Last Comment Bug 678154 - Porting MethodJIT to MIPS architecture
: Porting MethodJIT to MIPS architecture
Status: RESOLVED FIXED
:
Product: Core
Classification: Components
Component: JavaScript Engine (show other bugs)
: 1.8 Branch
: Other Linux
: -- normal (vote)
: mozilla12
Assigned To: Chao-ying Fu
:
Mentors:
Depends on: 749530
Blocks:
  Show dependency treegraph
 
Reported: 2011-08-11 02:58 PDT by qjivy
Modified: 2012-04-26 23:15 PDT (History)
11 users (show)
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments
MIPS METHODJIT patch (123.83 KB, patch)
2011-08-19 17:07 PDT, Chao-ying Fu
no flags Details | Diff | Splinter Review
Initial Work on MethodJIT's MIPS porting. (162.68 KB, patch)
2011-08-24 21:14 PDT, qjivy
no flags Details | Diff | Splinter Review
MIPS Method JIT with MONOIC and POLYIC (130.66 KB, patch)
2011-08-26 18:06 PDT, Chao-ying Fu
no flags Details | Diff | Splinter Review
Enable NANOJIT and bug fixes (132.67 KB, patch)
2011-09-02 14:32 PDT, Chao-ying Fu
no flags Details | Diff | Splinter Review
Latest MIPS methodjit (152.42 KB, patch)
2011-09-13 17:12 PDT, Chao-ying Fu
no flags Details | Diff | Splinter Review
MIPS methodjit 20110927 (152.62 KB, patch)
2011-09-29 10:51 PDT, Chao-ying Fu
dvander: review+
Details | Diff | Splinter Review
MIPS MethodJIT 20111122 (155.17 KB, patch)
2011-11-22 10:54 PST, Chao-ying Fu
no flags Details | Diff | Splinter Review
MIPS MethodJIT 20120110 (177.38 KB, patch)
2012-01-10 14:17 PST, Chao-ying Fu
dvander: review+
Details | Diff | Splinter Review
MIPS MethodJIT 20120112 (177.42 KB, patch)
2012-01-12 18:19 PST, Chao-ying Fu
dvander: review+
Details | Diff | Splinter Review

Description qjivy 2011-08-11 02:58:46 PDT
I want to know if any previous work has been done on such a task? 
And is there anything I can reference to?

Now, I have done something on porting of JaegerTrampoline, JaegerTrampolineReturn, JaegerThrowpoline and InjectJaegerReturn and adding macro definitions to pass compile. Also, MIPS assembler back end is borrowd from Webkit in to assembler/assmbler/ directory.

Eagerly looking forward to some advices to me, thanks :)
Comment 1 David Mandelin [:dmandelin] 2011-08-12 11:36:42 PDT
Sounds like you're on the track. How is it working?

David, do you have any particular advice?
Comment 2 Chao-ying Fu 2011-08-19 17:07:42 PDT
Created attachment 554591 [details] [diff] [review]
MIPS METHODJIT patch

Hi All,

  We (at MIPS) recently started to work on METHODJIT for MIPS, and would like to contribute our code to Mozilla.  So far, I got basic stuff working on a MIPS Debian Linux machine (O32 ABI).  (I didn't enable MONOIC and POLYIC.)  The jit_tests.py result is ok, and the jstests.py result has two regressions and several timeouts.
Ex:
REGRESSIONS
    js1_8_5/extensions/typedarray.js
    js1_8_5/extensions/worker-terminate.js

  Here is the current patch, if you are interested.  I will post a new patch, after I do more testing when enabling MONOIC and POLYIC.  Thanks a lot!
  
Regards,
Chao-ying
Comment 3 qjivy 2011-08-24 21:14:49 PDT
Created attachment 555633 [details] [diff] [review]
Initial Work on MethodJIT's MIPS porting.
Comment 4 qjivy 2011-08-24 21:20:54 PDT
The changes as following:
<1>configure related files.
<2>Basic trampoline routines for mjit in the methodjit directory.
<3>The VMFrame  struct is designed accroding to the understanding on ABIs, especially call conventions of ARM,X86,X64 and MIPS.
<4>We use the MIPS back-end which is borrowed from Webkit,and add it into the directory assembler/assembler.
    
