[JSC] Use simpler helpers for repatching

https://bugs.webkit.org/show_bug.cgi?id=264299 rdar://118023749 Reviewed by Michael Saboff. Repatching is typically just emitting very specific known sequence. This patch uses existing simpler repatch helpers instead of full-fledged CCallHelpers::emitJITCodeOver. * Source/JavaScriptCore/assembler/ARM64Assembler.h: * Source/JavaScriptCore/assembler/ARMv7Assembler.h: (JSC::ARMv7Assembler::replaceWithNops): * Source/JavaScriptCore/assembler/MacroAssemblerARM64.h: (JSC::MacroAssemblerARM64::replaceWithNops): * Source/JavaScriptCore/assembler/MacroAssemblerARMv7.h: (JSC::MacroAssemblerARMv7::replaceWithNops): * Source/JavaScriptCore/assembler/MacroAssemblerRISCV64.h: (JSC::MacroAssemblerRISCV64::replaceWithNops): * Source/JavaScriptCore/assembler/MacroAssemblerX86Common.h: (JSC::MacroAssemblerX86Common::replaceWithNops): * Source/JavaScriptCore/assembler/RISCV64Assembler.h: (JSC::RISCV64Assembler::replaceWithNops): * Source/JavaScriptCore/assembler/X86Assembler.h: (JSC::X86Assembler::replaceWithNops): * Source/JavaScriptCore/bytecode/CallLinkInfo.cpp: (JSC::OptimizingCallLinkInfo::initializeDirectCall): (JSC::OptimizingCallLinkInfo::setDirectCallTarget): * Source/JavaScriptCore/bytecode/InlineAccess.cpp: (JSC::InlineAccess::rewireStubAsJumpInAccess): Canonical link: https://commits.webkit.org/270351@main
WebKit · Nov 7, 2023 · f5d367e · f5d367e
1 parent e3bb4c6
commit f5d367e
Show file tree

Hide file tree

Showing 10 changed files with 56 additions and 24 deletions.
diff --git a/Source/JavaScriptCore/assembler/ARM64Assembler.h b/Source/JavaScriptCore/assembler/ARM64Assembler.h
@@ -3473,7 +3473,13 @@ class ARM64Assembler {
         performJITMemcpy(where, &insn, sizeof(int));
         cacheFlush(where, sizeof(int));
     }
-
+
+    static void replaceWithNops(void* where, size_t memoryToFillWithNopsInBytes)
+    {
+        fillNops<performJITMemcpy>(where, memoryToFillWithNopsInBytes);
+        cacheFlush(where, memoryToFillWithNopsInBytes);
+    }
+
     static ptrdiff_t maxJumpReplacementSize()
     {
         return 4;

diff --git a/Source/JavaScriptCore/assembler/ARMv7Assembler.h b/Source/JavaScriptCore/assembler/ARMv7Assembler.h
@@ -2762,7 +2762,13 @@ class ARMv7Assembler {
         cacheFlush(ptr - 2, sizeof(uint16_t) * 2);
 #endif
     }
-
+
+    static void replaceWithNops(void* instructionStart, size_t memoryToFillWithNopsInBytes)
+    {
+        fillNops<performJITMemcpy>(instructionStart, memoryToFillWithNopsInBytes);
+        cacheFlush(instructionStart, memoryToFillWithNopsInBytes);
+    }
+
     static ptrdiff_t maxJumpReplacementSize()
     {
 #if OS(LINUX)

diff --git a/Source/JavaScriptCore/assembler/MacroAssemblerARM64.h b/Source/JavaScriptCore/assembler/MacroAssemblerARM64.h
@@ -5945,7 +5945,13 @@ class MacroAssemblerARM64 : public AbstractMacroAssembler<Assembler> {
     {
         Assembler::replaceWithJump(instructionStart.dataLocation(), destination.dataLocation());
     }
-
+
+    template<PtrTag startTag>
+    static void replaceWithNops(CodeLocationLabel<startTag> instructionStart, size_t memoryToFillWithNopsInBytes)
+    {
+        Assembler::replaceWithNops(instructionStart.dataLocation(), memoryToFillWithNopsInBytes);
+    }
+
     static ptrdiff_t maxJumpReplacementSize()
     {
         return Assembler::maxJumpReplacementSize();

diff --git a/Source/JavaScriptCore/assembler/MacroAssemblerARMv7.h b/Source/JavaScriptCore/assembler/MacroAssemblerARMv7.h
@@ -2172,6 +2172,12 @@ class MacroAssemblerARMv7 : public AbstractMacroAssembler<Assembler> {
     {
         ARMv7Assembler::replaceWithJump(instructionStart.dataLocation(), destination.dataLocation());
     }
+
+    template<PtrTag startTag>
+    static void replaceWithNops(CodeLocationLabel<startTag> instructionStart, size_t memoryToFillWithNopsInBytes)
+    {
+        ARMv7Assembler::replaceWithNops(instructionStart.dataLocation(), memoryToFillWithNopsInBytes);
+    }
 
     static ptrdiff_t maxJumpReplacementSize()
     {

diff --git a/Source/JavaScriptCore/assembler/MacroAssemblerRISCV64.h b/Source/JavaScriptCore/assembler/MacroAssemblerRISCV64.h
@@ -1937,6 +1937,12 @@ class MacroAssemblerRISCV64 : public AbstractMacroAssembler<Assembler> {
         Assembler::replaceWithJump(instructionStart.dataLocation(), destination.dataLocation());
     }
 
