Closed Bug 1470904 Opened 6 years ago Closed 6 years ago

Implement realm switching for scripted calls

Categories

(Core :: JavaScript Engine, enhancement)

enhancement
Not set
normal

Tracking

()

RESOLVED FIXED
mozilla63
Tracking Status
firefox63 --- fixed

People

(Reporter: jandem, Assigned: jandem)

References

Details

Attachments

(2 files)

      No description provided.
I had some smaller patches for this but it became a bit of a mess so I folded them into one :/

We assert in the prologue that cx->realm == script->realm, a nice way to find call sites that need to switch realms. AFAIK this patch fixes all scripted calls (including accessors and generators) that do not involve Wasm.

The fun.call/apply stubs in Baseline for scripted functions always switch realms, I think that's okay. The other places only have the perf overhead for definitely cross-realm calls or for polymorphic calls.

This is sort of a nice milestone because we can now write useful tests for various things, even though exception handling etc needs more work.
Attachment #8987522 - Flags: review?(luke)
Comment on attachment 8987522 [details] [diff] [review]
Switch realms before/after scripted calls if needed

Review of attachment 8987522 [details] [diff] [review]:
-----------------------------------------------------------------

Asserting in the prologue is a great idea and will be good combined with fuzzing.
Attachment #8987522 - Flags: review?(luke) → review+
Comment on attachment 8987832 [details] [diff] [review]
Part 2 - Reset cx->realm in the JIT exception handler

Review of attachment 8987832 [details] [diff] [review]:
-----------------------------------------------------------------

Nice
Attachment #8987832 - Flags: review?(luke) → review+
Pushed by jandemooij@gmail.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/ebbddded3292
part 1 - Switch realms before/after scripted calls if needed. r=luke
https://hg.mozilla.org/integration/mozilla-inbound/rev/93ba46b494ba
part 2 - Reset cx->realm in the JIT exception handler. r=luke
https://hg.mozilla.org/mozilla-central/rev/ebbddded3292
https://hg.mozilla.org/mozilla-central/rev/93ba46b494ba
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla63
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: