Closed
Bug 951668
Opened 12 years ago
Closed 12 years ago
IonMonkey: Clean-up: Use AfterICSaveLive for enterFakeExitFrame and icRestoreLive.
Categories
(Core :: JavaScript Engine, defect)
Core
JavaScript Engine
Tracking
()
RESOLVED
FIXED
mozilla29
People
(Reporter: nbp, Assigned: nbp)
References
Details
(Whiteboard: [qa-])
Attachments
(3 files)
|
6.76 KB,
patch
|
efaust
:
review+
|
Details | Diff | Splinter Review |
|
11.00 KB,
patch
|
efaust
:
review+
|
Details | Diff | Splinter Review |
|
24.96 KB,
patch
|
efaust
:
review+
|
Details | Diff | Splinter Review |
This follow what has been done in Bug 900285, the idea is to:
- fold the buildFakeExitFrame with the enterFakeExitFrame
- replace masm.PopRegsInMask(liveRegs) by icRestoreLive(aic)
Also icRestoreLive should ensure that we pushed by expecting the phantom type (AfterICSaveLive) as argument, and modify it in debug builds to ensure that no fake exit frame can be called after the icRestoreLive.
|
Assignee | |
Comment 1•12 years ago
|
||
I will make multiple patches to simplify the review as there is a clear pattern which appear for all C++ calls made within the IonCaches. After multiple iterations, I even think that we should be able to abstract it with some kind of icCallVM which is inlining the function call.
|
|
Assignee | |
Updated•12 years ago
|
Assignee: nobody → nicolas.b.pierron
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 2•12 years ago
|
||
- Move the adjustStack to be near callWithABI, as this is where it make sense.
- Change the way we extract the result to avoid using the JSReturnReg when we can move things directly to the output Typed/Value register.
Attachment #8349486 -
Flags: review?(efaustbmo)
|
|
Assignee | |
Comment 3•12 years ago
|
||
- Use icRestoreLive
- Move the stack assertion into icRestoreLive.
Attachment #8349487 -
Flags: review?(efaustbmo)
|
|
Assignee | |
Comment 4•12 years ago
|
||
Prevent frame descriptor errors by always using the same MacroAssembler initialization pattern.
Attachment #8349491 -
Flags: review?(efaustbmo)
|
||
Comment 5•12 years ago
|
||
Comment on attachment 8349491 [details] [diff] [review]
bug951668-setFramePushed-implicit.patch
Review of attachment 8349491 [details] [diff] [review]:
-----------------------------------------------------------------
This is much needed. It will relieve many fears. Thanks for doing this.
Attachment #8349491 -
Flags: review?(efaustbmo) → review+
|
|
||
Comment 6•12 years ago
|
||
Comment on attachment 8349487 [details] [diff] [review]
bug951668-use-icRestoreLive.patch
Review of attachment 8349487 [details] [diff] [review]:
-----------------------------------------------------------------
Nice. A cute use of AfterICSaveLive. r=me
Attachment #8349487 -
Flags: review?(efaustbmo) → review+
|
|
||
Comment 7•12 years ago
|
||
Comment on attachment 8349486 [details] [diff] [review]
bug951668-group-leave-exit-frame.patch
Review of attachment 8349486 [details] [diff] [review]:
-----------------------------------------------------------------
Good. r=me with the mistaken offset fixed.
::: js/src/jit/IonCaches.cpp
@@ +910,5 @@
> // Test for failure.
> masm.branchIfFalseBool(ReturnReg, masm.exceptionLabel());
>
> // Load the outparam vp[0] into output register(s).
> + Address outparam(StackPointer, IonOOLPropertyOpExitFrameLayout::offsetOfResult());
Should read from IonOOLNativeExitFrameLazyout::offsetOfResult()
@@ +970,1 @@
> JS_ASSERT(masm.framePushed() == initialStack);
nit: should this also move and be duplicated in both branches? OIt seems like I want that assertion close to the thing that makes it true. Even reviewing this, I went back to look for it in both branches.
Attachment #8349486 -
Flags: review?(efaustbmo) → review+
|
|
Assignee | |
Comment 8•12 years ago
|
||
(In reply to Eric Faust [:efaust] from comment #7)
> Comment on attachment 8349486 [details] [diff] [review]
> bug951668-group-leave-exit-frame.patch
>
> Review of attachment 8349486 [details] [diff] [review]:
> -----------------------------------------------------------------
>
> Good. r=me with the mistaken offset fixed.
>
> ::: js/src/jit/IonCaches.cpp
> @@ +910,5 @@
> > // Test for failure.
> > masm.branchIfFalseBool(ReturnReg, masm.exceptionLabel());
> >
> > // Load the outparam vp[0] into output register(s).
> > + Address outparam(StackPointer, IonOOLPropertyOpExitFrameLayout::offsetOfResult());
>
> Should read from IonOOLNativeExitFrameLazyout::offsetOfResult()
Good catch :)
> @@ +970,1 @@
> > JS_ASSERT(masm.framePushed() == initialStack);
>
> nit: should this also move and be duplicated in both branches? OIt seems
> like I want that assertion close to the thing that makes it true. Even
> reviewing this, I went back to look for it in both branches.
True, we should do the same thing when we abstract the call logic later. In the mean time, looking at when initialStack was taken, this is related to the PopRegsInMask, which is the reason why I moved it into icRestoreLive.
|
|
Assignee | |
Comment 9•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/208094b94589
https://hg.mozilla.org/mozilla-central/rev/1c09e7f144b4
https://hg.mozilla.org/mozilla-central/rev/49f4fd358fa1
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla29
|
||
Updated•12 years ago
|
Whiteboard: [qa-]
You need to log in
before you can comment on or make changes to this bug.
Description
•