<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[189036] branches/jsc-tailcall/Source/JavaScriptCore</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/189036">189036</a></dd>
<dt>Author</dt> <dd>msaboff@apple.com</dd>
<dt>Date</dt> <dd>2015-08-27 10:54:29 -0700 (Thu, 27 Aug 2015)</dd>
</dl>
<h3>Log Message</h3>
<pre>jsc-tailcall: Test failures with FTL enabled after <a href="http://trac.webkit.org/projects/webkit/changeset/188986">r188986</a>
https://bugs.webkit.org/show_bug.cgi?id=148494
Reviewed by Basile Clement.
During FTL OSR exit processing, we can't use a callee save register as a temp when
transferring the saved version of that registers from the FTL's stack location to the
baseline's stack location. If we do, we'll overwrite the tag registers that we
materialized previously.
* ftl/FTLOSRExitCompiler.cpp:
(JSC::FTL::compileStub):</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#branchesjsctailcallSourceJavaScriptCoreChangeLog">branches/jsc-tailcall/Source/JavaScriptCore/ChangeLog</a></li>
<li><a href="#branchesjsctailcallSourceJavaScriptCoreftlFTLOSRExitCompilercpp">branches/jsc-tailcall/Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="branchesjsctailcallSourceJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: branches/jsc-tailcall/Source/JavaScriptCore/ChangeLog (189035 => 189036)</h4>
<pre class="diff"><span>
<span class="info">--- branches/jsc-tailcall/Source/JavaScriptCore/ChangeLog 2015-08-27 17:51:42 UTC (rev 189035)
+++ branches/jsc-tailcall/Source/JavaScriptCore/ChangeLog 2015-08-27 17:54:29 UTC (rev 189036)
</span><span class="lines">@@ -1,3 +1,18 @@
</span><ins>+2015-08-27 Michael Saboff <msaboff@apple.com>
+
+ jsc-tailcall: Test failures with FTL enabled after r188986
+ https://bugs.webkit.org/show_bug.cgi?id=148494
+
+ Reviewed by Basile Clement.
+
+ During FTL OSR exit processing, we can't use a callee save register as a temp when
+ transferring the saved version of that registers from the FTL's stack location to the
+ baseline's stack location. If we do, we'll overwrite the tag registers that we
+ materialized previously.
+
+ * ftl/FTLOSRExitCompiler.cpp:
+ (JSC::FTL::compileStub):
+
</ins><span class="cx"> 2015-08-26 Michael Saboff <msaboff@apple.com>
</span><span class="cx">
</span><span class="cx"> jsc-tailcall: Integrate FTL OSR entry / exit and exceptions handling of callee save registers with other tiers
</span></span></pre></div>
<a id="branchesjsctailcallSourceJavaScriptCoreftlFTLOSRExitCompilercpp"></a>
<div class="modfile"><h4>Modified: branches/jsc-tailcall/Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp (189035 => 189036)</h4>
<pre class="diff"><span>
<span class="info">--- branches/jsc-tailcall/Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp 2015-08-27 17:51:42 UTC (rev 189035)
+++ branches/jsc-tailcall/Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp 2015-08-27 17:54:29 UTC (rev 189036)
</span><span class="lines">@@ -440,22 +440,24 @@
</span><span class="cx"> unsigned unwindIndex = codeBlock->calleeSaveRegisters()->indexOf(reg);
</span><span class="cx"> RegisterAtOffset* baselineRegisterOffset = baselineCalleeSaves->find(reg);
</span><span class="cx">
</span><ins>+ GPRReg regToLoad = baselineRegisterOffset ? GPRInfo::regT0 : reg.gpr();
+
</ins><span class="cx"> if (unwindIndex == UINT_MAX) {
</span><span class="cx"> // The FTL compilation didn't preserve this register. This means that it also
</span><span class="cx"> // didn't use the register. So its value at the beginning of OSR exit should be
</span><span class="cx"> // preserved by the thunk. Luckily, we saved all registers into the register
</span><span class="cx"> // scratch buffer, so we can restore them from there.
</span><del>- jit.load64(registerScratch + offsetOfReg(reg), reg.gpr());
</del><ins>+ jit.load64(registerScratch + offsetOfReg(reg), regToLoad);
</ins><span class="cx"> } else {
</span><span class="cx"> // The FTL compilation preserved the register. Its new value is therefore
</span><span class="cx"> // irrelevant, but we can get the value that was preserved by using the unwind
</span><span class="cx"> // data. We've already copied all unwind-able preserved registers into the unwind
</span><span class="cx"> // scratch buffer, so we can get it from there.
</span><del>- jit.load64(unwindScratch + unwindIndex, reg.gpr());
</del><ins>+ jit.load64(unwindScratch + unwindIndex, regToLoad);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (baselineRegisterOffset)
</span><del>- jit.store64(reg.gpr(), MacroAssembler::Address(MacroAssembler::framePointerRegister, baselineRegisterOffset->offset()));
</del><ins>+ jit.store64(regToLoad, MacroAssembler::Address(MacroAssembler::framePointerRegister, baselineRegisterOffset->offset()));
</ins><span class="cx"> }
</span><span class="cx"> size_t baselineVirtualRegistersForCalleeSaves = baselineCodeBlock->calleeSaveSpaceAsVirtualRegisters();
</span><span class="cx">
</span></span></pre>
</div>
</div>
</body>
</html>