[JSC][MIPS] Adding support to Checkpoints
https://bugs.webkit.org/show_bug.cgi?id=208196
Reviewed by Yusuke Suzuki.
JSTests:
* microbenchmarks/memcpy-typed-loop.js:
Source/JavaScriptCore:
This patch is adding changes to properly support OSR to
checkpoints on MIPS. It required fixes on JIT probe and some
adjustment on Offlineasm to correct generate `$gp` load when executing
`checkpoint_osr_exit_from_inlined_call_trampoline`.
* assembler/MacroAssemblerMIPS.cpp:
Probe trampoline needs to allocate 16 bytes for 4 arguments to
properly follow C calling conventions. This space is used by callee
when the JSC is compiled with `-O0` flags
(Check "DEFAULT C CALLING CONVENTION (O32)" section on
https://www.mips.com/downloads/mips32-instruction-set-quick-reference-v1-01).
* llint/LowLevelInterpreter.asm:
As we need to do on ARMv7, 64-bits arguments needs to be passed in
register pairs `$a1:$a0` or `$a3:$a2` (little-endian mode). Since `$a0`
contais `CallFrame*`, we need to pass `EncodedJSValue` on `$a3:$a2`
pair.
* offlineasm/mips.rb:
Following the same reason for return locations on OSR to LLInt, we
need to adjust `$gp` using `$ra` instead of `$t9` on
`checkpoint_osr_exit_from_inlined_call_trampoline`, given it is only
reachable through `ret` operations. For detailed explanation, check
ChangeLog of https://trac.webkit.org/changeset/252713.
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@257466 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/JSTests/ChangeLog b/JSTests/ChangeLog
index 1f21e7c..faba4e5 100644
--- a/JSTests/ChangeLog
+++ b/JSTests/ChangeLog
@@ -1,3 +1,12 @@
+2020-02-26 Caio Lima <ticaiolima@gmail.com>
+
+ [JSC][MIPS] Adding support to Checkpoints
+ https://bugs.webkit.org/show_bug.cgi?id=208196
+
+ Reviewed by Yusuke Suzuki.
+
+ * microbenchmarks/memcpy-typed-loop.js:
+
2020-02-25 Justin Michaud <justin_michaud@apple.com>
Inline Cache delete by id/val
diff --git a/JSTests/microbenchmarks/memcpy-typed-loop.js b/JSTests/microbenchmarks/memcpy-typed-loop.js
index d473a04f..4636472 100644
--- a/JSTests/microbenchmarks/memcpy-typed-loop.js
+++ b/JSTests/microbenchmarks/memcpy-typed-loop.js
@@ -1,7 +1,7 @@
//@ skip if $model == "Apple Watch Series 3" or $model == "Apple Watch Series 4" # added by mark-jsc-stress-test.py
// Skipped under https://bugs.webkit.org/show_bug.cgi?id=202923
// due to timeout in ARMv7 that started between Oct 8 - Oct 10
-//@ skip if $architecture == "arm"
+//@ skip if $architecture == "arm" or $architecture == "mips"
//@ skip if $buildType == "debug"
function doTest(arr1, arr2) {
if (arr1.length != arr2.length)
diff --git a/Source/JavaScriptCore/ChangeLog b/Source/JavaScriptCore/ChangeLog
index ca027fb..168af40 100644
--- a/Source/JavaScriptCore/ChangeLog
+++ b/Source/JavaScriptCore/ChangeLog
@@ -1,3 +1,38 @@
+2020-02-26 Caio Lima <ticaiolima@gmail.com>
+
+ [JSC][MIPS] Adding support to Checkpoints
+ https://bugs.webkit.org/show_bug.cgi?id=208196
+
+ Reviewed by Yusuke Suzuki.
+
+ This patch is adding changes to properly support OSR to
+ checkpoints on MIPS. It required fixes on JIT probe and some
+ adjustment on Offlineasm to correct generate `$gp` load when executing
+ `checkpoint_osr_exit_from_inlined_call_trampoline`.
+
+ * assembler/MacroAssemblerMIPS.cpp:
+
+ Probe trampoline needs to allocate 16 bytes for 4 arguments to
+ properly follow C calling conventions. This space is used by callee
+ when the JSC is compiled with `-O0` flags
+ (Check "DEFAULT C CALLING CONVENTION (O32)" section on
+ https://www.mips.com/downloads/mips32-instruction-set-quick-reference-v1-01).
