[INFER] Perform an indirect jump at the end of native stubs on x64, bug 639967.

2024-09-13 09:24:08 -07:00 · 2011-05-09 14:00:32 -07:00 · 2011-05-09 14:00:32 -07:00 · e5027c0d64
commit e5027c0d64
parent aae52a8f74
3 changed files with 27 additions and 9 deletions
--- a/js/src/methodjit/MonoIC.cpp
+++ b/js/src/methodjit/MonoIC.cpp
@ -973,8 +973,13 @@ class CallCompiler : public BaseCompiler
        Jump hasException = masm.branchTest32(Assembler::Zero, Registers::ReturnReg,
                                              Registers::ReturnReg);

-
+#ifdef JS_CPU_X64
+        void *slowJoin = ic.slowPathStart.labelAtOffset(ic.slowJoinOffset).executableAddress();
+        DataLabelPtr done = masm.moveWithPatch(ImmPtr(slowJoin), Registers::ValueReg);
+        masm.jump(Registers::ValueReg);
+#else
        Jump done = masm.jump();
+#endif

        /* Move JaegerThrowpoline into register for very far jump on x64. */
        hasException.linkTo(masm.label(), &masm);
@ -992,18 +997,20 @@ class CallCompiler : public BaseCompiler
            return true;
        }

-        ic.nativeFunGuard = linker.locationOf(funGuard);
        ic.nativeJump = linker.locationOf(done);

+#ifndef JS_CPU_X64
        linker.link(done, ic.slowPathStart.labelAtOffset(ic.slowJoinOffset));
+#endif
+
        linker.link(funGuard, ic.slowPathStart);
-        ic.nativeStart = linker.finalize();
+        JSC::CodeLocationLabel start = linker.finalize();

        JaegerSpew(JSpew_PICs, "generated native CALL stub %p (%d bytes)\n",
-                   ic.nativeStart.executableAddress(), masm.size());
+                   start.executableAddress(), masm.size());

        Repatcher repatch(jit);
-        repatch.relink(ic.funJump, ic.nativeStart);
+        repatch.relink(ic.funJump, start);

        return true;
    }
--- a/js/src/methodjit/MonoIC.h
+++ b/js/src/methodjit/MonoIC.h
@ -236,10 +236,16 @@ struct CallICInfo {
    /* Inline to OOL jump, redirected by stubs. */
    JSC::CodeLocationJump funJump;

-    /* Native stub info patched up when stealing during recompilation. */
-    JSC::CodeLocationLabel nativeStart;
-    JSC::CodeLocationJump nativeFunGuard;
+    /*
+     * Native stub fallthrough jump which may be patched during recompilation.
+     * On x64 this is an indirect jump to avoid issues with far jumps on
+     * relative branches.
+     */
+#ifdef JS_CPU_X64
+    JSC::CodeLocationDataLabelPtr nativeJump;
+#else
    JSC::CodeLocationJump nativeJump;
+#endif

    /* Offset to inline scripted call, from funGuard. */
    uint32 hotJumpOffset   : 16;
--- a/js/src/methodjit/Retcon.cpp
+++ b/js/src/methodjit/Retcon.cpp
@ -149,9 +149,14 @@ Recompiler::patchNative(JSContext *cx, JITScript *jit, StackFrame *fp, jsbytecod

    /* Patch the native fallthrough to go to the interpoline. */
    {
+        void *interpoline = JS_FUNC_TO_DATA_PTR(void *, JaegerInterpoline);
        uint8 *start = (uint8 *)ic.nativeJump.executableAddress();
        JSC::RepatchBuffer repatch(JSC::JITCode(start - 32, 64));
-        repatch.relink(ic.nativeJump, JSC::CodeLocationLabel(JS_FUNC_TO_DATA_PTR(void *, JaegerInterpoline)));
+#ifdef JS_CPU_X64
+        repatch.repatch(ic.nativeJump, interpoline);
+#else
+        repatch.relink(ic.nativeJump, JSC::CodeLocationLabel(interpoline));
+#endif
    }

    /* :XXX: We leak the pool if this fails. Oh well. */