Fix failing ARM64E wasm tests
authorkeith_miller@apple.com <keith_miller@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 30 Apr 2019 17:57:48 +0000 (17:57 +0000)
committerkeith_miller@apple.com <keith_miller@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 30 Apr 2019 17:57:48 +0000 (17:57 +0000)
https://bugs.webkit.org/show_bug.cgi?id=197420

Reviewed by Saam Barati.

This patch fixes a bug in the slow path of our JS->Wasm IC bridge
where we wouldn't untag the link register before tail calling.

Additionally, this patch fixes a broken assert when using setting
Options::useTailCalls=false.

* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitCallForwardArgumentsInTailPosition):
* wasm/js/WebAssemblyFunction.cpp:
(JSC::WebAssemblyFunction::jsCallEntrypointSlow):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244783 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp
Source/JavaScriptCore/wasm/js/WebAssemblyFunction.cpp

index 3247ca1..0f42be5 100644 (file)
@@ -1,3 +1,21 @@
+2019-04-30  Keith Miller  <keith_miller@apple.com>
+
+        Fix failing ARM64E wasm tests
+        https://bugs.webkit.org/show_bug.cgi?id=197420
+
+        Reviewed by Saam Barati.
+
+        This patch fixes a bug in the slow path of our JS->Wasm IC bridge
+        where we wouldn't untag the link register before tail calling.
+
+        Additionally, this patch fixes a broken assert when using setting
+        Options::useTailCalls=false.
+
+        * bytecompiler/BytecodeGenerator.cpp:
+        (JSC::BytecodeGenerator::emitCallForwardArgumentsInTailPosition):
+        * wasm/js/WebAssemblyFunction.cpp:
+        (JSC::WebAssemblyFunction::jsCallEntrypointSlow):
+
 2019-04-29  Saam Barati  <sbarati@apple.com>
 
         Make JITType an enum class
 2019-04-29  Saam Barati  <sbarati@apple.com>
 
         Make JITType an enum class
index ba9b815..872ba03 100644 (file)
@@ -3285,7 +3285,8 @@ RegisterID* BytecodeGenerator::emitConstructVarargs(RegisterID* dst, RegisterID*
 
 RegisterID* BytecodeGenerator::emitCallForwardArgumentsInTailPosition(RegisterID* dst, RegisterID* func, RegisterID* thisRegister, RegisterID* firstFreeRegister, int32_t firstVarArgOffset, const JSTextPosition& divot, const JSTextPosition& divotStart, const JSTextPosition& divotEnd, DebuggableCall debuggableCall)
 {
 
 RegisterID* BytecodeGenerator::emitCallForwardArgumentsInTailPosition(RegisterID* dst, RegisterID* func, RegisterID* thisRegister, RegisterID* firstFreeRegister, int32_t firstVarArgOffset, const JSTextPosition& divot, const JSTextPosition& divotStart, const JSTextPosition& divotEnd, DebuggableCall debuggableCall)
 {
-    ASSERT(m_inTailPosition);
+    // We must emit a tail call here because we did not allocate an arguments object thus we would otherwise have no way to correctly make this call.
+    ASSERT(m_inTailPosition || !Options::useTailCalls());
     return emitCallVarargs<OpTailCallForwardArguments>(dst, func, thisRegister, nullptr, firstFreeRegister, firstVarArgOffset, divot, divotStart, divotEnd, debuggableCall);
 }
     
     return emitCallVarargs<OpTailCallForwardArguments>(dst, func, thisRegister, nullptr, firstFreeRegister, firstVarArgOffset, divot, divotStart, divotEnd, debuggableCall);
 }
     
index 02ef41e..8f6e56d 100644 (file)
@@ -470,6 +470,9 @@ MacroAssemblerCodePtr<JSEntryPtrTag> WebAssemblyFunction::jsCallEntrypointSlow()
     emitRestoreCalleeSaves();
     jit.move(CCallHelpers::TrustedImmPtr(this), GPRInfo::regT0);
     jit.emitFunctionEpilogue();
     emitRestoreCalleeSaves();
     jit.move(CCallHelpers::TrustedImmPtr(this), GPRInfo::regT0);
     jit.emitFunctionEpilogue();
+#if CPU(ARM64E)
+    jit.untagPtr(MacroAssembler::linkRegister, MacroAssembler::stackPointerRegister);
+#endif
     auto jumpToHostCallThunk = jit.jump();
 
     LinkBuffer linkBuffer(jit, nullptr, JITCompilationCanFail);
     auto jumpToHostCallThunk = jit.jump();
 
     LinkBuffer linkBuffer(jit, nullptr, JITCompilationCanFail);