Bug 126043

Summary: Arity check slow path should ensure that when we return, we restore SP back to what the caller expects
Product: WebKit Reporter: Filip Pizlo <fpizlo>
Component: JavaScriptCoreAssignee: Filip Pizlo <fpizlo>
Status: RESOLVED FIXED    
Severity: Normal CC: barraclough, ggaren, mark.lam, mhahnenberg, msaboff, oliver, sam
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Bug Depends on:    
Bug Blocks: 113621    
Attachments:
Description Flags
it begins
none
it takes shape
none
it runs things
none
LLInt starting to work
none
the patch ggaren: review+

Filip Pizlo
Reported 2013-12-19 19:57:01 PST
Patch forthcoming. Test case: function bar(a,b,c,d,e,f,g,h,i,j,k) { } noInline(bar); for (var i = 0; i < 10000000; ++i) bar();
Attachments
it begins (7.10 KB, patch)
2013-12-19 20:42 PST, Filip Pizlo 		no flags
DetailsFormatted DiffDiff
it takes shape (11.11 KB, patch)
2013-12-19 21:26 PST, Filip Pizlo 		no flags
DetailsFormatted DiffDiff
it runs things (32.58 KB, patch)
2013-12-20 00:55 PST, Filip Pizlo 		no flags
DetailsFormatted DiffDiff
LLInt starting to work (44.97 KB, patch)
2013-12-20 02:02 PST, Filip Pizlo 		no flags
DetailsFormatted DiffDiff
the patch (49.92 KB, patch)
2013-12-20 15:22 PST, Filip Pizlo 		ggaren: review+
DetailsFormatted DiffDiff
Show Obsolete (4) View All Add attachment proposed patch, testcase, etc.
Filip Pizlo
Comment 1 2013-12-19 20:42:43 PST
Created attachment 219723 [details] it begins
Filip Pizlo
Comment 2 2013-12-19 21:26:14 PST
Created attachment 219729 [details] it takes shape
Filip Pizlo
Comment 3 2013-12-19 21:28:02 PST
(In reply to comment #2) > Created an attachment (id=219729) [details] > it takes shape What remains: - Do the same thing in FTL & DFG that I'm doing in the baseline JIT. - Port to 32-bit. - Make it work in LLInt's copy loop.
Filip Pizlo
Comment 4 2013-12-20 00:55:42 PST
Created attachment 219739 [details] it runs things Still need to do: - LLInt - 32-bit
Filip Pizlo
Comment 5 2013-12-20 02:02:22 PST
Created attachment 219742 [details] LLInt starting to work
Filip Pizlo
Comment 6 2013-12-20 15:22:38 PST
Created attachment 219803 [details] the patch Still need to do 32-bit. But, I don't think I can even test 32-bit right now. Porting it would be easy if I could test.
Filip Pizlo
Comment 7 2013-12-20 15:34:57 PST
64-bit parts landed in http://trac.webkit.org/changeset/160936
Geoffrey Garen
Comment 8 2014-01-14 14:44:15 PST
Comment on attachment 219803 [details] the patch r=me
Note You need to log in before you can comment on or make changes to this bug.