[Turbofan] Save and restore lr in OutOfLineRecordWrite when frame is elided.
Fixes a bug in Ignition on Arm64 where lr gets trashed in StaContextSlot which causes the stack walker to get confused and crash. BUG=v8:4680 LOG=N Review URL: https://codereview.chromium.org/1694263002 Cr-Commit-Position: refs/heads/master@{#34016}
This commit is contained in:
rmcilroy
Commit bot
parent
242404923d
commit
84a225d1e4
@ -235,8 +235,10 @@ class OutOfLineRecordWrite final : public OutOfLineCode {
|
||||
}
|
||||
SaveFPRegsMode const save_fp_mode =
|
||||
frame()->DidAllocateDoubleRegisters() ? kSaveFPRegs : kDontSaveFPRegs;
|
||||
// TODO(turbofan): Once we get frame elision working, we need to save
|
||||
// and restore lr properly here if the frame was elided.
|
||||
if (!frame()->needs_frame()) {
|
||||
// We need to save and restore lr if the frame was elided.
|
||||
__ Push(lr);
|
||||
}
|
||||
RecordWriteStub stub(isolate(), object_, scratch0_, scratch1_,
|
||||
EMIT_REMEMBERED_SET, save_fp_mode);
|
||||
if (index_.is(no_reg)) {
|
||||
@ -246,6 +248,9 @@ class OutOfLineRecordWrite final : public OutOfLineCode {
|
||||
__ add(scratch1_, object_, Operand(index_));
|
||||
}
|
||||
__ CallStub(&stub);
|
||||
if (!frame()->needs_frame()) {
|
||||
__ Pop(lr);
|
||||
}
|
||||
}
|
||||
|
||||
private:
|
||||
|
||||
@ -292,12 +292,17 @@ class OutOfLineRecordWrite final : public OutOfLineCode {
|
||||
}
|
||||
SaveFPRegsMode const save_fp_mode =
|
||||
frame()->DidAllocateDoubleRegisters() ? kSaveFPRegs : kDontSaveFPRegs;
|
||||
// TODO(turbofan): Once we get frame elision working, we need to save
|
||||
// and restore lr properly here if the frame was elided.
|
||||
if (!frame()->needs_frame()) {
|
||||
// We need to save and restore lr if the frame was elided.
|
||||
__ Push(lr);
|
||||
}
|
||||
RecordWriteStub stub(isolate(), object_, scratch0_, scratch1_,
|
||||
EMIT_REMEMBERED_SET, save_fp_mode);
|
||||
__ Add(scratch1_, object_, index_);
|
||||
__ CallStub(&stub);
|
||||
if (!frame()->needs_frame()) {
|
||||
__ Pop(lr);
|
||||
}
|
||||
}
|
||||
|
||||
private:
|
||||
|
||||
@ -234,12 +234,17 @@ class OutOfLineRecordWrite final : public OutOfLineCode {
|
||||
}
|
||||
SaveFPRegsMode const save_fp_mode =
|
||||
frame()->DidAllocateDoubleRegisters() ? kSaveFPRegs : kDontSaveFPRegs;
|
||||
// TODO(turbofan): Once we get frame elision working, we need to save
|
||||
// and restore lr properly here if the frame was elided.
|
||||
if (!frame()->needs_frame()) {
|
||||
// We need to save and restore ra if the frame was elided.
|
||||
__ Push(ra);
|
||||
}
|
||||
RecordWriteStub stub(isolate(), object_, scratch0_, scratch1_,
|
||||
EMIT_REMEMBERED_SET, save_fp_mode);
|
||||
__ Addu(scratch1_, object_, index_);
|
||||
__ CallStub(&stub);
|
||||
if (!frame()->needs_frame()) {
|
||||
__ Pop(ra);
|
||||
}
|
||||
}
|
||||
|
||||
private:
|
||||
|
||||
@ -234,12 +234,17 @@ class OutOfLineRecordWrite final : public OutOfLineCode {
|
||||
}
|
||||
SaveFPRegsMode const save_fp_mode =
|
||||
frame()->DidAllocateDoubleRegisters() ? kSaveFPRegs : kDontSaveFPRegs;
|
||||
// TODO(turbofan): Once we get frame elision working, we need to save
|
||||
// and restore lr properly here if the frame was elided.
