529218 - nanojit: underrunProtect() fixes for X64 backend

Status: RESOLVED FIXED

(Core :: JavaScript Engine, defect)

Description

[Nicholas Nethercote [inactive]]

Attachment: patch

Bug 520712 introduced some underrunProtect() problems in the X64 backend.  A follow-up patch fixed one of them, but there are several remaining.  This patch fixes all of them, AFAICT, and commons out some code in the process hopefully making things less error-prone.  (It also fixes a printf-style compile warning.)

I tested this by reducing the size of chunks allocated by codeAlloc to only 128 bytes.  After doing that, without this patch, Tracemonkey was fairly crashy and Tamarin was totally crashy;  with the patch both were fine, albeit slower than usual.  (I tried 64 bytes as well but got assertions in the code allocator, that seems to be Just Too Small.)

Comment 1

[Nicholas Nethercote [inactive]]

Attachment: patch shrinking code chunk size to 128 bytes

In case anyone wants to try it out.

Comment 2

[Edwin Smith]

Comment on attachment 412778 [details] [diff] [review]
patch

Nice.

In the PPC backend, I introduced a PEDANTIC #define, to enable/disable stuff like this to stress-test various things.  (small code chunks, limited registers, large displacements for loads, etc).

if you like that pattern, you could tie the codealloc chunk size to PEDANTIC.  but totally optional and out of scope for this bug, probably.

Comment 4

[Edwin Smith]

nanojit: http://hg.mozilla.org/projects/nanojit-central/rev/7972be620488
tamarin: http://hg.mozilla.org/tamarin-redux/rev/22912629a250

Comment 5

[Nicholas Nethercote [inactive]]

http://hg.mozilla.org/tracemonkey/rev/2ed4651b95a9

Comment 6

[Nicholas Nethercote [inactive]]

http://hg.mozilla.org/mozilla-central/rev/2ed4651b95a9