From eec4a0fd3635809bc3a25d2b039d97c619ca0462 Mon Sep 17 00:00:00 2001
From: Jon Coppeard <jcoppeard@mozilla.com>
Date: Thu, 14 Aug 2014 11:46:55 +0100
Subject: [PATCH] Bug 650161 - Update pointers in TraceDataRelocations
 r=mjrosenb

---
 js/src/jit/arm/Assembler-arm.cpp           | 43 +++++++++++++++-------
 js/src/jit/mips/Assembler-mips.cpp         |  2 +
 js/src/jit/shared/Assembler-x86-shared.cpp |  2 +-
 3 files changed, 32 insertions(+), 15 deletions(-)

diff --git a/js/src/jit/arm/Assembler-arm.cpp b/js/src/jit/arm/Assembler-arm.cpp
index 220486b56eef..b519dacf3b9c 100644
--- a/js/src/jit/arm/Assembler-arm.cpp
+++ b/js/src/jit/arm/Assembler-arm.cpp
@@ -795,36 +795,49 @@ Assembler::TraceJumpRelocations(JSTracer *trc, JitCode *code, CompactBufferReade
     }
 }
 
+template <class Iter>
 static void
-TraceDataRelocations(JSTracer *trc, uint8_t *buffer, CompactBufferReader &reader)
+TraceOneDataRelocation(JSTracer *trc, Iter *iter, MacroAssemblerARM *masm)
+{
+    Instruction *ins = iter->cur();
+    Register dest;
+    Assembler::RelocStyle rs;
+    const void *prior = Assembler::GetPtr32Target(iter, &dest, &rs);
+    void *ptr = const_cast<void *>(prior);
+
+    // No barrier needed since these are constants.
+    gc::MarkGCThingUnbarriered(trc, &ptr, "ion-masm-ptr");
+
+    if (ptr != prior)
+        masm->ma_movPatchable(Imm32(int32_t(ptr)), dest, Assembler::Always, rs, ins);
+}
+
+static void
+TraceDataRelocations(JSTracer *trc, uint8_t *buffer, CompactBufferReader &reader,
+                     MacroAssemblerARM *masm)
 {
     while (reader.more()) {
         size_t offset = reader.readUnsigned();
         InstructionIterator iter((Instruction*)(buffer + offset));
-        void *ptr = const_cast<uint32_t *>(Assembler::GetPtr32Target(&iter));
-        // No barrier needed since these are constants.
-        gc::MarkGCThingUnbarriered(trc, reinterpret_cast<void **>(&ptr), "ion-masm-ptr");
+        TraceOneDataRelocation(trc, &iter, masm);
     }
-
 }
+
 static void
 TraceDataRelocations(JSTracer *trc, ARMBuffer *buffer,
-                     Vector<BufferOffset, 0, SystemAllocPolicy> *locs)
+                     Vector<BufferOffset, 0, SystemAllocPolicy> *locs, MacroAssemblerARM *masm)
 {
     for (unsigned int idx = 0; idx < locs->length(); idx++) {
         BufferOffset bo = (*locs)[idx];
         ARMBuffer::AssemblerBufferInstIterator iter(bo, buffer);
-        void *ptr = const_cast<uint32_t *>(Assembler::GetPtr32Target(&iter));
-
-        // No barrier needed since these are constants.
-        gc::MarkGCThingUnbarriered(trc, reinterpret_cast<void **>(&ptr), "ion-masm-ptr");
+        TraceOneDataRelocation(trc, &iter, masm);
     }
-
 }
+
 void
 Assembler::TraceDataRelocations(JSTracer *trc, JitCode *code, CompactBufferReader &reader)
 {
-    ::TraceDataRelocations(trc, code->raw(), reader);
+    ::TraceDataRelocations(trc, code->raw(), reader, static_cast<MacroAssemblerARM *>(Dummy));
 }
 
 void
@@ -860,8 +873,10 @@ Assembler::trace(JSTracer *trc)
         }
     }
 
-    if (tmpDataRelocations_.length())
-        ::TraceDataRelocations(trc, &m_buffer, &tmpDataRelocations_);
+    if (tmpDataRelocations_.length()) {
+        ::TraceDataRelocations(trc, &m_buffer, &tmpDataRelocations_,
+                               static_cast<MacroAssemblerARM *>(this));
+    }
 }
 
 void
diff --git a/js/src/jit/mips/Assembler-mips.cpp b/js/src/jit/mips/Assembler-mips.cpp
index 58a077255fc8..0ba04c834be9 100644
--- a/js/src/jit/mips/Assembler-mips.cpp
+++ b/js/src/jit/mips/Assembler-mips.cpp
@@ -262,6 +262,7 @@ TraceDataRelocations(JSTracer *trc, uint8_t *buffer, CompactBufferReader &reader
 
         // No barrier needed since these are constants.
         gc::MarkGCThingUnbarriered(trc, reinterpret_cast<void **>(&ptr), "ion-masm-ptr");
+        Assembler::UpdateLuiOriValue(inst, inst->next(), uint32_t(ptr));
     }
 }
 
@@ -276,6 +277,7 @@ TraceDataRelocations(JSTracer *trc, MIPSBuffer *buffer, CompactBufferReader &rea
 
         // No barrier needed since these are constants.
         gc::MarkGCThingUnbarriered(trc, reinterpret_cast<void **>(&ptr), "ion-masm-ptr");
+        Assembler::UpdateLuiOriValue(iter.cur(), iter.next(), uint32_t(ptr));
     }
 }
 
diff --git a/js/src/jit/shared/Assembler-x86-shared.cpp b/js/src/jit/shared/Assembler-x86-shared.cpp
index 53fd21018568..665d80835418 100644
--- a/js/src/jit/shared/Assembler-x86-shared.cpp
+++ b/js/src/jit/shared/Assembler-x86-shared.cpp
@@ -54,7 +54,7 @@ TraceDataRelocations(JSTracer *trc, uint8_t *buffer, CompactBufferReader &reader
             layout.asBits = *word;
             Value v = IMPL_TO_JSVAL(layout);
             gc::MarkValueUnbarriered(trc, &v, "ion-masm-value");
-            JS_ASSERT(*word == JSVAL_TO_IMPL(v).asBits);
+            *word = JSVAL_TO_IMPL(v).asBits;
             continue;
         }
 #endif