More Baseline and BaselineCodeGen changes

RESOLVED FIXED in Firefox 68

Status

()

enhancement
P1
normal
RESOLVED FIXED
3 months ago
Last month

People

(Reporter: jandem, Assigned: jandem)

Tracking

(Blocks 1 bug)

unspecified
mozilla68
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox68 fixed)

Details

Attachments

(35 attachments)

47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
47 bytes, text/x-phabricator-request
Details | Review
Assignee

Description

3 months ago

More patches to implement missing functionality and fix various bugs exposed by testing.

Assignee

Updated

3 months ago
Type: defect → enhancement
Assignee

Comment 1

3 months ago

Also has some other minor prologue-related changes. The interpreter code here
is slightly less optimal than it could be, but that will be easier to address
in follow-up changes.

Priority: -- → P1
Assignee

Comment 2

3 months ago

Also simplifies GetPcScript a bit by using an early return instead of a nullptr
retAddr.

Depends on D25930

Assignee

Comment 3

3 months ago

This lets us OSR from Baseline Interpreter => Baseline Compiler code in the
prologue.

Depends on D26519

Attachment #9056574 - Attachment description: Bug 1541404 part 3 - Store code offset after the warm-up check in BaselineScript. r?tcampbell! → Bug 1541404 part 3 - Store offset of the code after the warm-up check in BaselineScript. r?tcampbell!
Assignee

Comment 4

3 months ago

This fixes issues with try-finally in the interpreter.

Depends on D26532

Assignee

Comment 5

3 months ago

The next patches want to make some changes to the ICEntries version. The
simplest way to do that is by removing the abstraction.

Depends on D26537

Comment 9

3 months ago
Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/fe843f60ba4e
part 2 - Fix some issues with bytecode pc lookup for interpreter frames. r=tcampbell
https://hg.mozilla.org/integration/autoland/rev/eb4535843ac8
part 3 - Store offset of the code after the warm-up check in BaselineScript. r=tcampbell
https://hg.mozilla.org/integration/autoland/rev/0673acb83c06
part 4 - Fix JSOP_GOSUB resume offset to point to the jump target op instead of the op after it. r=tcampbell
https://hg.mozilla.org/integration/autoland/rev/7b1b315a0d4e
part 5 - Unshare ComputeBinarySearchMid for ICEntries and RetAddrEntries. r=tcampbell
https://hg.mozilla.org/integration/autoland/rev/1434c8e2b9ad
part 6 - Move the isForOp check into ComputeBinarySearchMid to simplify maybeICEntryFromPCOffset and improve perf a bit. r=tcampbell
https://hg.mozilla.org/integration/autoland/rev/1df3239c094d
part 7 - Implement ICScript::interpreterICEntryFromPCOffset and BaselineFrame::setInterpreterPC. r=tcampbell
https://hg.mozilla.org/integration/autoland/rev/b5bcfc261766
part 8 - Add ICEntry::isForPrologue and use it instead of ICEntry::isForOp. r=tcampbell
Assignee

Comment 11

3 months ago

The BaselineScript used to store the bytecode type map but that's now stored in
TypeScript.

Depends on D27034

Assignee

Updated

3 months ago
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Assignee

Updated

3 months ago
Status: REOPENED → ASSIGNED
Keywords: leave-open
Assignee

Updated

3 months ago
Target Milestone: mozilla68 → ---

Comment 14

2 months ago
Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/647b1f56c403
part 9 - Implement JSOP_DOUBLE in BaselineInterpreterCodeGen. r=tcampbell
https://hg.mozilla.org/integration/autoland/rev/e4b6aa9c2fc4
part 10 - Fix TypeMonitorResult to check for TypeScript instead of BaselineScript. r=tcampbell
Assignee

Comment 15

2 months ago

Next patch will call CanEnterBaselineJIT also for BaselineInterpreter => BaselineJIT OSR.

