summary refs log tree commit diff
path: root/gnu/packages/patches/icecat-CVE-2014-8634-pt1.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/icecat-CVE-2014-8634-pt1.patch')
-rw-r--r--gnu/packages/patches/icecat-CVE-2014-8634-pt1.patch410
1 files changed, 0 insertions, 410 deletions
diff --git a/gnu/packages/patches/icecat-CVE-2014-8634-pt1.patch b/gnu/packages/patches/icecat-CVE-2014-8634-pt1.patch
deleted file mode 100644
index 3d2f81e24a..0000000000
--- a/gnu/packages/patches/icecat-CVE-2014-8634-pt1.patch
+++ /dev/null
@@ -1,410 +0,0 @@
-From 4f447768a2ff6bf37d462e033c11e20c733129ba Mon Sep 17 00:00:00 2001
-From: Jan de Mooij <jdemooij@mozilla.com>
-Date: Tue, 16 Dec 2014 22:52:51 +0100
-Subject: [PATCH] Bug 1109889 - Share more exception handling code. r=nbp,
- a=abillings
-
----
- js/src/jit/Ion.cpp                            | 11 ++++++++++-
- js/src/jit/IonMacroAssembler.cpp              |  8 ++++----
- js/src/jit/JitCompartment.h                   |  8 ++++++--
- js/src/jit/arm/MacroAssembler-arm.cpp         | 11 ++---------
- js/src/jit/arm/MacroAssembler-arm.h           |  6 ++++--
- js/src/jit/arm/Trampoline-arm.cpp             |  4 ++--
- js/src/jit/mips/MacroAssembler-mips.cpp       | 11 ++---------
- js/src/jit/mips/MacroAssembler-mips.h         |  7 +++++--
- js/src/jit/mips/Trampoline-mips.cpp           |  4 ++--
- js/src/jit/shared/MacroAssembler-x86-shared.h |  3 +++
- js/src/jit/x64/MacroAssembler-x64.cpp         | 11 ++---------
- js/src/jit/x64/MacroAssembler-x64.h           |  3 +--
- js/src/jit/x64/Trampoline-x64.cpp             |  4 ++--
- js/src/jit/x86/MacroAssembler-x86.cpp         | 11 ++---------
- js/src/jit/x86/MacroAssembler-x86.h           |  3 +--
- js/src/jit/x86/Trampoline-x86.cpp             |  4 ++--
- 16 files changed, 50 insertions(+), 59 deletions(-)
-
-diff --git a/js/src/jit/Ion.cpp b/js/src/jit/Ion.cpp
-index 9635742..a77f9b4 100644
---- a/js/src/jit/Ion.cpp
-+++ b/js/src/jit/Ion.cpp
-@@ -150,6 +150,7 @@ JitRuntime::JitRuntime()
-   : execAlloc_(nullptr),
-     ionAlloc_(nullptr),
-     exceptionTail_(nullptr),
-+    exceptionTailParallel_(nullptr),
-     bailoutTail_(nullptr),
-     enterJIT_(nullptr),
-     bailoutHandler_(nullptr),
-@@ -198,10 +199,18 @@ JitRuntime::initialize(JSContext *cx)
-         return false;
- 
-     IonSpew(IonSpew_Codegen, "# Emitting exception tail stub");
--    exceptionTail_ = generateExceptionTailStub(cx);
-+
-+    void *handler = JS_FUNC_TO_DATA_PTR(void *, jit::HandleException);
-+    void *handlerParallel = JS_FUNC_TO_DATA_PTR(void *, jit::HandleParallelFailure);
-+
-+    exceptionTail_ = generateExceptionTailStub(cx, handler);
-     if (!exceptionTail_)
-         return false;
- 
-+    exceptionTailParallel_ = generateExceptionTailStub(cx, handlerParallel);
-+    if (!exceptionTailParallel_)
-+        return false;
-+
-     IonSpew(IonSpew_Codegen, "# Emitting bailout tail stub");
-     bailoutTail_ = generateBailoutTailStub(cx);
-     if (!bailoutTail_)
