Attachment #304795 for bug #169611

View Details Raw Unified Return to Bug 169611

| Differences between

Lines 931-936 set(JavaScriptCore_SOURCES a/Source/JavaScriptCore/CMakeLists.txt_sec1
- a/Source/JavaScriptCore/CMakeLists.txt +1 lines
931	wasm/WasmB3IRGenerator.cpp	931	wasm/WasmB3IRGenerator.cpp
932	wasm/WasmBinding.cpp	932	wasm/WasmBinding.cpp
933	wasm/WasmCallingConvention.cpp	933	wasm/WasmCallingConvention.cpp
		934	wasm/WasmContext.cpp
934	wasm/WasmFaultSignalHandler.cpp	935	wasm/WasmFaultSignalHandler.cpp
935	wasm/WasmFormat.cpp	936	wasm/WasmFormat.cpp
936	wasm/WasmMemory.cpp	937	wasm/WasmMemory.cpp



2017-03-17  JF Bastien  <jfbastien@apple.com>

        WebAssembly: store state in TLS instead of on VM
        https://bugs.webkit.org/show_bug.cgi?id=169611

        Reviewed by NOBODY (OOPS!).

        Using thread-local storage instead of VM makes code more position
        independent. We used to store the WebAssembly top Instance (the
        latest one in the call stack) on VM, now we instead store it in
        TLS. This top Instance is used to access a bunch of state such as
        Memory location, size, table (for call_indirect), etc.

        Instead of calling it "top", which is confusing, we now just call
        it WasmContext.

        Making the code PIC means future patches will be able to
        postMessage and structured clone into IDB without having to
        recompile the code. This wasn't possible before because we
        hard-coded the address of VM at compilation time. That doesn't
        work between workers, and doesn't work across reloads (which IDB
        is intended to do).

        It'll also potentially make code faster once we start tuning
        what's in TLS, what's in which of the 4 free slots, and what's in
        pinned registers. I'm leaving this tuning for later because
        there's lower lying fruit for us to pick.

        * CMakeLists.txt:
        * JavaScriptCore.xcodeproj/project.pbxproj:
        * assembler/AbstractMacroAssembler.h:
        * assembler/AllowMacroScratchRegisterUsageIf.h: Copied from assembler/AllowMacroScratchRegisterUsage.h.
        (JSC::AllowMacroScratchRegisterUsageIf::AllowMacroScratchRegisterUsageIf):
        (JSC::AllowMacroScratchRegisterUsageIf::~AllowMacroScratchRegisterUsageIf):
        * assembler/MacroAssembler.h:
        (JSC::MacroAssembler::storeToTLSPtr): we previously didn't have
        the code required to store to TLS, only to load
        * assembler/MacroAssemblerARM64.h:
        (JSC::MacroAssemblerARM64::loadFromTLSPtrNeedsMacroScratchRegister):
        (JSC::MacroAssemblerARM64::storeToTLS32):
        (JSC::MacroAssemblerARM64::storeToTLS64):
        (JSC::MacroAssemblerARM64::storeToTLSPtrNeedsMacroScratchRegister):
        * assembler/MacroAssemblerX86Common.h:
        (JSC::MacroAssemblerX86Common::loadFromTLSPtrNeedsMacroScratchRegister):
        (JSC::MacroAssemblerX86Common::storeToTLS32):
        (JSC::MacroAssemblerX86Common::storeToTLSPtrNeedsMacroScratchRegister):
        * assembler/MacroAssemblerX86_64.h:
        (JSC::MacroAssemblerX86_64::loadFromTLS64): was loading 32-bit instead of 64-bit
        (JSC::MacroAssemblerX86_64::storeToTLS64):
        * assembler/X86Assembler.h:
        (JSC::X86Assembler::movl_rm):
        (JSC::X86Assembler::movq_rm):
        * b3/testb3.cpp:
        (JSC::B3::testFastTLSLoad):
        (JSC::B3::testFastTLSStore):
        (JSC::B3::run):
        * jit/AssemblyHelpers.h:
        (JSC::AssemblyHelpers::loadWasmContext):
        (JSC::AssemblyHelpers::storeWasmContext):
        (JSC::AssemblyHelpers::loadWasmContextNeedsMacroScratchRegister):
        (JSC::AssemblyHelpers::storeWasmContextNeedsMacroScratchRegister):
        * jit/Repatch.cpp:
        (JSC::webAssemblyOwner):
        * jit/ThunkGenerators.cpp:
        (JSC::throwExceptionFromWasmThunkGenerator):
        * runtime/VM.cpp:
        (JSC::VM::VM):
        * runtime/VM.h:
        * wasm/WasmB3IRGenerator.cpp:
        (JSC::Wasm::loadWasmContext):
        (JSC::Wasm::storeWasmContext):
        (JSC::Wasm::B3IRGenerator::B3IRGenerator):
        (JSC::Wasm::getMemoryBaseAndSize):
        (JSC::Wasm::restoreWebAssemblyGlobalState):
        (JSC::Wasm::createJSToWasmWrapper):
        (JSC::Wasm::parseAndCompile):
        * wasm/WasmBinding.cpp:
        (JSC::Wasm::materializeImportJSCell):
        (JSC::Wasm::wasmToJs):
        (JSC::Wasm::wasmToWasm):
        * wasm/WasmContext.cpp: Added.
        (JSC::loadWasmContext):
        (JSC::storeWasmContext):
        * wasm/WasmContext.h: Added. Replaces "top" JSWebAssemblyInstance.
        * wasm/js/WebAssemblyFunction.cpp:
        (JSC::callWebAssemblyFunction):
        * wasm/js/WebAssemblyInstanceConstructor.h:

2017-03-16  Mark Lam  <mark.lam@apple.com>

        Fix exception scope verification failures in GenericArgumentsInlines.h.

Lines 1108-1113 protected: a/Source/JavaScriptCore/assembler/AbstractMacroAssembler.h_sec1
- a/Source/JavaScriptCore/assembler/AbstractMacroAssembler.h +1 lines
1108	}	1108	}
1109		1109
1110	friend class AllowMacroScratchRegisterUsage;	1110	friend class AllowMacroScratchRegisterUsage;
		1111	friend class AllowMacroScratchRegisterUsageIf;
1111	friend class DisallowMacroScratchRegisterUsage;	1112	friend class DisallowMacroScratchRegisterUsage;
1112	unsigned m_tempRegistersValidBits;	1113	unsigned m_tempRegistersValidBits;
1113	bool m_allowScratchRegister { true };	1114	bool m_allowScratchRegister { true };



/*
 * Copyright (C) 2017 Apple Inc. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
 */

#pragma once

#if ENABLE(ASSEMBLER)

#include "MacroAssembler.h"

namespace JSC {

class AllowMacroScratchRegisterUsageIf {
public:
    AllowMacroScratchRegisterUsageIf(MacroAssembler& masm, bool allowIfTrue)
        : m_masm(masm)
        , m_allowIfTrue(allowIfTrue)
        , m_oldValueOfAllowScratchRegister(masm.m_allowScratchRegister)
    {
        if (m_allowIfTrue)
            masm.m_allowScratchRegister = true;
    }

    ~AllowMacroScratchRegisterUsageIf()
    {
        if (m_allowIfTrue)
            m_masm.m_allowScratchRegister = m_oldValueOfAllowScratchRegister;
    }

private:
    MacroAssembler& m_masm;
    bool m_allowIfTrue;
    bool m_oldValueOfAllowScratchRegister;
};

} // namespace JSC

#endif // ENABLE(ASSEMBLER)

Lines 632-637 public: a/Source/JavaScriptCore/assembler/MacroAssembler.h_sec1
- a/Source/JavaScriptCore/assembler/MacroAssembler.h +9 lines
632	{	632	{
633	loadFromTLS32(offset, dst);	633	loadFromTLS32(offset, dst);
634	}	634	}
		635
		636	void storeToTLSPtr(RegisterID src, uint32_t offset)
		637	{
		638	storeToTLS32(src, offset);
		639	}
635	#endif	640	#endif
636		641
637	DataLabel32 loadPtrWithAddressOffsetPatch(Address address, RegisterID dest)	642	DataLabel32 loadPtrWithAddressOffsetPatch(Address address, RegisterID dest)
Lines 946-951 public: a/Source/JavaScriptCore/assembler/MacroAssembler.h_sec2
946	{	951	{
947	loadFromTLS64(offset, dst);	952	loadFromTLS64(offset, dst);
948	}	953	}
		954	void storeToTLSPtr(RegisterID src, uint32_t offset)
		955	{
		956	storeToTLS64(src, offset);
		957	}
949	#endif	958	#endif
950		959
951	DataLabel32 loadPtrWithAddressOffsetPatch(Address address, RegisterID dest)	960	DataLabel32 loadPtrWithAddressOffsetPatch(Address address, RegisterID dest)



    
#if ENABLE(FAST_TLS_JIT)
    // This will use scratch registers if the offset is not legal.

    void loadFromTLS32(uint32_t offset, RegisterID dst)
    {
        m_assembler.mrs_TPIDRRO_EL0(dst);

        and64(TrustedImm32(~7), dst);
        load64(Address(dst, offset), dst);
    }

    static bool loadFromTLSPtrNeedsMacroScratchRegister()
    {
        return true;
    }

    void storeToTLS32(RegisterID src, uint32_t offset)
    {
        RegisterID tmp = getCachedDataTempRegisterIDAndInvalidate();
        ASSERT(src != tmp);
        m_assembler.mrs_TPIDRRO_EL0(tmp);
        and64(TrustedImm32(~7), tmp);
        store32(src, Address(tmp, offset));
    }
    
    void storeToTLS64(RegisterID src, uint32_t offset)
    {
        RegisterID tmp = getCachedDataTempRegisterIDAndInvalidate();
        ASSERT(src != tmp);
        m_assembler.mrs_TPIDRRO_EL0(tmp);
        and64(TrustedImm32(~7), tmp);
        store64(src, Address(tmp, offset));
    }

    static bool storeToTLSPtrNeedsMacroScratchRegister()
    {
        return true;
    }
#endif // ENABLE(FAST_TLS_JIT)
    
    // Misc helper functions.



        m_assembler.gs();
        m_assembler.movl_mr(offset, dst);
    }


    static bool loadFromTLSPtrNeedsMacroScratchRegister()
    {
        return false;
    }

    void storeToTLS32(RegisterID src, uint32_t offset)
    {
        m_assembler.gs();
        m_assembler.movl_rm(src, offset);
    }

    static bool storeToTLSPtrNeedsMacroScratchRegister()
    {
        return false;
    }
#endif

    static void replaceWithBreakpoint(CodeLocationLabel instructionStart)

Lines 1705-1711 public: a/Source/JavaScriptCore/assembler/MacroAssemblerX86_64.h_sec1
- a/Source/JavaScriptCore/assembler/MacroAssemblerX86_64.h -1 / +7 lines
1705	void loadFromTLS64(uint32_t offset, RegisterID dst)	1705	void loadFromTLS64(uint32_t offset, RegisterID dst)
1706	{	1706	{
1707	m_assembler.gs();	1707	m_assembler.gs();
1708	m_assembler.movl_mr(offset, dst);	1708	m_assembler.movq_mr(offset, dst);
		1709	}
		1710
		1711	void storeToTLS64(RegisterID src, uint32_t offset)
		1712	{
		1713	m_assembler.gs();
		1714	m_assembler.movq_rm(src, offset);
1709	}	1715	}
1710	#endif	1716	#endif
1711		1717

Lines 2360-2365 public: a/Source/JavaScriptCore/assembler/X86Assembler.h_sec1
- a/Source/JavaScriptCore/assembler/X86Assembler.h +10 lines
2360	m_formatter.oneByteOpAddr(OP_MOV_GvEv, dst, addr);	2360	m_formatter.oneByteOpAddr(OP_MOV_GvEv, dst, addr);
2361	}	2361	}
2362		2362
		2363	void movl_rm(RegisterID src, uint32_t addr)
		2364	{
		2365	m_formatter.oneByteOpAddr(OP_MOV_EvGv, src, addr);
		2366	}
		2367
2363	#if CPU(X86_64)	2368	#if CPU(X86_64)
2364	void movq_rr(RegisterID src, RegisterID dst)	2369	void movq_rr(RegisterID src, RegisterID dst)
2365	{	2370	{
Lines 2381-2386 public: a/Source/JavaScriptCore/assembler/X86Assembler.h_sec2
2381	m_formatter.oneByteOp64(OP_MOV_EvGv, src, base, index, scale, offset);	2386	m_formatter.oneByteOp64(OP_MOV_EvGv, src, base, index, scale, offset);
2382	}	2387	}
2383		2388
		2389	void movq_rm(RegisterID src, int offset)
		2390	{
		2391	m_formatter.oneByteOp64Addr(OP_MOV_EvGv, src, offset);
		2392	}
		2393
2384	void movq_mEAX(const void* addr)	2394	void movq_mEAX(const void* addr)
2385	{	2395	{
2386	m_formatter.oneByteOp64(OP_MOV_EAXOv);	2396	m_formatter.oneByteOp64(OP_MOV_EAXOv);



        CHECK_EQ(numToStore, value);
}

void testFastTLSLoad()
{
#if ENABLE(FAST_TLS_JIT)
    _pthread_setspecific_direct(WTF_TESTING_KEY, bitwise_cast<void*>(static_cast<uintptr_t>(0xbeef)));

            AllowMacroScratchRegisterUsage allowScratch(jit);
            jit.loadFromTLSPtr(fastTLSOffsetForKey(WTF_TESTING_KEY), params[0].gpr());
        });

    root->appendNew<Value>(proc, Return, Origin(), patchpoint);
    
    CHECK_EQ(compileAndRun<uintptr_t>(proc), static_cast<uintptr_t>(0xbeef));
#endif
}

void testFastTLSStore()
{
#if ENABLE(FAST_TLS_JIT)
    Procedure proc;
    BasicBlock* root = proc.addBlock();