Assignee

Comment 16

2 months ago

baselineWarmUpThreshold should be renamed to baseline{Jit,Compiler}WarmUpThreshold,
but that will happen later with other prefs-related changes.

Depends on D27320

Comment 18

2 months ago
Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/8d11a480d4ae
part 1 - Move initEnvironmentChain from BaselineCompiler to BaselineCodeGen. r=djvj
Assignee

Updated

2 months ago
Depends on: 1544737
Assignee

Comment 21

2 months ago

When the Baseline Interpreter is enabled unconditionally we will be able to
simplify this a bit more, but for now we support both cases.

Assignee

Comment 22

2 months ago

(In reply to Bogdan Tara[:bogdan_tara] from comment #19)

:jandem these changes seem to have caused a high occurrence issue on asan:

Looks like it's build-dependent? Looking at today's Linux64 ASan dt5 it's mostly green again.

Assignee

Updated

2 months ago
Flags: needinfo?(jdemooij)
Assignee

Comment 23

2 months ago

This prevents some false positive rooting hazards with later patches in the stack.

It would be pretty bad if this callback could GC (browser-only, in the middle of
frame iteration).

Comment 24

2 months ago
Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/61b8f711a276
part 10.5 - Move the AutoSuppressGCAnalysis in FrameIter's constructor into FrameIter::principalsSubsumeFrame. r=jonco
https://hg.mozilla.org/integration/autoland/rev/32308895e797
part 11 - Some OSR-related BaselineFrame changes. r=tcampbell
https://hg.mozilla.org/integration/autoland/rev/6dac2e4b4cab
part 12 - Move ensureExecutionObservabilityOfOsrFrame call into CanEnterBaselineJIT. r=tcampbell
https://hg.mozilla.org/integration/autoland/rev/6621a7124917
part 13 - Add some code to support entering the interpreter and triggering Baseline compilation from the interpreter. r=tcampbell

Comment 29

2 months ago
Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/ef9c8c88826b
part 14 - BaselineCompiler changes for JSOP_RESUME. r=djvj

Comment 31

2 months ago
Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/1f4a83429dcd
part 15 - Implement emitWarmUpCounterIncrement. r=tcampbell
https://hg.mozilla.org/integration/autoland/rev/c7006cb7cd64
part 16 - Implement pushScriptNameArg, emit_JSOP_STRING, emit_JSOP_SYMBOL. r=tcampbell

Comment 32

2 months ago
Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/e8322e4b5e3c
part 17 - Fix InterpreterFrameInfo::popn to account for sizeof(Value). r=djvj

Comment 38

2 months ago
Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/827f19b7bf2b
part 18 - Various minor changes for debugger support. r=tcampbell

Comment 40

2 months ago
Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/f52499501a14
part 19 - Add BaselineInterpreter class and use it in various places. r=tcampbell
Assignee

Comment 45

2 months ago

Most of the script->resetWarmUpCounter() calls are heuristics to delay Ion compilation.
This patch adds resetWarmUpCounterToDelayIonCompilation to make that more explicit.

This method does nothing if the script is not warm enough for Baseline compilation, to
ensure scripts never get stuck in the (Baseline) interpreter.

Assignee

Comment 47

2 months ago

Initially the plan was for the Baseline Interpreter to "support"
JSOP_FORCEINTERPRETER like the C++ interpreter. However this complicated
many things:

  • We needed to do a VM call to allocate a TypeScript when we resumed
    generators (the only place where it was needed).

  • This meant our Baseline Interpreter warm-up heuristics didn't apply to
    generators.

  • It complicates the profiler work because it assumes all Baseline Interpreter
    frames have a TypeScript.

We've been moving towards making the Baseline Interpreter more like the JITs
for now (requiring a TypeScript instead of a BaselineScript) so I think this is
the right move until we change that.

This also improves things for the Baseline Compiler: we now have a MOZ_CRASH
instead of an abort.

Comment 48

2 months ago
Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/16ed123dc401
part 20 - Implement more BaselineInterpreterCodegen bits. r=djvj

Comment 49

2 months ago
Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/2bea789487b7
part 24 - Fix JSScript::resetWarmUpCounter() calls to not affect Baseline. r=tcampbell
Assignee

Comment 50

2 months ago

This is a basic threaded interpreter design. Performance is pretty good but we
can optimize it more in the future when everything else is in place.

Attachment #9063510 - Attachment description: Bug 1541404 part 27 - Implement initial emitInterpreterLoop implementation. r?djvj! → Bug 1541404 part 27 - Implement emitInterpreterLoop. r?djvj!

(In reply to Jan de Mooij [:jandem] from comment #50)

Created attachment 9063510 [details]
Bug 1541404 part 27 - Implement emitInterpreterLoop. r?djvj!

This is a basic threaded interpreter design. Performance is pretty good but we
can optimize it more in the future when everything else is in place.

Was reviewing this and thought I'd record some thoughts for future reference here. There are a few key pieces of state that would be really worthwhile to keep in registers in the interpreter loop:

  1. The BytecodePC - currently each iteration of the interpreter loop includes two reads and a write of the pc slot in the frame.
  2. The ICChain pointer - once again, each iteration of the interpreter loop for an IC-ed op reads and writes this slot in the frame.

I've proposed this dispatch scheme before but I'd like to detail it again:

We can avoid the load of the address label entirely. We have a maximum of 256 bytecode ops. Even at, say, 256 bytes per op we'd only use 64k for all the jitcode over all possible ops. If we can align the start of each op-handler in a contiguous space, then the instruction dispatch can be come (BASE_ADDR + (opCode << ALIGN)).

If we kept the BaseAddr for the interpreter switch bodies in a persistent well-known register, we'd avoid the immediate-load of that base address as well (but this is likely less important as I suspect immediate loads just get turned into immediate values early on in the instruction pipeline).

Overall I think we could save about half a dozen reads and writes. Having a notion of reserved registers would be a change across all the opcode implementations, but it should be a one-time thing. Given that this code runs once per bytecode op, though, it's worth shaving off every instruction we can.

I'd note that the C++ interpreter benefits from being able to keep |pc| and other state live by inlining the interpreter table and implicitly assuming register state between jumps.

Assignee

Comment 53

2 months ago

(In reply to Kannan Vijayan [:djvj] from comment #52)

There are a few key pieces of state that would be really worthwhile to keep in registers in the interpreter loop:

Yeah, I had a patch to do this for the pc and it's a pretty serious win (it's storing/loading it before/after every VM and IC call). However it's more annoying to do on 32-bit x86 because of register pressure (opcode implementations using R2 will become more complicated). Maybe a scheme where only non-x86 platforms keep pc in a register would work. Doing this for the ICEntry* pointer is more complicated and I'm not sure it's worth it because of other IC overhead.

Bug 1522394 has some ideas as well. There are a lot of things we could experiment with once everything is in place.

Comment 54

2 months ago
Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/6fabc0c9c2cd
part 21 - Interpreter DebugTrapHandler changes. r=nbp
https://hg.mozilla.org/integration/autoland/rev/b84d8c19fdea
part 22 - Add BaselineInterpreterGenerator::emitDebugTrap. r=djvj
https://hg.mozilla.org/integration/autoland/rev/8da1d9e605dd
part 23 - Implement more BaselineInterpreterGenerator bits. r=djvj
https://hg.mozilla.org/integration/autoland/rev/8c4c11458570
part 25 - Various minor changes. r=djvj
https://hg.mozilla.org/integration/autoland/rev/da74be741b81
part 26 - Some JSOP_FORCEINTERPRETER changes. r=tcampbell

(In reply to Jan de Mooij [:jandem] from comment #53)

(In reply to Kannan Vijayan [:djvj] from comment #52)

There are a few key pieces of state that would be really worthwhile to keep in registers in the interpreter loop:

Yeah, I had a patch to do this for the pc and it's a pretty serious win (it's storing/loading it before/after every VM and IC call). However it's more annoying to do on 32-bit x86 because of register pressure (opcode implementations using R2 will become more complicated). Maybe a scheme where only non-x86 platforms keep pc in a register would work. Doing this for the ICEntry* pointer is more complicated and I'm not sure it's worth it because of other IC overhead.

Bug 1522394 has some ideas as well. There are a lot of things we could experiment with once everything is in place.

On x86, wouldn't it still be possible to sync everything to the stack frame at the start of the frame and then continue from there? We can keep the frame slots for this state, but we don't need to update them synchronously on every op.

Regressions: 1550807
Assignee

Comment 57

2 months ago

(In reply to Kannan Vijayan [:djvj] from comment #55)

On x86, wouldn't it still be possible to sync everything to the stack frame at the start of the frame and then continue from there? We can keep the frame slots for this state, but we don't need to update them synchronously on every op.

On non-x86 there are plenty of unused registers so we could pick one that doesn't conflict with R0/R1/R2. It's possible we could still do better on 32-bit x86 with the right APIs but I'm not sure it's worth the additional complexity. I haven't given it much thought though, first goal is getting this landed :)

Assignee

Comment 58

Last month
  1. We can't use loadValue for JSOP_DOUBLE because on ARM that might use LDRD or
    LDM and these are not guaranteed to support unaligned loads. Fix is to add
    loadUnalignedValue that always uses plain 32-bit loads.

  2. DebugTrapHandler's fast path for the interpreter used "lr" as second scratch
    register, clobbering the return address. The setSecondScratchRegister mechanism
    prevents this.

Assignee

Comment 59

Last month

The code in NewArgumentsObject was wrong because the interpreter code calling it
also relies on the analysis having been performed.

Assignee

Comment 60

Last month

With this we pass all debugger jit-tests.

Assignee

Comment 62

Last month

This also has some minor changes to allow enabling the Baseline Interpreter without
the Baseline JIT.

After this is enabled by default we want to make the Interpreter a hard dependency
for Baseline (similar to how Ion requires Baseline to be enabled) and then we can
simplify some code, but of course we can't do that yet.

Comment 64

Last month
Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/760cc10c63b0
part 28 - Fix ARM issues. r=tcampbell
https://hg.mozilla.org/integration/autoland/rev/c4b0bd61050b
part 29 - Perform arguments analysis when creating the TypeScript. r=tcampbell
Assignee

Comment 65

Last month

This matches what we do for C++-interpreter frames in CollectInterpreterStackScripts and
SkipInterpreterFrameEntries. It's necessary for Interpreter => JIT OSR to work correctly.

This fixes remaining jit-test failures with --blinterp-eager

Backed out 2 changesets for causing leaks at AnalyzeArgumentsUsage

Push with failures: https://treeherder.mozilla.org/#/jobs?repo=autoland&resultStatus=testfailed%2Cbusted%2Cexception&searchStr=linux%2Cx64%2Casan%2Cmochitests%2Cwithout%2Ce10s%2Ctest-linux64-asan%2Fopt-mochitest-a11y-1proc%2Cm-1proc%28a11y%29&fromchange=c4b0bd61050bb7f3117c2a46ed740fc5d61d0700&tochange=9afa1dcd247b1d206f66e31290cec79f11dbf6c9&selectedJob=246381201

Failure log: https://treeherder.mozilla.org/logviewer.html#?job_id=246381201&repo=autoland

Backout link: https://hg.mozilla.org/integration/autoland/rev/9afa1dcd247b1d206f66e31290cec79f11dbf6c9

Failure snippet:
[task 2019-05-14T13:08:09.021Z] 13:08:09 INFO - TEST-OK | accessible/tests/mochitest/value/test_range.html | took 201ms
[task 2019-05-14T13:08:09.142Z] 13:08:09 INFO - TEST-START | Shutdown
[task 2019-05-14T13:08:09.145Z] 13:08:09 INFO - Passed: 45548
[task 2019-05-14T13:08:09.147Z] 13:08:09 INFO - Failed: 0
[task 2019-05-14T13:08:09.149Z] 13:08:09 INFO - Todo: 136
[task 2019-05-14T13:08:09.150Z] 13:08:09 INFO - Mode: non-e10s
[task 2019-05-14T13:08:09.153Z] 13:08:09 INFO - Slowest: 35610ms - chrome://mochitests/content/a11y/accessible/tests/mochitest/jsat/test_traversal.html
[task 2019-05-14T13:08:09.154Z] 13:08:09 INFO - SimpleTest FINISHED
[task 2019-05-14T13:08:09.156Z] 13:08:09 INFO - TEST-INFO | Ran 1 Loops
[task 2019-05-14T13:08:09.158Z] 13:08:09 INFO - SimpleTest FINISHED
[task 2019-05-14T13:08:10.399Z] 13:08:10 INFO - GECKO(1083) | 1557839290392 Marionette TRACE Received observer notification xpcom-will-shutdown
[task 2019-05-14T13:08:10.400Z] 13:08:10 INFO - GECKO(1083) | 1557839290393 Marionette INFO Stopped listening on port 2828
[task 2019-05-14T13:08:10.400Z] 13:08:10 INFO - GECKO(1083) | 1557839290393 Marionette DEBUG Remote service is inactive
[task 2019-05-14T13:08:15.153Z] 13:08:15 INFO - GECKO(1083) | =================================================================
[task 2019-05-14T13:08:15.153Z] 13:08:15 ERROR - GECKO(1083) | ==1083==ERROR: LeakSanitizer: detected memory leaks
[task 2019-05-14T13:08:15.154Z] 13:08:15 INFO - GECKO(1083) | Direct leak of 412 byte(s) in 1 object(s) allocated from:
[task 2019-05-14T13:08:15.154Z] 13:08:15 INFO - GECKO(1083) | #0 0x55923822a503 in __interceptor_malloc /builds/worker/workspace/moz-toolchain/src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:146:3
[task 2019-05-14T13:08:15.154Z] 13:08:15 INFO - GECKO(1083) | #1 0x7f612f278316 in js_arena_malloc /builds/worker/workspace/build/src/obj-firefox/dist/include/js/Utility.h:367:10
[task 2019-05-14T13:08:15.154Z] 13:08:15 INFO - GECKO(1083) | #2 0x7f612f278316 in js_pod_arena_malloc<unsigned char> /builds/worker/workspace/build/src/obj-firefox/dist/include/js/Utility.h:572
[task 2019-05-14T13:08:15.155Z] 13:08:15 INFO - GECKO(1083) | #3 0x7f612f278316 in maybe_pod_malloc<unsigned char> /builds/worker/workspace/build/src/js/src/vm/MallocProvider.h:53
[task 2019-05-14T13:08:15.155Z] 13:08:15 INFO - GECKO(1083) | #4 0x7f612f278316 in pod_malloc<unsigned char> /builds/worker/workspace/build/src/js/src/vm/MallocProvider.h:90
[task 2019-05-14T13:08:15.155Z] 13:08:15 INFO - GECKO(1083) | #5 0x7f612f278316 in JSScript::makeTypes(JSContext*) /builds/worker/workspace/build/src/js/src/vm/TypeInference.cpp:3528
[task 2019-05-14T13:08:15.156Z] 13:08:15 INFO - GECKO(1083) | #6 0x7f612ff0684c in ensureHasTypes /builds/worker/workspace/build/src/js/src/vm/TypeInference-inl.h:1427:21
[task 2019-05-14T13:08:15.156Z] 13:08:15 INFO - GECKO(1083) | #7 0x7f612ff0684c in js::jit::AnalyzeArgumentsUsage(JSContext*, JSScript*) /builds/worker/workspace/build/src/js/src/jit/IonAnalysis.cpp:4804
[task 2019-05-14T13:08:15.156Z] 13:08:15 INFO - GECKO(1083) | #8 0x7f612f278130 in ensureHasAnalyzedArgsUsage /builds/worker/workspace/build/src/js/src/vm/JSScript-inl.h:177:10
[task 2019-05-14T13:08:15.157Z] 13:08:15 INFO - GECKO(1083) | #9 0x7f612f278130 in JSScript::makeTypes(JSContext*) /builds/worker/workspace/build/src/js/src/vm/TypeInference.cpp:3502
[task 2019-05-14T13:08:15.157Z] 13:08:15 INFO - GECKO(1083) | #10 0x7f612fa30d64 in ensureHasTypes /builds/worker/workspace/build/src/js/src/vm/TypeInference-inl.h:1427:21
[task 2019-05-14T13:08:15.157Z] 13:08:15 INFO - GECKO(1083) | #11 0x7f612fa30d64 in js::jit::BaselineCompiler::compile() /builds/worker/workspace/build/src/js/src/jit/BaselineCompiler.cpp:166
[task 2019-05-14T13:08:15.158Z] 13:08:15 INFO - GECKO(1083) | #12 0x7f612fcc3a98 in js::jit::BaselineCompile(JSContext*, JSScript*, bool) /builds/worker/workspace/build/src/js/src/jit/BaselineJIT.cpp:229:34
[task 2019-05-14T13:08:15.165Z] 13:08:15 INFO - GECKO(1083) | #13 0x7f612ff0ef94 in js::jit::IonBuilder::canInlineTarget(JSFunction*, js::jit::CallInfo&) /builds/worker/workspace/build/src/js/src/jit/IonBuilder.cpp:449:29
[task 2019-05-14T13:08:15.167Z] 13:08:15 INFO - GECKO(1083) | #14 0x7f612ff7f165 in js::jit::IonBuilder::makeInliningDecision(JSObject*, js::jit::CallInfo&) /builds/worker/workspace/build/src/js/src/jit/IonBuilder.cpp:4319:31
[task 2019-05-14T13:08:15.168Z] 13:08:15 INFO - GECKO(1083) | #15 0x7f612ff812b4 in js::jit::IonBuilder::inlineCallsite(mozilla::Vector<js::jit::InliningTarget, 4ul, js::jit::JitAllocPolicy> const&, js::jit::CallInfo&) /builds/worker/workspace/build/src/js/src/jit/IonBuilder.cpp:4703:33
[task 2019-05-14T13:08:15.169Z] 13:08:15 INFO - GECKO(1083) | #16 0x7f612ff4f473 in js::jit::IonBuilder::jsop_call(unsigned int, bool, bool) /builds/worker/workspace/build/src/js/src/jit/IonBuilder.cpp:5963:3
[task 2019-05-14T13:08:15.170Z] 13:08:15 INFO - GECKO(1083) | #17 0x7f612ff20ab0 in js::jit::IonBuilder::inspectOpcode(JSOp) /builds/worker/workspace/build/src/js/src/jit/IonBuilder.cpp:2174:7
[task 2019-05-14T13:08:15.174Z] 13:08:15 INFO - GECKO(1083) | #18 0x7f612ff2016f in js::jit::IonBuilder::visitBlock(js::jit::CFGBlock const*, js::jit::MBasicBlock*) /builds/worker/workspace/build/src/js/src/jit/IonBuilder.cpp:1685:5
[task 2019-05-14T13:08:15.178Z] 13:08:15 INFO - GECKO(1083) | #19 0x7f612ff15c3f in js::jit::IonBuilder::traverseBytecode() /builds/worker/workspace/build/src/js/src/jit/IonBuilder.cpp:1600:5
[task 2019-05-14T13:08:15.179Z] 13:08:15 INFO - GECKO(1083) | #20 0x7f612ff18f29 in js::jit::IonBuilder::buildInline(js::jit::IonBuilder*, js::jit::MResumePoint*, js::jit::CallInfo&) /builds/worker/workspace/build/src/js/src/jit/IonBuilder.cpp:1116:3
[task 2019-05-14T13:08:15.181Z] 13:08:15 INFO - GECKO(1083) | #21 0x7f612ff7ae6d in js::jit::IonBuilder::inlineScriptedCall(js::jit::CallInfo&, JSFunction*) /builds/worker/workspace/build/src/js/src/jit/IonBuilder.cpp:4095:21
[task 2019-05-14T13:08:15.182Z] 13:08:15 INFO - GECKO(1083) | #22 0x7f612ff80ed2 in js::jit::IonBuilder::inlineSingleCall(js::jit::CallInfo&, JSObject*) /builds/worker/workspace/build/src/js/src/jit/IonBuilder.cpp:4678:10
[task 2019-05-14T13:08:15.184Z] 13:08:15 INFO - GECKO(1083) | #23 0x7f612ff8177d in js::jit::IonBuilder::inlineCallsite(mozilla::Vector<js::jit::InliningTarget, 4ul, js::jit::JitAllocPolicy> const&, js::jit::CallInfo&) /builds/worker/workspace/build/src/js/src/jit/IonBuilder.cpp:4733:12
[task 2019-05-14T13:08:15.185Z] 13:08:15 INFO - GECKO(1083) | #24 0x7f612ff4f473 in js::jit::IonBuilder::jsop_call(unsigned int, bool, bool) /builds/worker/workspace/build/src/js/src/jit/IonBuilder.cpp:5963:3
[task 2019-05-14T13:08:15.187Z] 13:08:15 INFO - GECKO(1083) | #25 0x7f612ff20ab0 in js::jit::IonBuilder::inspectOpcode(JSOp) /builds/worker/workspace/build/src/js/src/jit/IonBuilder.cpp:2174:7
[task 2019-05-14T13:08:15.189Z] 13:08:15 INFO - GECKO(1083) | #26 0x7f612ff2016f in js::jit::IonBuilder::visitBlock(js::jit::CFGBlock const*, js::jit::MBasicBlock*) /builds/worker/workspace/build/src/js/src/jit/IonBuilder.cpp:1685:5
[task 2019-05-14T13:08:15.192Z] 13:08:15 INFO - GECKO(1083) | #27 0x7f612ff15c3f in js::jit::IonBuilder::traverseBytecode() /builds/worker/workspace/build/src/js/src/jit/IonBuilder.cpp:1600:5
[task 2019-05-14T13:08:15.194Z] 13:08:15 INFO - GECKO(1083) | #28 0x7f612ff056dd in js::jit::IonBuilder::build() /builds/worker/workspace/build/src/js/src/jit/IonBuilder.cpp:926:3
[task 2019-05-14T13:08:15.195Z] 13:08:15 INFO - GECKO(1083) | #29 0x7f612feff625 in js::jit::AnalyzeNewScriptDefiniteProperties(JSContext*, JS::Handle<JSFunction*>, js::ObjectGroup*, JS::Handle<js::PlainObject*>, mozilla::Vector<js::TypeNewScriptInitializer, 0ul, js::TempAllocPolicy>) /builds/worker/workspace/build/src/js/src/jit/IonAnalysis.cpp:4586:43
[task 2019-05-14T13:08:15.197Z] 13:08:15 INFO - GECKO(1083) | #30 0x7f612f27b8f0 in js::TypeNewScript::maybeAnalyze(JSContext
, js::ObjectGroup*, bool*, bool) /builds/worker/workspace/build/src/js/src/vm/TypeInference.cpp:3938:8
[task 2019-05-14T13:08:15.199Z] 13:08:15 INFO - GECKO(1083) | #31 0x7f612ee4d607 in js::CreateThisForFunctionWithProto(JSContext*, JS::Handle<JSFunction*>, JS::Handle<JSObject*>, JS::Handle<JSObject*>, js::NewObjectKind) /builds/worker/workspace/build/src/js/src/vm/JSObject.cpp:1134:39
[task 2019-05-14T13:08:15.199Z] 13:08:15 INFO - GECKO(1083) | #32 0x7f612ee50729 in js::CreateThisForFunction(JSContext*, JS::Handle<JSFunction*>, JS::Handle<JSObject*>, js::NewObjectKind) /builds/worker/workspace/build/src/js/src/vm/JSObject.cpp:1219:7
[task 2019-05-14T13:08:15.202Z] 13:08:15 INFO - GECKO(1083) | #33 0x7f612e8f4a34 in CreateThis /builds/worker/workspace/build/src/js/src/vm/JSObject-inl.h:615:19
[task 2019-05-14T13:08:15.202Z] 13:08:15 INFO - GECKO(1083) | #34 0x7f612e8f4a34 in MaybeCreateThisForConstructor /builds/worker/workspace/build/src/js/src/vm/Interpreter.cpp:356
[task 2019-05-14T13:08:15.206Z] 13:08:15 INFO - GECKO(1083) | #35 0x7f612e8f4a34 in js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct) /builds/worker/workspace/build/src/js/src/vm/Interpreter.cpp:557
[task 2019-05-14T13:08:15.207Z] 13:08:15 INFO - GECKO(1083) | #36 0x7f612e8f6d83 in InternalConstruct(JSContext*, js::AnyConstructArgs const&) /builds/worker/workspace/build/src/js/src/vm/Interpreter.cpp:636:10
[task 2019-05-14T13:08:15.208Z] 13:08:15 INFO - GECKO(1083) | #37 0x7f612faca48d in js::jit::DoCallFallback(JSContext*, js::jit::BaselineFrame*, js::jit::ICCall_Fallback*, unsigned int, JS::Value*, JS::MutableHandle<JS::Value>) /builds/worker/workspace/build/src/js/src/jit/BaselineIC.cpp:3744:10
[task 2019-05-14T13:08:15.211Z] 13:08:15 INFO - GECKO(1083) | #38 0x3b739e0fc8f7 (<unknown module>)