Things I think as TODOs:
    <1>I still doubt that if the layout of VMFrame is correct. 
    <2>Arm needs stub veneer to save LR in proper position in order to slove THROW. While MIPS has not an automatic mechanism to save return address in stack, I think we shoule design veneer for MIPS too.
    <3>MIPS is the same as the ARM in fixed width instructions. An instuction can not contain long immediate numbers because the width of imm is limited by insn-width. So ARM introduces constant pool. Thus, I think MIPS needs constant pool as well.
Comment 5 qjivy 2011-08-25 21:17:44 PDT
(In reply to Chao-ying Fu from comment #2)
> Created attachment 554591 [details] [diff] [review]
> MIPS METHODJIT patch
> 
> Hi All,
> 
>   We (at MIPS) recently started to work on METHODJIT for MIPS, and would
> like to contribute our code to Mozilla.  So far, I got basic stuff working
> on a MIPS Debian Linux machine (O32 ABI).  (I didn't enable MONOIC and
> POLYIC.)  The jit_tests.py result is ok, and the jstests.py result has two
> regressions and several timeouts.
> Ex:
> REGRESSIONS
>     js1_8_5/extensions/typedarray.js
>     js1_8_5/extensions/worker-terminate.js
> 
>   Here is the current patch, if you are interested.  I will post a new
> patch, after I do more testing when enabling MONOIC and POLYIC.  Thanks a
> lot!
>   
> Regards,
> Chao-ying


Hi,Chao ying:
I am very glad that you join this work and I have learned a lot from your patch.
May I ask you how you disable MIC and PIC in your test? I did it by --disable-monic and --disable-polyic when doing configurations, but the building is failed when compile Methodjit.cpp. 
The log is :
../methodjit/MethodJIT.cpp: In member function 鈉har* js::mjit::JITScript::monoICSectionsLimit() const?
../methodjit/MethodJIT.cpp:869: error: 鈔mapSectionsLimit?was not declared in this scope
../methodjit/MethodJIT.cpp: In member function 鈐sbytecode* js::mjit::JITScript::nativeToPC(void*) const?
../methodjit/MethodJIT.cpp:1066: error: 鈔CallICs?was not declared in this scope
../methodjit/MethodJIT.cpp:1067: error: 釩allICInfo?is not a member of 鈐s::mjit::ic?
../methodjit/MethodJIT.cpp:1067: error: 鈉allICs_?was not declared in this scope
../methodjit/MethodJIT.cpp:1067: error: 鈉allICs?was not declared in this scope
../methodjit/MethodJIT.cpp:1083: error: 釩allICInfo?is not a member of 鈐s::mjit::ic?
../methodjit/MethodJIT.cpp:1083: error: expected primary-expression before ??token
../methodjit/MethodJIT.cpp:1086: error: expected primary-expression before ??token
../nanojit/Nativei386.h: At global scope:
../nanojit/Nativei386.h:167: warning: 鈔anojit::ScratchRegs?defined but not used
../nanojit/Nativei386.h:170: warning: 鈔anojit::AllowableByteRegs?defined but not used
make[1]: *** [MethodJIT.o] 殍 1
make[1]: Leaving directory `/home/qiuji/firefox/javascript/js-1.8.5/js/src/build_disIC'
make: *** [default] 殍 2


As I see in the function nativeToPC in Methodjit.cpp, the callICs cann't be avoid by any #ifdef.

Could you give some hint to slove this problem? Thank you.
Comment 6 Chao-ying Fu 2011-08-26 18:06:45 PDT
Created attachment 556193 [details] [diff] [review]
MIPS Method JIT with MONOIC and POLYIC

Hi All,

  Here is my latest patch.  It enables MONOIC and POLYIC.  The jit_tests result is ok, and the jstests result has the same 2 failures as the one without METHODJIT at all.  (I didn't enable NANOJIT/TRACEJIT, as Chris Dearman will make sure his code will be ok.  Then, we will enable NANOJIT/TRACEJIT later.)

