From 957a6da2a26eb795dafa3618818fd224b0197883 Mon Sep 17 00:00:00 2001
From: "titzer@chromium.org"
 <titzer@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
Date: Wed, 18 Sep 2013 16:05:39 +0000
Subject: [PATCH] Dynamically align OSR frames on ia32.

BUG=
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/23619076

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16798 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
---
 src/ia32/lithium-codegen-ia32.cc       | 33 ++++++++++++-
 test/mjsunit/compiler/osr-alignment.js | 86 ++++++++++++++++++++++++++++++++++
 2 files changed, 117 insertions(+), 2 deletions(-)
 create mode 100644 test/mjsunit/compiler/osr-alignment.js

diff --git a/src/ia32/lithium-codegen-ia32.cc b/src/ia32/lithium-codegen-ia32.cc
index 06628ff..2f72a04 100644
--- a/src/ia32/lithium-codegen-ia32.cc
+++ b/src/ia32/lithium-codegen-ia32.cc
@@ -340,12 +340,41 @@ void LCodeGen::GenerateOsrPrologue() {
 
   osr_pc_offset_ = masm()->pc_offset();
 
+    // Move state of dynamic frame alignment into edx.
+  __ mov(edx, Immediate(kNoAlignmentPadding));
+
+  if (support_aligned_spilled_doubles_ && dynamic_frame_alignment_) {
+    Label do_not_pad, align_loop;
+    // Align ebp + 4 to a multiple of 2 * kPointerSize.
+    __ test(ebp, Immediate(kPointerSize));
+    __ j(zero, &do_not_pad, Label::kNear);
+    __ push(Immediate(0));
+    __ mov(ebx, esp);
+    __ mov(edx, Immediate(kAlignmentPaddingPushed));
+
+    // Move all parts of the frame over one word. The frame consists of:
+    // unoptimized frame slots, alignment state, context, frame pointer, return
+    // address, receiver, and the arguments.
+    __ mov(ecx, Immediate(scope()->num_parameters() +
+           5 + graph()->osr()->UnoptimizedFrameSlots()));
+
+    __ bind(&align_loop);
+    __ mov(eax, Operand(ebx, 1 * kPointerSize));
+    __ mov(Operand(ebx, 0), eax);
+    __ add(Operand(ebx), Immediate(kPointerSize));
+    __ dec(ecx);
+    __ j(not_zero, &align_loop, Label::kNear);
+    __ mov(Operand(ebx, 0), Immediate(kAlignmentZapValue));
+    __ sub(Operand(ebp), Immediate(kPointerSize));
+    __ bind(&do_not_pad);
+  }
+
   // Save the first local, which is overwritten by the alignment state.
   Operand alignment_loc = MemOperand(ebp, -3 * kPointerSize);
   __ push(alignment_loc);
 
-  // Set the dynamic frame alignment state to "not aligned".
-  __ mov(alignment_loc, Immediate(kNoAlignmentPadding));
+  // Set the dynamic frame alignment state.
+  __ mov(alignment_loc, edx);
 
   // Adjust the frame size, subsuming the unoptimized frame into the
   // optimized frame.
diff --git a/test/mjsunit/compiler/osr-alignment.js b/test/mjsunit/compiler/osr-alignment.js
new file mode 100644
index 0000000..30d72d0
--- /dev/null
+++ b/test/mjsunit/compiler/osr-alignment.js
@@ -0,0 +1,86 @@
+// Copyright 2010 the V8 project authors. All rights reserved.
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+//     * Redistributions of source code must retain the above copyright
+//       notice, this list of conditions and the following disclaimer.
+//     * Redistributions in binary form must reproduce the above
+//       copyright notice, this list of conditions and the following
+//       disclaimer in the documentation and/or other materials provided
+//       with the distribution.
+//     * Neither the name of Google Inc. nor the names of its
+//       contributors may be used to endorse or promote products derived
+//       from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+// Flags: --use-osr
+
+function f1() {
+  var sum = 0;
+  for (var i = 0; i < 1000000; i++) {
+    var x = i + 2;
+    var y = x + 5;
+    var z = y + 3;
+    sum += z;
+  }
+  return sum;
+}
+
+function f2() {
+  var sum = 0;
+  for (var i = 0; i < 1000000; i++) {
+    var x = i + 2;
+    var y = x + 5;
+    var z = y + 3;
+    sum += z;
+  }
+  return sum;
+}
+
+function f3() {
+  var sum = 0;
+  for (var i = 0; i < 1000000; i++) {
+    var x = i + 2;
+    var y = x + 5;
+    var z = y + 3;
+    sum += z;
+  }
+  return sum;
+}
+
+function test1() {
+  var j = 11;
+  for (var i = 0; i < 2; i++) {
+    assertEquals(500009500000, f1());
+  }
+}
+
+function test2() {
+  for (var i = 0; i < 2; i++) {
+    var j = 11, k = 12;
+    assertEquals(500009500000, f2());
+  }
+}
+
+function test3() {
+  for (var i = 0; i < 2; i++) {
+    var j = 11, k = 13, m = 14;
+    assertEquals(500009500000, f3());
+  }
+}
+
+test1();
+test2();
+test3();
-- 
2.7.4