From b420ac14cdd37fcef0b33bdbca2c10240f0f3272 Mon Sep 17 00:00:00 2001 From: Zoltan Herczeg Date: Thu, 21 Mar 2013 14:51:21 +0100 Subject: ARMv7 replaceWithJump ASSERT failure after r135330. https://bugs.webkit.org/show_bug.cgi?id=103146 Reviewed by Filip Pizlo. On Linux, the 24 bit distance range of jumps sometimes does not enough to cover all targets addresses. This patch supports jumps outside of this range using a mov/movt/bx 10 byte long sequence. * assembler/ARMv7Assembler.h: (ARMv7Assembler): (JSC::ARMv7Assembler::revertJumpTo_movT3movtcmpT2): (JSC::ARMv7Assembler::nopw): (JSC::ARMv7Assembler::label): (JSC::ARMv7Assembler::replaceWithJump): (JSC::ARMv7Assembler::maxJumpReplacementSize): * assembler/MacroAssemblerARMv7.h: (JSC::MacroAssemblerARMv7::revertJumpReplacementToBranchPtrWithPatch): Change-Id: Ic90230b5f5d74023b5476897966a01ce7152071a git-svn-id: http://svn.webkit.org/repository/webkit/trunk@146396 268f45cc-cd09-0410-ab3c-d52691b4dbfc Reviewed-by: Jocelyn Turcotte Reviewed-by: Andras Becsi --- Source/JavaScriptCore/assembler/ARMv7Assembler.h | 45 ++++++++++++++++++++++-- 1 file changed, 42 insertions(+), 3 deletions(-) (limited to 'Source/JavaScriptCore/assembler/ARMv7Assembler.h') diff --git a/Source/JavaScriptCore/assembler/ARMv7Assembler.h b/Source/JavaScriptCore/assembler/ARMv7Assembler.h index b93ec6e63..70eb2f0ba 100644 --- a/Source/JavaScriptCore/assembler/ARMv7Assembler.h +++ b/Source/JavaScriptCore/assembler/ARMv7Assembler.h @@ -1262,6 +1262,20 @@ public: m_formatter.twoWordOp5i6Imm4Reg4EncodedImm(OP_MOV_imm_T3, imm.m_value.imm4, rd, imm); } +#if OS(LINUX) + static void revertJumpTo_movT3movtcmpT2(void* instructionStart, RegisterID left, RegisterID right, uintptr_t imm) + { + uint16_t* address = static_cast(instructionStart); + ARMThumbImmediate lo16 = ARMThumbImmediate::makeUInt16(static_cast(imm)); + ARMThumbImmediate hi16 = ARMThumbImmediate::makeUInt16(static_cast(imm >> 16)); + address[0] = twoWordOp5i6Imm4Reg4EncodedImmFirst(OP_MOV_imm_T3, lo16); + address[1] = twoWordOp5i6Imm4Reg4EncodedImmSecond(right, lo16); + address[2] = twoWordOp5i6Imm4Reg4EncodedImmFirst(OP_MOVT, hi16); + address[3] = twoWordOp5i6Imm4Reg4EncodedImmSecond(right, hi16); + address[4] = OP_CMP_reg_T2 | left; + cacheFlush(address, sizeof(uint16_t) * 5); + } +#else static void revertJumpTo_movT3(void* instructionStart, RegisterID rd, ARMThumbImmediate imm) { ASSERT(imm.isValid()); @@ -1273,6 +1287,7 @@ public: address[1] = twoWordOp5i6Imm4Reg4EncodedImmSecond(rd, imm); cacheFlush(address, sizeof(uint16_t) * 2); } +#endif ALWAYS_INLINE void mov(RegisterID rd, ARMThumbImmediate imm) { @@ -1858,7 +1873,12 @@ public: { m_formatter.oneWordOp8Imm8(OP_NOP_T1, 0); } - + + void nopw() + { + m_formatter.twoWordOp16Op16(OP_NOP_T2a, OP_NOP_T2b); + } + AssemblerLabel labelIgnoringWatchpoints() { return m_formatter.label(); @@ -1878,7 +1898,10 @@ public: { AssemblerLabel result = m_formatter.label(); while (UNLIKELY(static_cast(result.m_offset) < m_indexOfTailOfLastWatchpoint)) { - nop(); + if (UNLIKELY(static_cast(result.m_offset) + 4 <= m_indexOfTailOfLastWatchpoint)) + nopw(); + else + nop(); result = m_formatter.label(); } return result; @@ -2136,15 +2159,31 @@ public: { ASSERT(!