Enforce Scratch{Double,Float32}Scope throughout the pipeline
Categories
(Core :: JavaScript Engine: JIT, enhancement, P2)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox67 | --- | fixed |
People
(Reporter: lth, Assigned: lth)
References
Details
Attachments
(1 file)
|
40.60 KB,
patch
|
nbp
:
review+
|
Details | Diff | Splinter Review |
The code is needlessly brittle and might be hiding bugs. Longer term (not too long) we should require the scopes everywhere and hide ScratchDoubleReg / ScratchFloat32Reg completely, but for now I'll settle for platform-independent code and ARM64 code.
|
Assignee | |
Comment 1•5 years ago
|
||
Passes all tests locally but running everything on try now. This change only did find the one bug (bug 1524201). But if you think this is acceptable, then once I land it I will file another bug to hide ScratchFloat32Reg + ScratchDoubleReg on tier-1 platforms so that the abuse does not continue.
|
|
Assignee | |
Comment 2•5 years ago
|
||
Note, needs minor adjusment to compile for nojit (ScratchDoubleScope and ScratchFloat32Scope need to be defined).
|
||
Comment 3•5 years ago
|
||
Comment on attachment 9040382 [details] [diff] [review] bug1523941-use-fp-scopes.patch Review of attachment 9040382 [details] [diff] [review]: ----------------------------------------------------------------- ::: js/src/jit/MacroAssembler.cpp @@ +2285,3 @@ > if (outputType == MIRType::Float32 && hasMultiAlias()) { > + ScratchDoubleScope tmp(*this); > + unboxDouble(value, tmp); Missing call to "convertDoubleToFloat32(tmp, output);"
|
|
Assignee | |
Comment 4•5 years ago
|
||
(In reply to Nicolas B. Pierron [:nbp] from comment #3)
Comment on attachment 9040382 [details] [diff] [review]
bug1523941-use-fp-scopes.patchReview of attachment 9040382 [details] [diff] [review]:
::: js/src/jit/MacroAssembler.cpp
@@ +2285,3 @@if (outputType == MIRType::Float32 && hasMultiAlias()) {
- ScratchDoubleScope tmp(*this);
- unboxDouble(value, tmp);
Missing call to "convertDoubleToFloat32(tmp, output);"
No, it's actually there, look at the patch again - it's unchanged from before.
|
|
||
Comment 5•5 years ago
|
||
(In reply to Lars T Hansen [:lth] from comment #4)
(In reply to Nicolas B. Pierron [:nbp] from comment #3)
Missing call to "convertDoubleToFloat32(tmp, output);"
No, it's actually there, look at the patch again - it's unchanged from before.
Ok, then I have nothing else to say, except Thank you for doing this work :)
|
|
||
Updated•5 years ago
|
Pushed by lhansen@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/e565291ee5f6 Always use ScratchDoubleScope / ScratchFloat32Scope. r=nbp
|
||
Comment 7•5 years ago
|
||
| bugherder | ||
Description
•