Bug 228538 - [ARM64] Add Pre/Post-Indexed Address Mode to Air for ARM64 (Store Instruction)
Summary: [ARM64] Add Pre/Post-Indexed Address Mode to Air for ARM64 (Store Instruction)
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Yijia Huang
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2021-07-27 23:52 PDT by Yijia Huang
Modified: 2021-08-16 18:59 PDT (History)
8 users (show)

See Also:

Attachments
Patch (46.95 KB, patch)
2021-07-28 00:04 PDT, Yijia Huang 		no flags Details | Formatted Diff | Diff
Patch (21.30 KB, patch)
2021-08-01 19:23 PDT, Yijia Huang 		no flags Details | Formatted Diff | Diff
Patch (21.20 KB, patch)
2021-08-02 10:52 PDT, Yijia Huang 		no flags Details | Formatted Diff | Diff
Patch (22.01 KB, patch)
2021-08-02 15:09 PDT, Yijia Huang 		no flags Details | Formatted Diff | Diff
Patch (18.59 KB, patch)
2021-08-02 22:49 PDT, Yijia Huang 		no flags Details | Formatted Diff | Diff
Patch (22.66 KB, patch)
2021-08-02 23:41 PDT, Yijia Huang 		no flags Details | Formatted Diff | Diff
Patch (24.61 KB, patch)
2021-08-06 00:33 PDT, Yijia Huang 		no flags Details | Formatted Diff | Diff
Patch (24.57 KB, patch)
2021-08-07 02:37 PDT, Yijia Huang 		no flags Details | Formatted Diff | Diff
Patch (23.80 KB, patch)
2021-08-09 20:18 PDT, Yijia Huang 		no flags Details | Formatted Diff | Diff
Patch (23.86 KB, patch)
2021-08-10 08:47 PDT, Yijia Huang 		no flags Details | Formatted Diff | Diff
Show Obsolete (9) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Yijia Huang 2021-07-27 23:52:36 PDT 
...
Comment 1 Yijia Huang 2021-07-28 00:04:44 PDT 
Created attachment 434407 [details]
Patch
Comment 2 Yijia Huang 2021-08-01 19:23:27 PDT 
Created attachment 434731 [details]
Patch
Comment 3 Yijia Huang 2021-08-02 10:52:30 PDT 
Created attachment 434769 [details]
Patch
Comment 4 Yijia Huang 2021-08-02 15:09:46 PDT 
Created attachment 434792 [details]
Patch
Comment 5 Yijia Huang 2021-08-02 22:49:17 PDT 
Created attachment 434818 [details]
Patch
Comment 6 Yijia Huang 2021-08-02 23:41:16 PDT 
Created attachment 434820 [details]
Patch
Comment 7 Radar WebKit Bug Importer 2021-08-03 23:53:16 PDT 
<rdar://problem/81500926>
Comment 8 Yijia Huang 2021-08-06 00:33:13 PDT 
Created attachment 435056 [details]
Patch
Comment 9 Saam Barati 2021-08-06 12:08:44 PDT 
Comment on attachment 434820 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=434820&action=review

> Source/JavaScriptCore/ChangeLog:9
> +        , which benefits loop program. Here, this patch adds the corresponding mode for Store

this comma should be on the previous line
Comment 10 Yijia Huang 2021-08-07 02:37:22 PDT 
Created attachment 435124 [details]
Patch
Comment 11 Yijia Huang 2021-08-09 20:18:40 PDT 
Created attachment 435238 [details]
Patch
Comment 12 Yijia Huang 2021-08-10 08:47:19 PDT 
Created attachment 435261 [details]
Patch
Comment 13 EWS 2021-08-15 10:41:10 PDT 
Committed r281062 (240524@main): <https://commits.webkit.org/240524@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 435261 [details].
Comment 14 Saam Barati 2021-08-16 18:59:00 PDT 
Comment on attachment 435261 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=435261&action=review

> Source/JavaScriptCore/b3/B3CanonicalizePrePostIncrements.cpp:103
> +            //     memory = Store(value, base, offset)

I don't understand this comment since we're skipping things with offsets below.

> Source/JavaScriptCore/b3/B3CanonicalizePrePostIncrements.cpp:112
> +                if (memory->child(0)->hasInt() || memory->offset())

Why do we care about "memory->child(0)->hasInt()" here? Doesn't that just mean that we're storing a constant?

> Source/JavaScriptCore/b3/B3CanonicalizePrePostIncrements.cpp:145
> +            tryAddpostIndexCandidates();

I think the "p" should be capitalized here

> Source/JavaScriptCore/b3/B3CanonicalizePrePostIncrements.cpp:165
> +    // This search is expensive. However, due to the greedy pattern
> +    // matching, no better method can be proposed at present.

I don't get this comment. We know what items we look up here. We also know their index when we are traversing the basic block. We could easily keep a table of these records (e.g, when we see an add, keep a table of add/memory->index in block)

> Source/JavaScriptCore/b3/B3CanonicalizePrePostIncrements.cpp:173
>          return index;

If we don't do above, this should be a RELEASE_ASSERT_NOT_REACHED, and the index value can be local to the block it's in.

> Source/JavaScriptCore/b3/B3CanonicalizePrePostIncrements.cpp:184
> +        // address = Add(base, offset)       address = Add(base, offset)
> +        // ...                          -->  newMemory = Load(base, offset)
> +        // ...                               ...
> +        // memory = Load(base, offset)       memory = Identity(newMemory)

This looks super wrong. What if the "..." contains a store to a memory location that aliases? Moving the load above the store is semantically incorrect because it's not identical to the behavior of the original program.