REGRESSIONS
    js1_8_5/extensions/typedarray.js
    js1_8_5/extensions/worker-terminate.js

  If you have any feedback, please let me know.  Thanks a lot!

Regards,
Chao-ying
Comment 7 Chao-ying Fu 2011-08-29 10:36:54 PDT
(In reply to qjivy from comment #5)
> (In reply to Chao-ying Fu from comment #2)
> > Created attachment 554591 [details] [diff] [review]
> > MIPS METHODJIT patch
> > 
> > Hi All,
> > 
> >   We (at MIPS) recently started to work on METHODJIT for MIPS, and would
> > like to contribute our code to Mozilla.  So far, I got basic stuff working
> > on a MIPS Debian Linux machine (O32 ABI).  (I didn't enable MONOIC and
> > POLYIC.)  The jit_tests.py result is ok, and the jstests.py result has two
> > regressions and several timeouts.
> > Ex:
> > REGRESSIONS
> >     js1_8_5/extensions/typedarray.js
> >     js1_8_5/extensions/worker-terminate.js
> > 
> >   Here is the current patch, if you are interested.  I will post a new
> > patch, after I do more testing when enabling MONOIC and POLYIC.  Thanks a
> > lot!
> >   
> > Regards,
> > Chao-ying
> 
> 
> Hi,Chao ying:
> I am very glad that you join this work and I have learned a lot from your
> patch.
> May I ask you how you disable MIC and PIC in your test? I did it by
> --disable-monic and --disable-polyic when doing configurations, but the
> building is failed when compile Methodjit.cpp. 
> The log is :
> ../methodjit/MethodJIT.cpp: In member function 鈉har*
> js::mjit::JITScript::monoICSectionsLimit() const?
> ../methodjit/MethodJIT.cpp:869: error: 鈔mapSectionsLimit?was not declared in
> this scope
> ../methodjit/MethodJIT.cpp: In member function 鈐sbytecode*
> js::mjit::JITScript::nativeToPC(void*) const?
> ../methodjit/MethodJIT.cpp:1066: error: 鈔CallICs?was not declared in this
> scope
> ../methodjit/MethodJIT.cpp:1067: error: 釩allICInfo?is not a member of
> 鈐s::mjit::ic?
> ../methodjit/MethodJIT.cpp:1067: error: 鈉allICs_?was not declared in this
> scope
> ../methodjit/MethodJIT.cpp:1067: error: 鈉allICs?was not declared in this
> scope
> ../methodjit/MethodJIT.cpp:1083: error: 釩allICInfo?is not a member of
> 鈐s::mjit::ic?
> ../methodjit/MethodJIT.cpp:1083: error: expected primary-expression before
> ??token
> ../methodjit/MethodJIT.cpp:1086: error: expected primary-expression before
> ??token
> ../nanojit/Nativei386.h: At global scope:
> ../nanojit/Nativei386.h:167: warning: 鈔anojit::ScratchRegs?defined but not
> used
> ../nanojit/Nativei386.h:170: warning: 鈔anojit::AllowableByteRegs?defined but
> not used
> make[1]: *** [MethodJIT.o] 殍 1
> make[1]: Leaving directory
> `/home/qiuji/firefox/javascript/js-1.8.5/js/src/build_disIC'
> make: *** [default] 殍 2
> 
> 
> As I see in the function nativeToPC in Methodjit.cpp, the callICs cann't be
> avoid by any #ifdef.
> 
> Could you give some hint to slove this problem? Thank you.

To workaround, just comment out everything inside the function nativeToPC().  And, I added "#include "methodjit/Logging.h" to several files in order to have the debug build.  Thanks!

Regards,
Chao-ying
Comment 8 Chao-ying Fu 2011-09-02 14:32:29 PDT
Created attachment 557947 [details] [diff] [review]
Enable NANOJIT and bug fixes

Here is a new patch.  Changes are as follow.
1. Update mozilla source code.
2. Enable NanoJIT for MIPS.
3. Convert shifted MIPS NaN values to shiftedCanonicalNaN correctly.

I only tested "js" on a MIPS32 machine with the O32-ABI build.  Maybe someone can help to test if N32 or N64 builds can work on 64-bit MIPS machines.  Thanks a lot!

Regards,
Chao-ying
Comment 9 Chao-ying Fu 2011-09-13 17:12:59 PDT
Created attachment 560075 [details] [diff] [review]
Latest MIPS methodjit

Here is the latest MIPS methodjit patch based on the latest code base.
The release build can pass all jit_test.py tests, while
the debug build has 35 failures due to unknown path in MIPS trace JIT.

Any feedback?  Thanks a lot!

Regards,
Chao-ying
Comment 10 xiuzhi 2011-09-28 19:15:04 PDT
Hi Chaoying ,
 Which code base did you patch?
Comment 11 Chao-ying Fu 2011-09-29 10:46:17 PDT
Hi Xiuzhi,

  I patched against the mainline.  Due to changes of mainline, I need to update my patch often.  I will post a new patch that was updated on 9/27/2011.
Ex:
fu@debian:/disk/fu/dev/mercurial/mozilla-central$ hg parent
tag:         tip
user:        Boris Zbarsky <bzbarsky@mit.edu>
date:        Tue Sep 27 13:19:35 2011 -0400
summary:     Version bump to 10.0a1 on CLOSED TREE

Regards,
Chao-ying
Comment 12 Chao-ying Fu 2011-09-29 10:51:58 PDT
Created attachment 563461 [details] [diff] [review]
MIPS methodjit 20110927

ChangeLog:
1. In jsnum.h, MIPS cannot use the new method to detect NaN.  So I stick to the old method for MIPS NaN detection.

This patch is against this tip.
changeset:   77711:7f4867717226
tag:         tip
user:        Boris Zbarsky <bzbarsky@mit.edu>
date:        Tue Sep 27 13:19:35 2011 -0400
summary:     Version bump to 10.0a1 on CLOSED TREE

  Thanks!

Regards,
Chao-ying
Comment 13 David Mandelin [:dmandelin] 2011-10-10 16:12:37 PDT
What's the status of this patch? Is it something that passes tests, and you want review, or are you asking for general feedback?
Comment 14 Chao-ying Fu 2011-10-12 11:19:52 PDT
(In reply to David Mandelin from comment #13)
> What's the status of this patch? Is it something that passes tests, and you
> want review, or are you asking for general feedback?

Hi David,

  I want maintainers to review this patch and if the patch is ok, can someone help to commit this patch?

  About testing, the release build is fine for jit_test.py and jstests.py.  The debug build had some issues with unknown paths in trace_jit.  (I don't know if it is critical to fix the unknown-path issue in trace_jit.)

  Thanks a lot!

Regards,
Chao-ying
Comment 15 David Anderson [:dvander] 2011-10-21 19:28:53 PDT
Comment on attachment 563461 [details] [diff] [review]
MIPS methodjit 20110927

Review of attachment 563461 [details] [diff] [review]:
-----------------------------------------------------------------

Nice work!

::: js/src/jsnum.h
@@ +95,2 @@
>      return (u.s.hi & JSDOUBLE_HI32_NAN) == JSDOUBLE_HI32_NAN;
> +#endif

Out of curiosity, why was this change necessary?

::: js/src/methodjit/Compiler.cpp
@@ +936,5 @@
>                        stubcc.size() +
>                        (masm.numDoubles() * sizeof(double)) +
>                        (stubcc.masm.numDoubles() * sizeof(double)) +
>                        jumpTableOffsets.length() * sizeof(void *);
> +#endif

Instead of duplicating this expression, it might be easier to have:

 ...
#if defined(JS_CPU_MIPS) 
    stubcc.size() + sizeof(double) +
#else
    stubcc.size() +
#endif
 ...
Comment 16 Chao-ying Fu 2011-10-24 11:33:14 PDT
(In reply to David Anderson [:dvander] from comment #15)
> Comment on attachment 563461 [details] [diff] [review] [diff] [details] [review]
> MIPS methodjit 20110927
> 
> Review of attachment 563461 [details] [diff] [review] [diff] [details] [review]:
> -----------------------------------------------------------------
> 
> Nice work!

  Thanks!

> 
> ::: js/src/jsnum.h
> @@ +95,2 @@
> >      return (u.s.hi & JSDOUBLE_HI32_NAN) == JSDOUBLE_HI32_NAN;
> > +#endif
> 
> Out of curiosity, why was this change necessary?

  The NaN value that MIPS instructions generate is 0x7FF7FFFF FFFFFFFF or 0xFFF7FFFF FFFFFFFF, so matching JSDOUBLE_HI32_NAN (0x7ff80000) fails on MIPS.

> 
> ::: js/src/methodjit/Compiler.cpp
> @@ +936,5 @@
> >                        stubcc.size() +
> >                        (masm.numDoubles() * sizeof(double)) +
> >                        (stubcc.masm.numDoubles() * sizeof(double)) +
> >                        jumpTableOffsets.length() * sizeof(void *);
> > +#endif
> 
> Instead of duplicating this expression, it might be easier to have:
> 
>  ...
> #if defined(JS_CPU_MIPS) 
>     stubcc.size() + sizeof(double) +
> #else
>     stubcc.size() +
> #endif
>  ...

  Yes, that's better.  Should I upload a new patch?  Or can someone modify the patch and commit to the trunk?  Thanks a lot!

Regards,
Chao-ying
Comment 17 Chao-ying Fu 2011-11-22 10:54:41 PST
Created attachment 576208 [details] [diff] [review]
MIPS MethodJIT 20111122

Hi All,

  Here is a new patch.  I built the whole firefox browser and found a bug in TrampolineMIPS.cpp.  The function "JaegerTrampoline" fails to set up $28 (gp) correctly, because it is called from other shared-libraries.  I fixed this bug by using lui $28,%hi(_gp_disp)/addiu $28,$28,%lo(_gp_disp)/addu $28,$28,$25.  And I changed version scripts to keep __RLD_MAP global to let ld.so.1 work.
The MIPS-version firefox did run under Debian MIPS Linux.

Note 1: This patch is against this changeset.
changeset:   80557:9276e3274f18
tag:         tip
parent:      80536:78cd6a30e250
parent:      80556:0c4d3b7be17e
user:        Matt Brubeck <mbrubeck@mozilla.com>
date:        Mon Nov 21 08:41:42 2011 -0800
summary:     Merge last green changeset from mozilla-inbound to mozilla-central

Note 2: I didn't include atomicops_internals_mips_gcc.h (by Zhang, Le) in the patch.  People can get this file by searching the web.

  Thanks!

Regards,
Chao-ying
Comment 18 David Mandelin [:dmandelin] 2011-11-22 14:57:34 PST
(In reply to Chao-ying Fu from comment #17)
> Created attachment 576208 [details] [diff] [review] [diff] [details] [review]
> MIPS MethodJIT 20111122

Thanks for the update. You'll need to put the name of a reviewer in the review-request box for your patch. Last time you asked David Anderson (:dvander), who would still be a good reviewer.
Comment 19 Chao-ying Fu 2011-11-22 15:01:50 PST
Comment on attachment 576208 [details] [diff] [review]
MIPS MethodJIT 20111122

Please help review this patch.  Thanks!
Comment 20 Cameron Kaiser [:spectre] 2011-12-19 11:31:27 PST
Chao-ying, does your work pass tests with type inference enabled?
Comment 21 Chao-ying Fu 2011-12-19 11:59:24 PST
(In reply to Cameron Kaiser from comment #20)
> Chao-ying, does your work pass tests with type inference enabled?

  I just ran the release build (on 2011/11/21) with mn flags.  Previously, I used map and j jitflags for testing.
Ex:
fu@debian:/disk/fu/dev/mercurial/mozilla-central/js/src/jit-test$ ./jit_test.py
 /disk/fu/dev/mercurial/buildjs11/js --jitflags=mn
[1797|   1|   1|1798]    100% =======================================>|  460.9s
FAILURES:
TIMEOUTS:
    -m -n /disk/fu/dev/mercurial/mozilla-central/js/src/jit-test/tests/basic/bug
698584.js

  Thanks!