    PatchpointValue* patchpoint = root->appendNew<PatchpointValue>(proc, Void, Origin());
    patchpoint->clobber(RegisterSet::macroScratchRegisters());
    patchpoint->numGPScratchRegisters = 1;
    patchpoint->setGenerator(
        [&] (CCallHelpers& jit, const StackmapGenerationParams& params) {
            AllowMacroScratchRegisterUsage allowScratch(jit);
            GPRReg scratch = params.gpScratch(0);
            jit.move(CCallHelpers::TrustedImm32(0xdead), scratch);
            jit.storeToTLSPtr(scratch, fastTLSOffsetForKey(WTF_TESTING_KEY));
        });

    root->appendNewControlValue(proc, Return, Origin());

    compileAndRun<void>(proc);
    CHECK_EQ(bitwise_cast<uintptr_t>(_pthread_getspecific_direct(WTF_TESTING_KEY)), static_cast<uintptr_t>(0xdead));
#endif
}

// Make sure the compiler does not try to optimize anything out.
NEVER_INLINE double zero()
{

    RUN(testWasmBoundsCheck(std::numeric_limits<unsigned>::max() - 5));
    RUN(testWasmAddress());
    
    RUN(testFastTLSLoad());
    RUN(testFastTLSStore());

    if (isX86()) {
        RUN(testBranchBitAndImmFusion(Identity, Int64, 1, Air::BranchTest32, Air::Arg::Tmp));



#include "SuperSampler.h"
#include "TypeofType.h"
#include "VM.h"
#include <wtf/FastTLS.h>

namespace JSC {


#if USE(JSVALUE64)
    void wangsInt64Hash(GPRReg inputAndResult, GPRReg scratch);
#endif

    void loadWasmContext(GPRReg dst)
    {
#if ENABLE(FAST_TLS_JIT)
        loadFromTLSPtr(fastTLSOffsetForKey(WTF_WASM_CONTEXT_KEY), dst);
#else
        // FIXME: Save this state elsewhere to allow PIC. https://bugs.webkit.org/show_bug.cgi?id=169773
        loadPtr(&vm.wasmContext, dst);
#endif
    }

    void storeWasmContext(GPRReg src)
    {
#if ENABLE(FAST_TLS_JIT)
        storeToTLSPtr(src, fastTLSOffsetForKey(WTF_WASM_CONTEXT_KEY));
#else
        // FIXME: Save this state elsewhere to allow PIC. https://bugs.webkit.org/show_bug.cgi?id=169773
        storePtr(src, &vm->wasmContext);
#endif
    }

    static bool loadWasmContextNeedsMacroScratchRegister()
    {
#if ENABLE(FAST_TLS_JIT)
        return loadFromTLSPtrNeedsMacroScratchRegister();
#else
        return false;
#endif
    }

    static bool storeWasmContextNeedsMacroScratchRegister()
    {
#if ENABLE(FAST_TLS_JIT)
        return storeToTLSPtrNeedsMacroScratchRegister();
#else
        return false;
#endif
    }

protected:
    VM* m_vm;
    CodeBlock* m_codeBlock;



/*
 * Copyright (C) 2011-2017 Apple Inc. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions

#include "StructureStubClearingWatchpoint.h"
#include "StructureStubInfo.h"
#include "ThunkGenerators.h"
#include "WasmContext.h"
#include <wtf/CommaPrinter.h>
#include <wtf/ListDump.h>
#include <wtf/StringPrintStream.h>

{
#if ENABLE(WEBASSEMBLY)
    // Each WebAssembly.Instance shares the stubs from their WebAssembly.Module, which are therefore the appropriate owner.
    return loadWasmContext(vm)->module();
#else
    UNUSED_PARAM(vm);
    RELEASE_ASSERT_NOT_REACHED();



/*
 * Copyright (C) 2010, 2012-2014, 2016-2017 Apple Inc. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions

#include "JITOperations.h"
#include "JSArray.h"
#include "JSBoundFunction.h"
#include "MathCommon.h"
#include "MaxFrameExtentForSlowPathCall.h"
#include "JSCInlines.h"
#include "JSWebAssemblyInstance.h"
#include "JSWebAssemblyRuntimeError.h"
#include "MathCommon.h"
#include "MaxFrameExtentForSlowPathCall.h"
#include "SpecializedThunkJIT.h"
#include "WasmContext.h"
#include "WasmExceptionType.h"
#include <wtf/InlineASM.h>
#include <wtf/StringPrintStream.h>


        {
            auto throwScope = DECLARE_THROW_SCOPE(*vm);
            JSGlobalObject* globalObject = loadWasmContext(*vm)->globalObject();

            JSWebAssemblyRuntimeError* error = JSWebAssemblyRuntimeError::create(exec, *vm, globalObject->WebAssemblyRuntimeErrorStructure(), Wasm::errorMessageForExceptionType(type));
            throwException(exec, throwScope, error);

Lines 177-183 VM::VM(VMType vmType, HeapType heapType) a/Source/JavaScriptCore/runtime/VM.cpp_sec1
- a/Source/JavaScriptCore/runtime/VM.cpp -1 lines
177	, clientData(0)	177	, clientData(0)
178	, topVMEntryFrame(nullptr)	178	, topVMEntryFrame(nullptr)
179	, topCallFrame(CallFrame::noCaller())	179	, topCallFrame(CallFrame::noCaller())
180	, topJSWebAssemblyInstance(nullptr)
181	, m_atomicStringTable(vmType == Default ? wtfThreadData().atomicStringTable() : new AtomicStringTable)	180	, m_atomicStringTable(vmType == Default ? wtfThreadData().atomicStringTable() : new AtomicStringTable)
182	, propertyNames(nullptr)	181	, propertyNames(nullptr)
183	, emptyList(new ArgList)	182	, emptyList(new ArgList)

Lines 315-321 public: a/Source/JavaScriptCore/runtime/VM.h_sec1
- a/Source/JavaScriptCore/runtime/VM.h -1 / +4 lines
315	// FIXME: This should be a void*, because it might not point to a CallFrame.	315	// FIXME: This should be a void*, because it might not point to a CallFrame.
316	// https://bugs.webkit.org/show_bug.cgi?id=160441	316	// https://bugs.webkit.org/show_bug.cgi?id=160441
317	ExecState* topCallFrame { nullptr };	317	ExecState* topCallFrame { nullptr };
318	JSWebAssemblyInstance* topJSWebAssemblyInstance;	318	#if !ENABLE(FAST_TLS_JIT)
		319	// FIXME: Save this state elsewhere to allow PIC. https://bugs.webkit.org/show_bug.cgi?id=169773
		320	JSWebAssemblyInstance* wasmContext { nullptr };
		321	#endif
319	Strong<Structure> structureStructure;	322	Strong<Structure> structureStructure;
320	Strong<Structure> structureRareDataStructure;	323	Strong<Structure> structureRareDataStructure;
321	Strong<Structure> terminatedExecutionErrorStructure;	324	Strong<Structure> terminatedExecutionErrorStructure;



/*
 * Copyright (C) 2016-2017 Apple Inc. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions


#if ENABLE(WEBASSEMBLY)

#include "AllowMacroScratchRegisterUsageIf.h"
#include "B3BasicBlockInlines.h"
#include "B3CCallValue.h"
#include "B3Compile.h"

#include "JSWebAssemblyRuntimeError.h"
#include "VirtualRegister.h"
#include "WasmCallingConvention.h"
#include "WasmContext.h"
#include "WasmExceptionType.h"
#include "WasmFunctionParser.h"
#include "WasmMemory.h"

    GPRReg m_memoryBaseGPR;
    GPRReg m_memorySizeGPR;
    Value* m_zeroValues[numTypes];
    Value* m_instanceValue; // FIXME: make this lazy https://bugs.webkit.org/show_bug.cgi?id=169792
};

static Value* loadWasmContext(Procedure& proc, BasicBlock* block)
{
    PatchpointValue* patchpoint = block->appendNew<PatchpointValue>(proc, pointerType(), Origin());
    if (CCallHelpers::loadWasmContextNeedsMacroScratchRegister())
        patchpoint->clobber(RegisterSet::macroScratchRegisters());
    patchpoint->setGenerator(
        [&] (CCallHelpers& jit, const StackmapGenerationParams& params) {
            AllowMacroScratchRegisterUsageIf allowScratch(jit, CCallHelpers::loadWasmContextNeedsMacroScratchRegister());
            jit.loadWasmContext(params[0].gpr());
        });

    return block->appendNew<Value>(proc, Identity, Origin(), patchpoint);
}

static void storeWasmContext(Procedure& proc, BasicBlock* block, Value* arg)
{
    PatchpointValue* patchpoint = block->appendNew<PatchpointValue>(proc, B3::Void, Origin());
    if (CCallHelpers::storeWasmContextNeedsMacroScratchRegister())
        patchpoint->clobber(RegisterSet::macroScratchRegisters());
    patchpoint->append(ConstrainedValue(arg, ValueRep::SomeRegister));
    patchpoint->setGenerator(
        [&] (CCallHelpers& jit, const StackmapGenerationParams& params) {
            AllowMacroScratchRegisterUsageIf allowScratch(jit, CCallHelpers::storeWasmContextNeedsMacroScratchRegister());
            jit.storeWasmContext(params[0].gpr());
        });
}

B3IRGenerator::B3IRGenerator(VM& vm, const ModuleInformation& info, Procedure& procedure, WasmInternalFunction* compilation, Vector<UnlinkedWasmToWasmCall>& unlinkedWasmToWasmCalls)
    : m_vm(vm)
    , m_info(info)


    wasmCallingConvention().setupFrameInPrologue(&compilation->wasmCalleeMoveLocation, m_proc, Origin(), m_currentBlock);

    m_instanceValue = loadWasmContext(m_proc, m_currentBlock);
        m_currentBlock->appendNew<ConstPtrValue>(m_proc, Origin(), &m_vm.topJSWebAssemblyInstance));
}

struct MemoryBaseAndSize {

{
    Value* memoryObject = block->appendNew<MemoryValue>(proc, Load, pointerType(), Origin(), instance, JSWebAssemblyInstance::offsetOfMemory());

    static_assert(sizeof(decltype(loadWasmContext(vm)->memory()->memory().memory())) == sizeof(void*), "codegen relies on this size");
    static_assert(sizeof(decltype(loadWasmContext(vm)->memory()->memory().size())) == sizeof(uint64_t), "codegen relies on this size");
    MemoryBaseAndSize result;
    result.base = block->appendNew<MemoryValue>(proc, Load, pointerType(), Origin(), memoryObject, JSWebAssemblyMemory::offsetOfMemory());
    result.size = block->appendNew<MemoryValue>(proc, Load, Int64, Origin(), memoryObject, JSWebAssemblyMemory::offsetOfSize());

    return result;
}

static void restoreWebAssemblyGlobalState(const MemoryInformation& memory, Value* instance, Procedure& proc, BasicBlock* block)
{
    storeWasmContext(proc, block, instance);

    if (!!memory) {
        const PinnedRegisterInfo* pinnedRegs = &PinnedRegisterInfo::get();

        VM& vm = exec->vm();
        auto scope = DECLARE_THROW_SCOPE(vm);

        JSWebAssemblyInstance* instance = loadWasmContext(vm);
        JSWebAssemblyMemory* wasmMemory = instance->memory();

        if (delta < 0)

        m_currentBlock->appendNew<ConstPtrValue>(m_proc, Origin(), bitwise_cast<void*>(growMemory)),
        m_currentBlock->appendNew<B3::Value>(m_proc, B3::FramePointer, Origin()), delta);

    restoreWebAssemblyGlobalState(m_info.memory, m_instanceValue, m_proc, m_currentBlock);

    return { };
}

        }

        // The call could have been to another WebAssembly instance, and / or could have modified our Memory.
        restoreWebAssemblyGlobalState(m_info.memory, m_instanceValue, m_proc, continuation);
    } else {
        result = wasmCallingConvention().setupCall(m_proc, m_currentBlock, Origin(), args, toB3Type(returnType),
            [&] (PatchpointValue* patchpoint) {

        });

    // The call could have been to another WebAssembly instance, and / or could have modified our Memory.
    restoreWebAssemblyGlobalState(m_info.memory, m_instanceValue, m_proc, m_currentBlock);

    return { };
}

    dataLogLn();
}

static void createJSToWasmWrapper(CompilationContext& compilationContext, WasmInternalFunction& function, const Signature* signature, const ModuleInformation& info)
{
    CCallHelpers& jit = *compilationContext.jsEntrypointJIT;



    if (!!info.memory) {
        GPRReg baseMemory = pinnedRegs.baseMemoryPointer;
        jit.loadWasmContext(baseMemory);
        jit.loadPtr(CCallHelpers::Address(baseMemory, JSWebAssemblyInstance::offsetOfMemory()), baseMemory);
        const auto& sizeRegs = pinnedRegs.sizeRegisters;
        ASSERT(sizeRegs.size() >= 1);

        result->wasmEntrypoint.calleeSaveRegisters = procedure.calleeSaveRegisters();
    }

    createJSToWasmWrapper(compilationContext, *result, signature, info);
    return WTFMove(result);
}




/*
 * Copyright (C) 2016-2017 Apple Inc. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions

#include "LinkBuffer.h"
#include "NativeErrorConstructor.h"
#include "WasmCallingConvention.h"
#include "WasmContext.h"
#include "WasmExceptionType.h"

namespace JSC { namespace Wasm {

typedef CCallHelpers JIT;

static void materializeImportJSCell(JIT& jit, unsigned importIndex, GPRReg result)
{
    // We're calling out of the current WebAssembly.Instance. That Instance has a list of all its import functions.
    jit.loadWasmContext(result);
    jit.loadPtr(JIT::Address(result, JSWebAssemblyInstance::offsetOfImportFunction(importIndex)), result);
}



                {
                    auto throwScope = DECLARE_THROW_SCOPE(*vm);
                    JSGlobalObject* globalObject = loadWasmContext(*vm)->globalObject();
                    auto* error = ErrorInstance::create(exec, *vm, globalObject->typeErrorConstructor()->errorStructure(), ASCIILiteral("i64 not allowed as return type or argument to an imported function"));
                    throwException(exec, throwScope, error);
                }

    GPRReg importJSCellGPRReg = GPRInfo::regT0; // Callee needs to be in regT0 for slow path below.
    ASSERT(!wasmCC.m_calleeSaveRegisters.get(importJSCellGPRReg));

    materializeImportJSCell(jit, importIndex, importJSCellGPRReg);

    jit.store64(importJSCellGPRReg, calleeFrame.withOffset(CallFrameSlot::callee * static_cast<int>(sizeof(Register))));
    jit.store32(JIT::TrustedImm32(numberOfParameters), calleeFrame.withOffset(CallFrameSlot::argumentCount * static_cast<int>(sizeof(Register)) + PayloadOffset));

    GPRReg scratch = GPRInfo::nonPreservedNonArgumentGPR;

    // B3's call codegen ensures that the JSCell is a WebAssemblyFunction.
    materializeImportJSCell(jit, importIndex, scratch);

    // Get the callee's WebAssembly.Instance and set it as WasmContext. The caller will take care of restoring its own Instance.
    GPRReg baseMemory = pinnedRegs.baseMemoryPointer;
    ASSERT(baseMemory != scratch);
    jit.loadPtr(JIT::Address(scratch, WebAssemblyFunction::offsetOfInstance()), baseMemory); // Instance*.
    jit.storeWasmContext(baseMemory);

    // FIXME the following code assumes that all WebAssembly.Instance have the same pinned registers. https://bugs.webkit.org/show_bug.cgi?id=162952
    // Set up the callee's baseMemory register as well as the memory size registers.



