Commit c3fc031e authored by Kevin Modzelewski's avatar Kevin Modzelewski

Add some checking to make sure that clearing an IC is safe

We clear a patchpoint by writing a jmp-to-slowpath at the beginning.
But there could be a stack frame currently inside the IC, and we
need to be able to invalidate the IC while letting the other frame
return successfully.  So make sure that we don't overwrite
any potential return address.
parent aff2d9a4
...@@ -158,6 +158,7 @@ public: ...@@ -158,6 +158,7 @@ public:
void fillWithNopsExcept(int bytes); void fillWithNopsExcept(int bytes);
void emitAnnotation(int num); void emitAnnotation(int num);
int bytesWritten() { return addr - start_addr; }
uint8_t* curInstPointer() { return addr; } uint8_t* curInstPointer() { return addr; }
bool isExactlyFull() { return addr == end_addr; } bool isExactlyFull() { return addr == end_addr; }
}; };
......
...@@ -256,6 +256,8 @@ void ICInfo::clear(ICSlotInfo* icentry) { ...@@ -256,6 +256,8 @@ void ICInfo::clear(ICSlotInfo* icentry) {
std::unique_ptr<Assembler> writer(new Assembler(start, getSlotSize())); std::unique_ptr<Assembler> writer(new Assembler(start, getSlotSize()));
writer->nop(); writer->nop();
writer->jmp(JumpDestination::fromStart(getSlotSize())); writer->jmp(JumpDestination::fromStart(getSlotSize()));
assert(writer->bytesWritten() <= IC_INVALDITION_HEADER_SIZE);
// std::unique_ptr<MCWriter> writer(createMCWriter(start, getSlotSize(), 0)); // std::unique_ptr<MCWriter> writer(createMCWriter(start, getSlotSize(), 0));
// writer->emitNop(); // writer->emitNop();
// writer->emitGuardFalse(); // writer->emitGuardFalse();
......
...@@ -30,6 +30,8 @@ class TypeRecorder; ...@@ -30,6 +30,8 @@ class TypeRecorder;
class ICInfo; class ICInfo;
class ICInvalidator; class ICInvalidator;
#define IC_INVALDITION_HEADER_SIZE 6
struct ICSlotInfo { struct ICSlotInfo {
public: public:
ICSlotInfo(ICInfo* ic, int idx) : ic(ic), idx(idx), num_inside(0) {} ICSlotInfo(ICInfo* ic, int idx) : ic(ic), idx(idx), num_inside(0) {}
......
...@@ -562,6 +562,16 @@ void Rewriter::_call(RewriterVar* result, bool can_call_into_python, void* func_ ...@@ -562,6 +562,16 @@ void Rewriter::_call(RewriterVar* result, bool can_call_into_python, void* func_
// so just be pessimistic: // so just be pessimistic:
can_call_into_python = true; can_call_into_python = true;
if (can_call_into_python) {
// We need some fixed amount of space at the beginning of the IC that we can use to invalidate
// it by writing a jmp.
// FIXME this check is conservative, since actually we just have to verify that the return
// address is at least IC_INVALDITION_HEADER_SIZE bytes past the beginning, but we're
// checking based on the beginning of the call. I think the load+call might actually
// always larger than the invalidation jmp.
assert(assembler->bytesWritten() >= IC_INVALDITION_HEADER_SIZE);
}
if (can_call_into_python) { if (can_call_into_python) {
if (!marked_inside_ic) { if (!marked_inside_ic) {
// assembler->trap(); // assembler->trap();
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment