Changeset 146831 in webkit

Timestamp:

Mar 25, 2013 5:36:18 PM (11 years ago)

Author:

mark.lam@apple.com

Message:

Offlineasm cloop backend compiles op+branch incorrectly.
​https://bugs.webkit.org/show_bug.cgi?id=113146.

Reviewed by Geoffrey Garen.

• dfg/DFGRepatch.h:

(JSC::DFG::dfgResetGetByID):
(JSC::DFG::dfgResetPutByID):

• These functions never return when the DFG is dsiabled, not just when asserts are enabled. Changing the attribute from NO_RETURN_DUE_TO_ASSERT to NO_RETURN.
• llint/LLIntOfflineAsmConfig.h:
• Added some #defines needed to get the cloop building again.
• offlineasm/cloop.rb:
• Fix cloopEmitOpAndBranchIfOverflow() and cloopEmitOpAndBranch() to emit code that unconditionally executes the specified operation before doing the conditional branch.

Location:

trunk/Source/JavaScriptCore

Files:

• ChangeLog (modified) (1 diff)
• dfg/DFGRepatch.h (modified) (1 diff)
• llint/LLIntOfflineAsmConfig.h (modified) (1 diff)
• offlineasm/cloop.rb (modified) (2 diffs)

trunk/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2013-03-25  Mark Lam  <mark.lam@apple.com>
+
+        Offlineasm cloop backend compiles op+branch incorrectly.
+        https://bugs.webkit.org/show_bug.cgi?id=113146.
+
+        Reviewed by Geoffrey Garen.
+
+        * dfg/DFGRepatch.h:
+        (JSC::DFG::dfgResetGetByID):
+        (JSC::DFG::dfgResetPutByID):
+        - These functions never return when the DFG is dsiabled, not just when
+          asserts are enabled. Changing the attribute from NO_RETURN_DUE_TO_ASSERT
+          to NO_RETURN.
+        * llint/LLIntOfflineAsmConfig.h:
+        - Added some #defines needed to get the cloop building again.
+        * offlineasm/cloop.rb:
+        - Fix cloopEmitOpAndBranchIfOverflow() and cloopEmitOpAndBranch() to
+          emit code that unconditionally executes the specified operation before
+          doing the conditional branch.
+
 2013-03-25  Mark Hahnenberg  <mhahnenberg@apple.com>
 

trunk/Source/JavaScriptCore/dfg/DFGRepatch.h

@@ -60 +60 @@
 namespace DFG {
 
-inline NO_RETURN_DUE_TO_ASSERT void dfgResetGetByID(RepatchBuffer&, StructureStubInfo&) { RELEASE_ASSERT_NOT_REACHED(); }
-inline NO_RETURN_DUE_TO_ASSERT void dfgResetPutByID(RepatchBuffer&, StructureStubInfo&) { RELEASE_ASSERT_NOT_REACHED(); }
+inline NO_RETURN void dfgResetGetByID(RepatchBuffer&, StructureStubInfo&) { RELEASE_ASSERT_NOT_REACHED(); }
+inline NO_RETURN void dfgResetPutByID(RepatchBuffer&, StructureStubInfo&) { RELEASE_ASSERT_NOT_REACHED(); }
 
 } } // namespace JSC::DFG

trunk/Source/JavaScriptCore/llint/LLIntOfflineAsmConfig.h

@@ -36 +36 @@
 #define OFFLINE_ASM_C_LOOP 1
 #define OFFLINE_ASM_X86 0
+#define OFFLINE_ASM_ARM 0
 #define OFFLINE_ASM_ARMv7 0
+#define OFFLINE_ASM_ARMv7_TRADITIONAL 0
 #define OFFLINE_ASM_X86_64 0
 #define OFFLINE_ASM_ARMv7s 0

trunk/Source/JavaScriptCore/offlineasm/cloop.rb

@@ -466 +466 @@
     $asm.putc "{"
     $asm.putc "    #{tempType} temp = #{op2} #{operator} #{op1};"
+    $asm.putc "    #{op2} = temp;"
     $asm.putc "    if (temp #{conditionTest})"
     $asm.putc "        goto  #{operands[2].cLabel};"
-    $asm.putc "    #{op2} = temp;"
     $asm.putc "}"
 end
@@ -534 +534 @@
     end
 
-    $asm.putc "    if #{overflowTest} {"
+    $asm.putc "    bool didOverflow = #{overflowTest};"
+    $asm.putc "    #{operands[1].clValue(type)} = #{operands[1].clValue(type)} #{operator} #{operands[0].clValue(type)};"
+    $asm.putc "    if (didOverflow)"
     $asm.putc "        goto #{operands[2].cLabel};"
-    $asm.putc "    }"
-    $asm.putc "    #{operands[1].clValue(type)} = #{operands[1].clValue(type)} #{operator} #{operands[0].clValue(type)};"
     $asm.putc "}"
 end