-diff --git a/js/src/jit/IonMacroAssembler.cpp b/js/src/jit/IonMacroAssembler.cpp
-index 2326fe1..9f7cc8f 100644
---- a/js/src/jit/IonMacroAssembler.cpp
-+++ b/js/src/jit/IonMacroAssembler.cpp
-@@ -1030,18 +1030,18 @@ MacroAssembler::handleFailure(ExecutionMode executionMode)
-         sps_->skipNextReenter();
-     leaveSPSFrame();
- 
--    void *handler;
-+    JitCode *excTail;
-     switch (executionMode) {
-       case SequentialExecution:
--        handler = JS_FUNC_TO_DATA_PTR(void *, jit::HandleException);
-+        excTail = GetIonContext()->runtime->jitRuntime()->getExceptionTail();
-         break;
-       case ParallelExecution:
--        handler = JS_FUNC_TO_DATA_PTR(void *, jit::HandleParallelFailure);
-+        excTail = GetIonContext()->runtime->jitRuntime()->getExceptionTailParallel();
-         break;
-       default:
-         MOZ_ASSUME_UNREACHABLE("No such execution mode");
-     }
--    MacroAssemblerSpecific::handleFailureWithHandler(handler);
-+    jump(excTail);
- 
-     // Doesn't actually emit code, but balances the leave()
-     if (sps_)
-diff --git a/js/src/jit/JitCompartment.h b/js/src/jit/JitCompartment.h
-index 486a29d..475a685 100644
---- a/js/src/jit/JitCompartment.h
-+++ b/js/src/jit/JitCompartment.h
-@@ -153,8 +153,9 @@ class JitRuntime
-     // need for explicit interrupt checks.
-     JSC::ExecutableAllocator *ionAlloc_;
- 
--    // Shared post-exception-handler tail
-+    // Shared exception-handler tail.
-     JitCode *exceptionTail_;
-+    JitCode *exceptionTailParallel_;
- 
-     // Shared post-bailout-handler tail.
-     JitCode *bailoutTail_;
-@@ -214,7 +215,7 @@ class JitRuntime
-     InlineList<PatchableBackedge> backedgeList_;
- 
-   private:
--    JitCode *generateExceptionTailStub(JSContext *cx);
-+    JitCode *generateExceptionTailStub(JSContext *cx, void *handler);
-     JitCode *generateBailoutTailStub(JSContext *cx);
-     JitCode *generateEnterJIT(JSContext *cx, EnterJitType type);
-     JitCode *generateArgumentsRectifier(JSContext *cx, ExecutionMode mode, void **returnAddrOut);
-@@ -287,6 +288,9 @@ class JitRuntime
-     JitCode *getExceptionTail() const {
-         return exceptionTail_;
-     }
-+    JitCode *getExceptionTailParallel() const {
-+        return exceptionTailParallel_;
-+    }
- 
-     JitCode *getBailoutTail() const {
-         return bailoutTail_;
-diff --git a/js/src/jit/arm/MacroAssembler-arm.cpp b/js/src/jit/arm/MacroAssembler-arm.cpp
-index b34483c..63b3ff2 100644
---- a/js/src/jit/arm/MacroAssembler-arm.cpp
-+++ b/js/src/jit/arm/MacroAssembler-arm.cpp
-@@ -3984,25 +3984,18 @@ MacroAssemblerARMCompat::callWithABI(const Address &fun, MoveOp::Type result)
- }
- 
- void
--MacroAssemblerARMCompat::handleFailureWithHandler(void *handler)
-+MacroAssemblerARMCompat::handleFailureWithHandlerTail(void *handler)
- {
-     // Reserve space for exception information.
-     int size = (sizeof(ResumeFromException) + 7) & ~7;
-     ma_sub(Imm32(size), sp);
-     ma_mov(sp, r0);
- 
--    // Ask for an exception handler.
-+    // Call the handler.
-     setupUnalignedABICall(1, r1);
-     passABIArg(r0);
-     callWithABI(handler);
- 
--    JitCode *excTail = GetIonContext()->runtime->jitRuntime()->getExceptionTail();
--    branch(excTail);
--}
--
--void
--MacroAssemblerARMCompat::handleFailureWithHandlerTail()
--{
-     Label entryFrame;
-     Label catch_;
-     Label finally;
-diff --git a/js/src/jit/arm/MacroAssembler-arm.h b/js/src/jit/arm/MacroAssembler-arm.h
-index 00e8a03..6ccc0be 100644
---- a/js/src/jit/arm/MacroAssembler-arm.h
-+++ b/js/src/jit/arm/MacroAssembler-arm.h
-@@ -711,6 +711,9 @@ class MacroAssemblerARMCompat : public MacroAssemblerARM
-     void jump(Label *label) {
-         as_b(label);
-     }
-+    void jump(JitCode *code) {
-+        branch(code);
-+    }
-     void jump(Register reg) {
-         ma_bx(reg);
-     }
-@@ -1202,8 +1205,7 @@ class MacroAssemblerARMCompat : public MacroAssemblerARM
- 
-     void linkExitFrame();
-     void linkParallelExitFrame(const Register &pt);
--    void handleFailureWithHandler(void *handler);
--    void handleFailureWithHandlerTail();
-+    void handleFailureWithHandlerTail(void *handler);
- 
-     /////////////////////////////////////////////////////////////////
-     // Common interface.
-diff --git a/js/src/jit/arm/Trampoline-arm.cpp b/js/src/jit/arm/Trampoline-arm.cpp
-index e539c00..693dad8 100644
---- a/js/src/jit/arm/Trampoline-arm.cpp
-+++ b/js/src/jit/arm/Trampoline-arm.cpp
-@@ -928,11 +928,11 @@ JitRuntime::generateDebugTrapHandler(JSContext *cx)
- }
- 
- JitCode *
--JitRuntime::generateExceptionTailStub(JSContext *cx)
-+JitRuntime::generateExceptionTailStub(JSContext *cx, void *handler)
- {
-     MacroAssembler masm;
- 
--    masm.handleFailureWithHandlerTail();
-+    masm.handleFailureWithHandlerTail(handler);
- 
-     Linker linker(masm);
-     AutoFlushICache afc("ExceptionTailStub");
-diff --git a/js/src/jit/mips/MacroAssembler-mips.cpp b/js/src/jit/mips/MacroAssembler-mips.cpp
-index cee93a5..256434d 100644
---- a/js/src/jit/mips/MacroAssembler-mips.cpp
-+++ b/js/src/jit/mips/MacroAssembler-mips.cpp
-@@ -3139,25 +3139,18 @@ MacroAssemblerMIPSCompat::callWithABI(const Address &fun, MoveOp::Type result)
- }
- 
- void
--MacroAssemblerMIPSCompat::handleFailureWithHandler(void *handler)
-+MacroAssemblerMIPSCompat::handleFailureWithHandlerTail(void *handler)
- {
-     // Reserve space for exception information.
-     int size = (sizeof(ResumeFromException) + StackAlignment) & ~(StackAlignment - 1);
-     ma_subu(StackPointer, StackPointer, Imm32(size));
-     ma_move(a0, StackPointer); // Use a0 since it is a first function argument
- 
--    // Ask for an exception handler.
-+    // Call the handler.
-     setupUnalignedABICall(1, a1);
-     passABIArg(a0);
-     callWithABI(handler);
- 
--    JitCode *excTail = GetIonContext()->runtime->jitRuntime()->getExceptionTail();
--    branch(excTail);
--}
--
--void
--MacroAssemblerMIPSCompat::handleFailureWithHandlerTail()
--{
-     Label entryFrame;
-     Label catch_;
-     Label finally;
-diff --git a/js/src/jit/mips/MacroAssembler-mips.h b/js/src/jit/mips/MacroAssembler-mips.h
-index ed1f566..899a50e 100644
---- a/js/src/jit/mips/MacroAssembler-mips.h
-+++ b/js/src/jit/mips/MacroAssembler-mips.h
-@@ -481,6 +481,10 @@ class MacroAssemblerMIPSCompat : public MacroAssemblerMIPS
-         as_nop();
-     }
- 
-+    void jump(JitCode *code) {
-+        branch(code);
-+    }
-+
-     void neg32(Register reg) {
-         ma_negu(reg, reg);
-     }
-@@ -842,8 +846,7 @@ public:
- 
-     void linkExitFrame();
-     void linkParallelExitFrame(const Register &pt);
--    void handleFailureWithHandler(void *handler);
--    void handleFailureWithHandlerTail();
-+    void handleFailureWithHandlerTail(void *handler);
- 
-     /////////////////////////////////////////////////////////////////
-     // Common interface.
