blob: bf60c0d2290b649ddd35170366b350e2397fbe13 [file] [log] [blame]
/*
* Copyright (C) 2012-2021 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
* OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "config.h"
#include "JITThunks.h"
#if ENABLE(JIT)
#include "CommonSlowPaths.h"
#include "JIT.h"
#include "JITCode.h"
#include "JSCJSValueInlines.h"
#include "SlowPathCall.h"
#include "ThunkGenerators.h"
#include "VM.h"
namespace JSC {
JITThunks::JITThunks()
{
}
JITThunks::~JITThunks()
{
}
static inline NativeExecutable& getMayBeDyingNativeExecutable(const Weak<NativeExecutable>& weak)
{
// This never gets Deleted / Empty slots.
WeakImpl* impl = weak.unsafeImpl();
ASSERT(impl);
// We have a callback removing entry when finalizing. This means that we never hold Deallocated entry in HashSet.
ASSERT(impl->state() != WeakImpl::State::Deallocated);
// Never use jsCast here. This is possible that this value is "Dead" but not "Finalized" yet. In this case,
// we can still access to non-JS data, as we are doing in a finalize callback.
auto* executable = static_cast<NativeExecutable*>(impl->jsValue().asCell());
ASSERT(executable);
return *executable;
}
inline unsigned JITThunks::WeakNativeExecutableHash::hash(NativeExecutable* executable)
{
return hash(executable->function(), executable->constructor(), executable->name());
}
inline unsigned JITThunks::WeakNativeExecutableHash::hash(const Weak<NativeExecutable>& key)
{
return hash(&getMayBeDyingNativeExecutable(key));
}
inline bool JITThunks::WeakNativeExecutableHash::equal(NativeExecutable& a, NativeExecutable& b)
{
if (&a == &b)
return true;
return a.function() == b.function() && a.constructor() == b.constructor() && a.name() == b.name();
}
inline bool JITThunks::WeakNativeExecutableHash::equal(const Weak<NativeExecutable>& a, const Weak<NativeExecutable>& b)
{
return equal(getMayBeDyingNativeExecutable(a), getMayBeDyingNativeExecutable(b));
}
inline bool JITThunks::WeakNativeExecutableHash::equal(const Weak<NativeExecutable>& a, NativeExecutable* bExecutable)
{
return equal(getMayBeDyingNativeExecutable(a), *bExecutable);
}
inline bool JITThunks::WeakNativeExecutableHash::equal(const Weak<NativeExecutable>& a, const HostFunctionKey& b)
{
auto& aExecutable = getMayBeDyingNativeExecutable(a);
return aExecutable.function() == std::get<0>(b) && aExecutable.constructor() == std::get<1>(b) && aExecutable.name() == std::get<2>(b);
}
MacroAssemblerCodePtr<JITThunkPtrTag> JITThunks::ctiNativeCall(VM& vm)
{
ASSERT(Options::useJIT());
return ctiStub(vm, nativeCallGenerator).code();
}
MacroAssemblerCodePtr<JITThunkPtrTag> JITThunks::ctiNativeConstruct(VM& vm)
{
ASSERT(Options::useJIT());
return ctiStub(vm, nativeConstructGenerator).code();
}
MacroAssemblerCodePtr<JITThunkPtrTag> JITThunks::ctiNativeTailCall(VM& vm)
{
ASSERT(Options::useJIT());
return ctiStub(vm, nativeTailCallGenerator).code();
}
MacroAssemblerCodePtr<JITThunkPtrTag> JITThunks::ctiNativeTailCallWithoutSavedTags(VM& vm)
{
ASSERT(Options::useJIT());
return ctiStub(vm, nativeTailCallWithoutSavedTagsGenerator).code();
}
MacroAssemblerCodePtr<JITThunkPtrTag> JITThunks::ctiInternalFunctionCall(VM& vm)
{
ASSERT(Options::useJIT());
return ctiStub(vm, internalFunctionCallGenerator).code();
}
MacroAssemblerCodePtr<JITThunkPtrTag> JITThunks::ctiInternalFunctionConstruct(VM& vm)
{
ASSERT(Options::useJIT());
return ctiStub(vm, internalFunctionConstructGenerator).code();
}
template <typename GenerateThunk>
MacroAssemblerCodeRef<JITThunkPtrTag> JITThunks::ctiStubImpl(ThunkGenerator key, GenerateThunk generateThunk)
{
Locker locker { m_lock };
auto handleEntry = [&] (Entry& entry) {
if (entry.needsCrossModifyingCodeFence && !isCompilationThread()) {
// The main thread will issue a crossModifyingCodeFence before running
// any code the compiler thread generates, including any thunks that they
// generate. However, the main thread may grab the thunk a compiler thread
// generated before we've issued that crossModifyingCodeFence. Hence, we
// conservatively say that when the main thread grabs a thunk generated
// from a compiler thread for the first time, it issues a crossModifyingCodeFence.
WTF::crossModifyingCodeFence();
entry.needsCrossModifyingCodeFence = false;
}
return MacroAssemblerCodeRef<JITThunkPtrTag>(*entry.handle);
};
{
auto iter = m_ctiStubMap.find(key);
if (iter != m_ctiStubMap.end())
return handleEntry(iter->value);
}
// We do two lookups on first addition to the hash table because generateThunk may add to it.
MacroAssemblerCodeRef<JITThunkPtrTag> codeRef = generateThunk();
bool needsCrossModifyingCodeFence = isCompilationThread();
auto addResult = m_ctiStubMap.add(key, Entry { PackedRefPtr<ExecutableMemoryHandle>(codeRef.executableMemory()), needsCrossModifyingCodeFence });
RELEASE_ASSERT(addResult.isNewEntry); // Thunks aren't recursive, so anything we generated transitively shouldn't have generated 'key'.
return handleEntry(addResult.iterator->value);
}
MacroAssemblerCodeRef<JITThunkPtrTag> JITThunks::ctiStub(VM& vm, ThunkGenerator generator)
{
return ctiStubImpl(generator, [&] {
return generator(vm);
});
}
MacroAssemblerCodeRef<JITThunkPtrTag> JITThunks::ctiSlowPathFunctionStub(VM& vm, SlowPathFunction slowPathFunction)
{
auto key = bitwise_cast<ThunkGenerator>(slowPathFunction);
return ctiStubImpl(key, [&] {
return JITSlowPathCall::generateThunk(vm, slowPathFunction);
});
}
struct JITThunks::HostKeySearcher {
static unsigned hash(const HostFunctionKey& key) { return WeakNativeExecutableHash::hash(key); }
static bool equal(const Weak<NativeExecutable>& a, const HostFunctionKey& b) { return WeakNativeExecutableHash::equal(a, b); }
};
struct JITThunks::NativeExecutableTranslator {
static unsigned hash(NativeExecutable* key) { return WeakNativeExecutableHash::hash(key); }
static bool equal(const Weak<NativeExecutable>& a, NativeExecutable* b) { return WeakNativeExecutableHash::equal(a, b); }
static void translate(Weak<NativeExecutable>& location, NativeExecutable* executable, unsigned)
{
location = Weak<NativeExecutable>(executable, executable->vm().jitStubs.get());
}
};
void JITThunks::finalize(Handle<Unknown> handle, void*)
{
auto* nativeExecutable = static_cast<NativeExecutable*>(handle.get().asCell());
auto hostFunctionKey = std::make_tuple(nativeExecutable->function(), nativeExecutable->constructor(), nativeExecutable->name());
{
DisallowGC disallowGC;
auto iterator = m_nativeExecutableSet.find<HostKeySearcher>(hostFunctionKey);
// Because this finalizer is called, this means that we still have dead Weak<> in m_nativeExecutableSet.