Regards,
Chao-ying
Comment 22 Chao-ying Fu 2012-01-10 14:17:06 PST
Created attachment 587471 [details] [diff] [review]
MIPS MethodJIT 20120110

Hi All,

  This is the latest patch on top of this changeset.
Ex:
changeset:   84099:011e3cef6068
tag:         tip
parent:      84079:46282354b7be
parent:      84098:25fe3fddc59e
user:        Ed Morley <bmo@edmorley.co.uk>
date:        Tue Jan 10 17:57:29 2012 +0000
summary:     Merge last green changeset of mozilla-inbound to mozilla-central

  ChangeLog since last time:
1. Set ENABLE_METHODJIT_TYPED_ARRAY to 1 by adding MIPS assembly functions.
2. Fixed merging issues.

  JIT testing with "-m -n -a" flags is ok.
  Thanks!

Regards,
Chao-ying
Comment 23 Chao-ying Fu 2012-01-12 13:49:29 PST
Hi David,

  Thanks for your review!  I would like to post a new patch to fix three failures when running with -m only.  (For the previous patch, I forget to test this configuration.)

  The fix is in MIPS's JaegerStubVeneer.  Originally, I stored the return address to 104($sp).  However, this doesn't work when extra stack space is created, and the fixed positive offset "104" is not valid any more.  So, my fix is to adjust the stack downward and to store the return address in this new stack space.  The jit-test results are ok now.

  But, I still have a question about returnAddressLocation() as follows.
Ex: (in MethodJIT.h)
    inline void** returnAddressLocation() {
        return reinterpret_cast<void**>(this) - 1;
    }

  If extra stack space is created before entering a stubcall, how can a stubcall finds the correct location in returnAddressLocation() for throwing exceptions?  It seems that extra stack space is not considered in returnAddressLocation().  Does the MethodJIT design never hit this situation?

  Thanks!

Regards,
Chao-ying
Comment 24 David Anderson [:dvander] 2012-01-12 14:17:12 PST
(In reply to Chao-ying Fu from comment #23)
>   But, I still have a question about returnAddressLocation() as follows.
> Ex: (in MethodJIT.h)
>     inline void** returnAddressLocation() {
>         return reinterpret_cast<void**>(this) - 1;
>     }
> 
>   If extra stack space is created before entering a stubcall, how can a
> stubcall finds the correct location in returnAddressLocation() for throwing
> exceptions?  It seems that extra stack space is not considered in
> returnAddressLocation().  Does the MethodJIT design never hit this situation?

If I understand the question right: On x86, the CALL instruction implicitly pushes the return address on the stack, and at the point of a call, the stack is always aligned such that ESP points to a VMFrame. But some platforms do have extra stack alignment requirements, for example Win64 requires 32 bytes of padding:

# ifdef _WIN64
    inline void** returnAddressLocation() {
        return reinterpret_cast<void**>(this) - 5;
    }

But it would be also okay to just pad the VMFrame structure itself.

> If extra stack space is created before entering a stubcall

The extra space has to be static, i.e. you can't have it on some calls and not others.
Comment 25 Chao-ying Fu 2012-01-12 16:17:47 PST
Hi David,

  The following function creates 8-byte extra stack space before entering MIPS's JaegerStubVeneer.  I guess it should be similar to x86 and arm.  The 8 bytes are specific to this case, not static.  Thanks!