-diff --git a/js/src/jit/mips/Trampoline-mips.cpp b/js/src/jit/mips/Trampoline-mips.cpp
-index b456845..64c2385 100644
---- a/js/src/jit/mips/Trampoline-mips.cpp
-+++ b/js/src/jit/mips/Trampoline-mips.cpp
-@@ -960,11 +960,11 @@ JitRuntime::generateDebugTrapHandler(JSContext *cx)
- 
- 
- JitCode *
--JitRuntime::generateExceptionTailStub(JSContext *cx)
-+JitRuntime::generateExceptionTailStub(JSContext *cx, void *handler)
- {
-     MacroAssembler masm;
- 
--    masm.handleFailureWithHandlerTail();
-+    masm.handleFailureWithHandlerTail(handler);
- 
-     Linker linker(masm);
-     AutoFlushICache afc("ExceptionTailStub");
-diff --git a/js/src/jit/shared/MacroAssembler-x86-shared.h b/js/src/jit/shared/MacroAssembler-x86-shared.h
-index 01d1a4b..779cf83 100644
---- a/js/src/jit/shared/MacroAssembler-x86-shared.h
-+++ b/js/src/jit/shared/MacroAssembler-x86-shared.h
-@@ -287,6 +287,9 @@ class MacroAssemblerX86Shared : public Assembler
-     void jump(Label *label) {
-         jmp(label);
-     }
-+    void jump(JitCode *code) {
-+        jmp(code);
-+    }
-     void jump(RepatchLabel *label) {
-         jmp(label);
-     }
-diff --git a/js/src/jit/x64/MacroAssembler-x64.cpp b/js/src/jit/x64/MacroAssembler-x64.cpp
-index 9a9f995..0db799c 100644
---- a/js/src/jit/x64/MacroAssembler-x64.cpp
-+++ b/js/src/jit/x64/MacroAssembler-x64.cpp
-@@ -287,24 +287,17 @@ MacroAssemblerX64::callWithABI(Address fun, MoveOp::Type result)
- }
- 
- void
--MacroAssemblerX64::handleFailureWithHandler(void *handler)
-+MacroAssemblerX64::handleFailureWithHandlerTail(void *handler)
- {
-     // Reserve space for exception information.
-     subq(Imm32(sizeof(ResumeFromException)), rsp);
-     movq(rsp, rax);
- 
--    // Ask for an exception handler.
-+    // Call the handler.
-     setupUnalignedABICall(1, rcx);
-     passABIArg(rax);
-     callWithABI(handler);
- 
--    JitCode *excTail = GetIonContext()->runtime->jitRuntime()->getExceptionTail();
--    jmp(excTail);
--}
--
--void
--MacroAssemblerX64::handleFailureWithHandlerTail()
--{
-     Label entryFrame;
-     Label catch_;
-     Label finally;
-diff --git a/js/src/jit/x64/MacroAssembler-x64.h b/js/src/jit/x64/MacroAssembler-x64.h
-index 2c11e9a..5010549 100644
---- a/js/src/jit/x64/MacroAssembler-x64.h
-+++ b/js/src/jit/x64/MacroAssembler-x64.h
-@@ -1288,8 +1288,7 @@ class MacroAssemblerX64 : public MacroAssemblerX86Shared
-     void callWithABI(AsmJSImmPtr imm, MoveOp::Type result = MoveOp::GENERAL);
-     void callWithABI(Address fun, MoveOp::Type result = MoveOp::GENERAL);
- 
--    void handleFailureWithHandler(void *handler);
--    void handleFailureWithHandlerTail();
-+    void handleFailureWithHandlerTail(void *handler);
- 
-     void makeFrameDescriptor(Register frameSizeReg, FrameType type) {
-         shlq(Imm32(FRAMESIZE_SHIFT), frameSizeReg);
-diff --git a/js/src/jit/x64/Trampoline-x64.cpp b/js/src/jit/x64/Trampoline-x64.cpp
-index 72f4592..3b83850 100644
