192073 – [JSC] FTL should not load arguments twice for type check and use for non-full-64bit values

RESOLVED FIXED 192073

[JSC] FTL should not load arguments twice for type check and use for non-full-64bit values

https://bugs.webkit.org/show_bug.cgi?id=192073

Summary [JSC] FTL should not load arguments twice for type check and use for non-full...

Saam Barati

Reported 2018-11-28 00:21:34 PST

We end up loading the arguments twice just to have the second loads be 32-bit loads. We shouldn't have to do this. a & b are ints: ``` function foo(a, b) { return a + b; } ``` Generates: ``` 0x4c04f0c024ed: mov 0x38(%rbp), %rcx 0x4c04f0c024f1: mov $0xffff000000000000, %rax 0x4c04f0c024fb: cmp %rax, %rcx 0x4c04f0c024fe: jb 0x4c04f0c02595 0x4c04f0c02504: mov 0x30(%rbp), %rcx 0x4c04f0c02508: cmp %rax, %rcx 0x4c04f0c0250b: jb 0x4c04f0c0259f 0x4c04f0c02511: mov 0x30(%rbp), %ecx 0x4c04f0c02514: mov 0x38(%rbp), %edx 0x4c04f0c02517: add %ecx, %edx 0x4c04f0c02519: jo 0x4c04f0c025b3 0x4c04f0c0251f: add %rdx, %rax 0x4c04f0c02526: ret ```

Attachments
Add attachment proposed patch, testcase, etc.

Filip Pizlo

Comment 1 2018-11-28 07:26:40 PST

And the FTL is emitting the loads twice? This could be restated as an FTL lowering bug. But I agree that CSE should be smart enough to manufacture a Trunc on the originally loaded value.

Saam Barati

Comment 2 2019-01-20 13:05:54 PST

(In reply to Filip Pizlo from comment #1) > And the FTL is emitting the loads twice? Yeah it could, but it'd be awkward to do this in the FTL since the first loads are for proving argument types. I think it'd be nicer if B3 were just smart enough to do this.\ > > This could be restated as an FTL lowering bug. But I agree that CSE should > be smart enough to manufacture a Trunc on the originally loaded value.

Radar WebKit Bug Importer

Comment 3 2023-06-01 10:26:21 PDT

<rdar://problem/110121633>

Yusuke Suzuki

Comment 4 2023-06-01 10:29:05 PDT

Pull request: https://github.com/WebKit/WebKit/pull/14592

EWS

Comment 5 2023-06-02 18:42:26 PDT

Committed 264846@main (4b922ed02257): <https://commits.webkit.org/264846@main> Reviewed commits have been landed. Closing PR #14592 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component JavaScriptCore

Assignee

Yusuke Suzuki

Reported

2018-11-28 00:21 PST

Modified

2023-06-02 18:42 PDT History

CC List

11 users Show

URL

Keywords InRadar

Depends on

Blocks