Arm64: Ensure that csp is always aligned to 16 byte values even if jssp is not.

src/arm64/macro-assembler-arm64-inl.h

 // Copyright 2013 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef V8_ARM64_MACRO_ASSEMBLER_ARM64_INL_H_
 #define V8_ARM64_MACRO_ASSEMBLER_ARM64_INL_H_
 
 #include <ctype.h>
 
 #include "v8globals.h"
@@ skipping 1229 matching lines @@
 
 void MacroAssembler::Uxtw(const Register& rd, const Register& rn) {
   ASSERT(allow_macro_instructions_);
   ASSERT(!rd.IsZero());
   uxtw(rd, rn);
 }
 
 
 void MacroAssembler::BumpSystemStackPointer(const Operand& space) {
   ASSERT(!csp.Is(sp_));
-  // TODO(jbramley): Several callers rely on this not using scratch registers,
-  // so we use the assembler directly here. However, this means that large
-  // immediate values of 'space' cannot be handled cleanly. (Only 24-bits
-  // immediates or values of 'space' that can be encoded in one instruction are
-  // accepted.) Once we implement our flexible scratch register idea, we could
-  // greatly simplify this function.
-  InstructionAccurateScope scope(this);
-  if ((space.IsImmediate()) && !is_uint12(space.immediate())) {
-    // The subtract instruction supports a 12-bit immediate, shifted left by
-    // zero or 12 bits. So, in two instructions, we can subtract any immediate
-    // between zero and (1 << 24) - 1.
-    int64_t imm = space.immediate();
-    ASSERT(is_uint24(imm));
+  { InstructionAccurateScope scope(this);
+    if (!TmpList()->IsEmpty()) {
+      UseScratchRegisterScope temps(this);
+      Register temp = temps.AcquireX();
+      sub(temp, StackPointer(), space);
+      bic(temp, temp, 0xf);
+      sub(csp, temp, 0x10);
+    } else {
+      // TODO(jbramley): Several callers rely on this not using scratch

[jbramley, 2014/05/01 15:17:10]

Since we added UseScratchRegisterScope, I don't think this is true. It used to
be important so we could do `Push(..., ip0, ...)`, but we don't do that any more
unless we first acquire ip0 (making it unavailable). It might be worth checking
that now, since it would greatly simplify this function.

[rmcilroy, 2014/05/01 18:29:11]

Yes I had hoped that was true and tried it originally, however, unfortunately we
still reach here with no remaining temp registers in
LCodeGen::PushSafepointRegistersScope. 

+      // registers, so we use the assembler directly here. However, this means
+      // that large immediate values of 'space' cannot be handled cleanly. (Only
+      // 24-bits immediates or values of 'space' that can be encoded in one
+      // instruction are accepted.) Once we implement our flexible scratch
+      // register idea, we could greatly simplify this function.
+      ASSERT(space.IsImmediate());
+      // Align to 16 bytes and add 16 bytes to counteract mask of StackPointer
+      // below.
+      uint64_t imm = RoundUp(space.immediate(), 0x10) + 0x10;
+      ASSERT(is_uint24(imm));
 
-    int64_t imm_top_12_bits = imm >> 12;
-    sub(csp, StackPointer(), imm_top_12_bits << 12);
-    imm -= imm_top_12_bits << 12;
-    if (imm > 0) {
-      sub(csp, csp, imm);
+      bic(csp, StackPointer(), 0xf);

[jbramley, 2014/05/01 15:17:10]

This will generate two extra instructions (bic + sub) for every push, instead of
one (sub), so it will slow down the processors that don't care about the value
in csp. For that reason alone, I have to give this 'not lgtm'.

Could you do this change only on the affected platform? Can we detect it at
runtime? I know this kind of thing is ugly, but the csp-maintenance is
abstracted enough that we wouldn't have to have too many alternative code paths.

[rmcilroy, 2014/05/01 18:29:11]

Sure I understand your concern.  We are not yet sure whether this CL will be
necessary (it has a very big impact currently, but there may be other ways
around the issue.   I will investigate whether this can be gated on the platform
if we decide to land this.

+      if (!is_uint12(imm)) {
+        int64_t imm_top_12_bits = imm >> 12;
+        sub(csp, csp, imm_top_12_bits << 12);
+        imm -= imm_top_12_bits << 12;
+      }
+      if (imm > 0) {
+        sub(csp, csp, imm);
+      }
     }
-  } else {
-    sub(csp, StackPointer(), space);
   }
+  AssertStackConsistency();
 }
 
 
+void MacroAssembler::SyncSystemStackPointer() {

[jbramley, 2014/05/01 15:17:10]

This is never _necessary_, so it might be a good idea to
ASSERT(emit_debug_code()) just to make sure that we don't emit unnecessary code.

Also, since this is debug code, we don't need to worry about performance, and
can just Mov(csp, StackPointer()).

[rmcilroy, 2014/05/01 18:29:11]

Done.

+  ASSERT(!csp.Is(sp_));
+  { InstructionAccurateScope scope(this);
+    bic(csp, StackPointer(), 0xf);
+    sub(csp, csp, 0x10);

[jbramley, 2014/05/01 15:17:10]

Why is the sub necessary? Isn't the bic enough?

[rmcilroy, 2014/05/01 18:29:11]

You are right, the bic is enough (this is an artifact of a previous approach I
was using to align). Done.

+  }
+  AssertStackConsistency();
+}
+
+
 void MacroAssembler::InitializeRootRegister() {
   ExternalReference roots_array_start =
       ExternalReference::roots_array_start(isolate());
   Mov(root, Operand(roots_array_start));
 }
 
 
 void MacroAssembler::SmiTag(Register dst, Register src) {
   ASSERT(dst.Is64Bits() && src.Is64Bits());
   Lsl(dst, src, kSmiShift);
@@ skipping 248 matching lines @@
   }
 
   Add(StackPointer(), StackPointer(), size);
 
   if (csp.Is(StackPointer())) {
     ASSERT(size % 16 == 0);
   } else if (emit_debug_code()) {
     // It is safe to leave csp where it is when unwinding the JavaScript stack,
     // but if we keep it matching StackPointer, the simulator can detect memory
     // accesses in the now-free part of the stack.
-    Mov(csp, StackPointer());
+    SyncSystemStackPointer();
   }
 }
 
 
 void MacroAssembler::Drop(const Register& count, uint64_t unit_size) {
   if (unit_size == 0) return;
   ASSERT(IsPowerOf2(unit_size));
 
   const int shift = CountTrailingZeros(unit_size, kXRegSizeInBits);
   const Operand size(count, LSL, shift);
 
   if (size.IsZero()) {
     return;
   }
 
   Add(StackPointer(), StackPointer(), size);
 
   if (!csp.Is(StackPointer()) && emit_debug_code()) {
     // It is safe to leave csp where it is when unwinding the JavaScript stack,
     // but if we keep it matching StackPointer, the simulator can detect memory
     // accesses in the now-free part of the stack.
-    Mov(csp, StackPointer());
+    SyncSystemStackPointer();
   }
 }
 
 
 void MacroAssembler::DropBySMI(const Register& count_smi, uint64_t unit_size) {
   ASSERT(unit_size == 0 || IsPowerOf2(unit_size));
   const int shift = CountTrailingZeros(unit_size, kXRegSizeInBits) - kSmiShift;
   const Operand size(count_smi,
                      (shift >= 0) ? (LSL) : (LSR),
                      (shift >= 0) ? (shift) : (-shift));
 
   if (size.IsZero()) {
     return;
   }
 
   Add(StackPointer(), StackPointer(), size);
 
   if (!csp.Is(StackPointer()) && emit_debug_code()) {
     // It is safe to leave csp where it is when unwinding the JavaScript stack,
     // but if we keep it matching StackPointer, the simulator can detect memory
     // accesses in the now-free part of the stack.
-    Mov(csp, StackPointer());
+    SyncSystemStackPointer();
   }
 }
 
 
 void MacroAssembler::CompareAndBranch(const Register& lhs,
                                       const Operand& rhs,
                                       Condition cond,
                                       Label* label) {
   if (rhs.IsImmediate() && (rhs.immediate() == 0) &&
       ((cond == eq) || (cond == ne))) {
@@ skipping 63 matching lines @@
   // characters are reserved for controlling features of the instrumentation.
   ASSERT(isprint(marker_name[0]) && isprint(marker_name[1]));
 
   InstructionAccurateScope scope(this, 1);
   movn(xzr, (marker_name[1] << 8) | marker_name[0]);
 }
 
 } }  // namespace v8::internal
 
 #endif  // V8_ARM64_MACRO_ASSEMBLER_ARM64_INL_H_