/*
 * Copyright (C) 2017 Apple Inc. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include "config.h"
#include "WasmContext.h"

#if ENABLE(WEBASSEMBLY)

#include "VM.h"
#include <mutex>
#include <wtf/FastTLS.h>

namespace JSC {

JSWebAssemblyInstance* loadWasmContext(VM& vm)
{
#if ENABLE(FAST_TLS_JIT)
    UNUSED_PARAM(vm);
    return bitwise_cast<JSWebAssemblyInstance*>(_pthread_getspecific_direct(WTF_WASM_CONTEXT_KEY));
#else
    // FIXME: Save this state elsewhere to allow PIC. https://bugs.webkit.org/show_bug.cgi?id=169773
    return vm.wasmContext;
#endif
}

void storeWasmContext(VM& vm, JSWebAssemblyInstance* instance)
{
#if ENABLE(FAST_TLS_JIT)
    UNUSED_PARAM(vm);
    _pthread_setspecific_direct(WTF_WASM_CONTEXT_KEY, bitwise_cast<void*>(instance));
#else
    // FIXME: Save this state elsewhere to allow PIC. https://bugs.webkit.org/show_bug.cgi?id=169773
    vm.wasmContext = instance;
#endif
}

} // namespace JSC

#endif // ENABLE(WEBASSEMBLY)



/*
 * Copyright (C) 2017 Apple Inc. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#pragma once

#if ENABLE(WEBASSEMBLY)

namespace JSC {

class JSWebAssemblyInstance;
class VM;

JSWebAssemblyInstance* loadWasmContext(VM&);
void storeWasmContext(VM&, JSWebAssemblyInstance*);

} // namespace JSC

#endif // ENABLE(WEBASSEMBLY)



/*
 * Copyright (C) 2016-2017 Apple Inc. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions

#include "LLIntThunks.h"
#include "ProtoCallFrame.h"
#include "VM.h"
#include "WasmContext.h"
#include "WasmFormat.h"
#include "WasmMemory.h"
#include <wtf/SystemTracing.h>

    protoCallFrame.init(nullptr, wasmFunction, firstArgument, argCount, remainingArgs);

    // FIXME Do away with this entire function, and only use the entrypoint generated by B3. https://bugs.webkit.org/show_bug.cgi?id=166486
    JSWebAssemblyInstance* prevJSWebAssemblyInstance = loadWasmContext(vm);
    storeWasmContext(vm, wasmFunction->instance());
    ASSERT(wasmFunction->instance());
    ASSERT(wasmFunction->instance() == loadWasmContext(vm));
    EncodedJSValue rawResult = vmEntryToWasm(wasmFunction->jsEntrypoint(), &vm, &protoCallFrame);
    storeWasmContext(vm, prevJSWebAssemblyInstance);
    RETURN_IF_EXCEPTION(scope, { });

    switch (signature->returnType()) {



/*
 * Copyright (C) 2016-2017 Apple Inc. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions


namespace JSC {

class JSWebAssemblyInstance;
class JSWebAssemblyModule;
class WebAssemblyInstancePrototype;




2017-03-17  JF Bastien  <jfbastien@apple.com>

        WebAssembly: store state in TLS instead of on VM
        https://bugs.webkit.org/show_bug.cgi?id=169611

        Reviewed by NOBODY (OOPS!).

        * wtf/FastTLS.h: reserve one key for WebAssembly, delete a bunch
        of dead code which clang couldn't compile (it's valid GCC assembly
        which LLVM dislikes).

2017-03-16  Simon Fraser  <simon.fraser@apple.com>

        Improve the system tracing points




#include <pthread.h>
#include <System/pthread_machdep.h>
#include <wtf/Platform.h>

namespace WTF {


// accidentally use the same key for more than one thing.

#define WTF_THREAD_DATA_KEY WTF_FAST_TLS_KEY0
#define WTF_WASM_CONTEXT_KEY WTF_FAST_TLS_KEY1
#define WTF_TESTING_KEY WTF_FAST_TLS_KEY3

#if ENABLE(FAST_TLS_JIT)
// Below is the code that the JIT will emit.

#if CPU(X86_64)
inline uintptr_t loadFastTLS(unsigned offset)
{
    uintptr_t result;
    asm volatile(
        "movq %%gs:%1, %0"
        : "=r"(result)
        : "r"(offset)
        : "memory");
    return result;
}
#elif CPU(ARM64)
inline uintptr_t loadFastTLS(unsigned passedOffset)
{
    uintptr_t result;
    uintptr_t offset = passedOffset;
    asm volatile(
        "mrs %0, TPIDRRO_EL0\n\t"
        "and %0, %0, #0xfffffffffffffff8\n\t"
        "ldr %0, [%0, %1]"
        : "=r"(result)
        : "r"(offset)
        : "memory");
    return result;
}
#else
#error "Bad architecture"
#endif
#endif // ENABLE(FAST_TLS_JIT)

inline unsigned fastTLSOffsetForKey(unsigned long slot)
{
    return slot * sizeof(void*);
}
#endif

} // namespace WTF

using WTF::fastTLSOffsetForKey;

#if ENABLE(FAST_TLS_JIT)
using WTF::fastTLSOffsetForKey;
#endif

#endif // HAVE(FAST_TLS)
- 

Return to Bug 169611

Lines 3600-3606 public: a/Source/JavaScriptCore/assembler/MacroAssemblerARM64.h_sec1
- a/Source/JavaScriptCore/assembler/MacroAssemblerARM64.h -1 / +29 lines
3600		3600
3601	#if ENABLE(FAST_TLS_JIT)	3601	#if ENABLE(FAST_TLS_JIT)
3602	// This will use scratch registers if the offset is not legal.	3602	// This will use scratch registers if the offset is not legal.
3603		3603
3604	void loadFromTLS32(uint32_t offset, RegisterID dst)	3604	void loadFromTLS32(uint32_t offset, RegisterID dst)
3605	{	3605	{
3606	m_assembler.mrs_TPIDRRO_EL0(dst);	3606	m_assembler.mrs_TPIDRRO_EL0(dst);
Lines 3614-3619 public: a/Source/JavaScriptCore/assembler/MacroAssemblerARM64.h_sec2
3614	and64(TrustedImm32(~7), dst);	3614	and64(TrustedImm32(~7), dst);
3615	load64(Address(dst, offset), dst);	3615	load64(Address(dst, offset), dst);
3616	}	3616	}
		3617
		3618	static bool loadFromTLSPtrNeedsMacroScratchRegister()
		3619	{
		3620	return true;
		3621	}
		3622
		3623	void storeToTLS32(RegisterID src, uint32_t offset)
		3624	{
		3625	RegisterID tmp = getCachedDataTempRegisterIDAndInvalidate();
		3626	ASSERT(src != tmp);
		3627	m_assembler.mrs_TPIDRRO_EL0(tmp);
		3628	and64(TrustedImm32(~7), tmp);
		3629	store32(src, Address(tmp, offset));
		3630	}
		3631
		3632	void storeToTLS64(RegisterID src, uint32_t offset)
		3633	{
		3634	RegisterID tmp = getCachedDataTempRegisterIDAndInvalidate();
		3635	ASSERT(src != tmp);
		3636	m_assembler.mrs_TPIDRRO_EL0(tmp);
		3637	and64(TrustedImm32(~7), tmp);
		3638	store64(src, Address(tmp, offset));
		3639	}
		3640
		3641	static bool storeToTLSPtrNeedsMacroScratchRegister()
		3642	{
		3643	return true;
		3644	}
3617	#endif // ENABLE(FAST_TLS_JIT)	3645	#endif // ENABLE(FAST_TLS_JIT)
3618		3646
3619	// Misc helper functions.	3647	// Misc helper functions.

Lines 3864-3869 public: a/Source/JavaScriptCore/assembler/MacroAssemblerX86Common.h_sec1
- a/Source/JavaScriptCore/assembler/MacroAssemblerX86Common.h +17 lines
3864	m_assembler.gs();	3864	m_assembler.gs();
3865	m_assembler.movl_mr(offset, dst);	3865	m_assembler.movl_mr(offset, dst);
3866	}	3866	}
		3867
		3868
		3869	static bool loadFromTLSPtrNeedsMacroScratchRegister()
		3870	{
		3871	return false;
		3872	}
		3873
		3874	void storeToTLS32(RegisterID src, uint32_t offset)
		3875	{
		3876	m_assembler.gs();
		3877	m_assembler.movl_rm(src, offset);
		3878	}
		3879
		3880	static bool storeToTLSPtrNeedsMacroScratchRegister()
		3881	{
		3882	return false;
		3883	}
3867	#endif	3884	#endif
3868		3885
3869	static void replaceWithBreakpoint(CodeLocationLabel instructionStart)	3886	static void replaceWithBreakpoint(CodeLocationLabel instructionStart)

Lines 15211-15217 void testWasmAddress() a/Source/JavaScriptCore/b3/testb3.cpp_sec1
- a/Source/JavaScriptCore/b3/testb3.cpp -3 / +28 lines
15211	CHECK_EQ(numToStore, value);	15211	CHECK_EQ(numToStore, value);
15212	}	15212	}
15213		15213
15214	void testFastTLS()	15214	void testFastTLSLoad()
15215	{	15215	{
15216	#if ENABLE(FAST_TLS_JIT)	15216	#if ENABLE(FAST_TLS_JIT)
15217	_pthread_setspecific_direct(WTF_TESTING_KEY, bitwise_cast<void*>(static_cast<uintptr_t>(0xbeef)));	15217	_pthread_setspecific_direct(WTF_TESTING_KEY, bitwise_cast<void*>(static_cast<uintptr_t>(0xbeef)));
Lines 15226-15238 void testFastTLS() a/Source/JavaScriptCore/b3/testb3.cpp_sec2
15226	AllowMacroScratchRegisterUsage allowScratch(jit);	15226	AllowMacroScratchRegisterUsage allowScratch(jit);
15227	jit.loadFromTLSPtr(fastTLSOffsetForKey(WTF_TESTING_KEY), params[0].gpr());	15227	jit.loadFromTLSPtr(fastTLSOffsetForKey(WTF_TESTING_KEY), params[0].gpr());
15228	});	15228	});
15229		15229
15230	root->appendNew<Value>(proc, Return, Origin(), patchpoint);	15230	root->appendNew<Value>(proc, Return, Origin(), patchpoint);
15231		15231
15232	CHECK_EQ(compileAndRun<uintptr_t>(proc), static_cast<uintptr_t>(0xbeef));	15232	CHECK_EQ(compileAndRun<uintptr_t>(proc), static_cast<uintptr_t>(0xbeef));
15233	#endif	15233	#endif
15234	}	15234	}
15235		15235
		15236	void testFastTLSStore()
		15237	{
		15238	#if ENABLE(FAST_TLS_JIT)
		15239	Procedure proc;
		15240	BasicBlock* root = proc.addBlock();
		15241
		15242	PatchpointValue* patchpoint = root->appendNew<PatchpointValue>(proc, Void, Origin());
		15243	patchpoint->clobber(RegisterSet::macroScratchRegisters());
		15244	patchpoint->numGPScratchRegisters = 1;
		15245	patchpoint->setGenerator(
		15246	[&] (CCallHelpers& jit, const StackmapGenerationParams& params) {
		15247	AllowMacroScratchRegisterUsage allowScratch(jit);
		15248	GPRReg scratch = params.gpScratch(0);
		15249	jit.move(CCallHelpers::TrustedImm32(0xdead), scratch);
		15250	jit.storeToTLSPtr(scratch, fastTLSOffsetForKey(WTF_TESTING_KEY));
		15251	});
		15252
		15253	root->appendNewControlValue(proc, Return, Origin());
		15254
		15255	compileAndRun<void>(proc);
		15256	CHECK_EQ(bitwise_cast<uintptr_t>(_pthread_getspecific_direct(WTF_TESTING_KEY)), static_cast<uintptr_t>(0xdead));
		15257	#endif
		15258	}
		15259
15236	// Make sure the compiler does not try to optimize anything out.	15260	// Make sure the compiler does not try to optimize anything out.
15237	NEVER_INLINE double zero()	15261	NEVER_INLINE double zero()
15238	{	15262	{
Lines 16760-16766 void run(const char* filter) a/Source/JavaScriptCore/b3/testb3.cpp_sec3
16760	RUN(testWasmBoundsCheck(std::numeric_limits<unsigned>::max() - 5));	16784	RUN(testWasmBoundsCheck(std::numeric_limits<unsigned>::max() - 5));
16761	RUN(testWasmAddress());	16785	RUN(testWasmAddress());
16762		16786
16763	RUN(testFastTLS());	16787	RUN(testFastTLSLoad());
		16788	RUN(testFastTLSStore());
16764		16789
16765	if (isX86()) {	16790	if (isX86()) {
16766	RUN(testBranchBitAndImmFusion(Identity, Int64, 1, Air::BranchTest32, Air::Arg::Tmp));	16791	RUN(testBranchBitAndImmFusion(Identity, Int64, 1, Air::BranchTest32, Air::Arg::Tmp));

