1674790 - Teach jitsrc to unwind relocations

Status: RESOLVED INVALID

(Core :: JavaScript Engine, enhancement)

Description

[Matthew Gaudet (he/him) [:mgaudet]]

jitsrc (Bug 1661763) is -great-.

One thing I find reasonably often is it gets stuck in relocation processing:

0x00005605cbf229e3 in js::jit::X86Encoding::SetInt32 (where=0x7f3fd61460b5, value=233) at /home/matthew/unified/js/src/jit/x86-shared/Patching-x86-shared.h:32
32        memcpy((char*)where - sizeof(int32_t), &value, sizeof(int32_t));
(rr) bt
#0  0x00005605cbf229e3 in js::jit::X86Encoding::SetInt32 (where=0x7f3fd61460b5, value=233) at /home/matthew/unified/js/src/jit/x86-shared/Patching-x86-shared.h:32
#1  0x00005605cbf23385 in js::jit::X86Encoding::SetRel32 (from=0x7f3fd61460b5, to=0x7f3fd614619e) at /home/matthew/unified/js/src/jit/x86-shared/Patching-x86-shared.h:44
#2  0x00005605cbf23203 in js::jit::X86Encoding::BaseAssembler::linkJump (this=0x7f3fd6dfb368, from=..., to=...)
    at /home/matthew/unified/js/src/jit/x86-shared/BaseAssembler-x86-shared.h:3953
#3  0x00005605cbf1adcb in js::jit::AssemblerX86Shared::bind (this=0x7f3fd6dfb040, label=0x7f3fd6dfbf7c) at /home/matthew/unified/js/src/jit/x86-shared/Assembler-x86-shared.h:1002
#4  0x00005605cc173218 in js::jit::CodeGeneratorX86Shared::generateOutOfLineCode (this=0x7f3fd6dfb000)
    at /home/matthew/unified/js/src/jit/x86-shared/CodeGenerator-x86-shared.cpp:553
#5  0x00005605cc31a1d9 in js::jit::CodeGenerator::generate (this=0x7f3fd6dfb000) at /home/matthew/unified/js/src/jit/CodeGenerator.cpp:11517
#6  0x00005605cc3b94eb in js::jit::GenerateCode (mir=0x7f3fd610c210, lir=0x7f3fd5ba18c8) at /home/matthew/unified/js/src/jit/Ion.cpp:1469
#7  0x00005605cc3b97ba in js::jit::CompileBackEnd (mir=0x7f3fd610c210, snapshot=0x7f3fd610c810) at /home/matthew/unified/js/src/jit/Ion.cpp:1500
#8  0x00005605cc3beefd in js::jit::IonCompile (cx=0x7f3fd6d2f000, script=..., baselineFrame=0x7ffc1359f260, baselineFrameSize=112, osrPc=0x7f3fd61d9db7 "\230\a", recompile=false, 
    optimizationLevel=js::jit::OptimizationLevel::Full) at /home/matthew/unified/js/src/jit/Ion.cpp:1768
#9  0x00005605cc3ba986 in js::jit::Compile (cx=0x7f3fd6d2f000, script=..., osrFrame=0x7ffc1359f260, osrFrameSize=112, osrPc=0x7f3fd61d9db7 "\230\a", forceRecompile=false)
    at /home/matthew/unified/js/src/jit/Ion.cpp:2046
#10 0x00005605cc3bfeb9 in BaselineCanEnterAtBranch (cx=0x7f3fd6d2f000, script=..., osrFrame=0x7ffc1359f260, osrFrameSize=112, pc=0x7f3fd61d9db7 "\230\a")
    at /home/matthew/unified/js/src/jit/Ion.cpp:2244
#11 0x00005605cc3baeb8 in IonCompileScriptForBaseline (cx=0x7f3fd6d2f000, frame=0x7ffc1359f260, frameSize=112, pc=0x7f3fd61d9db7 "\230\a")
    at /home/matthew/unified/js/src/jit/Ion.cpp:2296
#12 0x00005605cc3bb381 in js::jit::IonCompileScriptForBaselineOSR (cx=0x7f3fd6d2f000, frame=0x7ffc1359f260, frameSize=112, pc=0x7f3fd61d9db7 "\230\a", infoPtr=0x7ffc1359f208)
    at /home/matthew/unified/js/src/jit/Ion.cpp:2430

in particular in linkJump

it would be lovely if we could keep following further.

Comment 1

[Matthew Gaudet (he/him) [:mgaudet]]

Hmm. I misunderstood what I was seeing. Closing this as INVALID, as I don't think there's a general fix.

Comment 2

[Iain Ireland [:iain]]

Attachment: Bug 1674790: Unwind past relocations in jitsrc r=mgaudet

The new address is computed as "old_address - [beginning of buffer containing old address] + [beginning of buffer containing new address]", so if we use 0 for the dest and src, we get the old address back. This will skip past the relocation to find where we wrote the unrelocated instruction.

Comment 3

[Pulsebot]

Pushed by iireland@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/5d4eb9a8e5c8
Unwind past relocations in jitsrc r=mgaudet DONTBUILD

Comment 4

[Cristian Brindusan [:cbrindusan]]

https://hg.mozilla.org/mozilla-central/rev/5d4eb9a8e5c8