Title: [225697] trunk/Source/_javascript_Core
- Revision
- 225697
- Author
- mark....@apple.com
- Date
- 2017-12-08 13:38:02 -0800 (Fri, 08 Dec 2017)
Log Message
Need to unpoison native function pointers for CLoop.
https://bugs.webkit.org/show_bug.cgi?id=180601
<rdar://problem/35942028>
Reviewed by JF Bastien.
* llint/LowLevelInterpreter64.asm:
Modified Paths
Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (225696 => 225697)
--- trunk/Source/_javascript_Core/ChangeLog 2017-12-08 20:33:53 UTC (rev 225696)
+++ trunk/Source/_javascript_Core/ChangeLog 2017-12-08 21:38:02 UTC (rev 225697)
@@ -1,3 +1,13 @@
+2017-12-08 Mark Lam <mark....@apple.com>
+
+ Need to unpoison native function pointers for CLoop.
+ https://bugs.webkit.org/show_bug.cgi?id=180601
+ <rdar://problem/35942028>
+
+ Reviewed by JF Bastien.
+
+ * llint/LowLevelInterpreter64.asm:
+
2017-12-08 Michael Saboff <msab...@apple.com>
YARR: JIT RegExps with greedy parenthesized sub patterns
Modified: trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm (225696 => 225697)
--- trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm 2017-12-08 20:33:53 UTC (rev 225696)
+++ trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm 2017-12-08 21:38:02 UTC (rev 225697)
@@ -2076,7 +2076,9 @@
loadp JSFunction::m_executable[t1], t1
checkStackPointerAlignment(t3, 0xdead0001)
if C_LOOP
- cloopCallNative executableOffsetToFunction[t1]
+ loadp _g_nativeCodePoison, t2
+ xorp executableOffsetToFunction[t1], t2
+ cloopCallNative t2
else
if X86_64_WIN
subp 32, sp
@@ -2117,7 +2119,9 @@
loadp Callee[cfr], t1
checkStackPointerAlignment(t3, 0xdead0001)
if C_LOOP
- cloopCallNative offsetOfFunction[t1]
+ loadp _g_nativeCodePoison, t2
+ xorp offsetOfFunction[t1], t2
+ cloopCallNative t2
else
if X86_64_WIN
subp 32, sp
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
