Closed Bug 1495916 Opened 6 years ago Closed 6 years ago

Fix Bailouts in ARM64

Categories

(Core :: JavaScript Engine: JIT, defect, P2)

Product:
Core
Component:
JavaScript Engine: JIT
Platform:
ARM64
Unspecified
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla64
Tracking Flags:
Tracking Status
firefox64 --- fixed

People

(Reporter: sstangl, Assigned: sstangl)

References

(Blocks 1 open bug)

Details

Attachments

(1 file, 1 obsolete file)

bug_1495916_fix_bailouts_in_arm64_r_jandem
9.21 KB, patch
sstangl
: review+
Details | Diff | Splinter Review
Attached patch bailouts.patch (obsolete) — Splinter Review 
The bailout code in ARM64 was broken, which manifested as a failure on every test that uses "--ion-eager --ion-offthread-compile=off" -- roughly 12,000 jit-test failures.

There were a number of problems. Discovering them took a while. The general strategy used was to place sentinel values on the stack and see how they mismatch with expected locations in the Bailout() handler.

The problems this fixes are:

1. The ARM64 code wasn't actually pushing all the registers, causing an off-by-32 error.
2. The ARM64 code wasn't pushing frameSize_.
3. The bailout handler return code was just wrong.

For testing, it looks like this behaves correctly for basic/FPQuadCmp.js, but unfortunately that test still fails for other reasons that should be addressed elsewhere.

I attempted to leave comments that would be helpful to myself in the case of having to reverse-engineer how this works again.
Attachment #9013859 - Flags: review?(jdemooij)
The #ifdef DEBUG code in PushBailoutFrame() isn't needed anymore, since the number of registers pushed is static.
Attachment #9013859 - Flags: review?(jdemooij) → review+
Priority: -- → P2

        Attachment #9013859 -
        Attachment is obsolete: true

        Attachment #9015690 -
        Flags: review+

    
  
Keywords: checkin-needed

    
    

    
  
Pushed by ryanvm@gmail.com:
https://hg.mozilla.org/integration/autoland/rev/acf3ccc27e1e
Fix bailouts in ARM64. r=jandem
Keywords: checkin-needed

    
    

    
  
https://hg.mozilla.org/mozilla-central/rev/acf3ccc27e1e
Status: NEW → RESOLVED
Closed: 6 years ago

          status-firefox64:
          --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla64

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: