Mercurial > mozreview > gecko / changeset / 9ebc49ba5ed56d086b6002e763e3083e18df333c
summary | shortlog | changelog | pushlog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Bug 1471258 Disable CFI icall at JIT function entry points draft
authorTom Ritter <tom@mozilla.com>
Tue, 26 Jun 2018 10:42:21 -0500
changeset 824760 9ebc49ba5ed56d086b6002e763e3083e18df333c
parent 824759 721e60a25b59fca6b756169aac9b1e3482140d62
push id118009
push userbmo:tom@mozilla.com
push dateTue, 31 Jul 2018 20:47:44 +0000
bugs1471258
milestone63.0a1
Bug 1471258 Disable CFI icall at JIT function entry points MozReview-Commit-ID: 2OaqvyWXgiK
js/src/irregexp/RegExpEngine.cpp file | annotate | diff | comparison | revisions
js/src/jit/BaselineJIT.cpp file | annotate | diff | comparison | revisions
js/src/jit/Jit.cpp file | annotate | diff | comparison | revisions
js/src/vm/UnboxedObject.cpp file | annotate | diff | comparison | revisions 
--- a/js/src/irregexp/RegExpEngine.cpp
+++ b/js/src/irregexp/RegExpEngine.cpp
@@ -1859,16 +1859,18 @@ irregexp::CompilePattern(JSContext* cx, 
                                    ? RegExpMacroAssembler::GLOBAL_NO_ZERO_LENGTH_CHECK
                                    : RegExpMacroAssembler::GLOBAL);
     }
 
     return compiler.Assemble(cx, assembler, node, data->capture_count);
 }
 
 template <typename CharT>
+/* Do not apply CFI icall when we enter a JITed function. */
+MOZ_CFI_ICALL_BLACKLIST
 RegExpRunStatus
 irregexp::ExecuteCode(JSContext* cx, jit::JitCode* codeBlock, const CharT* chars, size_t start,
                       size_t length, MatchPairs* matches, size_t* endIndex)
 {
     typedef void (*RegExpCodeSignature)(InputOutputData*);
 
     InputOutputData data(chars, chars + length, start, matches, endIndex);
 
--- a/js/src/jit/BaselineJIT.cpp
+++ b/js/src/jit/BaselineJIT.cpp
@@ -109,16 +109,18 @@ CheckFrame(InterpreterFrame* fp)
         // Fall back to the interpreter to avoid running out of stack space.
         JitSpew(JitSpew_BaselineAbort, "Too many arguments (%u)", fp->numActualArgs());
         return false;
     }
 
     return true;
 }
 
+/* Do not apply CFI icall when we enter a JITed function. */
+MOZ_CFI_ICALL_BLACKLIST
 static JitExecStatus
 EnterBaseline(JSContext* cx, EnterJitData& data)
 {
     MOZ_ASSERT(data.osrFrame);
 
     // Check for potential stack overflow before OSR-ing.
     uint8_t spDummy;
     uint32_t extra = BaselineFrame::Size() + (data.osrNumStackValues * sizeof(Value));
--- a/js/src/jit/Jit.cpp
+++ b/js/src/jit/Jit.cpp
@@ -11,16 +11,18 @@
 #include "jit/JitCommon.h"
 #include "vm/Interpreter.h"
 
 #include "vm/Stack-inl.h"
 
 using namespace js;
 using namespace js::jit;
 
+/* Do not apply CFI icall when we enter a JITed function. */
+MOZ_CFI_ICALL_BLACKLIST
 static EnterJitStatus
 EnterJit(JSContext* cx, RunState& state, uint8_t* code)
 {
     MOZ_ASSERT(state.script()->hasBaselineScript());
     MOZ_ASSERT(code);
     MOZ_ASSERT(IsBaselineEnabled(cx));
 
     if (!CheckRecursionLimit(cx))
--- a/js/src/vm/UnboxedObject.cpp
+++ b/js/src/vm/UnboxedObject.cpp
@@ -831,16 +831,18 @@ UnboxedPlainObject::create(JSContext* cx
         }
         // Unboxed objects don't have Values to initialize.
         MOZ_ASSERT(*(list + 1) == -1);
     }
 
     return uobj;
 }
 
+/* Do not apply CFI icall when we enter a JITed function. */
+MOZ_CFI_ICALL_BLACKLIST
 /* static */ JSObject*
 UnboxedPlainObject::createWithProperties(JSContext* cx, HandleObjectGroup group,
                                          NewObjectKind newKind, IdValuePair* properties)
 {
     MOZ_ASSERT(newKind == GenericObject || newKind == TenuredObject);
 
     {
         AutoSweepObjectGroup sweep(group);
gecko
Deployed from af051c2a8da7 at 2024-04-29T16:08:03Z.