AirIRGenerator::addSwitch switch patchpoint needs to model clobbering the scratch...
authorsbarati@apple.com <sbarati@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 13 Feb 2019 22:36:36 +0000 (22:36 +0000)
committersbarati@apple.com <sbarati@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 13 Feb 2019 22:36:36 +0000 (22:36 +0000)
https://bugs.webkit.org/show_bug.cgi?id=194610

Reviewed by Michael Saboff.

BinarySwitch might use the scratch register. We must model the
effects of that properly. This is already caught by our br-table
tests on arm64.

* wasm/WasmAirIRGenerator.cpp:
(JSC::Wasm::AirIRGenerator::addSwitch):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241475 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/wasm/WasmAirIRGenerator.cpp

index e2a9f0c..1c8a376 100644 (file)
@@ -1,3 +1,17 @@
+2019-02-13  Saam Barati  <sbarati@apple.com>
+
+        AirIRGenerator::addSwitch switch patchpoint needs to model clobbering the scratch register
+        https://bugs.webkit.org/show_bug.cgi?id=194610
+
+        Reviewed by Michael Saboff.
+
+        BinarySwitch might use the scratch register. We must model the
+        effects of that properly. This is already caught by our br-table
+        tests on arm64.
+
+        * wasm/WasmAirIRGenerator.cpp:
+        (JSC::Wasm::AirIRGenerator::addSwitch):
+
 2019-02-13  Mark Lam  <mark.lam@apple.com>
 
         Create a randomized free list for new StructureIDs on StructureIDTable resize.
index 127b0ca..e3d48b5 100644 (file)
@@ -1544,8 +1544,11 @@ auto AirIRGenerator::addSwitch(ExpressionType condition, const Vector<ControlDat
     auto* patchpoint = addPatchpoint(B3::Void);
     patchpoint->effects = B3::Effects::none();
     patchpoint->effects.terminal = true;
+    patchpoint->clobber(RegisterSet::macroScratchRegisters());
 
     patchpoint->setGenerator([=] (CCallHelpers& jit, const B3::StackmapGenerationParams& params) {
+        AllowMacroScratchRegisterUsage allowScratch(jit);
+
         Vector<int64_t> cases;
         cases.reserveInitialCapacity(numTargets);
         for (size_t i = 0; i < numTargets; ++i)