<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[187868] branches/jsc-tailcall/Source/JavaScriptCore</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/187868">187868</a></dd>
<dt>Author</dt> <dd>basile_clement@apple.com</dd>
<dt>Date</dt> <dd>2015-08-04 11:30:20 -0700 (Tue, 04 Aug 2015)</dd>
</dl>
<h3>Log Message</h3>
<pre>jsc-tailcall: We should abortWithReason() if we ever return from a tail call
https://bugs.webkit.org/show_bug.cgi?id=147634
Reviewed by Michael Saboff.
Previously, we were using a breakpoint in that case, but it really
should be an abortWithReason(). Note that this is mostly useful for the
slow path, since the fast path is always a jump - if we ever have a
slow path that does not perform the tail call, we have no idea in what
state the stack will be when we return here, and it would be dangerous
to continue executing (especially since the next instruction is
guaranteed to be a return).
* assembler/AbortReason.h:
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::emitCall):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::emitCall):
* jit/JITCall.cpp:
(JSC::JIT::compileOpCallSlowCase):
* jit/JITCall32_64.cpp:
(JSC::JIT::compileOpCallSlowCase):</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#branchesjsctailcallSourceJavaScriptCoreChangeLog">branches/jsc-tailcall/Source/JavaScriptCore/ChangeLog</a></li>
<li><a href="#branchesjsctailcallSourceJavaScriptCoreassemblerAbortReasonh">branches/jsc-tailcall/Source/JavaScriptCore/assembler/AbortReason.h</a></li>
<li><a href="#branchesjsctailcallSourceJavaScriptCoredfgDFGSpeculativeJIT32_64cpp">branches/jsc-tailcall/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp</a></li>
<li><a href="#branchesjsctailcallSourceJavaScriptCoredfgDFGSpeculativeJIT64cpp">branches/jsc-tailcall/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp</a></li>
<li><a href="#branchesjsctailcallSourceJavaScriptCorejitJITCallcpp">branches/jsc-tailcall/Source/JavaScriptCore/jit/JITCall.cpp</a></li>
<li><a href="#branchesjsctailcallSourceJavaScriptCorejitJITCall32_64cpp">branches/jsc-tailcall/Source/JavaScriptCore/jit/JITCall32_64.cpp</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="branchesjsctailcallSourceJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: branches/jsc-tailcall/Source/JavaScriptCore/ChangeLog (187867 => 187868)</h4>
<pre class="diff"><span>
<span class="info">--- branches/jsc-tailcall/Source/JavaScriptCore/ChangeLog 2015-08-04 18:03:30 UTC (rev 187867)
+++ branches/jsc-tailcall/Source/JavaScriptCore/ChangeLog 2015-08-04 18:30:20 UTC (rev 187868)
</span><span class="lines">@@ -1,3 +1,28 @@
</span><ins>+2015-08-04 Basile Clement <basile_clement@apple.com>
+
+ jsc-tailcall: We should abortWithReason() if we ever return from a tail call
+ https://bugs.webkit.org/show_bug.cgi?id=147634
+
+ Reviewed by Michael Saboff.
+
+ Previously, we were using a breakpoint in that case, but it really
+ should be an abortWithReason(). Note that this is mostly useful for the
+ slow path, since the fast path is always a jump - if we ever have a
+ slow path that does not perform the tail call, we have no idea in what
+ state the stack will be when we return here, and it would be dangerous
+ to continue executing (especially since the next instruction is
+ guaranteed to be a return).