+
+ * llint/LowLevelInterpreter.asm:
+
+ As we need to do on ARMv7, 64-bits arguments needs to be passed in
+ register pairs `$a1:$a0` or `$a3:$a2` (little-endian mode). Since `$a0`
+ contais `CallFrame*`, we need to pass `EncodedJSValue` on `$a3:$a2`
+ pair.
+
+ * offlineasm/mips.rb:
+
+ Following the same reason for return locations on OSR to LLInt, we
+ need to adjust `$gp` using `$ra` instead of `$t9` on
+ `checkpoint_osr_exit_from_inlined_call_trampoline`, given it is only
+ reachable through `ret` operations. For detailed explanation, check
+ ChangeLog of https://trac.webkit.org/changeset/252713.
+
2020-02-25 Devin Rousso <drousso@apple.com>
Web Inspector: safari app extension isolated worlds and injected files use the extension's identifier instead of its name
diff --git a/Source/JavaScriptCore/assembler/MacroAssemblerMIPS.cpp b/Source/JavaScriptCore/assembler/MacroAssemblerMIPS.cpp
index 6278548..03fb19b 100644
--- a/Source/JavaScriptCore/assembler/MacroAssemblerMIPS.cpp
+++ b/Source/JavaScriptCore/assembler/MacroAssemblerMIPS.cpp
@@ -394,6 +394,7 @@
"sdc1 $f30, " STRINGIZE_VALUE_OF(PROBE_CPU_F30_OFFSET) "($sp)" "\n"
"move $a0, $sp" "\n" // Set the Probe::State* arg.
+ "addiu $sp, $sp, -16" "\n" // Allocate stack space for (unused) 16 bytes (8-byte aligned) for 4 arguments.
"move $t9, $a2" "\n" // Probe::executeProbe()
"jalr $t9" "\n" // Call the probe handler.
"nop" "\n"
diff --git a/Source/JavaScriptCore/llint/LowLevelInterpreter.asm b/Source/JavaScriptCore/llint/LowLevelInterpreter.asm
index 2645c05..1029554 100644
--- a/Source/JavaScriptCore/llint/LowLevelInterpreter.asm
+++ b/Source/JavaScriptCore/llint/LowLevelInterpreter.asm
@@ -2057,11 +2057,11 @@
op(checkpoint_osr_exit_from_inlined_call_trampoline, macro ()
- if (JSVALUE64 and not (C_LOOP or C_LOOP_WIN)) or ARMv7
+ if (JSVALUE64 and not (C_LOOP or C_LOOP_WIN)) or ARMv7 or MIPS
restoreStackPointerAfterCall()
# Make sure we move r0 to a1 first since r0 might be the same as a0, for instance, on arm.
- if ARMv7
+ if ARMv7 or MIPS
# Given _slow_path_checkpoint_osr_exit_from_inlined_call has
# parameters as CallFrame* and EncodedJSValue,
# we need to store call result on a2, a3 and call frame on a0,
@@ -2089,7 +2089,7 @@
op(checkpoint_osr_exit_trampoline, macro ()
# FIXME: We can probably dispatch to the checkpoint handler directly but this was easier
# and probably doesn't matter for performance.
- if (JSVALUE64 and not (C_LOOP or C_LOOP_WIN)) or ARMv7
+ if (JSVALUE64 and not (C_LOOP or C_LOOP_WIN)) or ARMv7 or MIPS
restoreStackPointerAfterCall()
move cfr, a0
diff --git a/Source/JavaScriptCore/offlineasm/mips.rb b/Source/JavaScriptCore/offlineasm/mips.rb
index 8920508..75f0526 100644
--- a/Source/JavaScriptCore/offlineasm/mips.rb
+++ b/Source/JavaScriptCore/offlineasm/mips.rb
@@ -685,7 +685,10 @@
| node |
myList << node
if node.is_a? Label
- if node.name =~ /^.*_return_location(?:_(?:wide16|wide32))?$/
+ # FIXME: [JSC] checkpoint_osr_exit_from_inlined_call_trampoline is a return location
+ # and we should name it properly.
+ # https://bugs.webkit.org/show_bug.cgi?id=208236
+ if node.name =~ /^.*_return_location(?:_(?:wide16|wide32))?$/ or node.name.start_with?("_checkpoint_osr_exit_from_inlined_call_trampoline")
# We need to have a special case for return location labels because they are always
# reached from a `ret` instruction. In this case, we need to proper reconfigure `$gp`
# using `$ra` instead of using `$t9`.