|
||||
if (!frame()->needs_frame()) {
|
||||
// We need to save and restore ra if the frame was elided.
|
||||
__ Push(ra);
|
||||
}
|
||||
RecordWriteStub stub(isolate(), object_, scratch0_, scratch1_,
|
||||
EMIT_REMEMBERED_SET, save_fp_mode);
|
||||
__ Daddu(scratch1_, object_, index_);
|
||||
__ CallStub(&stub);
|
||||
if (!frame()->needs_frame()) {
|
||||
__ Pop(ra);
|
||||
}
|
||||
}
|
||||
|
||||
private:
|
||||
|
||||
@ -196,8 +196,11 @@ class OutOfLineRecordWrite final : public OutOfLineCode {
|
||||
}
|
||||
SaveFPRegsMode const save_fp_mode =
|
||||
frame()->DidAllocateDoubleRegisters() ? kSaveFPRegs : kDontSaveFPRegs;
|
||||
// TODO(turbofan): Once we get frame elision working, we need to save
|
||||
// and restore lr properly here if the frame was elided.
|
||||
if (!frame()->needs_frame()) {
|
||||
// We need to save and restore lr if the frame was elided.
|
||||
__ mflr(scratch1_);
|
||||
__ Push(scratch1_);
|
||||
}
|
||||
RecordWriteStub stub(isolate(), object_, scratch0_, scratch1_,
|
||||
EMIT_REMEMBERED_SET, save_fp_mode);
|
||||
if (offset_.is(no_reg)) {
|
||||
@ -207,6 +210,11 @@ class OutOfLineRecordWrite final : public OutOfLineCode {
|
||||
__ add(scratch1_, object_, offset_);
|
||||
}
|
||||
__ CallStub(&stub);
|
||||
if (!frame()->needs_frame()) {
|
||||
// We need to save and restore lr if the frame was elided.
|
||||
__ Pop(scratch1_);
|
||||
__ mtlr(scratch1_);
|
||||
}
|
||||
}
|
||||
|
||||
private:
|
||||
|
||||
@ -607,21 +607,4 @@
|
||||
'test-api/InitializeDefaultIsolateOnSecondaryThread1': [PASS, ['mode == debug', FAIL]],
|
||||
}],
|
||||
|
||||
['ignition == True and arch == arm64', {
|
||||
# TODO(rmcilroy,4680): Arm64 specific crashes.
|
||||
'test-api/ExternalWrap': [SKIP],
|
||||
'test-api/Regress470113': [SKIP],
|
||||
'test-heap/NoWeakHashTableLeakWithIncrementalMarking': [SKIP],
|
||||
|
||||
# TODO(rmcilroy,4680): Arm64 flakes.
|
||||
'test-serialize/SerializeInternalReference': [PASS, FAIL],
|
||||
'test-spaces/SizeOfFirstPageIsLargeEnough': [PASS, FAIL],
|
||||
'test-api/InitializeDefaultIsolateOnSecondaryThread1': [PASS, FAIL],
|
||||
'test-api/FastReturnValuesWithProfiler': [PASS, FAIL],
|
||||
'test-heap/Regress538257': [PASS, FAIL],
|
||||
'test-heap/AddInstructionChangesNewSpacePromotion': [PASS, FAIL],
|
||||
'test-decls/CrossScriptReferencesHarmony': [PASS, FAIL],
|
||||
'test-lockers/IsolateNestedLocking': [PASS, FAIL],
|
||||
}], # ignition == True and arch == arm64
|
||||
|
||||
]