---- a/js/src/jit/x64/Trampoline-x64.cpp
-+++ b/js/src/jit/x64/Trampoline-x64.cpp
-@@ -785,11 +785,11 @@ JitRuntime::generateDebugTrapHandler(JSContext *cx)
- }
- 
- JitCode *
--JitRuntime::generateExceptionTailStub(JSContext *cx)
-+JitRuntime::generateExceptionTailStub(JSContext *cx, void *handler)
- {
-     MacroAssembler masm;
- 
--    masm.handleFailureWithHandlerTail();
-+    masm.handleFailureWithHandlerTail(handler);
- 
-     Linker linker(masm);
-     JitCode *code = linker.newCode<NoGC>(cx, JSC::OTHER_CODE);
-diff --git a/js/src/jit/x86/MacroAssembler-x86.cpp b/js/src/jit/x86/MacroAssembler-x86.cpp
-index d36f4d3..57a0f85 100644
---- a/js/src/jit/x86/MacroAssembler-x86.cpp
-+++ b/js/src/jit/x86/MacroAssembler-x86.cpp
-@@ -281,24 +281,17 @@ MacroAssemblerX86::callWithABI(const Address &fun, MoveOp::Type result)
- }
- 
- void
--MacroAssemblerX86::handleFailureWithHandler(void *handler)
-+MacroAssemblerX86::handleFailureWithHandlerTail(void *handler)
- {
-     // Reserve space for exception information.
-     subl(Imm32(sizeof(ResumeFromException)), esp);
-     movl(esp, eax);
- 
--    // Ask for an exception handler.
-+    // Call the handler.
-     setupUnalignedABICall(1, ecx);
-     passABIArg(eax);
-     callWithABI(handler);
- 
--    JitCode *excTail = GetIonContext()->runtime->jitRuntime()->getExceptionTail();
--    jmp(excTail);
--}
--
--void
--MacroAssemblerX86::handleFailureWithHandlerTail()
--{
-     Label entryFrame;
-     Label catch_;
-     Label finally;
-diff --git a/js/src/jit/x86/MacroAssembler-x86.h b/js/src/jit/x86/MacroAssembler-x86.h
-index 17de7a7..7e578c8 100644
---- a/js/src/jit/x86/MacroAssembler-x86.h
-+++ b/js/src/jit/x86/MacroAssembler-x86.h
-@@ -1086,8 +1086,7 @@ class MacroAssemblerX86 : public MacroAssemblerX86Shared
-     void callWithABI(const Address &fun, MoveOp::Type result = MoveOp::GENERAL);
- 
-     // Used from within an Exit frame to handle a pending exception.
--    void handleFailureWithHandler(void *handler);
--    void handleFailureWithHandlerTail();
-+    void handleFailureWithHandlerTail(void *handler);
- 
-     void makeFrameDescriptor(Register frameSizeReg, FrameType type) {
-         shll(Imm32(FRAMESIZE_SHIFT), frameSizeReg);
-diff --git a/js/src/jit/x86/Trampoline-x86.cpp b/js/src/jit/x86/Trampoline-x86.cpp
-index 0a2f0de..9fd2c00 100644
---- a/js/src/jit/x86/Trampoline-x86.cpp
-+++ b/js/src/jit/x86/Trampoline-x86.cpp
-@@ -827,11 +827,11 @@ JitRuntime::generateDebugTrapHandler(JSContext *cx)
- }
- 
- JitCode *
--JitRuntime::generateExceptionTailStub(JSContext *cx)
-+JitRuntime::generateExceptionTailStub(JSContext *cx, void *handler)
- {
-     MacroAssembler masm;
- 
--    masm.handleFailureWithHandlerTail();
-+    masm.handleFailureWithHandlerTail(handler);
- 
-     Linker linker(masm);
-     JitCode *code = linker.newCode<NoGC>(cx, JSC::OTHER_CODE);
--- 
-2.1.2
-
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-28 05:15:42 +0000