[webkit-changes] [WebKit/WebKit] e5652c: CallVarargs should identify that it can read inlin...

Justin Michaud noreply at github.com
Fri Jul 28 11:39:58 PDT 2023


  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: e5652c93dbd1e78bf2f4a0f38022287b30420da0
      https://github.com/WebKit/WebKit/commit/e5652c93dbd1e78bf2f4a0f38022287b30420da0
  Author: Justin Michaud <justin_michaud at apple.com>
  Date:   2023-07-28 (Fri, 28 Jul 2023)

  Changed paths:
    A JSTests/stress/putstacksinking-callvarargs.js
    A JSTests/stress/putstacksinking-tailcallvarargs.js
    M Source/JavaScriptCore/dfg/DFGPreciseLocalClobberize.h

  Log Message:
  -----------
  CallVarargs should identify that it can read inline call frame arguments.
rdar://112936988

Reviewed by Yusuke Suzuki.

Call already does this, but CallVarargs has a special case that forgot.

We should not be allowed to push PutStacks below a call of any kind, since
it might access our call frame's arguments via foo.arguments, unless
we are strict.

The only exception is TailCall (but not TailCallForwardVarargsInlinedCaller),
because it will destroy the entire frame.

We do not un-pessimize TailCall yet to reduce risk, but it could be made
to match TailCallForwardVarargs in the future.

* JSTests/stress/putstacksinking-callvarargs.js: Added.
(main.opt.x):
(main.opt.y):
(main.opt.z):
(main.opt):
(main):
* JSTests/stress/putstacksinking-tailcallvarargs.js: Added.
(main.opt.x):
(main.opt.y):
(main.opt.z):
(main.opt):
(main):
* Source/JavaScriptCore/dfg/DFGPreciseLocalClobberize.h:
(JSC::DFG::PreciseLocalClobberizeAdaptor::readTop):

Originally-landed-as: 259548.856 at safari-7615-branch (c3d2e3627b45). rdar://111361499
Canonical link: https://commits.webkit.org/266393@main




More information about the webkit-changes mailing list