(bitwise_cast(instructionStart) & 1)); ASSERT(!(bitwise_cast(to) & 1)); + +#if OS(LINUX) + if (canBeJumpT4(reinterpret_cast(instructionStart), to)) { + uint16_t* ptr = reinterpret_cast(instructionStart) + 2; + linkJumpT4(ptr, to); + cacheFlush(ptr - 2, sizeof(uint16_t) * 2); + } else { + uint16_t* ptr = reinterpret_cast(instructionStart) + 5; + linkBX(ptr, to); + cacheFlush(ptr - 5, sizeof(uint16_t) * 5); + } +#else uint16_t* ptr = reinterpret_cast(instructionStart) + 2; - linkJumpT4(ptr, to); cacheFlush(ptr - 2, sizeof(uint16_t) * 2); +#endif } static ptrdiff_t maxJumpReplacementSize() { +#if OS(LINUX) + return 10; +#else return 4; +#endif } static void replaceWithLoad(void* instructionStart) -- cgit v1.2.1 From aba7f74b2f2637cb8b0034e0a5948d07ad9f1bb8 Mon Sep 17 00:00:00 2001 From: Cosmin Truta Date: Thu, 21 Mar 2013 14:52:25 +0100 Subject: [QNX][ARM] REGRESSION(r135330): Various failures in Octane https://bugs.webkit.org/show_bug.cgi?id=112863 Reviewed by Yong Li. This was fixed in http://trac.webkit.org/changeset/146396 on Linux only. Enable this fix on QNX. * assembler/ARMv7Assembler.h: (ARMv7Assembler): (JSC::ARMv7Assembler::replaceWithJump): (JSC::ARMv7Assembler::maxJumpReplacementSize): * assembler/MacroAssemblerARMv7.h: (JSC::MacroAssemblerARMv7::revertJumpReplacementToBranchPtrWithPatch): Change-Id: Ib9ced675a08b9351ddf36185140adeb1cfb24ee3 git-svn-id: http://svn.webkit.org/repository/webkit/trunk@146429 268f45cc-cd09-0410-ab3c-d52691b4dbfc Reviewed-by: Jocelyn Turcotte Reviewed-by: Andras Becsi --- Source/JavaScriptCore/assembler/ARMv7Assembler.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'Source/JavaScriptCore/assembler/ARMv7Assembler.h') diff --git a/Source/JavaScriptCore/assembler/ARMv7Assembler.h b/Source/JavaScriptCore/assembler/ARMv7Assembler.h index 70eb2f0ba..aa402e208 100644 --- a/Source/JavaScriptCore/assembler/ARMv7Assembler.h +++ b/Source/JavaScriptCore/assembler/ARMv7Assembler.h @@ -1262,7 +1262,7 @@ public: m_formatter.twoWordOp5i6Imm4Reg4EncodedImm(OP_MOV_imm_T3, imm.m_value.imm4, rd, imm); } -#if OS(LINUX) +#if OS(LINUX) || OS(QNX) static void revertJumpTo_movT3movtcmpT2(void* instructionStart, RegisterID left, RegisterID right, uintptr_t imm) { uint16_t* address = static_cast(instructionStart); @@ -2160,7 +2160,7 @@ public: ASSERT(!(bitwise_cast(instructionStart) & 1)); ASSERT(!(bitwise_cast(to) & 1)); -#if OS(LINUX) +#if OS(LINUX) || OS(QNX) if (canBeJumpT4(reinterpret_cast(instructionStart), to)) { uint16_t* ptr = reinterpret_cast(instructionStart) + 2; linkJumpT4(ptr, to); @@ -2179,7 +2179,7 @@ public: static ptrdiff_t maxJumpReplacementSize() { -#if OS(LINUX) +#if OS(LINUX) || OS(QNX) return 10; #else return 4; -- cgit v1.2.1