238827 – [JSC] Strictly annotate pointers with TrustedImmPtr in CCallHelpers

RESOLVED FIXED Bug 238827

[JSC] Strictly annotate pointers with TrustedImmPtr in CCallHelpers

https://bugs.webkit.org/show_bug.cgi?id=238827

Summary [JSC] Strictly annotate pointers with TrustedImmPtr in CCallHelpers

Yusuke Suzuki

Reported 2022-04-05 12:40:37 PDT

[JSC] Strictly annotate pointers with TrustedImmPtr in CCallHelpers

Attachments
Patch (244.58 KB, patch) 2022-04-05 12:41 PDT, Yusuke Suzuki	no flags	Details Formatted Diff Diff
Patch (247.35 KB, patch) 2022-04-05 12:57 PDT, Yusuke Suzuki	ews-feeder: commit-queue-	Details Formatted Diff Diff
Patch (247.34 KB, patch) 2022-04-05 13:30 PDT, Yusuke Suzuki	mark.lam: review+	Details Formatted Diff Diff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.

Yusuke Suzuki

Comment 1 2022-04-05 12:41:49 PDT

Created attachment 456731 [details] Patch

Yusuke Suzuki

Comment 2 2022-04-05 12:57:42 PDT

Created attachment 456734 [details] Patch

Yusuke Suzuki

Comment 3 2022-04-05 13:30:13 PDT

Created attachment 456738 [details] Patch

Mark Lam

Comment 4 2022-04-05 14:04:09 PDT

Comment on attachment 456738 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=456738&action=review r=me > Source/JavaScriptCore/dfg/DFGArrayifySlowPathGenerator.h:97 > + jit->callOperation(operationEnsureInt32, m_tempGPR, SpeculativeJIT::TrustedImmPtr(&vm), m_baseGPR); Why "SpeculativeJIT::" instead of "MacroAssembler::"? We use "MacroAssembler::" above. Would be good to be consistent everywhere. Ditto below. > Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:3528 > + jit.loadDouble(SpeculativeJIT::TrustedImmPtr(&zero), scratch); Why not use MacroAssembler:: qualifier instead?

Yusuke Suzuki

Comment 5 2022-04-05 14:22:14 PDT

Comment on attachment 456738 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=456738&action=review >> Source/JavaScriptCore/dfg/DFGArrayifySlowPathGenerator.h:97 >> + jit->callOperation(operationEnsureInt32, m_tempGPR, SpeculativeJIT::TrustedImmPtr(&vm), m_baseGPR); > > Why "SpeculativeJIT::" instead of "MacroAssembler::"? We use "MacroAssembler::" above. Would be good to be consistent everywhere. Ditto below. Because SpeculativeJIT::TrustedImmPtr is different from MacroAssembler::TrustedImmPtr. It has some more extra checks. >> Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:3528 >> + jit.loadDouble(SpeculativeJIT::TrustedImmPtr(&zero), scratch); > > Why not use MacroAssembler:: qualifier instead? Ditto.

Yusuke Suzuki

Comment 6 2022-04-05 17:54:17 PDT

Committed r292445 (?): <https://commits.webkit.org/r292445>

Radar WebKit Bug Importer

Comment 7 2022-04-05 17:55:20 PDT

<rdar://problem/91327271>

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component New Bugs

Assignee

Yusuke Suzuki

Reported

2022-04-05 12:40 PDT

Modified

2022-04-05 17:55 PDT History

CC List

7 users Show

URL

Keywords InRadar

Depends on

Blocks