RESOLVED FIXED 184163
Use MacroAssemblerCodePtr in Wasm code for code pointers instead of void*. 
https://bugs.webkit.org/show_bug.cgi?id=184163
Summary Use MacroAssemblerCodePtr in Wasm code for code pointers instead of void*.
Mark Lam
Reported 2018-03-29 16:42:36 PDT
With the use of MacroAssemblerCodePtr, we now get poisoning for Wasm code pointers. Also rename some structs, methods, and variable names to be more accurate. Previously, there is some confusion between a code pointer and the address of a code pointer (sometimes referred to in the code as a "LoadLocation"). We will now name the LoadLocation variables appropriately to distinguish them from code pointers.
Attachments
proposed patch. (39.64 KB, patch)
2018-03-29 16:59 PDT, Mark Lam 		jfbastien: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2018-03-29 16:43:13 PDT
<rdar://problem/39020397>
Radar WebKit Bug Importer
Comment 2 2018-03-29 16:44:15 PDT
<rdar://problem/39020437>
Mark Lam
Comment 3 2018-03-29 16:59:22 PDT
Created attachment 336820 [details] proposed patch.
Mark Lam
Comment 4 2018-03-29 17:04:34 PDT
<rdar://problem/39020397>
JF Bastien
Comment 5 2018-03-29 20:11:04 PDT
Comment on attachment 336820 [details] proposed patch. View in context: https://bugs.webkit.org/attachment.cgi?id=336820&action=review This is really great, cleans up the code a bunch :) r=me with one comment addressed. r- for now because I think it's wrong without the fix. > Source/JavaScriptCore/wasm/WasmBinding.cpp:79 > + jit.xorPtr(JIT::TrustedImmPtr(g_JITCodePoison), scratch); if (Options::usePoisoning())
Mark Lam
Comment 6 2018-03-29 20:37:39 PDT
Comment on attachment 336820 [details] proposed patch. View in context: https://bugs.webkit.org/attachment.cgi?id=336820&action=review Thanks for the review. >> Source/JavaScriptCore/wasm/WasmBinding.cpp:79 >> + jit.xorPtr(JIT::TrustedImmPtr(g_JITCodePoison), scratch); > > if (Options::usePoisoning()) Technically, this is not wrong. If !Options::usePoisoning(), the poison value is guaranteed to be 0. Hence, this xorPtr has no effect. However, it is less efficient. I will fix it. Thanks for the catch.
JF Bastien
Comment 7 2018-03-29 20:55:11 PDT
Comment on attachment 336820 [details] proposed patch. (In reply to Mark Lam from comment #6) > Comment on attachment 336820 [details] > proposed patch. > > View in context: > https://bugs.webkit.org/attachment.cgi?id=336820&action=review > > Thanks for the review. > > >> Source/JavaScriptCore/wasm/WasmBinding.cpp:79 > >> + jit.xorPtr(JIT::TrustedImmPtr(g_JITCodePoison), scratch); > > > > if (Options::usePoisoning()) > > Technically, this is not wrong. If !Options::usePoisoning(), the poison > value is guaranteed to be 0. Hence, this xorPtr has no effect. However, it > is less efficient. I will fix it. Thanks for the catch. Right, r+ then, with change.
Mark Lam
Comment 8 2018-03-29 22:05:25 PDT
Landed in r230096: <http://trac.webkit.org/r230096>.
Note You need to log in before you can comment on or make changes to this bug.