JITMathIC should not use integer offsets into machine code.

Mark Lam · Mark Lam · commit fea5bfb0c727 · 2018-09-27T16:58:25.000Z
https://bugs.webkit.org/show_bug.cgi?id=190030 <rdar://problem/44803307> Reviewed by Saam Barati. We'll replace them with CodeLocation smart pointers instead. * jit/JITMathIC.h: (JSC::isProfileEmpty): Canonical link: https://commits.webkit.org/204994@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@236554 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/Source/JavaScriptCore/ChangeLog b/Source/JavaScriptCore/ChangeLog
@@ -1,3 +1,16 @@
+2018-09-27  Mark Lam  <mark.lam@apple.com>
+
+        JITMathIC should not use integer offsets into machine code.
+        https://bugs.webkit.org/show_bug.cgi?id=190030
+        <rdar://problem/44803307>
+
+        Reviewed by Saam Barati.
+
+        We'll replace them with CodeLocation smart pointers instead.
+
+        * jit/JITMathIC.h:
+        (JSC::isProfileEmpty):
+
 2018-09-26  Mark Lam  <mark.lam@apple.com>
 
         Options::useSeparatedWXHeap() should always be false when ENABLE(FAST_JIT_PERMISSIONS) && CPU(ARM64E).
diff --git a/Source/JavaScriptCore/jit/JITMathIC.h b/Source/JavaScriptCore/jit/JITMathIC.h
@@ -62,10 +62,10 @@ class JITMathIC {
     {
     }
 
-    CodeLocationLabel<JSInternalPtrTag> doneLocation() { return m_inlineStart.labelAtOffset(m_inlineSize); }
-    CodeLocationLabel<JSInternalPtrTag> slowPathStartLocation() { return m_inlineStart.labelAtOffset(m_deltaFromStartToSlowPathStart); }
-    CodeLocationCall<JSInternalPtrTag> slowPathCallLocation() { return m_inlineStart.callAtOffset(m_deltaFromStartToSlowPathCallLocation); }
-    
+    CodeLocationLabel<JSInternalPtrTag> doneLocation() { return m_inlineEnd; }
+    CodeLocationCall<JSInternalPtrTag> slowPathCallLocation() { return m_slowPathCallLocation; }
+    CodeLocationLabel<JSInternalPtrTag> slowPathStartLocation() { return m_slowPathStartLocation; }
+
     bool generateInline(CCallHelpers& jit, MathICGenerationState& state, bool shouldEmitProfiling = true)
     {
 #if CPU(ARM_TRADITIONAL)
@@ -136,7 +136,7 @@ class JITMathIC {
             auto jump = jit.jump();
             // We don't need a nop sled here because nobody should be jumping into the middle of an IC.
             bool needsBranchCompaction = false;
-            RELEASE_ASSERT(jit.m_assembler.buffer().codeSize() <= static_cast<size_t>(m_inlineSize));
+            RELEASE_ASSERT(jit.m_assembler.buffer().codeSize() <= static_cast<size_t>(MacroAssembler::differenceBetweenCodePtr(m_inlineStart, m_inlineEnd)));
             LinkBuffer linkBuffer(jit, m_inlineStart, jit.m_assembler.buffer().codeSize(), JITCompilationMustSucceed, needsBranchCompaction);
             RELEASE_ASSERT(linkBuffer.isValid());
             linkBuffer.link(jump, CodeLocationLabel<JITStubRoutinePtrTag>(m_code.code()));
@@ -224,14 +224,11 @@ class JITMathIC {
         CodeLocationLabel<JSInternalPtrTag> start = linkBuffer.locationOf<JSInternalPtrTag>(state.fastPathStart);
         m_inlineStart = start;
 
-        m_inlineSize = MacroAssembler::differenceBetweenCodePtr(
-            start, linkBuffer.locationOf<NoPtrTag>(state.fastPathEnd));
-        ASSERT(m_inlineSize > 0);
+        m_inlineEnd = linkBuffer.locationOf<JSInternalPtrTag>(state.fastPathEnd);
+        ASSERT(m_inlineEnd.untaggedExecutableAddress() > m_inlineStart.untaggedExecutableAddress());
 
-        m_deltaFromStartToSlowPathCallLocation = MacroAssembler::differenceBetweenCodePtr(
-            start, linkBuffer.locationOf<NoPtrTag>(state.slowPathCall));
-        m_deltaFromStartToSlowPathStart = MacroAssembler::differenceBetweenCodePtr(
-            start, linkBuffer.locationOf<NoPtrTag>(state.slowPathStart));
+        m_slowPathCallLocation = linkBuffer.locationOf<JSInternalPtrTag>(state.slowPathCall);
+        m_slowPathStartLocation = linkBuffer.locationOf<JSInternalPtrTag>(state.slowPathStart);
     }
 
     ArithProfile* arithProfile() const { return m_arithProfile; }
@@ -252,9 +249,9 @@ class JITMathIC {
     Instruction* m_instruction;
     MacroAssemblerCodeRef<JITStubRoutinePtrTag> m_code;
     CodeLocationLabel<JSInternalPtrTag> m_inlineStart;
-    int32_t m_inlineSize;
-    int32_t m_deltaFromStartToSlowPathCallLocation;
-    int32_t m_deltaFromStartToSlowPathStart;
+    CodeLocationLabel<JSInternalPtrTag> m_inlineEnd;
+    CodeLocationLabel<JSInternalPtrTag> m_slowPathCallLocation;
+    CodeLocationLabel<JSInternalPtrTag> m_slowPathStartLocation;
     bool m_generateFastPathOnRepatch { false };
     GeneratorType m_generator;
 };