Lines 1-3 a/Source/JavaScriptCore/ChangeLog_sec1
- a/Source/JavaScriptCore/ChangeLog +88 lines
		1	2017-03-17 JF Bastien <jfbastien@apple.com>
		2
		3	WebAssembly: store state in TLS instead of on VM
		4	https://bugs.webkit.org/show_bug.cgi?id=169611
		5
		6	Reviewed by NOBODY (OOPS!).
		7
		8	Using thread-local storage instead of VM makes code more position
		9	independent. We used to store the WebAssembly top Instance (the
		10	latest one in the call stack) on VM, now we instead store it in
		11	TLS. This top Instance is used to access a bunch of state such as
		12	Memory location, size, table (for call_indirect), etc.
		13
		14	Instead of calling it "top", which is confusing, we now just call
		15	it WasmContext.
		16
		17	Making the code PIC means future patches will be able to
		18	postMessage and structured clone into IDB without having to
		19	recompile the code. This wasn't possible before because we
		20	hard-coded the address of VM at compilation time. That doesn't
		21	work between workers, and doesn't work across reloads (which IDB
		22	is intended to do).
		23
		24	It'll also potentially make code faster once we start tuning
		25	what's in TLS, what's in which of the 4 free slots, and what's in
		26	pinned registers. I'm leaving this tuning for later because
		27	there's lower lying fruit for us to pick.
		28
		29	* CMakeLists.txt:
		30	* JavaScriptCore.xcodeproj/project.pbxproj:
		31	* assembler/AbstractMacroAssembler.h:
		32	* assembler/AllowMacroScratchRegisterUsageIf.h: Copied from assembler/AllowMacroScratchRegisterUsage.h.
		33	(JSC::AllowMacroScratchRegisterUsageIf::AllowMacroScratchRegisterUsageIf):
		34	(JSC::AllowMacroScratchRegisterUsageIf::~AllowMacroScratchRegisterUsageIf):
		35	* assembler/MacroAssembler.h:
		36	(JSC::MacroAssembler::storeToTLSPtr): we previously didn't have
		37	the code required to store to TLS, only to load
		38	* assembler/MacroAssemblerARM64.h:
		39	(JSC::MacroAssemblerARM64::loadFromTLSPtrNeedsMacroScratchRegister):
		40	(JSC::MacroAssemblerARM64::storeToTLS32):
		41	(JSC::MacroAssemblerARM64::storeToTLS64):
		42	(JSC::MacroAssemblerARM64::storeToTLSPtrNeedsMacroScratchRegister):
		43	* assembler/MacroAssemblerX86Common.h:
		44	(JSC::MacroAssemblerX86Common::loadFromTLSPtrNeedsMacroScratchRegister):
		45	(JSC::MacroAssemblerX86Common::storeToTLS32):
		46	(JSC::MacroAssemblerX86Common::storeToTLSPtrNeedsMacroScratchRegister):
		47	* assembler/MacroAssemblerX86_64.h:
		48	(JSC::MacroAssemblerX86_64::loadFromTLS64): was loading 32-bit instead of 64-bit
		49	(JSC::MacroAssemblerX86_64::storeToTLS64):
		50	* assembler/X86Assembler.h:
		51	(JSC::X86Assembler::movl_rm):
		52	(JSC::X86Assembler::movq_rm):
		53	* b3/testb3.cpp:
		54	(JSC::B3::testFastTLSLoad):
		55	(JSC::B3::testFastTLSStore):
		56	(JSC::B3::run):
		57	* jit/AssemblyHelpers.h:
		58	(JSC::AssemblyHelpers::loadWasmContext):
		59	(JSC::AssemblyHelpers::storeWasmContext):
		60	(JSC::AssemblyHelpers::loadWasmContextNeedsMacroScratchRegister):
		61	(JSC::AssemblyHelpers::storeWasmContextNeedsMacroScratchRegister):
		62	* jit/Repatch.cpp:
		63	(JSC::webAssemblyOwner):
		64	* jit/ThunkGenerators.cpp:
65	(JSC::throwExceptionFromWasmThunkGenerator):
66	* runtime/VM.cpp:
67	(JSC::VM::VM):
68	* runtime/VM.h:
69	* wasm/WasmB3IRGenerator.cpp:
70	(JSC::Wasm::loadWasmContext):
71	(JSC::Wasm::storeWasmContext):
72	(JSC::Wasm::B3IRGenerator::B3IRGenerator):
73	(JSC::Wasm::getMemoryBaseAndSize):
74	(JSC::Wasm::restoreWebAssemblyGlobalState):
75	(JSC::Wasm::createJSToWasmWrapper):
76	(JSC::Wasm::parseAndCompile):
77	* wasm/WasmBinding.cpp:
78	(JSC::Wasm::materializeImportJSCell):
79	(JSC::Wasm::wasmToJs):
80	(JSC::Wasm::wasmToWasm):
81	* wasm/WasmContext.cpp: Added.
82	(JSC::loadWasmContext):
83	(JSC::storeWasmContext):
84	* wasm/WasmContext.h: Added. Replaces "top" JSWebAssemblyInstance.
85	* wasm/js/WebAssemblyFunction.cpp:
86	(JSC::callWebAssemblyFunction):
87	* wasm/js/WebAssemblyInstanceConstructor.h:
88
1	2017-03-16 Mark Lam <mark.lam@apple.com>	89	2017-03-16 Mark Lam <mark.lam@apple.com>
2		90
3	Fix exception scope verification failures in GenericArgumentsInlines.h.	91	Fix exception scope verification failures in GenericArgumentsInlines.h.

