RESOLVED FIXED 238018
[JSC] Add DoNotHaveTagRegisters mode to unboxDouble 
https://bugs.webkit.org/show_bug.cgi?id=238018
Summary [JSC] Add DoNotHaveTagRegisters mode to unboxDouble
Xan Lopez
Reported 2022-03-17 03:33:31 PDT
This allows us to use it in WebAssembly and get rid of some duplicated code.
Attachments
v1 (4.59 KB, patch)
2022-03-17 03:35 PDT, Xan Lopez 		ysuzuki: review+
ews-feeder: commit-queue-
DetailsFormatted DiffDiff
v2 (5.52 KB, patch)
2022-03-23 04:57 PDT, Xan Lopez 		ews-feeder: commit-queue-
DetailsFormatted DiffDiff
v3 (4.50 KB, patch)
2022-04-05 00:06 PDT, Xan Lopez 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Xan Lopez
Comment 1 2022-03-17 03:35:05 PDT
Created attachment 454950 [details] v1
Radar WebKit Bug Importer
Comment 2 2022-03-22 09:10:10 PDT
<rdar://problem/90639371>
Yusuke Suzuki
Comment 3 2022-03-22 13:42:20 PDT
Comment on attachment 454950 [details] v1 View in context: https://bugs.webkit.org/attachment.cgi?id=454950&action=review r=me with comment. > Source/JavaScriptCore/jit/AssemblyHelpers.h:1386 > + GPRReg scratch = scratchRegister(); > + move(TrustedImm64(JSValue::NumberTag), scratch); > + add64(scratch, gpr, resultGPR); I think we should not use scratchRegister() in AssemblyHelpers if possible. Can you instead add, void MacroAssembler::add64(TrustedImm64, GPRReg, GPRReg) function and use it instead here? And inside add64, we can use scratchRegister.
Xan Lopez
Comment 4 2022-03-23 04:57:29 PDT
Created attachment 455489 [details] v2
EWS
Comment 5 2022-03-23 07:14:04 PDT
Committed r291745 (248777@main): <https://commits.webkit.org/248777@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 455489 [details].
WebKit Commit Bot
Comment 7 2022-03-25 16:33:17 PDT
Re-opened since this is blocked by bug 238399
Yusuke Suzuki
Comment 8 2022-03-26 01:05:18 PDT
Comment on attachment 455489 [details] v2 View in context: https://bugs.webkit.org/attachment.cgi?id=455489&action=review > Source/JavaScriptCore/wasm/js/WasmToJS.cpp:331 > - jit.move(JIT::TrustedImm64(JSValue::NumberTag), GPRInfo::returnValueGPR2); > - jit.add64(GPRInfo::returnValueGPR2, GPRInfo::returnValueGPR); > - jit.move64ToDouble(GPRInfo::returnValueGPR, dest); > + jit.unboxDouble(GPRInfo::returnValueGPR, GPRInfo::returnValueGPR2, dest, DoNotHaveTagRegisters); At this point, we cannot use scratchRegister().
Xan Lopez
Comment 9 2022-04-05 00:06:31 PDT
Created attachment 456676 [details] v3 Do not use a scratch register as suggested. This was not enough to get rid of the crash, it turned out the assertion in the vanilla unboxDouble call was at fault. So I'm using the WithoutAssertions call, which makes this patch 100% equivalent to the old code (literally just moving the identical lines to a common method). Not sure if the extra assertion is uncovering a bug/issue or if we were being too strict without motive, though.
Yusuke Suzuki
Comment 10 2022-04-06 01:21:51 PDT
Comment on attachment 456676 [details] v3 r=me
EWS
Comment 11 2022-04-06 03:14:42 PDT
Committed r292457 (249308@main): <https://commits.webkit.org/249308@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 456676 [details].
Note You need to log in before you can comment on or make changes to this bug.