Changeset 157650 in webkit

Timestamp:

Oct 18, 2013 3:57:15 PM (11 years ago)

Author:

mark.lam@apple.com

Message:

Remove excess reserved space in ctiTrampoline frames for X86 and X86_64.
​https://bugs.webkit.org/show_bug.cgi?id=123037.

Reviewed by Geoffrey Garen.

• jit/JITStubsMSVC64.asm:
• jit/JITStubsX86.h:
• jit/JITStubsX86_64.h:

Location:

trunk/Source/JavaScriptCore

Files:

• ChangeLog (modified) (1 diff)
• jit/JITStubsMSVC64.asm (modified) (3 diffs)
• jit/JITStubsX86.h (modified) (4 diffs)
• jit/JITStubsX86_64.h (modified) (3 diffs)

trunk/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2013-10-18  Mark Lam  <mark.lam@apple.com>
+
+        Remove excess reserved space in ctiTrampoline frames for X86 and X86_64.
+        https://bugs.webkit.org/show_bug.cgi?id=123037.
+
+        Reviewed by Geoffrey Garen.
+
+        * jit/JITStubsMSVC64.asm:
+        * jit/JITStubsX86.h:
+        * jit/JITStubsX86_64.h:
+
 2013-10-18  Filip Pizlo  <fpizlo@apple.com>
 

trunk/Source/JavaScriptCore/jit/JITStubsMSVC64.asm

@@ -47 +47 @@
     push rbx
 
-    ; Decrease rsp to point to the start of our JITStackFrame
-    sub rsp, 58h
+    ; JIT operations can use up to 6 args (4 in registers and 2 on the stack).
+    ; In addition, X86_64 ABI specifies that the worse case stack alignment
+    ; requirement is 32 bytes. Based on these factors, we need to pad the stack
+    ; and additional 28h bytes.
+    sub rsp, 28h
     mov r12, 512
     mov r14, 0FFFF000000000000h
@@ -54 +57 @@
     mov r13, r8
     call rcx
-    add rsp, 58h
+    add rsp, 28h
     pop rbx
     pop r15
@@ -65 +68 @@
 
 ctiOpThrowNotCaught PROC
-    add rsp, 58h
+    add rsp, 28h
     pop rbx
     pop r15

trunk/Source/JavaScriptCore/jit/JITStubsX86.h

@@ -56 +56 @@
     "pushl %edi" "\n"
     "pushl %ebx" "\n"
-    "subl $0x3c, %esp" "\n"
-    "movl 0x58(%esp), %edi" "\n"
-    "call *0x50(%esp)" "\n"
-    "addl $0x3c, %esp" "\n"
+
+    // JIT Operation can use up to 6 arguments right now. So, we need to
+    // reserve space in this stack frame for the out-going args. To ensure that
+    // the stack remains aligned on an 16 byte boundary, we round the padding up
+    // by 0x1c bytes.
+    "subl $0x1c, %esp" "\n"
+    "movl 0x38(%esp), %edi" "\n"
+    "call *0x30(%esp)" "\n"
+    "addl $0x1c, %esp" "\n"
+
     "popl %ebx" "\n"
     "popl %edi" "\n"
@@ -74 +80 @@
 HIDE_SYMBOL(ctiOpThrowNotCaught) "\n"
 SYMBOL_STRING(ctiOpThrowNotCaught) ":" "\n"
-    "addl $0x3c, %esp" "\n"
+    "addl $0x1c, %esp" "\n"
     "popl %ebx" "\n"
     "popl %edi" "\n"
@@ -249 +255 @@
             push edi;
             push ebx;
-            sub esp, 0x3c;
+            sub esp, 0x1c;
             mov ecx, esp;
-            mov edi, [esp + 0x58];
-            call [esp + 0x50];
-            add esp, 0x3c;
+            mov edi, [esp + 0x38];
+            call [esp + 0x30];
+            add esp, 0x1c;
             pop ebx;
             pop edi;
@@ -265 +271 @@
     {
         __asm {
-            add esp, 0x3c;
+            add esp, 0x1c;
             pop ebx;
             pop edi;

trunk/Source/JavaScriptCore/jit/JITStubsX86_64.h

@@ -58 +58 @@
     "pushq %r15" "\n"
     "pushq %rbx" "\n"
-    // Form the JIT stubs area
-    "pushq %r9" "\n"
-    "pushq %r8" "\n"
-    "pushq %rcx" "\n"
-    "pushq %rdx" "\n"
-    "pushq %rsi" "\n"
-    "pushq %rdi" "\n"
-    "subq $0x48, %rsp" "\n"
+
+    // The X86_64 ABI specifies that the worse case stack alignment requirement
+    // is 32 bytes.
+    "subq $0x8, %rsp" "\n"
+
     "movq $512, %r12" "\n"
     "movq $0xFFFF000000000000, %r14" "\n"
@@ -71 +68 @@
     "movq %rdx, %r13" "\n"
     "call *%rdi" "\n"
-    "addq $0x78, %rsp" "\n"
+    "addq $0x8, %rsp" "\n"
     "popq %rbx" "\n"
     "popq %r15" "\n"
@@ -88 +85 @@
 HIDE_SYMBOL(ctiOpThrowNotCaught) "\n"
 SYMBOL_STRING(ctiOpThrowNotCaught) ":" "\n"
-    "addq $0x78, %rsp" "\n"
+    "addq $0x8, %rsp" "\n"
     "popq %rbx" "\n"
     "popq %r15" "\n"