Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (293040 => 293041)
--- trunk/Source/_javascript_Core/ChangeLog 2022-04-19 22:10:15 UTC (rev 293040)
+++ trunk/Source/_javascript_Core/ChangeLog 2022-04-19 22:32:38 UTC (rev 293041)
@@ -1,5 +1,22 @@
2022-04-19 Yusuke Suzuki <ysuz...@apple.com>
+ REGRESSION(r292372): cloop crashes on s390x
+ https://bugs.webkit.org/show_bug.cgi?id=238956
+
+ Reviewed by Mark Lam.
+
+ CodeBlock* is stored without tags. So we should just put it as a pointer without PayloadOffset.
+
+ * jit/AssemblyHelpers.h:
+ (JSC::AssemblyHelpers::calleeFrameCodeBlockBeforeCall):
+ (JSC::AssemblyHelpers::calleeFrameCodeBlockBeforeTailCall):
+ * jit/ThunkGenerators.cpp:
+ (JSC::boundFunctionCallGenerator):
+ (JSC::remoteFunctionCallGenerator):
+ * llint/LowLevelInterpreter.asm:
+
+2022-04-19 Yusuke Suzuki <ysuz...@apple.com>
+
Unreviewed, disable UnlinkedDFG code in x64
https://bugs.webkit.org/show_bug.cgi?id=237863
Modified: trunk/Source/_javascript_Core/jit/AssemblyHelpers.h (293040 => 293041)
--- trunk/Source/_javascript_Core/jit/AssemblyHelpers.h 2022-04-19 22:10:15 UTC (rev 293040)
+++ trunk/Source/_javascript_Core/jit/AssemblyHelpers.h 2022-04-19 22:32:38 UTC (rev 293041)
@@ -1259,13 +1259,13 @@
static Address calleeFrameCodeBlockBeforeCall()
{
- return calleeFramePayloadSlot(CallFrameSlot::codeBlock);
+ return calleeFrameSlot(CallFrameSlot::codeBlock);
}
static Address calleeFrameCodeBlockBeforeTailCall()
{
// The stackPointerRegister state is "after the call, but before the function prologue".
- return calleeFramePayloadSlot(CallFrameSlot::codeBlock).withOffset(sizeof(CallerFrameAndPC) - prologueStackPointerDelta());
+ return calleeFrameSlot(CallFrameSlot::codeBlock).withOffset(sizeof(CallerFrameAndPC) - prologueStackPointerDelta());
}
static GPRReg selectScratchGPR(RegisterSet preserved)
Modified: trunk/Source/_javascript_Core/jit/ThunkGenerators.cpp (293040 => 293041)
--- trunk/Source/_javascript_Core/jit/ThunkGenerators.cpp 2022-04-19 22:10:15 UTC (rev 293040)
+++ trunk/Source/_javascript_Core/jit/ThunkGenerators.cpp 2022-04-19 22:32:38 UTC (rev 293041)
@@ -1405,7 +1405,7 @@
CCallHelpers::Address(
GPRInfo::regT0, FunctionExecutable::offsetOfCodeBlockForCall()),
GPRInfo::regT2);
- jit.storeCell(GPRInfo::regT2, CCallHelpers::calleeFrameCodeBlockBeforeCall());
+ jit.storePtr(GPRInfo::regT2, CCallHelpers::calleeFrameCodeBlockBeforeCall());
isNative.link(&jit);
@@ -1566,7 +1566,7 @@
emitPointerValidation(jit, GPRInfo::nonArgGPR0, OperationPtrTag);
jit.call(GPRInfo::nonArgGPR0, OperationPtrTag);
exceptionChecks.append(jit.emitJumpIfException(vm));
- jit.storeCell(GPRInfo::returnValueGPR2, CCallHelpers::calleeFrameCodeBlockBeforeCall());
+ jit.storePtr(GPRInfo::returnValueGPR2, CCallHelpers::calleeFrameCodeBlockBeforeCall());
jit.move(GPRInfo::returnValueGPR, GPRInfo::regT2);
auto materialized = jit.jump();
@@ -1576,7 +1576,7 @@
CCallHelpers::Address(
GPRInfo::regT1, FunctionExecutable::offsetOfCodeBlockForCall()),
GPRInfo::regT3);
- jit.storeCell(GPRInfo::regT3, CCallHelpers::calleeFrameCodeBlockBeforeCall());
+ jit.storePtr(GPRInfo::regT3, CCallHelpers::calleeFrameCodeBlockBeforeCall());
isNative.link(&jit);
materialized.link(&jit);
Modified: trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm (293040 => 293041)
--- trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm 2022-04-19 22:10:15 UTC (rev 293040)
+++ trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm 2022-04-19 22:32:38 UTC (rev 293041)
@@ -1195,7 +1195,7 @@
end
macro prepareForRegularCall(temp1, temp2, temp3, temp4, storeCodeBlock)
- storeCodeBlock(CodeBlock + PayloadOffset - CallerFrameAndPCSize[sp])
+ storeCodeBlock(CodeBlock - CallerFrameAndPCSize[sp])
end
macro invokeForRegularCall(opcodeName, size, opcodeStruct, valueProfileName, dstVirtualRegister, dispatch, callee, maybeOldCFR, callPtrTag)
@@ -1267,7 +1267,7 @@
move temp1, sp
- storeCodeBlock(CodeBlock + PayloadOffset - PrologueStackPointerDelta[sp])
+ storeCodeBlock(CodeBlock - PrologueStackPointerDelta[sp])
end
macro invokeForTailCall(opcodeName, size, opcodeStruct, valueProfileName, dstVirtualRegister, dispatch, callee, maybeOldCFR, callPtrTag)
@@ -2520,7 +2520,7 @@
loadp offsetOfCodeBlock[t5], t0
.callCode:
prepareCall(t5, t2, t3, t4)
- storep t0, CodeBlock + PayloadOffset - PrologueStackPointerDelta[sp]
+ storep t0, CodeBlock - PrologueStackPointerDelta[sp]
jmp t1, JSEntryPtrTag
.notJSFunction:
bbneq JSCell::m_type[t0], InternalFunctionType, slowCase