Flags: needinfo?(jdemooij)
Assignee

Updated

Last month
Flags: needinfo?(jdemooij)

Comment 67

Last month
Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/ad2eae2743d4
part 27 - Implement emitInterpreterLoop. r=djvj
https://hg.mozilla.org/integration/autoland/rev/e00d479b6a92
part 28 - Fix ARM issues. r=tcampbell
https://hg.mozilla.org/integration/autoland/rev/6eea4e18512a
part 29 - Perform arguments analysis when creating the TypeScript. r=tcampbell

Comment 68

Last month
Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/6c6307b33331
part 30 - Fix some debugger issues. r=tcampbell
https://hg.mozilla.org/integration/autoland/rev/03b65e2fa7f6
part 31 - Fix record/replay instrumentation. r=bhackett
https://hg.mozilla.org/integration/autoland/rev/c9834e23330c
part 33 - Implement emitArgumentTypeChecks. r=djvj

Comment 71

Last month
Pushed by jdemooij@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/9faf24ffeaaf
part 34 - Fix BaselineDebugModeOSR to also recompile interpreter frames. r=tcampbell
Regressions: 1552685
Assignee

Updated

Last month
No longer regressions: 1552685
Assignee

Comment 73

Last month

Merge day today so I'll close this one. Part 32 still has to land but could break fuzzing so I'll land it later.

Keywords: leave-open
Target Milestone: --- → mozilla68
Assignee

Updated

Last month
Status: ASSIGNED → RESOLVED
Closed: 3 months agoLast month
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.