Bug 238827

Summary: [JSC] Strictly annotate pointers with TrustedImmPtr in CCallHelpers
Product: WebKit Reporter: Yusuke Suzuki <ysuzuki>
Component: New BugsAssignee: Yusuke Suzuki <ysuzuki>
Status: RESOLVED FIXED    
Severity: Normal CC: ews-watchlist, keith_miller, mark.lam, msaboff, saam, tzagallo, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch
ews-feeder: commit-queue-
Patch mark.lam: review+

Yusuke Suzuki
Reported 2022-04-05 12:40:37 PDT
[JSC] Strictly annotate pointers with TrustedImmPtr in CCallHelpers
Attachments
Patch (244.58 KB, patch)
2022-04-05 12:41 PDT, Yusuke Suzuki
no flags
Patch (247.35 KB, patch)
2022-04-05 12:57 PDT, Yusuke Suzuki
ews-feeder: commit-queue-
Patch (247.34 KB, patch)
2022-04-05 13:30 PDT, Yusuke Suzuki
mark.lam: review+
Yusuke Suzuki
Comment 1 2022-04-05 12:41:49 PDT
Yusuke Suzuki
Comment 2 2022-04-05 12:57:42 PDT
Yusuke Suzuki
Comment 3 2022-04-05 13:30:13 PDT
Mark Lam
Comment 4 2022-04-05 14:04:09 PDT
Comment on attachment 456738 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=456738&action=review r=me > Source/JavaScriptCore/dfg/DFGArrayifySlowPathGenerator.h:97 > + jit->callOperation(operationEnsureInt32, m_tempGPR, SpeculativeJIT::TrustedImmPtr(&vm), m_baseGPR); Why "SpeculativeJIT::" instead of "MacroAssembler::"? We use "MacroAssembler::" above. Would be good to be consistent everywhere. Ditto below. > Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:3528 > + jit.loadDouble(SpeculativeJIT::TrustedImmPtr(&zero), scratch); Why not use MacroAssembler:: qualifier instead?
Yusuke Suzuki
Comment 5 2022-04-05 14:22:14 PDT
Comment on attachment 456738 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=456738&action=review >> Source/JavaScriptCore/dfg/DFGArrayifySlowPathGenerator.h:97 >> + jit->callOperation(operationEnsureInt32, m_tempGPR, SpeculativeJIT::TrustedImmPtr(&vm), m_baseGPR); > > Why "SpeculativeJIT::" instead of "MacroAssembler::"? We use "MacroAssembler::" above. Would be good to be consistent everywhere. Ditto below. Because SpeculativeJIT::TrustedImmPtr is different from MacroAssembler::TrustedImmPtr. It has some more extra checks. >> Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:3528 >> + jit.loadDouble(SpeculativeJIT::TrustedImmPtr(&zero), scratch); > > Why not use MacroAssembler:: qualifier instead? Ditto.
Yusuke Suzuki
Comment 6 2022-04-05 17:54:17 PDT
Radar WebKit Bug Importer
Comment 7 2022-04-05 17:55:20 PDT
Note You need to log in before you can comment on or make changes to this bug.