Lines 349-355 a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj_sec1
- a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj -3 / +13 lines
349	0F37308C1C0BD29100052BFA /* B3PhiChildren.cpp in Sources / = {isa = PBXBuildFile; fileRef = 0F37308A1C0BD29100052BFA / B3PhiChildren.cpp */; };	349	0F37308C1C0BD29100052BFA /* B3PhiChildren.cpp in Sources / = {isa = PBXBuildFile; fileRef = 0F37308A1C0BD29100052BFA / B3PhiChildren.cpp */; };
350	0F37308D1C0BD29100052BFA /* B3PhiChildren.h in Headers / = {isa = PBXBuildFile; fileRef = 0F37308B1C0BD29100052BFA / B3PhiChildren.h */; };	350	0F37308D1C0BD29100052BFA /* B3PhiChildren.h in Headers / = {isa = PBXBuildFile; fileRef = 0F37308B1C0BD29100052BFA / B3PhiChildren.h */; };
351	0F37308F1C0CD68500052BFA /* DisallowMacroScratchRegisterUsage.h in Headers / = {isa = PBXBuildFile; fileRef = 0F37308E1C0CD68500052BFA / DisallowMacroScratchRegisterUsage.h */; };	351	0F37308F1C0CD68500052BFA /* DisallowMacroScratchRegisterUsage.h in Headers / = {isa = PBXBuildFile; fileRef = 0F37308E1C0CD68500052BFA / DisallowMacroScratchRegisterUsage.h */; };
352	0F3730911C0CD70C00052BFA /* AllowMacroScratchRegisterUsage.h in Headers / = {isa = PBXBuildFile; fileRef = 0F3730901C0CD70C00052BFA / AllowMacroScratchRegisterUsage.h */; };	352	0F3730911C0CD70C00052BFA /* AllowMacroScratchRegisterUsage.h in Headers / = {isa = PBXBuildFile; fileRef = 0F3730901C0CD70C00052BFA / AllowMacroScratchRegisterUsage.h */; settings = {ATTRIBUTES = (Private, ); }; };
353	0F3730931C0D67EE00052BFA /* AirUseCounts.h in Headers / = {isa = PBXBuildFile; fileRef = 0F3730921C0D67EE00052BFA / AirUseCounts.h */; };	353	0F3730931C0D67EE00052BFA /* AirUseCounts.h in Headers / = {isa = PBXBuildFile; fileRef = 0F3730921C0D67EE00052BFA / AirUseCounts.h */; };
354	0F38B01117CF078000B144D3 /* LLIntEntrypoint.cpp in Sources / = {isa = PBXBuildFile; fileRef = 0F38B00F17CF077F00B144D3 / LLIntEntrypoint.cpp */; };	354	0F38B01117CF078000B144D3 /* LLIntEntrypoint.cpp in Sources / = {isa = PBXBuildFile; fileRef = 0F38B00F17CF077F00B144D3 / LLIntEntrypoint.cpp */; };
355	0F38B01217CF078300B144D3 /* LLIntEntrypoint.h in Headers / = {isa = PBXBuildFile; fileRef = 0F38B01017CF077F00B144D3 / LLIntEntrypoint.h */; settings = {ATTRIBUTES = (Private, ); }; };	355	0F38B01217CF078300B144D3 /* LLIntEntrypoint.h in Headers / = {isa = PBXBuildFile; fileRef = 0F38B01017CF077F00B144D3 / LLIntEntrypoint.h */; settings = {ATTRIBUTES = (Private, ); }; };
Lines 1636-1641 a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj_sec2
1636	969A079B0ED1D3AE00F1F681 /* Opcode.h in Headers / = {isa = PBXBuildFile; fileRef = 969A07950ED1D3AE00F1F681 / Opcode.h */; };	1636	969A079B0ED1D3AE00F1F681 /* Opcode.h in Headers / = {isa = PBXBuildFile; fileRef = 969A07950ED1D3AE00F1F681 / Opcode.h */; };
1637	978801401471AD920041B016 /* JSDateMath.cpp in Sources / = {isa = PBXBuildFile; fileRef = 9788FC221471AD0C0068CE2D / JSDateMath.cpp */; };	1637	978801401471AD920041B016 /* JSDateMath.cpp in Sources / = {isa = PBXBuildFile; fileRef = 9788FC221471AD0C0068CE2D / JSDateMath.cpp */; };
1638	978801411471AD920041B016 /* JSDateMath.h in Headers / = {isa = PBXBuildFile; fileRef = 9788FC231471AD0C0068CE2D / JSDateMath.h */; settings = {ATTRIBUTES = (Private, ); }; };	1638	978801411471AD920041B016 /* JSDateMath.h in Headers / = {isa = PBXBuildFile; fileRef = 9788FC231471AD0C0068CE2D / JSDateMath.h */; settings = {ATTRIBUTES = (Private, ); }; };
		1639	981ED82328234D91BAECCADE /* MachineContext.h in Headers / = {isa = PBXBuildFile; fileRef = 28806E21155E478A93FA7B02 / MachineContext.h */; settings = {ATTRIBUTES = (Private, ); }; };
1639	990DA67F1C8E316A00295159 /* generate_objc_protocol_type_conversions_implementation.py in Headers / = {isa = PBXBuildFile; fileRef = 990DA67E1C8E311D00295159 / generate_objc_protocol_type_conversions_implementation.py */; settings = {ATTRIBUTES = (Private, ); }; };	1640	990DA67F1C8E316A00295159 /* generate_objc_protocol_type_conversions_implementation.py in Headers / = {isa = PBXBuildFile; fileRef = 990DA67E1C8E311D00295159 / generate_objc_protocol_type_conversions_implementation.py */; settings = {ATTRIBUTES = (Private, ); }; };
1640	9928FF3B18AC4AEC00B8CF12 /* JSReplayInputs.cpp in Sources / = {isa = PBXBuildFile; fileRef = 9928FF3918AC4AEC00B8CF12 / JSReplayInputs.cpp */; };	1641	9928FF3B18AC4AEC00B8CF12 /* JSReplayInputs.cpp in Sources / = {isa = PBXBuildFile; fileRef = 9928FF3918AC4AEC00B8CF12 / JSReplayInputs.cpp */; };
1641	9928FF3C18AC4AEC00B8CF12 /* JSReplayInputs.h in Headers / = {isa = PBXBuildFile; fileRef = 9928FF3A18AC4AEC00B8CF12 / JSReplayInputs.h */; settings = {ATTRIBUTES = (Private, ); }; };	1642	9928FF3C18AC4AEC00B8CF12 /* JSReplayInputs.h in Headers / = {isa = PBXBuildFile; fileRef = 9928FF3A18AC4AEC00B8CF12 / JSReplayInputs.h */; settings = {ATTRIBUTES = (Private, ); }; };
Lines 2079-2084 a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj_sec3
2079	AD2FCC301DB83D4900B3E736 /* JSWebAssembly.cpp in Sources / = {isa = PBXBuildFile; fileRef = AD2FCC2E1DB839F700B3E736 / JSWebAssembly.cpp */; };	2080	AD2FCC301DB83D4900B3E736 /* JSWebAssembly.cpp in Sources / = {isa = PBXBuildFile; fileRef = AD2FCC2E1DB839F700B3E736 / JSWebAssembly.cpp */; };
2080	AD2FCC311DB83D4900B3E736 /* JSWebAssembly.h in Headers / = {isa = PBXBuildFile; fileRef = AD2FCC2F1DB839F700B3E736 / JSWebAssembly.h */; };	2081	AD2FCC311DB83D4900B3E736 /* JSWebAssembly.h in Headers / = {isa = PBXBuildFile; fileRef = AD2FCC2F1DB839F700B3E736 / JSWebAssembly.h */; };
2081	AD2FCC331DC4045400B3E736 /* WasmFormat.cpp in Sources / = {isa = PBXBuildFile; fileRef = AD2FCC321DC4045300B3E736 / WasmFormat.cpp */; };	2082	AD2FCC331DC4045400B3E736 /* WasmFormat.cpp in Sources / = {isa = PBXBuildFile; fileRef = AD2FCC321DC4045300B3E736 / WasmFormat.cpp */; };
		2083	AD412B331E7B2E99008AF157 /* WasmContext.cpp in Sources / = {isa = PBXBuildFile; fileRef = AD412B311E7B2E8A008AF157 / WasmContext.cpp */; };
		2084	AD412B341E7B2E9E008AF157 /* WasmContext.h in Headers / = {isa = PBXBuildFile; fileRef = AD412B321E7B2E8A008AF157 / WasmContext.h */; settings = {ATTRIBUTES = (Private, ); }; };
2082	AD4252511E5D0E14009D2A97 /* FullCodeOrigin.h in Headers / = {isa = PBXBuildFile; fileRef = AD4252501E5D0DEB009D2A97 / FullCodeOrigin.h */; };	2085	AD4252511E5D0E14009D2A97 /* FullCodeOrigin.h in Headers / = {isa = PBXBuildFile; fileRef = AD4252501E5D0DEB009D2A97 / FullCodeOrigin.h */; };
2083	AD4252531E5D0F47009D2A97 /* FullCodeOrigin.cpp in Sources / = {isa = PBXBuildFile; fileRef = AD4252521E5D0F22009D2A97 / FullCodeOrigin.cpp */; };	2086	AD4252531E5D0F47009D2A97 /* FullCodeOrigin.cpp in Sources / = {isa = PBXBuildFile; fileRef = AD4252521E5D0F22009D2A97 / FullCodeOrigin.cpp */; };
2084	AD4937C31DDBE6140077C807 /* AbstractModuleRecord.cpp in Sources / = {isa = PBXBuildFile; fileRef = AD4937C11DDBE60A0077C807 / AbstractModuleRecord.cpp */; };	2087	AD4937C31DDBE6140077C807 /* AbstractModuleRecord.cpp in Sources / = {isa = PBXBuildFile; fileRef = AD4937C11DDBE60A0077C807 / AbstractModuleRecord.cpp */; };
Lines 2439-2445 a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj_sec4
2439	FEE43FCE1E6641710077D6D1 /* PlatformThread.h in Headers / = {isa = PBXBuildFile; fileRef = FEE43FCD1E6641400077D6D1 / PlatformThread.h */; settings = {ATTRIBUTES = (Private, ); }; };	2442	FEE43FCE1E6641710077D6D1 /* PlatformThread.h in Headers / = {isa = PBXBuildFile; fileRef = FEE43FCD1E6641400077D6D1 / PlatformThread.h */; settings = {ATTRIBUTES = (Private, ); }; };
2440	FEF040511AAE662D00BD28B0 /* CompareAndSwapTest.cpp in Sources / = {isa = PBXBuildFile; fileRef = FEF040501AAE662D00BD28B0 / CompareAndSwapTest.cpp */; };	2443	FEF040511AAE662D00BD28B0 /* CompareAndSwapTest.cpp in Sources / = {isa = PBXBuildFile; fileRef = FEF040501AAE662D00BD28B0 / CompareAndSwapTest.cpp */; };
2441	FEFD6FC61D5E7992008F2F0B /* JSStringInlines.h in Headers / = {isa = PBXBuildFile; fileRef = FEFD6FC51D5E7970008F2F0B / JSStringInlines.h */; settings = {ATTRIBUTES = (Private, ); }; };	2444	FEFD6FC61D5E7992008F2F0B /* JSStringInlines.h in Headers / = {isa = PBXBuildFile; fileRef = FEFD6FC51D5E7970008F2F0B / JSStringInlines.h */; settings = {ATTRIBUTES = (Private, ); }; };
2442	981ED82328234D91BAECCADE /* MachineContext.h in Headers / = {isa = PBXBuildFile; fileRef = 28806E21155E478A93FA7B02 / MachineContext.h */; settings = {ATTRIBUTES = (Private, ); }; };
2443	/* End PBXBuildFile section */	2445	/* End PBXBuildFile section */
2444		2446
2445	/* Begin PBXContainerItemProxy section */	2447	/* Begin PBXContainerItemProxy section */
Lines 3728-3733 a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj_sec5
3728	264091FA1BE2FD4100684DB2 /* AirOpcode.opcodes */ = {isa = PBXFileReference; lastKnownFileType = text; name = AirOpcode.opcodes; path = b3/air/AirOpcode.opcodes; sourceTree = "<group>"; };	3730	264091FA1BE2FD4100684DB2 /* AirOpcode.opcodes */ = {isa = PBXFileReference; lastKnownFileType = text; name = AirOpcode.opcodes; path = b3/air/AirOpcode.opcodes; sourceTree = "<group>"; };
3729	2684D4371C00161C0081D663 /* AirLiveness.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AirLiveness.h; path = b3/air/AirLiveness.h; sourceTree = "<group>"; };	3731	2684D4371C00161C0081D663 /* AirLiveness.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AirLiveness.h; path = b3/air/AirLiveness.h; sourceTree = "<group>"; };
3730	269D636D1BFBE5D000101B1D /* FTLOutput.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = FTLOutput.h; path = ftl/FTLOutput.h; sourceTree = "<group>"; };	3732	269D636D1BFBE5D000101B1D /* FTLOutput.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = FTLOutput.h; path = ftl/FTLOutput.h; sourceTree = "<group>"; };
		3733	28806E21155E478A93FA7B02 /* MachineContext.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MachineContext.h; sourceTree = "<group>"; };
3731	2A05ABD31961DF2400341750 /* JSPropertyNameEnumerator.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSPropertyNameEnumerator.cpp; sourceTree = "<group>"; };	3734	2A05ABD31961DF2400341750 /* JSPropertyNameEnumerator.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSPropertyNameEnumerator.cpp; sourceTree = "<group>"; };
3732	2A05ABD41961DF2400341750 /* JSPropertyNameEnumerator.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSPropertyNameEnumerator.h; sourceTree = "<group>"; };	3735	2A05ABD41961DF2400341750 /* JSPropertyNameEnumerator.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSPropertyNameEnumerator.h; sourceTree = "<group>"; };
3733	2A111243192FCE79005EE18D /* CustomGetterSetter.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CustomGetterSetter.cpp; sourceTree = "<group>"; };	3736	2A111243192FCE79005EE18D /* CustomGetterSetter.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CustomGetterSetter.cpp; sourceTree = "<group>"; };
Lines 4644-4649 a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj_sec6
4644	AD2FCC2E1DB839F700B3E736 /* JSWebAssembly.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSWebAssembly.cpp; sourceTree = "<group>"; };	4647	AD2FCC2E1DB839F700B3E736 /* JSWebAssembly.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSWebAssembly.cpp; sourceTree = "<group>"; };
4645	AD2FCC2F1DB839F700B3E736 /* JSWebAssembly.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSWebAssembly.h; sourceTree = "<group>"; };	4648	AD2FCC2F1DB839F700B3E736 /* JSWebAssembly.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSWebAssembly.h; sourceTree = "<group>"; };
4646	AD2FCC321DC4045300B3E736 /* WasmFormat.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WasmFormat.cpp; sourceTree = "<group>"; };	4649	AD2FCC321DC4045300B3E736 /* WasmFormat.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WasmFormat.cpp; sourceTree = "<group>"; };
		4650	AD412B311E7B2E8A008AF157 /* WasmContext.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WasmContext.cpp; sourceTree = "<group>"; };
		4651	AD412B321E7B2E8A008AF157 /* WasmContext.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WasmContext.h; sourceTree = "<group>"; };
		4652	AD412B351E7B57C0008AF157 /* AllowMacroScratchRegisterUsageIf.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = AllowMacroScratchRegisterUsageIf.h; sourceTree = "<group>"; };
4647	AD4252501E5D0DEB009D2A97 /* FullCodeOrigin.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = FullCodeOrigin.h; sourceTree = "<group>"; };	4653	AD4252501E5D0DEB009D2A97 /* FullCodeOrigin.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = FullCodeOrigin.h; sourceTree = "<group>"; };
4648	AD4252521E5D0F22009D2A97 /* FullCodeOrigin.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = FullCodeOrigin.cpp; sourceTree = "<group>"; };	4654	AD4252521E5D0F22009D2A97 /* FullCodeOrigin.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = FullCodeOrigin.cpp; sourceTree = "<group>"; };
4649	AD4937C11DDBE60A0077C807 /* AbstractModuleRecord.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = AbstractModuleRecord.cpp; sourceTree = "<group>"; };	4655	AD4937C11DDBE60A0077C807 /* AbstractModuleRecord.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = AbstractModuleRecord.cpp; sourceTree = "<group>"; };
Lines 5035-5041 a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj_sec7
5035	FEF040501AAE662D00BD28B0 /* CompareAndSwapTest.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = CompareAndSwapTest.cpp; path = API/tests/CompareAndSwapTest.cpp; sourceTree = "<group>"; };	5041	FEF040501AAE662D00BD28B0 /* CompareAndSwapTest.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = CompareAndSwapTest.cpp; path = API/tests/CompareAndSwapTest.cpp; sourceTree = "<group>"; };
5036	FEF040521AAEC4ED00BD28B0 /* CompareAndSwapTest.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = CompareAndSwapTest.h; path = API/tests/CompareAndSwapTest.h; sourceTree = "<group>"; };	5042	FEF040521AAEC4ED00BD28B0 /* CompareAndSwapTest.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = CompareAndSwapTest.h; path = API/tests/CompareAndSwapTest.h; sourceTree = "<group>"; };
5037	FEFD6FC51D5E7970008F2F0B /* JSStringInlines.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSStringInlines.h; sourceTree = "<group>"; };	5043	FEFD6FC51D5E7970008F2F0B /* JSStringInlines.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSStringInlines.h; sourceTree = "<group>"; };
5038	28806E21155E478A93FA7B02 /* MachineContext.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = MachineContext.h; path = MachineContext.h; sourceTree = "<group>"; };
5039	/* End PBXFileReference section */	5044	/* End PBXFileReference section */
5040		5045
5041	/* Begin PBXFrameworksBuildPhase section */	5046	/* Begin PBXFrameworksBuildPhase section */
Lines 6243-6248 a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj_sec8
6243	AD4B1DF81DF244D70071AE32 /* WasmBinding.h */,	6248	AD4B1DF81DF244D70071AE32 /* WasmBinding.h */,
6244	53FD04D11D7AB187003287D3 /* WasmCallingConvention.cpp */,	6249	53FD04D11D7AB187003287D3 /* WasmCallingConvention.cpp */,
6245	53FD04D21D7AB187003287D3 /* WasmCallingConvention.h */,	6250	53FD04D21D7AB187003287D3 /* WasmCallingConvention.h */,
		6251	AD412B311E7B2E8A008AF157 /* WasmContext.cpp */,
		6252	AD412B321E7B2E8A008AF157 /* WasmContext.h */,
6246	79DAE2791E03C82200B526AA /* WasmExceptionType.h */,	6253	79DAE2791E03C82200B526AA /* WasmExceptionType.h */,
6247	AD2FCC321DC4045300B3E736 /* WasmFormat.cpp */,	6254	AD2FCC321DC4045300B3E736 /* WasmFormat.cpp */,
6248	7BC547D21B69599B00959B58 /* WasmFormat.h */,	6255	7BC547D21B69599B00959B58 /* WasmFormat.h */,
Lines 7385-7390 a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj_sec9
7385	0F2C63BF1E660EA500C13839 /* AbstractMacroAssembler.cpp */,	7392	0F2C63BF1E660EA500C13839 /* AbstractMacroAssembler.cpp */,
7386	860161DF0F3A83C100F84710 /* AbstractMacroAssembler.h */,	7393	860161DF0F3A83C100F84710 /* AbstractMacroAssembler.h */,
7387	0F3730901C0CD70C00052BFA /* AllowMacroScratchRegisterUsage.h */,	7394	0F3730901C0CD70C00052BFA /* AllowMacroScratchRegisterUsage.h */,
		7395	AD412B351E7B57C0008AF157 /* AllowMacroScratchRegisterUsageIf.h */,
7388	8640923B156EED3B00566CB2 /* ARM64Assembler.h */,	7396	8640923B156EED3B00566CB2 /* ARM64Assembler.h */,
7389	86D3B2BF10156BDE002865E7 /* ARMAssembler.cpp */,	7397	86D3B2BF10156BDE002865E7 /* ARMAssembler.cpp */,
7390	86D3B2C010156BDE002865E7 /* ARMAssembler.h */,	7398	86D3B2C010156BDE002865E7 /* ARMAssembler.h */,
Lines 8556-8561 a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj_sec10
8556	0FEA0A0C170513DB00BB722C /* FTLCompile.h in Headers */,	8564	0FEA0A0C170513DB00BB722C /* FTLCompile.h in Headers */,
8557	E322E5A71DA644A8006E7709 /* FTLDOMJITPatchpointParams.h in Headers */,	8565	E322E5A71DA644A8006E7709 /* FTLDOMJITPatchpointParams.h in Headers */,
8558	0F9D4C0D1C3E1C11006CD984 /* FTLExceptionTarget.h in Headers */,	8566	0F9D4C0D1C3E1C11006CD984 /* FTLExceptionTarget.h in Headers */,
		8567	AD412B341E7B2E9E008AF157 /* WasmContext.h in Headers */,
8559	0F235BD417178E1C00690C7F /* FTLExitArgument.h in Headers */,	8568	0F235BD417178E1C00690C7F /* FTLExitArgument.h in Headers */,
8560	0F235BD617178E1C00690C7F /* FTLExitArgumentForOperand.h in Headers */,	8569	0F235BD617178E1C00690C7F /* FTLExitArgumentForOperand.h in Headers */,
8561	0F2B9CF519D0BAC100B1D1B5 /* FTLExitPropertyValue.h in Headers */,	8570	0F2B9CF519D0BAC100B1D1B5 /* FTLExitPropertyValue.h in Headers */,
Lines 10685-10690 a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj_sec11
10685	BCDE3B430E6C832D001453A7 /* Structure.cpp in Sources */,	10694	BCDE3B430E6C832D001453A7 /* Structure.cpp in Sources */,
10686	7E4EE70F0EBB7A5B005934AA /* StructureChain.cpp in Sources */,	10695	7E4EE70F0EBB7A5B005934AA /* StructureChain.cpp in Sources */,
10687	2AF7382C18BBBF92008A5A37 /* StructureIDTable.cpp in Sources */,	10696	2AF7382C18BBBF92008A5A37 /* StructureIDTable.cpp in Sources */,
		10697	AD412B331E7B2E99008AF157 /* WasmContext.cpp in Sources */,
10688	C2F0F2D116BAEEE900187C19 /* StructureRareData.cpp in Sources */,	10698	C2F0F2D116BAEEE900187C19 /* StructureRareData.cpp in Sources */,
10689	0FB438A319270B1D00E1FBC9 /* StructureSet.cpp in Sources */,	10699	0FB438A319270B1D00E1FBC9 /* StructureSet.cpp in Sources */,
10690	0F766D3815AE4A1C008F363E /* StructureStubClearingWatchpoint.cpp in Sources */,	10700	0F766D3815AE4A1C008F363E /* StructureStubClearingWatchpoint.cpp in Sources */,

