Bug 160288

Summary: [ARM] Typo fix after r121885
Product: WebKit Reporter: Csaba Osztrogonác <ossy>
Component: JavaScriptCoreAssignee: Csaba Osztrogonác <ossy>
Status: RESOLVED FIXED    
Severity: Critical CC: commit-queue, fpizlo, ggaren, keith_miller, mark.lam, msaboff, ossy, saam, zherczeg
Priority: P1    
Version: Other   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 108645, 90198    
Attachments:
Description Flags
Patch none

Description Csaba Osztrogonác 2016-07-28 02:52:30 PDT 
Almost all tests started to assert and crash after https://trac.webkit.org/changeset/203786 
with ARM instruction set.

cdjs-tests.yaml/main.js.default: ASSERTION FAILED: static_cast<ptrdiff_t>(inlineSize) <= MacroAssembler::maxJumpReplacementSize()
cdjs-tests.yaml/main.js.default: ../../Source/JavaScriptCore/jit/JITMathIC.h(81) : bool JSC::JITMathIC<Generator>::generateInline(JSC::CCallHelpers&, JSC::MahICGenerationState&, bool) [with GeneratorType = JSC::JITAddGenerator]
cdjs-tests.yaml/main.js.default: 1   0x41b81798 WTFCrash
cdjs-tests.yaml/main.js.default: 2   0x4145a4b8 JSC::JITMathIC<JSC::JITAddGenerator>::generateInline(JSC::CCallHelpers&, JSC::MathICGenerationState&, bool)
cdjs-tests.yaml/main.js.default: 3   0x4165d148 void JSC::JIT::emitMathICFast<JSC::JITAddGenerator, long long (*)(JSC::ExecState*, long long, long long, JSC:ArithProfile*), long long (*)(JSC::ExecState*, long long, long long)>(JSC::JITMathIC<JSC::JITAddGenerator>*, JSC::Instruction*, long long (*)(JSC::ExecState* long long, long long, JSC::ArithProfile*), long long (*)(JSC::ExecState*, long long, long long))
cdjs-tests.yaml/main.js.default: 4   0x4165a340 JSC::JIT::emit_op_add(JSC::Instruction*)
cdjs-tests.yaml/main.js.default: 5   0x416488a8 JSC::JIT::privateCompileMainPass()
cdjs-tests.yaml/main.js.default: 6   0x4164ba00 JSC::JIT::compileWithoutLinking(JSC::JITCompilationEffort)
cdjs-tests.yaml/main.js.default: 7   0x416aa570 JSC::JITWorklist::Plan::compileInThread()
cdjs-tests.yaml/main.js.default: 8   0x416aa8e0 JSC::JITWorklist::Plan::compileNow(JSC::CodeBlock*)
cdjs-tests.yaml/main.js.default: 9   0x416a9054 JSC::JITWorklist::compileLater(JSC::CodeBlock*)
cdjs-tests.yaml/main.js.default: 10  0x416d4d6c JSC::LLInt::jitCompileAndSetHeuristics(JSC::CodeBlock*, JSC::ExecState*)
cdjs-tests.yaml/main.js.default: 11  0x416c9e3c
cdjs-tests.yaml/main.js.default: Illegal instruction
cdjs-tests.yaml/main.js.default: ERROR: Unexpected exit code: 132
Comment 1 Csaba Osztrogonác 2016-07-28 03:06:50 PDT 
inlineSize = 4
MacroAssembler::maxJumpReplacementSize() = 2
Comment 2 Csaba Osztrogonác 2016-07-28 04:28:39 PDT 
(In reply to comment #1)
> inlineSize = 4
> MacroAssembler::maxJumpReplacementSize() = 2

No, MacroAssembler::maxJumpReplacementSize() = 0.
It is a 4 years old typo - https://trac.webkit.org/changeset/121885/trunk/Source/JavaScriptCore/assembler/MacroAssemblerARM.h

It's strange that we didn't use maxJumpReplacementSize() for anything in 4 years.
Comment 3 Csaba Osztrogonác 2016-07-28 04:32:36 PDT 
Created attachment 284777 [details]
Patch
Comment 4 Zoltan Herczeg 2016-07-28 04:39:32 PDT 
Comment on attachment 284777 [details]
Patch

Nice catch!
Comment 5 WebKit Commit Bot 2016-07-28 05:08:40 PDT 
Comment on attachment 284777 [details]
Patch

Clearing flags on attachment: 284777

Committed r203817: <http://trac.webkit.org/changeset/203817>
Comment 6 WebKit Commit Bot 2016-07-28 05:08:45 PDT 
All reviewed patches have been landed.  Closing bug.