poison instead of leaving it in an argument GPR.
jit.move(CCallHelpers::TrustedImm32(0), GPRInfo::argumentGPR3);
+ PtrTag callTag = ptrTag(WasmHelperPtrTag, nextPtrTagID());
+ PtrTag doUnwindingTag = ptrTag(WasmHelperPtrTag, nextPtrTagID());
+
static_assert(GPRInfo::numberOfArgumentRegisters >= 4, "We rely on this with the call below.");
jit.setupArguments<decltype(callFunc)>(GPRInfo::argumentGPR1, CCallHelpers::TrustedImm32(signatureIndex), CCallHelpers::TrustedImmPtr(buffer));
- auto call = jit.call(NoPtrTag);
+ auto call = jit.call(callTag);
auto noException = jit.emitExceptionCheck(*vm, AssemblyHelpers::InvertedExceptionCheck);
// Exception here.
@@ -314,7 +319,7 @@
genericUnwind(vm, exec);
ASSERT(!!vm->callFrameForCatch);
};
- auto exceptionCall = jit.call(NoPtrTag);
+ auto exceptionCall = jit.call(doUnwindingTag);
jit.jumpToExceptionHandler(*vm);
noException.link(&jit);
@@ -339,10 +344,11 @@
if (UNLIKELY(linkBuffer.didFailToAllocate()))
return makeUnexpected(BindingFailure::OutOfMemory);
- linkBuffer.link(call, callFunc);
- linkBuffer.link(exceptionCall, doUnwinding);
+ linkBuffer.link(call, FunctionPtr(callFunc, callTag));
+ linkBuffer.link(exceptionCall, FunctionPtr(doUnwinding, doUnwindingTag));
- return FINALIZE_CODE(linkBuffer, NoPtrTag, "WebAssembly->_javascript_ import[%i] %s", importIndex, signature.toString().ascii().data());
+ PtrTag tag = ptrTag(WasmCallPtrTag, signature.hash());
+ return FINALIZE_CODE(linkBuffer, tag, "WebAssembly->_javascript_ import[%i] %s", importIndex, signature.toString().ascii().data());
}
// Note: We don't need to perform a stack check here since WasmB3IRGenerator
@@ -544,13 +550,14 @@
jit.zeroExtend32ToPtr(GPRInfo::returnValueGPR, GPRInfo::returnValueGPR);
done.append(jit.jump());
+ PtrTag tag = ptrTag(WasmHelperPtrTag, nextPtrTagID());
slowPath.link(&jit);
jit.setupArguments<decltype(convertToI32)>(GPRInfo::returnValueGPR);
- auto call = jit.call(NoPtrTag);
+ auto call = jit.call(tag);
exceptionChecks.append(jit.emitJumpIfException(*vm));
jit.addLinkTask([=] (LinkBuffer& linkBuffer) {
- linkBuffer.link(call, convertToI32);
+ linkBuffer.link(call, FunctionPtr(convertToI32, tag));
});
done.link(&jit);
@@ -579,13 +586,14 @@
jit.convertDoubleToFloat(FPRInfo::returnValueFPR, FPRInfo::returnValueFPR);
done.append(jit.jump());
+ PtrTag tag = ptrTag(WasmHelperPtrTag, nextPtrTagID());
notANumber.link(&jit);
jit.setupArguments<decltype(convertToF32)>(GPRInfo::returnValueGPR);
- auto call = jit.call(NoPtrTag);
+ auto call = jit.call(tag);
exceptionChecks.append(jit.emitJumpIfException(*vm));
jit.addLinkTask([=] (LinkBuffer& linkBuffer) {
- linkBuffer.link(call, convertToF32);
+ linkBuffer.link(call, FunctionPtr(convertToF32, tag));
});
done.link(&jit);
@@ -613,13 +621,14 @@
jit.move64ToDouble(GPRInfo::returnValueGPR, FPRInfo::returnValueFPR);
done.append(jit.jump());
+ PtrTag tag = ptrTag(WasmHelperPtrTag, nextPtrTagID());
notANumber.link(&jit);
jit.setupArguments<decltype(convertToF64)>(GPRInfo::returnValueGPR);
- auto call = jit.call(NoPtrTag);
+ auto call = jit.call(tag);
exceptionChecks.append(jit.emitJumpIfException(*vm));
jit.addLinkTask([=] (LinkBuffer& linkBuffer) {
- linkBuffer.link(call, convertToF64);
+ linkBuffer.link(call, FunctionPtr(convertToF64, tag));
