[webkit-changes] [WebKit/WebKit] cee499: Wasm Tail Call needs to restore callee save regist...

Commit Queue noreply at github.com
Mon Jan 2 03:19:57 PST 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: cee499e5516c550b861c4bda2657023d5e076c06
      https://github.com/WebKit/WebKit/commit/cee499e5516c550b861c4bda2657023d5e076c06
  Author: Mark Lam <mark.lam at apple.com>
  Date:   2023-01-02 (Mon, 02 Jan 2023)

  Changed paths:
    M Source/JavaScriptCore/llint/WebAssembly.asm

  Log Message:
  -----------
  Wasm Tail Call needs to restore callee save registers preserved by caller.
https://bugs.webkit.org/show_bug.cgi?id=249979
<rdar://problem/103795203>

Reviewed by Yusuke Suzuki.

In a normal call sequence where we have functions A, B, and C, and A calls B, which in turn
calls C, the following sequence of events occur:
1. On entry to B from A, B preserves A's callee save registers.
2. On entry to C from B, C preserves B's callee save registers.
3. On exit from C to B, C restores B's callee save registers.
4. On exit from B to A, B restores A's callee save registers.

However, when we have a tail call sequence like this instead: A calls B, and B tail calls C,
the following events should occur:
1. On entry to B from A, B preserves A's callee save registers.
2. Before B tails call to C, B restores A's callee save registers.
3. On entry to C from B, C preserves A's callee save registers (which was restored in (2)).
4. On exit from C to A, C restores A's callee save registers.

In our current implementation, we have a bug where step (2) is missing for one of the callee
save registers i.e. the wasmInstance register.  This only affects useFastTLS mode.

For NoTLS mode, the wasmInstance register is used as a global register (similar to how TLS
is used), and is not meant to be preserved / restored like a callee save register.

This has been tested with ASSERTs in vmEntryToJavaScript (and friends) that verifies that
callee save registers have been restored on exit. However, these ASSERTs are only in my
local builds and relies on other dependencies. So, I'll have to defer landing these ASSERTs
to a subsequent patch.

* Source/JavaScriptCore/llint/WebAssembly.asm:

Canonical link: https://commits.webkit.org/258378@main

More information about the webkit-changes mailing list