Ex: (TypedArrayIC.h)
static void
GenConversionForIntArray(Assembler &masm, JSObject *tarray, const ValueRemat &
,
                         uint32_t saveMask)
{
    if (vr.isConstant()) {
        // Constants are always folded to ints up-front.
        JS_ASSERT(vr.knownType() == JSVAL_TYPE_INT32);
        return;
    }

    if (!vr.isTypeKnown() || vr.knownType() != JSVAL_TYPE_INT32) {
        // If a conversion is necessary, save registers now.
        MaybeJump checkInt32;
        if (!vr.isTypeKnown())
            checkInt32 = masm.testInt32(Assembler::Equal, vr.typeReg());

        // Store the value to convert.
        StackMarker vp = masm.allocStack(sizeof(Value), sizeof(double)); <----
        masm.storeValue(vr, masm.addressOfExtra(vp));

        // Preserve volatile registers.
        PreserveRegisters saveForCall(masm);
        saveForCall.preserve(saveMask & Registers::TempRegs);

        masm.setupABICall(Registers::FastCall, 2);
        masm.storeArg(0, masm.vmFrameOffset(offsetof(VMFrame, cx)));
        masm.storeArgAddr(1, masm.addressOfExtra(vp));

        typedef int32_t (JS_FASTCALL *Int32CxVp)(JSContext *, Value *);
        Int32CxVp stub;
        if (TypedArray::getType(tarray) == js::TypedArray::TYPE_UINT8_CLAMPED)
            stub = stubs::ConvertToTypedInt<true>;
        else
            stub = stubs::ConvertToTypedInt<false>;
        masm.callWithABI(JS_FUNC_TO_DATA_PTR(void *, stub), false);
        if (vr.dataReg() != Registers::ReturnReg)
            masm.move(Registers::ReturnReg, vr.dataReg());

        saveForCall.restore();
        masm.freeStack(vp);

        if (checkInt32.isSet())
            checkInt32.get().linkTo(masm.label(), &masm);
    }

    // Performing clamping, if needed.
    if (TypedArray::getType(tarray) == js::TypedArray::TYPE_UINT8_CLAMPED)
        masm.clampInt32ToUint8(vr.dataReg());
}


   0x2bd3a038:  addiu   sp,sp,-8 <--- Extra 8-bytes space from allocStack
   0x2bd3a03c:  sw      t7,4(sp) <--- 
   0x2bd3a040:  sw      s1,0(sp) <---
   0x2bd3a044:  lw      a0,56(sp)
   0x2bd3a048:  addiu   a1,sp,0
   0x2bd3a04c:  lui     v0,0x68
   0x2bd3a050:  ori     v0,v0,0x95c
   0x2bd3a054:  lui     t9,0x65
=> 0x2bd3a058:  ori     t9,t9,0x56a0 <---  MIPS's JaegerStubVeneer
   0x2bd3a05c:  jalr    t9
   0x2bd3a060:  nop

Regards,
Chao-ying
Comment 26 Chao-ying Fu 2012-01-12 18:19:03 PST
Created attachment 588275 [details] [diff] [review]
MIPS MethodJIT 20120112

Here is the latest patch.  Thanks!
Comment 27 David Anderson [:dvander] 2012-01-12 18:32:11 PST
(In reply to Chao-ying Fu from comment #25)
> Hi David,
> 
>   The following function creates 8-byte extra stack space before entering
> MIPS's JaegerStubVeneer.  I guess it should be similar to x86 and arm.  The
> 8 bytes are specific to this case, not static.  Thanks!

In this case, we don't actually pass a VMFrame& into the callee, so no veneer is needed :)
Comment 28 David Anderson [:dvander] 2012-01-12 19:25:22 PST
I'll check this in as soon as the tree re-opens.
Comment 29 David Anderson [:dvander] 2012-01-13 15:48:48 PST
http://hg.mozilla.org/integration/mozilla-inbound/rev/1feecb1dad1f
Comment 30 Marco Bonardo [::mak] 2012-01-14 01:47:35 PST
https://hg.mozilla.org/mozilla-central/rev/1feecb1dad1f
Comment 31 Mike Hommey [:glandium] 2012-04-26 23:11:09 PDT
(In reply to Chao-ying Fu from comment #17)
> Note 2: I didn't include atomicops_internals_mips_gcc.h (by Zhang, Le) in
> the patch.  People can get this file by searching the web.

That's very unfortunate, because now, the build fails on mips because this file is missing.

Note You need to log in before you can comment on or make changes to this bug.