+    template<PtrTag startTag>
+    static void replaceWithNops(CodeLocationLabel<startTag> instructionStart, size_t memoryToFillWithNopsInBytes)
+    {
+        Assembler::replaceWithNops(instructionStart.dataLocation(), memoryToFillWithNopsInBytes);
+    }
+
     static ptrdiff_t maxJumpReplacementSize()
     {
         return Assembler::maxJumpReplacementSize();

diff --git a/Source/JavaScriptCore/assembler/MacroAssemblerX86Common.h b/Source/JavaScriptCore/assembler/MacroAssemblerX86Common.h
@@ -4371,6 +4371,12 @@ class MacroAssemblerX86Common : public AbstractMacroAssembler<Assembler> {
     {
         X86Assembler::replaceWithJump(instructionStart.taggedPtr(), destination.taggedPtr());
     }
+
+    template<PtrTag startTag>
+    static void replaceWithNops(CodeLocationLabel<startTag> instructionStart, size_t memoryToFillWithNopsInBytes)
+    {
+        X86Assembler::replaceWithNops(instructionStart.taggedPtr(), memoryToFillWithNopsInBytes);
+    }
 
     static ptrdiff_t maxJumpReplacementSize()
     {

diff --git a/Source/JavaScriptCore/assembler/RISCV64Assembler.h b/Source/JavaScriptCore/assembler/RISCV64Assembler.h
@@ -1673,6 +1673,12 @@ class RISCV64Assembler {
         cacheFlush(from, sizeof(uint32_t) * 2);
     }
 
+    static void replaceWithNops(void* from, size_t memoryToFillWithNopsInBytes)
+    {
+        fillNops<memcpy>(from, memoryToFillWithNopsInBytes);
+        cacheFlush(from, memoryToFillWithNopsInBytes);
+    }
+
     static void revertJumpReplacementToPatch(void* from, void* valuePtr)
     {
         uint32_t* location = reinterpret_cast<uint32_t*>(from);

diff --git a/Source/JavaScriptCore/assembler/X86Assembler.h b/Source/JavaScriptCore/assembler/X86Assembler.h
@@ -6390,7 +6390,12 @@ class X86Assembler {
         WTF::unalignedStore<uint8_t>(ptr, static_cast<uint8_t>(OP_JMP_rel32));
         WTF::unalignedStore<int32_t>(ptr + 1, static_cast<int32_t>(distance));
     }
-
+
+    static void replaceWithNops(void* instructionStart, size_t memoryToFillWithNopsInBytes)
+    {
+        fillNops<memcpy>(instructionStart, memoryToFillWithNopsInBytes);
+    }
+
     static ptrdiff_t maxJumpReplacementSize()
     {
         return 5;

diff --git a/Source/JavaScriptCore/bytecode/CallLinkInfo.cpp b/Source/JavaScriptCore/bytecode/CallLinkInfo.cpp
@@ -556,12 +556,7 @@ void OptimizingCallLinkInfo::initializeDirectCall()
     ASSERT(u.codeIC.m_codeBlockLocation);
     if (isTailCall()) {
         RELEASE_ASSERT(fastPathStart());
-        CCallHelpers::emitJITCodeOver(fastPathStart(), scopedLambda<void(CCallHelpers&)>([&](CCallHelpers& jit) {
-            auto jump = jit.jump();
-            jit.addLinkTask([=, this] (LinkBuffer& linkBuffer) {
-                linkBuffer.link(jump, slowPathStart());
-            });
-        }), "initialize direct call");
+        CCallHelpers::replaceWithJump(fastPathStart(), slowPathStart());
     } else
         MacroAssembler::repatchNearCall(m_callLocation, slowPathStart());
 }
@@ -572,11 +567,9 @@ void OptimizingCallLinkInfo::setDirectCallTarget(CodeBlock* codeBlock, CodeLocat
 
     if (isTailCall()) {
         RELEASE_ASSERT(fastPathStart());
-        CCallHelpers::emitJITCodeOver(fastPathStart(), scopedLambda<void(CCallHelpers&)>([&](CCallHelpers& jit) {
-            // We reserved this many bytes for the jump at fastPathStart(). Make that
-            // code nops now so we fall through to the jump to the fast path.
-            jit.emitNops(CCallHelpers::patchableJumpSize());
-        }), "Setting direct call target");
+        // We reserved this many bytes for the jump at fastPathStart(). Make that
+        // code nops now so we fall through to the jump to the fast path.
+        CCallHelpers::replaceWithNops(fastPathStart(), CCallHelpers::patchableJumpSize());
     }
 
     MacroAssembler::repatchNearCall(m_callLocation, target);

diff --git a/Source/JavaScriptCore/bytecode/InlineAccess.cpp b/Source/JavaScriptCore/bytecode/InlineAccess.cpp
@@ -420,15 +420,7 @@ void InlineAccess::rewireStubAsJumpInAccess(CodeBlock* codeBlock, StructureStubI
         return;
     }
 
-    auto target = handler.callTarget();
-    CCallHelpers::emitJITCodeOver(stubInfo.startLocation.retagged<JSInternalPtrTag>(), scopedLambda<void(CCallHelpers&)>([&](CCallHelpers& jit) {
-        // We don't need a nop sled here because nobody should be jumping into the middle of an IC.
-        auto jump = jit.jump();
-        jit.addLinkTask([=] (LinkBuffer& linkBuffer) {
-            linkBuffer.link(jump, CodeLocationLabel { target });
-        });
-    }), "InlineAccess: linking constant jump");
-
+    CCallHelpers::replaceWithJump(stubInfo.startLocation.retagged<JSInternalPtrTag>(), CodeLocationLabel { handler.callTarget() });
 }
 
 void InlineAccess::resetStubAsJumpInAccess(CodeBlock* codeBlock, StructureStubInfo& stubInfo)