1185757 - ARM64: Fix manual manipulation of StackPointer in JSOP_IN

Status: RESOLVED FIXED

(Core :: JavaScript Engine: JIT, defect)

Description

[Sean Stangl [:sstangl]]

Attachment: 0001-Fix-manual-manipulation-of-StackPointer-for-JSOP_IN.patch

Two days of ARM64/x64 cross-debugging, finally ending in a very lucky guess as to where the problem might be -- it turns out, someone added an innocuous StackPointer addition to an IC in JSOP_IN, which resulted in the stack being ever-so-slightly out of alignment on ARM64.

Please remind your friends about the sp manipulation helper functions! At least until we get ARM64 on TBPL and I remove StackPointer and BaselineStackReg from the ARM64 code entirely.

One-line fix plus an unrelated assertion I noticed was missing.

Fixes basic/unboxed-object-clear-new-script.js.

Comment 1

[Eric Faust [:efaust]]

Comment on attachment 8636283 [details] [diff] [review]
0001-Fix-manual-manipulation-of-StackPointer-for-JSOP_IN.patch

Review of attachment 8636283 [details] [diff] [review]:
-----------------------------------------------------------------

Some day ARM64 will be a primary platform and people won't be able to do this to you. Sigh.

Comment 2

[Pulsebot]

https://hg.mozilla.org/integration/mozilla-inbound/rev/69a890ec1aa2

Comment 3

[Carsten Book [:Tomcat]]

https://hg.mozilla.org/mozilla-central/rev/69a890ec1aa2

Comment 4

[Jan de Mooij [:jandem]]

(In reply to Sean Stangl [:sstangl] from comment #0)
> Please remind your friends about the sp manipulation helper functions! At
> least until we get ARM64 on TBPL and I remove StackPointer and
> BaselineStackReg from the ARM64 code entirely.

Would it make sense to have addPtr/subPtr/etc assert the register != StackPointer?