});
done.link(&jit);
@@ -631,10 +640,11 @@
jit.ret();
if (!exceptionChecks.empty()) {
+ PtrTag tag = ptrTag(WasmHelperPtrTag, nextPtrTagID());
exceptionChecks.link(&jit);
jit.copyCalleeSavesToEntryFrameCalleeSavesBuffer(vm->topEntryFrame);
jit.move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
- auto call = jit.call(NoPtrTag);
+ auto call = jit.call(tag);
jit.jumpToExceptionHandler(*vm);
void (*doUnwinding)(ExecState*) = [] (ExecState* exec) -> void {
@@ -645,7 +655,7 @@
};
jit.addLinkTask([=] (LinkBuffer& linkBuffer) {
- linkBuffer.link(call, doUnwinding);
+ linkBuffer.link(call, FunctionPtr(doUnwinding, tag));
});
}
@@ -659,7 +669,8 @@
CodeLocationNearCall hotPathOther = patchBuffer.locationOfNearCall(fastCall);
callLinkInfo->setCallLocations(callReturnLocation, hotPathBegin, hotPathOther);
- return FINALIZE_CODE(patchBuffer, NoPtrTag, "WebAssembly->_javascript_ import[%i] %s", importIndex, signature.toString().ascii().data());
+ PtrTag tag = ptrTag(WasmCallPtrTag, signature.hash());
+ return FINALIZE_CODE(patchBuffer, tag, "WebAssembly->_javascript_ import[%i] %s", importIndex, signature.toString().ascii().data());
}
void* wasmToJSException(ExecState* exec, Wasm::ExceptionType type, Instance* wasmInstance)
Modified: trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunction.cpp (230105 => 230106)
--- trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunction.cpp 2018-03-30 16:05:22 UTC (rev 230105)
+++ trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunction.cpp 2018-03-30 16:31:06 UTC (rev 230106)
@@ -141,7 +141,7 @@
vm.wasmContext.store(wasmInstance, vm.softStackLimit());
ASSERT(wasmFunction->instance());
ASSERT(&wasmFunction->instance()->instance() == vm.wasmContext.load());
- EncodedJSValue rawResult = vmEntryToWasm(wasmFunction->jsEntrypoint().executableAddress(), &vm, &protoCallFrame);
+ EncodedJSValue rawResult = vmEntryToWasm(wasmFunction->jsEntrypoint(MustCheckArity).executableAddress(), &vm, &protoCallFrame);
// We need to make sure this is in a register or on the stack since it's stored in Vector<JSValue>.
// This probably isn't strictly necessary, since the WebAssemblyFunction* should keep the instance
// alive. But it's good hygiene.
Modified: trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunction.h (230105 => 230106)
--- trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunction.h 2018-03-30 16:05:22 UTC (rev 230105)
+++ trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunction.h 2018-03-30 16:31:06 UTC (rev 230106)
@@ -64,7 +64,13 @@
WasmToWasmImportableFunction::LoadLocation entrypointLoadLocation() const { return m_importableFunction.entrypointLoadLocation; }
WasmToWasmImportableFunction importableFunction() const { return m_importableFunction; }
- MacroAssemblerCodePtr jsEntrypoint() { return m_jsEntrypoint; }
+ MacroAssemblerCodePtr jsEntrypoint(ArityCheckMode arity)
+ {
+ if (arity == ArityCheckNotRequired)
+ return m_jsEntrypoint;
+ ASSERT(arity == MustCheckArity);
+ return m_jsEntrypoint.retagged(CodeEntryPtrTag, CodeEntryWithArityCheckPtrTag);
+ }
static ptrdiff_t offsetOfEntrypointLoadLocation() { return OBJECT_OFFSETOF(WebAssemblyFunction, m_importableFunction) + WasmToWasmImportableFunction::offsetOfEntrypointLoadLocation(); }
