[webkit-dev] x86-64 JIT

Mike Hommey mh+webkit at glandium.org
Wed Mar 18 00:54:27 PDT 2009 

On Wed, Mar 18, 2009 at 08:02:06AM +0100, Mike Hommey wrote:
> On Tue, Mar 17, 2009 at 05:09:10PM -0700, Maciej Stachowiak wrote:
> >
> > On Mar 17, 2009, at 1:51 PM, Mike Hommey wrote:
> >
> >> Hi,
> >>
> >> I was taking a quick look at the JIT code and also gave a shot at
> >> forcing a build of the x86-64 code under Linux.
> >>
> >> The main problem right now is the following:
> >> ../JavaScriptCore/jit/JITArithmetic.cpp:664: error: cast from  
> >> 'JSC::Structure*' to 'unsigned int' loses precision
> >> ../JavaScriptCore/jit/JITArithmetic.cpp:674: error: cast from  
> >> 'JSC::Structure*' to 'unsigned int' loses precision
> >> ../JavaScriptCore/jit/JITArithmetic.cpp:714: error: cast from  
> >> 'JSC::Structure*' to 'unsigned int' loses precision
> >> ../JavaScriptCore/jit/JITArithmetic.cpp:724: error: cast from  
> >> 'JSC::Structure*' to 'unsigned int' loses precision
> >>
> >> Looking at the code, it seems really too much x86-centric, and
> >> depending on how the x86-64 ABI is under OSX. I don't know how things
> >> are going to evolve with Snow-Leopard, as I hear the kernel will  
> >> finally
> >> be 64-bits, but maybe the same issue will arise.
> >
> > The x86_64 ABI is standardized, so it should match between Linux and OS X 
> > for the things we care about.
> >
> >> Anyways, I'd need guidance from some people with JIT knowledge to help
> >> me get it work on Linux.
> >
> > Sounds like either ALTERNATE_JSIMMEDIATE or JIT_OPTIMIZE_ARITHMETIC is  
> > not defined for you. It should be defined on x86_64. But it also sounds 
> > like a bug that pointers are being cast to unsigned in this code path. 
> > I'm not sure offhand how to fix it. But making sure those two 
> > preprocessor symbols are set should help.
> 
> Oh thanks, that was it. I removed one PLATFORM(MAC) for ENABLE_JIT but
> missed the one for ALTERNATE_JSIMMEDIATE. It built. I'll check if it
> works (and will probably enable it in the debian packages, so that it is
> mode widely tested)

FWIW, it crashes with a corrupted stack:
(gdb) bt
#0  0x00007fd115002c00 in ?? ()
#1  0x00007fd11f4f6d26 in JSC::JITStubs::cti_op_call_NotJSFunction (args=0x7fff27e13820) at ../JavaScriptCore/runtime/JSCell.h:206
#2  0x00007fd11fc55a3a in ?? ()
#3  0x0000000000000000 in ?? ()

I'll investigate later today.

Mike

More information about the webkit-dev mailing list