207849 – [Wasm] REGRESSION(r256665): Wasm->JS call IC needs to save memory size register

RESOLVED FIXED Bug 207849

[Wasm] REGRESSION(r256665): Wasm->JS call IC needs to save memory size register

https://bugs.webkit.org/show_bug.cgi?id=207849

Summary [Wasm] REGRESSION(r256665): Wasm->JS call IC needs to save memory size register

Tadeu Zagallo

Reported 2020-02-17 11:12:05 PST

...

Attachments
Patch (3.23 KB, patch) 2020-02-17 11:16 PST, Tadeu Zagallo	no flags	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Tadeu Zagallo

Comment 1 2020-02-17 11:16:58 PST

Created attachment 390944 [details] Patch

Tadeu Zagallo

Comment 2 2020-02-17 11:19:01 PST

<rdar://problem/59504154>

Mark Lam

Comment 3 2020-02-17 11:54:07 PST

Comment on attachment 390944 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=390944&action=review > Source/JavaScriptCore/wasm/js/WebAssemblyFunction.cpp:165 > + // Pessimistically save callee saves in BoundsChecking mode since the LLInt always bounds checks > + return Wasm::PinnedRegisterInfo::get().toSave(Wasm::MemoryMode::BoundsChecking); When would we ever not want to save the sizeRegister? Why not get rid of the memoryMode condition and always save the register? From gripping the code, I don't see a case where toSave() is ever called with anything other than MemoryMode::BoundsChecking.

Mark Lam

Comment 4 2020-02-17 11:57:36 PST

(In reply to Mark Lam from comment #3) > > Source/JavaScriptCore/wasm/js/WebAssemblyFunction.cpp:165 > > + // Pessimistically save callee saves in BoundsChecking mode since the LLInt always bounds checks > > + return Wasm::PinnedRegisterInfo::get().toSave(Wasm::MemoryMode::BoundsChecking); > > When would we ever not want to save the sizeRegister? Why not get rid of > the memoryMode condition and always save the register? From gripping the > code, I don't see a case where toSave() is ever called with anything other > than MemoryMode::BoundsChecking. /gripping/grepping/

Mark Lam

Comment 5 2020-02-17 12:42:25 PST

Comment on attachment 390944 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=390944&action=review r=me >> Source/JavaScriptCore/wasm/js/WebAssemblyFunction.cpp:165 >> + return Wasm::PinnedRegisterInfo::get().toSave(Wasm::MemoryMode::BoundsChecking); > > When would we ever not want to save the sizeRegister? Why not get rid of the memoryMode condition and always save the register? From gripping the code, I don't see a case where toSave() is ever called with anything other than MemoryMode::BoundsChecking. I'm wrong, there's still one place where we may not pass MemoryMode::BoundsChecking.

Tadeu Zagallo

Comment 6 2020-02-17 13:15:14 PST

*** Bug 207843 has been marked as a duplicate of this bug. ***

WebKit Commit Bot

Comment 7 2020-02-17 13:24:18 PST

Comment on attachment 390944 [details] Patch Clearing flags on attachment: 390944 Committed r256766: <https://trac.webkit.org/changeset/256766>

WebKit Commit Bot

Comment 8 2020-02-17 13:24:19 PST

All reviewed patches have been landed. Closing bug.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component JavaScriptCore

Assignee

Tadeu Zagallo

Reported

2020-02-17 11:12 PST

Modified

2020-02-17 13:24 PST History

CC List

8 users Show

URL

Keywords InRadar

Duplicates (1)

207843 View as bug list

Depends on

Blocks