Line 0 a/Source/JavaScriptCore/assembler/AllowMacroScratchRegisterUsageIf.h_sec1
- a/Source/JavaScriptCore/assembler/AllowMacroScratchRegisterUsageIf.h +59 lines
	1	/*
	2	* Copyright (C) 2017 Apple Inc. All rights reserved.
	3	*
	4	* Redistribution and use in source and binary forms, with or without
	5	* modification, are permitted provided that the following conditions
	6	* are met:
	7	* 1. Redistributions of source code must retain the above copyright
	8	* notice, this list of conditions and the following disclaimer.
	9	* 2. Redistributions in binary form must reproduce the above copyright
	10	* notice, this list of conditions and the following disclaimer in the
	11	* documentation and/or other materials provided with the distribution.
	12	*
	13	* THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
	14	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	15	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	16	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
	17	* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
	18	* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
	19	* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
	20	* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	21	* OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	22	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
	23	* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	24	*/
	25
	26	#pragma once
	27
	28	#if ENABLE(ASSEMBLER)
	29
	30	#include "MacroAssembler.h"
	31
	32	namespace JSC {
	33
	34	class AllowMacroScratchRegisterUsageIf {
	35	public:
	36	AllowMacroScratchRegisterUsageIf(MacroAssembler& masm, bool allowIfTrue)
	37	: m_masm(masm)
	38	, m_allowIfTrue(allowIfTrue)
	39	, m_oldValueOfAllowScratchRegister(masm.m_allowScratchRegister)
	40	{
	41	if (m_allowIfTrue)
	42	masm.m_allowScratchRegister = true;
	43	}
	44
	45	~AllowMacroScratchRegisterUsageIf()
	46	{
	47	if (m_allowIfTrue)
	48	m_masm.m_allowScratchRegister = m_oldValueOfAllowScratchRegister;
	49	}
	50
	51	private:
	52	MacroAssembler& m_masm;
	53	bool m_allowIfTrue;
	54	bool m_oldValueOfAllowScratchRegister;
	55	};
	56
	57	} // namespace JSC
	58
	59	#endif // ENABLE(ASSEMBLER)

Lines 41-46 a/Source/JavaScriptCore/jit/AssemblyHelpers.h_sec1
- a/Source/JavaScriptCore/jit/AssemblyHelpers.h -1 / +40 lines
41	#include "SuperSampler.h"	41	#include "SuperSampler.h"
42	#include "TypeofType.h"	42	#include "TypeofType.h"
43	#include "VM.h"	43	#include "VM.h"
		44	#include <wtf/FastTLS.h>
44		45
45	namespace JSC {	46	namespace JSC {
46		47
Lines 1634-1640 public: a/Source/JavaScriptCore/jit/AssemblyHelpers.h_sec2
1634	#if USE(JSVALUE64)	1635	#if USE(JSVALUE64)
1635	void wangsInt64Hash(GPRReg inputAndResult, GPRReg scratch);	1636	void wangsInt64Hash(GPRReg inputAndResult, GPRReg scratch);
1636	#endif	1637	#endif
1637		1638
		1639	void loadWasmContext(GPRReg dst)
		1640	{
		1641	#if ENABLE(FAST_TLS_JIT)
		1642	loadFromTLSPtr(fastTLSOffsetForKey(WTF_WASM_CONTEXT_KEY), dst);
		1643	#else
		1644	// FIXME: Save this state elsewhere to allow PIC. https://bugs.webkit.org/show_bug.cgi?id=169773
		1645	loadPtr(&vm.wasmContext, dst);
		1646	#endif
		1647	}
		1648
		1649	void storeWasmContext(GPRReg src)
		1650	{
		1651	#if ENABLE(FAST_TLS_JIT)
		1652	storeToTLSPtr(src, fastTLSOffsetForKey(WTF_WASM_CONTEXT_KEY));
		1653	#else
		1654	// FIXME: Save this state elsewhere to allow PIC. https://bugs.webkit.org/show_bug.cgi?id=169773
		1655	storePtr(src, &vm->wasmContext);
		1656	#endif
		1657	}
		1658
		1659	static bool loadWasmContextNeedsMacroScratchRegister()
		1660	{
		1661	#if ENABLE(FAST_TLS_JIT)
		1662	return loadFromTLSPtrNeedsMacroScratchRegister();
		1663	#else
		1664	return false;
		1665	#endif
		1666	}
		1667
		1668	static bool storeWasmContextNeedsMacroScratchRegister()
		1669	{
		1670	#if ENABLE(FAST_TLS_JIT)
		1671	return storeToTLSPtrNeedsMacroScratchRegister();
		1672	#else
		1673	return false;
		1674	#endif
		1675	}
		1676
1638	protected:	1677	protected:
1639	VM* m_vm;	1678	VM* m_vm;
1640	CodeBlock* m_codeBlock;	1679	CodeBlock* m_codeBlock;

Lines 1-5 a/Source/JavaScriptCore/jit/Repatch.cpp_sec1
- a/Source/JavaScriptCore/jit/Repatch.cpp -2 / +3 lines
1	/*	1	/*
2	* Copyright (C) 2011-2016 Apple Inc. All rights reserved.	2	* Copyright (C) 2011-2017 Apple Inc. All rights reserved.
3	*	3	*
4	* Redistribution and use in source and binary forms, with or without	4	* Redistribution and use in source and binary forms, with or without
5	* modification, are permitted provided that the following conditions	5	* modification, are permitted provided that the following conditions
Lines 59-64 a/Source/JavaScriptCore/jit/Repatch.cpp_sec2
59	#include "StructureStubClearingWatchpoint.h"	59	#include "StructureStubClearingWatchpoint.h"
60	#include "StructureStubInfo.h"	60	#include "StructureStubInfo.h"
61	#include "ThunkGenerators.h"	61	#include "ThunkGenerators.h"
		62	#include "WasmContext.h"
62	#include <wtf/CommaPrinter.h>	63	#include <wtf/CommaPrinter.h>
63	#include <wtf/ListDump.h>	64	#include <wtf/ListDump.h>
64	#include <wtf/StringPrintStream.h>	65	#include <wtf/StringPrintStream.h>
Lines 592-598 static JSCell* webAssemblyOwner(VM& vm) a/Source/JavaScriptCore/jit/Repatch.cpp_sec3
592	{	593	{
593	#if ENABLE(WEBASSEMBLY)	594	#if ENABLE(WEBASSEMBLY)
594	// Each WebAssembly.Instance shares the stubs from their WebAssembly.Module, which are therefore the appropriate owner.	595	// Each WebAssembly.Instance shares the stubs from their WebAssembly.Module, which are therefore the appropriate owner.
595	return vm.topJSWebAssemblyInstance->module();	596	return loadWasmContext(vm)->module();
596	#else	597	#else
597	UNUSED_PARAM(vm);	598	UNUSED_PARAM(vm);
598	RELEASE_ASSERT_NOT_REACHED();	599	RELEASE_ASSERT_NOT_REACHED();

Lines 1-5 a/Source/JavaScriptCore/jit/ThunkGenerators.cpp_sec1
- a/Source/JavaScriptCore/jit/ThunkGenerators.cpp -4 / +5 lines
1	/*	1	/*
2	* Copyright (C) 2010, 2012-2014, 2016 Apple Inc. All rights reserved.	2	* Copyright (C) 2010, 2012-2014, 2016-2017 Apple Inc. All rights reserved.
3	*	3	*
4	* Redistribution and use in source and binary forms, with or without	4	* Redistribution and use in source and binary forms, with or without
5	* modification, are permitted provided that the following conditions	5	* modification, are permitted provided that the following conditions
Lines 32-43 a/Source/JavaScriptCore/jit/ThunkGenerators.cpp_sec2
32	#include "JITOperations.h"	32	#include "JITOperations.h"
33	#include "JSArray.h"	33	#include "JSArray.h"
34	#include "JSBoundFunction.h"	34	#include "JSBoundFunction.h"
35	#include "MathCommon.h"
36	#include "MaxFrameExtentForSlowPathCall.h"
37	#include "JSCInlines.h"	35	#include "JSCInlines.h"
38	#include "JSWebAssemblyInstance.h"	36	#include "JSWebAssemblyInstance.h"
39	#include "JSWebAssemblyRuntimeError.h"	37	#include "JSWebAssemblyRuntimeError.h"
		38	#include "MathCommon.h"
		39	#include "MaxFrameExtentForSlowPathCall.h"
40	#include "SpecializedThunkJIT.h"	40	#include "SpecializedThunkJIT.h"
		41	#include "WasmContext.h"
41	#include "WasmExceptionType.h"	42	#include "WasmExceptionType.h"
42	#include <wtf/InlineASM.h>	43	#include <wtf/InlineASM.h>
43	#include <wtf/StringPrintStream.h>	44	#include <wtf/StringPrintStream.h>
Lines 1156-1162 MacroAssemblerCodeRef throwExceptionFromWasmThunkGenerator(VM* vm) a/Source/JavaScriptCore/jit/ThunkGenerators.cpp_sec3
1156		1157
1157	{	1158	{
1158	auto throwScope = DECLARE_THROW_SCOPE(*vm);	1159	auto throwScope = DECLARE_THROW_SCOPE(*vm);
1159	JSGlobalObject* globalObject = vm->topJSWebAssemblyInstance->globalObject();	1160	JSGlobalObject* globalObject = loadWasmContext(*vm)->globalObject();
1160		1161
1161	JSWebAssemblyRuntimeError* error = JSWebAssemblyRuntimeError::create(exec, *vm, globalObject->WebAssemblyRuntimeErrorStructure(), Wasm::errorMessageForExceptionType(type));	1162	JSWebAssemblyRuntimeError* error = JSWebAssemblyRuntimeError::create(exec, *vm, globalObject->WebAssemblyRuntimeErrorStructure(), Wasm::errorMessageForExceptionType(type));
1162	throwException(exec, throwScope, error);	1163	throwException(exec, throwScope, error);

Lines 1-5 a/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp_sec1
- a/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp -15 / +43 lines
1	/*	1	/*
2	* Copyright (C) 2016 Apple Inc. All rights reserved.	2	* Copyright (C) 2016-2017 Apple Inc. All rights reserved.
3	*	3	*
4	* Redistribution and use in source and binary forms, with or without	4	* Redistribution and use in source and binary forms, with or without
5	* modification, are permitted provided that the following conditions	5	* modification, are permitted provided that the following conditions
Lines 28-33 a/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp_sec2
28		28
29	#if ENABLE(WEBASSEMBLY)	29	#if ENABLE(WEBASSEMBLY)
30		30
		31	#include "AllowMacroScratchRegisterUsageIf.h"
31	#include "B3BasicBlockInlines.h"	32	#include "B3BasicBlockInlines.h"
32	#include "B3CCallValue.h"	33	#include "B3CCallValue.h"
33	#include "B3Compile.h"	34	#include "B3Compile.h"
Lines 48-53 a/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp_sec3
48	#include "JSWebAssemblyRuntimeError.h"	49	#include "JSWebAssemblyRuntimeError.h"
49	#include "VirtualRegister.h"	50	#include "VirtualRegister.h"
50	#include "WasmCallingConvention.h"	51	#include "WasmCallingConvention.h"
		52	#include "WasmContext.h"
51	#include "WasmExceptionType.h"	53	#include "WasmExceptionType.h"
52	#include "WasmFunctionParser.h"	54	#include "WasmFunctionParser.h"
53	#include "WasmMemory.h"	55	#include "WasmMemory.h"
Lines 226-234 private: a/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp_sec4
226	GPRReg m_memoryBaseGPR;	228	GPRReg m_memoryBaseGPR;
227	GPRReg m_memorySizeGPR;	229	GPRReg m_memorySizeGPR;
228	Value* m_zeroValues[numTypes];	230	Value* m_zeroValues[numTypes];
229	Value* m_instanceValue;	231	Value* m_instanceValue; // FIXME: make this lazy https://bugs.webkit.org/show_bug.cgi?id=169792
230	};	232	};
231		233
		234	static Value* loadWasmContext(Procedure& proc, BasicBlock* block)
		235	{
		236	PatchpointValue* patchpoint = block->appendNew<PatchpointValue>(proc, pointerType(), Origin());
		237	if (CCallHelpers::loadWasmContextNeedsMacroScratchRegister())
		238	patchpoint->clobber(RegisterSet::macroScratchRegisters());
		239	patchpoint->setGenerator(
		240	[&] (CCallHelpers& jit, const StackmapGenerationParams& params) {
		241	AllowMacroScratchRegisterUsageIf allowScratch(jit, CCallHelpers::loadWasmContextNeedsMacroScratchRegister());
		242	jit.loadWasmContext(params[0].gpr());
		243	});
		244
		245	return block->appendNew<Value>(proc, Identity, Origin(), patchpoint);
		246	}
		247
		248	static void storeWasmContext(Procedure& proc, BasicBlock* block, Value* arg)
		249	{
		250	PatchpointValue* patchpoint = block->appendNew<PatchpointValue>(proc, B3::Void, Origin());
		251	if (CCallHelpers::storeWasmContextNeedsMacroScratchRegister())
		252	patchpoint->clobber(RegisterSet::macroScratchRegisters());
		253	patchpoint->append(ConstrainedValue(arg, ValueRep::SomeRegister));
		254	patchpoint->setGenerator(
		255	[&] (CCallHelpers& jit, const StackmapGenerationParams& params) {
		256	AllowMacroScratchRegisterUsageIf allowScratch(jit, CCallHelpers::storeWasmContextNeedsMacroScratchRegister());
		257	jit.storeWasmContext(params[0].gpr());
		258	});
		259	}
		260
232	B3IRGenerator::B3IRGenerator(VM& vm, const ModuleInformation& info, Procedure& procedure, WasmInternalFunction* compilation, Vector<UnlinkedWasmToWasmCall>& unlinkedWasmToWasmCalls)	261	B3IRGenerator::B3IRGenerator(VM& vm, const ModuleInformation& info, Procedure& procedure, WasmInternalFunction* compilation, Vector<UnlinkedWasmToWasmCall>& unlinkedWasmToWasmCalls)
233	: m_vm(vm)	262	: m_vm(vm)
234	, m_info(info)	263	, m_info(info)
Lines 270-277 B3IRGenerator::B3IRGenerator(VM& vm, const ModuleInformation& info, Procedure& p a/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp_sec5
270		299
271	wasmCallingConvention().setupFrameInPrologue(&compilation->wasmCalleeMoveLocation, m_proc, Origin(), m_currentBlock);	300	wasmCallingConvention().setupFrameInPrologue(&compilation->wasmCalleeMoveLocation, m_proc, Origin(), m_currentBlock);
272		301
273	m_instanceValue = m_currentBlock->appendNew<MemoryValue>(m_proc, Load, pointerType(), Origin(),	302	m_instanceValue = loadWasmContext(m_proc, m_currentBlock);
274	m_currentBlock->appendNew<ConstPtrValue>(m_proc, Origin(), &m_vm.topJSWebAssemblyInstance));
275	}	303	}
276		304
277	struct MemoryBaseAndSize {	305	struct MemoryBaseAndSize {
Lines 283-290 static MemoryBaseAndSize getMemoryBaseAndSize(VM& vm, Value* instance, Procedure a/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp_sec6
283	{	311	{
284	Value* memoryObject = block->appendNew<MemoryValue>(proc, Load, pointerType(), Origin(), instance, JSWebAssemblyInstance::offsetOfMemory());	312	Value* memoryObject = block->appendNew<MemoryValue>(proc, Load, pointerType(), Origin(), instance, JSWebAssemblyInstance::offsetOfMemory());
285		313
286	static_assert(sizeof(decltype(vm.topJSWebAssemblyInstance->memory()->memory().memory())) == sizeof(void*), "codegen relies on this size");	314	static_assert(sizeof(decltype(loadWasmContext(vm)->memory()->memory().memory())) == sizeof(void*), "codegen relies on this size");
287	static_assert(sizeof(decltype(vm.topJSWebAssemblyInstance->memory()->memory().size())) == sizeof(uint64_t), "codegen relies on this size");	315	static_assert(sizeof(decltype(loadWasmContext(vm)->memory()->memory().size())) == sizeof(uint64_t), "codegen relies on this size");
288	MemoryBaseAndSize result;	316	MemoryBaseAndSize result;
289	result.base = block->appendNew<MemoryValue>(proc, Load, pointerType(), Origin(), memoryObject, JSWebAssemblyMemory::offsetOfMemory());	317	result.base = block->appendNew<MemoryValue>(proc, Load, pointerType(), Origin(), memoryObject, JSWebAssemblyMemory::offsetOfMemory());
290	result.size = block->appendNew<MemoryValue>(proc, Load, Int64, Origin(), memoryObject, JSWebAssemblyMemory::offsetOfSize());	318	result.size = block->appendNew<MemoryValue>(proc, Load, Int64, Origin(), memoryObject, JSWebAssemblyMemory::offsetOfSize());
Lines 292-300 static MemoryBaseAndSize getMemoryBaseAndSize(VM& vm, Value* instance, Procedure a/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp_sec7
292	return result;	320	return result;
293	}	321	}
294		322
295	static void restoreWebAssemblyGlobalState(VM& vm, const MemoryInformation& memory, Value* instance, Procedure& proc, BasicBlock* block)	323	static void restoreWebAssemblyGlobalState(const MemoryInformation& memory, Value* instance, Procedure& proc, BasicBlock* block)
296	{	324	{
297	block->appendNew<MemoryValue>(proc, Store, Origin(), instance, block->appendNew<ConstPtrValue>(proc, Origin(), &vm.topJSWebAssemblyInstance));	325	storeWasmContext(proc, block, instance);
298		326
299	if (!!memory) {	327	if (!!memory) {
300	const PinnedRegisterInfo* pinnedRegs = &PinnedRegisterInfo::get();	328	const PinnedRegisterInfo* pinnedRegs = &PinnedRegisterInfo::get();
Lines 395-401 auto B3IRGenerator::addGrowMemory(ExpressionType delta, ExpressionType& result) a/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp_sec8
395	VM& vm = exec->vm();	423	VM& vm = exec->vm();
396	auto scope = DECLARE_THROW_SCOPE(vm);	424	auto scope = DECLARE_THROW_SCOPE(vm);
397		425
398	JSWebAssemblyInstance* instance = vm.topJSWebAssemblyInstance;	426	JSWebAssemblyInstance* instance = loadWasmContext(vm);
399	JSWebAssemblyMemory* wasmMemory = instance->memory();	427	JSWebAssemblyMemory* wasmMemory = instance->memory();
400		428
401	if (delta < 0)	429	if (delta < 0)
Lines 414-420 auto B3IRGenerator::addGrowMemory(ExpressionType delta, ExpressionType& result) a/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp_sec9
414	m_currentBlock->appendNew<ConstPtrValue>(m_proc, Origin(), bitwise_cast<void*>(growMemory)),	442	m_currentBlock->appendNew<ConstPtrValue>(m_proc, Origin(), bitwise_cast<void*>(growMemory)),
415	m_currentBlock->appendNew<B3::Value>(m_proc, B3::FramePointer, Origin()), delta);	443	m_currentBlock->appendNew<B3::Value>(m_proc, B3::FramePointer, Origin()), delta);
416		444
417	restoreWebAssemblyGlobalState(m_vm, m_info.memory, m_instanceValue, m_proc, m_currentBlock);	445	restoreWebAssemblyGlobalState(m_info.memory, m_instanceValue, m_proc, m_currentBlock);
418		446
419	return { };	447	return { };
420	}	448	}
Lines 901-907 auto B3IRGenerator::addCall(uint32_t functionIndex, const Signature* signature, a/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp_sec10
901	}	929	}
902		930
903	// The call could have been to another WebAssembly instance, and / or could have modified our Memory.	931	// The call could have been to another WebAssembly instance, and / or could have modified our Memory.
904	restoreWebAssemblyGlobalState(m_vm, m_info.memory, m_instanceValue, m_proc, continuation);	932	restoreWebAssemblyGlobalState(m_info.memory, m_instanceValue, m_proc, continuation);
905	} else {	933	} else {
906	result = wasmCallingConvention().setupCall(m_proc, m_currentBlock, Origin(), args, toB3Type(returnType),	934	result = wasmCallingConvention().setupCall(m_proc, m_currentBlock, Origin(), args, toB3Type(returnType),
907	[&] (PatchpointValue* patchpoint) {	935	[&] (PatchpointValue* patchpoint) {
Lines 995-1001 auto B3IRGenerator::addCallIndirect(const Signature* signature, SignatureIndex s a/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp_sec11
995	});	1023	});
996		1024
997	// The call could have been to another WebAssembly instance, and / or could have modified our Memory.	1025	// The call could have been to another WebAssembly instance, and / or could have modified our Memory.
998	restoreWebAssemblyGlobalState(m_vm, m_info.memory, m_instanceValue, m_proc, m_currentBlock);	1026	restoreWebAssemblyGlobalState(m_info.memory, m_instanceValue, m_proc, m_currentBlock);
999		1027
1000	return { };	1028	return { };
1001	}	1029	}
Lines 1037-1043 void B3IRGenerator::dump(const Vector<ControlEntry>& controlStack, const Express a/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp_sec12
1037	dataLogLn();	1065	dataLogLn();
1038	}	1066	}
1039		1067
1040	static void createJSToWasmWrapper(VM& vm, CompilationContext& compilationContext, WasmInternalFunction& function, const Signature* signature, const ModuleInformation& info)	1068	static void createJSToWasmWrapper(CompilationContext& compilationContext, WasmInternalFunction& function, const Signature* signature, const ModuleInformation& info)
1041	{	1069	{
1042	CCallHelpers& jit = *compilationContext.jsEntrypointJIT;	1070	CCallHelpers& jit = *compilationContext.jsEntrypointJIT;
1043		1071
Lines 1165-1171 static void createJSToWasmWrapper(VM& vm, CompilationContext& compilationContext a/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp_sec13
1165		1193
1166	if (!!info.memory) {	1194	if (!!info.memory) {
1167	GPRReg baseMemory = pinnedRegs.baseMemoryPointer;	1195	GPRReg baseMemory = pinnedRegs.baseMemoryPointer;
1168	jit.loadPtr(&vm.topJSWebAssemblyInstance, baseMemory);	1196	jit.loadWasmContext(baseMemory);
1169	jit.loadPtr(CCallHelpers::Address(baseMemory, JSWebAssemblyInstance::offsetOfMemory()), baseMemory);	1197	jit.loadPtr(CCallHelpers::Address(baseMemory, JSWebAssemblyInstance::offsetOfMemory()), baseMemory);
1170	const auto& sizeRegs = pinnedRegs.sizeRegisters;	1198	const auto& sizeRegs = pinnedRegs.sizeRegisters;
1171	ASSERT(sizeRegs.size() >= 1);	1199	ASSERT(sizeRegs.size() >= 1);
Lines 1227-1233 Expected<std::unique_ptr<WasmInternalFunction>, String> parseAndCompile(VM& vm, a/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp_sec14
1227	result->wasmEntrypoint.calleeSaveRegisters = procedure.calleeSaveRegisters();	1255	result->wasmEntrypoint.calleeSaveRegisters = procedure.calleeSaveRegisters();
1228	}	1256	}
1229		1257
1230	createJSToWasmWrapper(vm, compilationContext, *result, signature, info);	1258	createJSToWasmWrapper(compilationContext, *result, signature, info);
1231	return WTFMove(result);	1259	return WTFMove(result);
1232	}	1260	}
1233		1261

