Bug 160288 - [ARM] Typo fix after r121885
Summary: [ARM] Typo fix after r121885
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: Other
Hardware: Unspecified Unspecified
: P1 Critical
Assignee: Csaba Osztrogonác
URL:
Keywords:
Depends on:
Blocks: 108645 90198
  Show dependency treegraph
 
Reported: 2016-07-28 02:52 PDT by Csaba Osztrogonác
Modified: 2016-07-28 20:57 PDT (History)
9 users (show)

See Also:

Attachments
Patch (1.40 KB, patch)
2016-07-28 04:32 PDT, Csaba Osztrogonác 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Csaba Osztrogonác 2016-07-28 02:52:30 PDT 
Almost all tests started to assert and crash after https://trac.webkit.org/changeset/203786 
with ARM instruction set.

cdjs-tests.yaml/main.js.default: ASSERTION FAILED: static_cast<ptrdiff_t>(inlineSize) <= MacroAssembler::maxJumpReplacementSize()
cdjs-tests.yaml/main.js.default: ../../Source/JavaScriptCore/jit/JITMathIC.h(81) : bool JSC::JITMathIC<Generator>::generateInline(JSC::CCallHelpers&, JSC::MahICGenerationState&, bool) [with GeneratorType = JSC::JITAddGenerator]
cdjs-tests.yaml/main.js.default: 1   0x41b81798 WTFCrash
cdjs-tests.yaml/main.js.default: 2   0x4145a4b8 JSC::JITMathIC<JSC::JITAddGenerator>::generateInline(JSC::CCallHelpers&, JSC::MathICGenerationState&, bool)
cdjs-tests.yaml/main.js.default: 3   0x4165d148 void JSC::JIT::emitMathICFast<JSC::JITAddGenerator, long long (*)(JSC::ExecState*, long long, long long, JSC:ArithProfile*), long long (*)(JSC::ExecState*, long long, long long)>(JSC::JITMathIC<JSC::JITAddGenerator>*, JSC::Instruction*, long long (*)(JSC::ExecState* long long, long long, JSC::ArithProfile*), long long (*)(JSC::ExecState*, long long, long long))
cdjs-tests.yaml/main.js.default: 4   0x4165a340 JSC::JIT::emit_op_add(JSC::Instruction*)
cdjs-tests.yaml/main.js.default: 5   0x416488a8 JSC::JIT::privateCompileMainPass()
cdjs-tests.yaml/main.js.default: 6   0x4164ba00 JSC::JIT::compileWithoutLinking(JSC::JITCompilationEffort)
cdjs-tests.yaml/main.js.default: 7   0x416aa570 JSC::JITWorklist::Plan::compileInThread()
cdjs-tests.yaml/main.js.default: 8   0x416aa8e0 JSC::JITWorklist::Plan::compileNow(JSC::CodeBlock*)
cdjs-tests.yaml/main.js.default: 9   0x416a9054 JSC::JITWorklist::compileLater(JSC::CodeBlock*)
cdjs-tests.yaml/main.js.default: 10  0x416d4d6c JSC::LLInt::jitCompileAndSetHeuristics(JSC::CodeBlock*, JSC::ExecState*)
cdjs-tests.yaml/main.js.default: 11  0x416c9e3c
cdjs-tests.yaml/main.js.default: Illegal instruction
cdjs-tests.yaml/main.js.default: ERROR: Unexpected exit code: 132
Comment 1 Csaba Osztrogonác 2016-07-28 03:06:50 PDT 
inlineSize = 4
MacroAssembler::maxJumpReplacementSize() = 2
Comment 2 Csaba Osztrogonác 2016-07-28 04:28:39 PDT 
(In reply to comment #1)
> inlineSize = 4
> MacroAssembler::maxJumpReplacementSize() = 2

No, MacroAssembler::maxJumpReplacementSize() = 0.
It is a 4 years old typo - https://trac.webkit.org/changeset/121885/trunk/Source/JavaScriptCore/assembler/MacroAssemblerARM.h

It's strange that we didn't use maxJumpReplacementSize() for anything in 4 years.
Comment 3 Csaba Osztrogonác 2016-07-28 04:32:36 PDT 
Created attachment 284777 [details]
Patch
Comment 4 Zoltan Herczeg 2016-07-28 04:39:32 PDT 
Comment on attachment 284777 [details]
Patch

Nice catch!
Comment 5 WebKit Commit Bot 2016-07-28 05:08:40 PDT 
Comment on attachment 284777 [details]
Patch

Clearing flags on attachment: 284777

Committed r203817: <http://trac.webkit.org/changeset/203817>
Comment 6 WebKit Commit Bot 2016-07-28 05:08:45 PDT 
All reviewed patches have been landed.  Closing bug.