ASSERT(iterator != m_nativeExecutableSet.end());
ASSERT(iterator->unsafeImpl()->state() == WeakImpl::State::Finalized);
m_nativeExecutableSet.remove(iterator);
}
}
NativeExecutable* JITThunks::hostFunctionStub(VM& vm, TaggedNativeFunction function, TaggedNativeFunction constructor, const String& name)
{
return hostFunctionStub(vm, function, constructor, nullptr, NoIntrinsic, nullptr, name);
}
NativeExecutable* JITThunks::hostFunctionStub(VM& vm, TaggedNativeFunction function, TaggedNativeFunction constructor, ThunkGenerator generator, Intrinsic intrinsic, const DOMJIT::Signature* signature, const String& name)
{
ASSERT(!isCompilationThread());
ASSERT(Options::useJIT());
auto hostFunctionKey = std::make_tuple(function, constructor, name);
{
DisallowGC disallowGC;
auto iterator = m_nativeExecutableSet.find<HostKeySearcher>(hostFunctionKey);
if (iterator != m_nativeExecutableSet.end()) {
// It is possible that this returns Weak<> which is Dead, but not finalized.
// We should not use this reference to store value created in the subsequent sequence, since allocating NativeExecutable can cause GC, which changes this Set.
if (auto* executable = iterator->get())
return executable;
}
}
RefPtr<JITCode> forCall;
if (generator) {
MacroAssemblerCodeRef<JSEntryPtrTag> entry = generator(vm).retagged<JSEntryPtrTag>();
forCall = adoptRef(new DirectJITCode(entry, entry.code(), JITType::HostCallThunk, intrinsic));
} else if (signature)
forCall = adoptRef(new NativeDOMJITCode(MacroAssemblerCodeRef<JSEntryPtrTag>::createSelfManagedCodeRef(ctiNativeCall(vm).retagged<JSEntryPtrTag>()), JITType::HostCallThunk, intrinsic, signature));
else
forCall = adoptRef(new NativeJITCode(MacroAssemblerCodeRef<JSEntryPtrTag>::createSelfManagedCodeRef(ctiNativeCall(vm).retagged<JSEntryPtrTag>()), JITType::HostCallThunk, intrinsic));
Ref<JITCode> forConstruct = adoptRef(*new NativeJITCode(MacroAssemblerCodeRef<JSEntryPtrTag>::createSelfManagedCodeRef(ctiNativeConstruct(vm).retagged<JSEntryPtrTag>()), JITType::HostCallThunk, NoIntrinsic));
NativeExecutable* nativeExecutable = NativeExecutable::create(vm, forCall.releaseNonNull(), function, WTFMove(forConstruct), constructor, name);
{
DisallowGC disallowGC;
auto addResult = m_nativeExecutableSet.add<NativeExecutableTranslator>(nativeExecutable);
if (!addResult.isNewEntry) {
// Override the existing Weak<NativeExecutable> with the new one since it is dead.
ASSERT(!*addResult.iterator);
*addResult.iterator = Weak<NativeExecutable>(nativeExecutable, this);
ASSERT(*addResult.iterator);
#if ASSERT_ENABLED
auto iterator = m_nativeExecutableSet.find<HostKeySearcher>(hostFunctionKey);
ASSERT(iterator != m_nativeExecutableSet.end());
ASSERT(iterator->get() == nativeExecutable);
ASSERT(iterator->unsafeImpl()->state() == WeakImpl::State::Live);
#endif
}
}
return nativeExecutable;
}
NativeExecutable* JITThunks::hostFunctionStub(VM& vm, TaggedNativeFunction function, ThunkGenerator generator, Intrinsic intrinsic, const String& name)
{
return hostFunctionStub(vm, function, callHostFunctionAsConstructor, generator, intrinsic, nullptr, name);
}
} // namespace JSC
#endif // ENABLE(JIT)