Lines 1-5 a/Source/JavaScriptCore/wasm/WasmBinding.cpp_sec1
- a/Source/JavaScriptCore/wasm/WasmBinding.cpp -9 / +10 lines
1	/*	1	/*
2	* Copyright (C) 2016 Apple Inc. All rights reserved.	2	* Copyright (C) 2016-2017 Apple Inc. All rights reserved.
3	*	3	*
4	* Redistribution and use in source and binary forms, with or without	4	* Redistribution and use in source and binary forms, with or without
5	* modification, are permitted provided that the following conditions	5	* modification, are permitted provided that the following conditions
Lines 36-51 a/Source/JavaScriptCore/wasm/WasmBinding.cpp_sec2
36	#include "LinkBuffer.h"	36	#include "LinkBuffer.h"
37	#include "NativeErrorConstructor.h"	37	#include "NativeErrorConstructor.h"
38	#include "WasmCallingConvention.h"	38	#include "WasmCallingConvention.h"
		39	#include "WasmContext.h"
39	#include "WasmExceptionType.h"	40	#include "WasmExceptionType.h"
40		41
41	namespace JSC { namespace Wasm {	42	namespace JSC { namespace Wasm {
42		43
43	typedef CCallHelpers JIT;	44	typedef CCallHelpers JIT;
44		45
45	static void materializeImportJSCell(VM* vm, JIT& jit, unsigned importIndex, GPRReg result)	46	static void materializeImportJSCell(JIT& jit, unsigned importIndex, GPRReg result)
46	{	47	{
47	// We're calling out of the current WebAssembly.Instance, which is identified on VM. That Instance has a list of all its import functions.	48	// We're calling out of the current WebAssembly.Instance. That Instance has a list of all its import functions.
48	jit.loadPtr(&vm->topJSWebAssemblyInstance, result);	49	jit.loadWasmContext(result);
49	jit.loadPtr(JIT::Address(result, JSWebAssemblyInstance::offsetOfImportFunction(importIndex)), result);	50	jit.loadPtr(JIT::Address(result, JSWebAssemblyInstance::offsetOfImportFunction(importIndex)), result);
50	}	51	}
51		52
Lines 101-107 static MacroAssemblerCodeRef wasmToJs(VM* vm, Bag<CallLinkInfo>& callLinkInfos, a/Source/JavaScriptCore/wasm/WasmBinding.cpp_sec3
101		102
102	{	103	{
103	auto throwScope = DECLARE_THROW_SCOPE(*vm);	104	auto throwScope = DECLARE_THROW_SCOPE(*vm);
104	JSGlobalObject* globalObject = vm->topJSWebAssemblyInstance->globalObject();	105	JSGlobalObject* globalObject = loadWasmContext(*vm)->globalObject();
105	auto* error = ErrorInstance::create(exec, *vm, globalObject->typeErrorConstructor()->errorStructure(), ASCIILiteral("i64 not allowed as return type or argument to an imported function"));	106	auto* error = ErrorInstance::create(exec, *vm, globalObject->typeErrorConstructor()->errorStructure(), ASCIILiteral("i64 not allowed as return type or argument to an imported function"));
106	throwException(exec, throwScope, error);	107	throwException(exec, throwScope, error);
107	}	108	}
Lines 254-260 static MacroAssemblerCodeRef wasmToJs(VM* vm, Bag<CallLinkInfo>& callLinkInfos, a/Source/JavaScriptCore/wasm/WasmBinding.cpp_sec4
254	GPRReg importJSCellGPRReg = GPRInfo::regT0; // Callee needs to be in regT0 for slow path below.	255	GPRReg importJSCellGPRReg = GPRInfo::regT0; // Callee needs to be in regT0 for slow path below.
255	ASSERT(!wasmCC.m_calleeSaveRegisters.get(importJSCellGPRReg));	256	ASSERT(!wasmCC.m_calleeSaveRegisters.get(importJSCellGPRReg));
256		257
257	materializeImportJSCell(vm, jit, importIndex, importJSCellGPRReg);	258	materializeImportJSCell(jit, importIndex, importJSCellGPRReg);
258		259
259	jit.store64(importJSCellGPRReg, calleeFrame.withOffset(CallFrameSlot::callee * static_cast<int>(sizeof(Register))));	260	jit.store64(importJSCellGPRReg, calleeFrame.withOffset(CallFrameSlot::callee * static_cast<int>(sizeof(Register))));
260	jit.store32(JIT::TrustedImm32(numberOfParameters), calleeFrame.withOffset(CallFrameSlot::argumentCount * static_cast<int>(sizeof(Register)) + PayloadOffset));	261	jit.store32(JIT::TrustedImm32(numberOfParameters), calleeFrame.withOffset(CallFrameSlot::argumentCount * static_cast<int>(sizeof(Register)) + PayloadOffset));
Lines 426-438 static MacroAssemblerCodeRef wasmToWasm(VM* vm, unsigned importIndex) a/Source/JavaScriptCore/wasm/WasmBinding.cpp_sec5
426	GPRReg scratch = GPRInfo::nonPreservedNonArgumentGPR;	427	GPRReg scratch = GPRInfo::nonPreservedNonArgumentGPR;
427		428
428	// B3's call codegen ensures that the JSCell is a WebAssemblyFunction.	429	// B3's call codegen ensures that the JSCell is a WebAssemblyFunction.
429	materializeImportJSCell(vm, jit, importIndex, scratch);	430	materializeImportJSCell(jit, importIndex, scratch);
430		431
431	// Get the callee's WebAssembly.Instance and set it as vm.topJSWebAssemblyInstance. The caller will take care of restoring its own Instance.	432	// Get the callee's WebAssembly.Instance and set it as WasmContext. The caller will take care of restoring its own Instance.
432	GPRReg baseMemory = pinnedRegs.baseMemoryPointer;	433	GPRReg baseMemory = pinnedRegs.baseMemoryPointer;
433	ASSERT(baseMemory != scratch);	434	ASSERT(baseMemory != scratch);
434	jit.loadPtr(JIT::Address(scratch, WebAssemblyFunction::offsetOfInstance()), baseMemory); // Instance*.	435	jit.loadPtr(JIT::Address(scratch, WebAssemblyFunction::offsetOfInstance()), baseMemory); // Instance*.
435	jit.storePtr(baseMemory, &vm->topJSWebAssemblyInstance);	436	jit.storeWasmContext(baseMemory);
436		437
437	// FIXME the following code assumes that all WebAssembly.Instance have the same pinned registers. https://bugs.webkit.org/show_bug.cgi?id=162952	438	// FIXME the following code assumes that all WebAssembly.Instance have the same pinned registers. https://bugs.webkit.org/show_bug.cgi?id=162952
438	// Set up the callee's baseMemory register as well as the memory size registers.	439	// Set up the callee's baseMemory register as well as the memory size registers.

Line 0 a/Source/JavaScriptCore/wasm/WasmContext.cpp_sec1
- a/Source/JavaScriptCore/wasm/WasmContext.cpp +61 lines
	1	/*
	2	* Copyright (C) 2017 Apple Inc. All rights reserved.
	3	*
	4	* Redistribution and use in source and binary forms, with or without
	5	* modification, are permitted provided that the following conditions
	6	* are met:
	7	* 1. Redistributions of source code must retain the above copyright
	8	* notice, this list of conditions and the following disclaimer.
	9	* 2. Redistributions in binary form must reproduce the above copyright
	10	* notice, this list of conditions and the following disclaimer in the
	11	* documentation and/or other materials provided with the distribution.
	12	*
	13	* THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
	14	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	15	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	16	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
	17	* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
	18	* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
	19	* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
	20	* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	21	* OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	22	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
	23	* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	24	*/
	25
	26	#include "config.h"
	27	#include "WasmContext.h"
	28
	29	#if ENABLE(WEBASSEMBLY)
	30
	31	#include "VM.h"
	32	#include <mutex>
	33	#include <wtf/FastTLS.h>
	34
	35	namespace JSC {
	36
	37	JSWebAssemblyInstance* loadWasmContext(VM& vm)
	38	{
	39	#if ENABLE(FAST_TLS_JIT)
	40	UNUSED_PARAM(vm);
	41	return bitwise_cast<JSWebAssemblyInstance*>(_pthread_getspecific_direct(WTF_WASM_CONTEXT_KEY));
	42	#else
	43	// FIXME: Save this state elsewhere to allow PIC. https://bugs.webkit.org/show_bug.cgi?id=169773
	44	return vm.wasmContext;
	45	#endif
	46	}
	47
	48	void storeWasmContext(VM& vm, JSWebAssemblyInstance* instance)
	49	{
	50	#if ENABLE(FAST_TLS_JIT)
	51	UNUSED_PARAM(vm);
	52	_pthread_setspecific_direct(WTF_WASM_CONTEXT_KEY, bitwise_cast<void*>(instance));
	53	#else
	54	// FIXME: Save this state elsewhere to allow PIC. https://bugs.webkit.org/show_bug.cgi?id=169773
	55	vm.wasmContext = instance;
	56	#endif
	57	}
	58
	59	} // namespace JSC
	60
	61	#endif // ENABLE(WEBASSEMBLY)

Lines 1-5 a/Source/JavaScriptCore/wasm/js/WebAssemblyFunction.cpp_sec1
- a/Source/JavaScriptCore/wasm/js/WebAssemblyFunction.cpp -4 / +6 lines
1	/*	1	/*
2	* Copyright (C) 2016 Apple Inc. All rights reserved.	2	* Copyright (C) 2016-2017 Apple Inc. All rights reserved.
3	*	3	*
4	* Redistribution and use in source and binary forms, with or without	4	* Redistribution and use in source and binary forms, with or without
5	* modification, are permitted provided that the following conditions	5	* modification, are permitted provided that the following conditions
Lines 39-44 a/Source/JavaScriptCore/wasm/js/WebAssemblyFunction.cpp_sec2
39	#include "LLIntThunks.h"	39	#include "LLIntThunks.h"
40	#include "ProtoCallFrame.h"	40	#include "ProtoCallFrame.h"
41	#include "VM.h"	41	#include "VM.h"
		42	#include "WasmContext.h"
42	#include "WasmFormat.h"	43	#include "WasmFormat.h"
43	#include "WasmMemory.h"	44	#include "WasmMemory.h"
44	#include <wtf/SystemTracing.h>	45	#include <wtf/SystemTracing.h>
Lines 120-130 static EncodedJSValue JSC_HOST_CALL callWebAssemblyFunction(ExecState* exec) a/Source/JavaScriptCore/wasm/js/WebAssemblyFunction.cpp_sec3
120	protoCallFrame.init(nullptr, wasmFunction, firstArgument, argCount, remainingArgs);	121	protoCallFrame.init(nullptr, wasmFunction, firstArgument, argCount, remainingArgs);
121		122
122	// FIXME Do away with this entire function, and only use the entrypoint generated by B3. https://bugs.webkit.org/show_bug.cgi?id=166486	123	// FIXME Do away with this entire function, and only use the entrypoint generated by B3. https://bugs.webkit.org/show_bug.cgi?id=166486
123	JSWebAssemblyInstance* prevJSWebAssemblyInstance = vm.topJSWebAssemblyInstance;	124	JSWebAssemblyInstance* prevJSWebAssemblyInstance = loadWasmContext(vm);
124	vm.topJSWebAssemblyInstance = wasmFunction->instance();	125	storeWasmContext(vm, wasmFunction->instance());
125	ASSERT(wasmFunction->instance());	126	ASSERT(wasmFunction->instance());
		127	ASSERT(wasmFunction->instance() == loadWasmContext(vm));
126	EncodedJSValue rawResult = vmEntryToWasm(wasmFunction->jsEntrypoint(), &vm, &protoCallFrame);	128	EncodedJSValue rawResult = vmEntryToWasm(wasmFunction->jsEntrypoint(), &vm, &protoCallFrame);
127	vm.topJSWebAssemblyInstance = prevJSWebAssemblyInstance;	129	storeWasmContext(vm, prevJSWebAssemblyInstance);
128	RETURN_IF_EXCEPTION(scope, { });	130	RETURN_IF_EXCEPTION(scope, { });
129		131
130	switch (signature->returnType()) {	132	switch (signature->returnType()) {

Lines 1-3 a/Source/WTF/ChangeLog_sec1
- a/Source/WTF/ChangeLog +11 lines
		1	2017-03-17 JF Bastien <jfbastien@apple.com>
		2
		3	WebAssembly: store state in TLS instead of on VM
		4	https://bugs.webkit.org/show_bug.cgi?id=169611
		5
		6	Reviewed by NOBODY (OOPS!).
		7
		8	* wtf/FastTLS.h: reserve one key for WebAssembly, delete a bunch
		9	of dead code which clang couldn't compile (it's valid GCC assembly
		10	which LLVM dislikes).
		11
1	2017-03-16 Simon Fraser <simon.fraser@apple.com>	12	2017-03-16 Simon Fraser <simon.fraser@apple.com>
2		13
3	Improve the system tracing points	14	Improve the system tracing points

Lines 29-34 a/Source/WTF/wtf/FastTLS.h_sec1
- a/Source/WTF/wtf/FastTLS.h -36 / +4 lines
29		29
30	#include <pthread.h>	30	#include <pthread.h>
31	#include <System/pthread_machdep.h>	31	#include <System/pthread_machdep.h>
		32	#include <wtf/Platform.h>
32		33
33	namespace WTF {	34	namespace WTF {
34		35
Lines 44-95 namespace WTF { a/Source/WTF/wtf/FastTLS.h_sec2
44	// accidentally use the same key for more than one thing.	45	// accidentally use the same key for more than one thing.
45		46
46	#define WTF_THREAD_DATA_KEY WTF_FAST_TLS_KEY0	47	#define WTF_THREAD_DATA_KEY WTF_FAST_TLS_KEY0
		48	#define WTF_WASM_CONTEXT_KEY WTF_FAST_TLS_KEY1
47	#define WTF_TESTING_KEY WTF_FAST_TLS_KEY3	49	#define WTF_TESTING_KEY WTF_FAST_TLS_KEY3
48		50
49	#if ENABLE(FAST_TLS_JIT)	51	#if ENABLE(FAST_TLS_JIT)
50	// Below is the code that the JIT will emit.
51
52	#if CPU(X86_64)
53	inline uintptr_t loadFastTLS(unsigned offset)
54	{
55	uintptr_t result;
56	asm volatile(
57	"movq %%gs:%1, %0"
58	: "=r"(result)
59	: "r"(offset)
60	: "memory");
61	return result;
62	}
63	#elif CPU(ARM64)
64	inline uintptr_t loadFastTLS(unsigned passedOffset)
65	{
66	uintptr_t result;
67	uintptr_t offset = passedOffset;
68	asm volatile(
69	"mrs %0, TPIDRRO_EL0\n\t"
70	"and %0, %0, #0xfffffffffffffff8\n\t"
71	"ldr %0, [%0, %1]"
72	: "=r"(result)
73	: "r"(offset)
74	: "memory");
75	return result;
76	}
77	#else
78	#error "Bad architecture"
79	#endif
80	#endif // ENABLE(FAST_TLS_JIT)
81
82	inline unsigned fastTLSOffsetForKey(unsigned long slot)	52	inline unsigned fastTLSOffsetForKey(unsigned long slot)
83	{	53	{
84	return slot * sizeof(void*);	54	return slot * sizeof(void*);
85	}	55	}
		56	#endif
86		57
87	} // namespace WTF	58	} // namespace WTF
88		59
89	using WTF::fastTLSOffsetForKey;
90
91	#if ENABLE(FAST_TLS_JIT)	60	#if ENABLE(FAST_TLS_JIT)
92	using WTF::loadFastTLS;	61	using WTF::fastTLSOffsetForKey;
93	#endif	62	#endif
94		63
95	#endif // HAVE(FAST_TLS)	64	#endif // HAVE(FAST_TLS)
96	-