[Webkit-unassigned] [Bug 103128] LLInt C Loop backend should work on 32 bit platforms, both big and little endian

Sun Mar 31 21:58:01 PDT 2013

https://bugs.webkit.org/show_bug.cgi?id=103128

--- Comment #13 from Filip Pizlo <fpizlo at apple.com>  2013-03-31 21:56:12 PST ---
(In reply to comment #10)
> Thanks for the review!
> 
> No, I didn't test 64-bit big endian yet.
> 
> However, bug 111497 broke things again (crash in  _llint_op_get_scoped_var, line 1828: https://bugs.webkit.org/attachment.cgi?id=191809&action=diff#a/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm_sec1).
> It seems that deBruijinIndexOperand needs an offset, since t2 doesn't contain a valid pointer when it crashes. I added the usual offset for testing and while it doesn't crash any longer I get assertions, although I don't know if they are related to this problem. What do you think?

What do you mean by "the usual offset"?

> 
> And what about the other places in LowLevelInterpreter32_64.asm where an immediate is loaded without offset?
> _llint_op_get_by_pname:
> ...
>     loadi [cfr, t0, 8], t0
> ...
> 
> _llint_op_switch_imm:
> ...
>     loadi [t3, t0, 4], t1 
> ...
> 
> _llint_op_switch_char:
> ...
>     loadi [t2, t0, 4], t1 
> ...
> Giving those an offset doesn't seem to change behaviour (maybe that code isn't even used when running the CLoop backend?), but I wonder whether an offset would be correct.

It depends.  Is the thing being loaded typed as int, or typed as JSValue?  If it's typed as int, then union rules should put it in low addresses rather than low bits.

The get_by_pname case needs PayloadOffset, since it's loading from the call frame, where everything is a JSValue.

The op_switch_imm case is loading from an int array, so it should not have an offset.

Same for op_switch_char.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.