|
||||
|
||||
@ -897,68 +897,13 @@
|
||||
}], # ignition == True and mode == debug
|
||||
|
||||
['ignition == True and arch == arm64', {
|
||||
# TODO(rmcilroy,4680): Arm64 specific failures.
|
||||
'apply': [SKIP],
|
||||
'array-constructor': [SKIP],
|
||||
'array-functions-prototype-misc': [SKIP],
|
||||
'array-sort': [SKIP],
|
||||
'array-store-and-grow': [SKIP],
|
||||
'asm/construct-double': [SKIP],
|
||||
'compiler/division-by-constant': [SKIP],
|
||||
'compiler/osr-big': [SKIP],
|
||||
'compiler/osr-nested': [SKIP],
|
||||
'compiler/osr-one': [SKIP],
|
||||
'compiler/osr-two': [SKIP],
|
||||
'copy-on-write-assert': [SKIP],
|
||||
'es6/block-conflicts': [SKIP],
|
||||
'es6/block-const-assign': [SKIP],
|
||||
'es6/block-let-declaration': [SKIP],
|
||||
'es6/block-scoping-top-level': [SKIP],
|
||||
'es6/classes-derived-return-type': [SKIP],
|
||||
'es6/regress/regress-2506': [SKIP],
|
||||
'es6/regress/regress-474783': [SKIP],
|
||||
'es6/typedarray-proto': [SKIP],
|
||||
'es6/unscopables': [SKIP],
|
||||
'harmony/arraybuffer-species': [SKIP],
|
||||
'harmony/array-species': [SKIP],
|
||||
'harmony/block-conflicts-sloppy': [SKIP],
|
||||
'harmony/block-const-assign-sloppy': [SKIP],
|
||||
'harmony/block-let-declaration-sloppy': [SKIP],
|
||||
'harmony/block-scoping-top-level-sloppy': [SKIP],
|
||||
'harmony/species': [SKIP],
|
||||
'harmony/typedarray-species': [SKIP],
|
||||
'mirror-object': [SKIP],
|
||||
'mul-exhaustive-part*': [SKIP],
|
||||
'readonly': [SKIP],
|
||||
'regress/regress-165637': [SKIP],
|
||||
'regress/regress-2185': [SKIP],
|
||||
'regress/regress-2249': [SKIP],
|
||||
'regress/regress-298269': [SKIP],
|
||||
'regress/regress-319722-ArrayBuffer': [SKIP],
|
||||
'regress/regress-347914': [SKIP],
|
||||
'regress/regress-411210': [SKIP],
|
||||
'regress/regress-4509-Class-constructor-typeerror-realm': [SKIP],
|
||||
'regress/regress-4521': [SKIP],
|
||||
'regress/regress-568765': [SKIP],
|
||||
'regress/regress-85177': [SKIP],
|
||||
'regress/regress-crbug-405517': [SKIP],
|
||||
'regress/regress-crbug-474297': [SKIP],
|
||||
'regress/regress-crbug-498022': [SKIP],
|
||||
'regress/regress-crbug-505007-1': [SKIP],
|
||||
'regress/regress-crbug-505007-2': [SKIP],
|
||||
'regress/regress-crbug-513507': [SKIP],
|
||||
'regress/regress-crbug-514081': [SKIP],
|
||||
'regress/regress-deep-proto': [SKIP],
|
||||
'regress/regress-put-prototype-transition': [SKIP],
|
||||
'regress/regress-transcendental': [SKIP],
|
||||
'stack-traces-overflow': [SKIP],
|
||||
'try': [SKIP],
|
||||
'unicodelctest': [SKIP],
|
||||
'unicodelctest-no-optimization': [SKIP],
|
||||
# TODO(rmcilroy,4680): Fails on Arm64 due to expecting to take less than 3
|
||||
# seconds.
|
||||
'regress/regress-165637': [FAIL],
|
||||
}], # ignition == True and arch == arm64
|
||||
|
||||
['ignition == True and arch == arm', {
|
||||
# TODO(rmcilroy,4680): Arm specific timeouts.
|
||||
['ignition == True and (arch == arm or arch == arm64)', {
|
||||
# TODO(rmcilroy,4680): Arm / Arm64 specific timeouts.
|
||||
'asm/construct-double': [SKIP],
|
||||
'compiler/osr-nested': [SKIP],
|
||||
'compiler/osr-one': [SKIP],
|
||||
@ -969,7 +914,7 @@
|
||||
'regress/regress-91008': [SKIP],
|
||||
'unicodelctest': [SKIP],
|
||||
'unicodelctest-no-optimization': [SKIP],
|
||||
}], # ignition == True and arch == arm
|
||||
}], # ignition == True and (arch == arm or arch == arm64)
|
||||
|
||||
##############################################################################
|
||||
['gcov_coverage', {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user