+
+ * assembler/AbortReason.h:
+ * dfg/DFGSpeculativeJIT32_64.cpp:
+ (JSC::DFG::SpeculativeJIT::emitCall):
+ * dfg/DFGSpeculativeJIT64.cpp:
+ (JSC::DFG::SpeculativeJIT::emitCall):
+ * jit/JITCall.cpp:
+ (JSC::JIT::compileOpCallSlowCase):
+ * jit/JITCall32_64.cpp:
+ (JSC::JIT::compileOpCallSlowCase):
+
</ins><span class="cx"> 2015-07-31 Basile Clement <basile_clement@apple.com>
</span><span class="cx">
</span><span class="cx"> jsc-tailcall: Implement the tail call opcodes in the DFG
</span></span></pre></div>
<a id="branchesjsctailcallSourceJavaScriptCoreassemblerAbortReasonh"></a>
<div class="modfile"><h4>Modified: branches/jsc-tailcall/Source/JavaScriptCore/assembler/AbortReason.h (187867 => 187868)</h4>
<pre class="diff"><span>
<span class="info">--- branches/jsc-tailcall/Source/JavaScriptCore/assembler/AbortReason.h 2015-08-04 18:03:30 UTC (rev 187867)
+++ branches/jsc-tailcall/Source/JavaScriptCore/assembler/AbortReason.h 2015-08-04 18:30:20 UTC (rev 187868)
</span><span class="lines">@@ -58,6 +58,7 @@
</span><span class="cx"> DFGUnreachableBasicBlock = 220,
</span><span class="cx"> DFGUnreasonableOSREntryJumpDestination = 230,
</span><span class="cx"> DFGVarargsThrowingPathDidNotThrow = 235,
</span><ins>+ JITDidReturnFromTailCall = 237,
</ins><span class="cx"> JITDivOperandsAreNotNumbers = 240,
</span><span class="cx"> JITGetByValResultIsNotEmpty = 250,
</span><span class="cx"> JITNotSupported = 260,
</span></span></pre></div>
<a id="branchesjsctailcallSourceJavaScriptCoredfgDFGSpeculativeJIT32_64cpp"></a>
<div class="modfile"><h4>Modified: branches/jsc-tailcall/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp (187867 => 187868)</h4>
<pre class="diff"><span>
<span class="info">--- branches/jsc-tailcall/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp 2015-08-04 18:03:30 UTC (rev 187867)
+++ branches/jsc-tailcall/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp 2015-08-04 18:30:20 UTC (rev 187868)
</span><span class="lines">@@ -878,7 +878,7 @@
</span><span class="cx"> done.link(&m_jit);
</span><span class="cx">
</span><span class="cx"> if (isTail)
</span><del>- m_jit.breakpoint();
</del><ins>+ m_jit.abortWithReason(JITDidReturnFromTailCall);
</ins><span class="cx"> else {
</span><span class="cx"> m_jit.setupResults(resultPayloadGPR, resultTagGPR);
</span><span class="cx">
</span></span></pre></div>
<a id="branchesjsctailcallSourceJavaScriptCoredfgDFGSpeculativeJIT64cpp"></a>
<div class="modfile"><h4>Modified: branches/jsc-tailcall/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp (187867 => 187868)</h4>
<pre class="diff"><span>
<span class="info">--- branches/jsc-tailcall/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp 2015-08-04 18:03:30 UTC (rev 187867)
+++ branches/jsc-tailcall/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp 2015-08-04 18:30:20 UTC (rev 187868)
</span><span class="lines">@@ -839,7 +839,7 @@
</span><span class="cx"> done.link(&m_jit);
</span><span class="cx">
</span><span class="cx"> if (isTail)
</span><del>- m_jit.breakpoint();
</del><ins>+ m_jit.abortWithReason(JITDidReturnFromTailCall);
</ins><span class="cx"> else {
</span><span class="cx"> m_jit.move(GPRInfo::returnValueGPR, resultGPR);
</span><span class="cx">
</span></span></pre></div>
<a id="branchesjsctailcallSourceJavaScriptCorejitJITCallcpp"></a>
<div class="modfile"><h4>Modified: branches/jsc-tailcall/Source/JavaScriptCore/jit/JITCall.cpp (187867 => 187868)</h4>
<pre class="diff"><span>
<span class="info">--- branches/jsc-tailcall/Source/JavaScriptCore/jit/JITCall.cpp 2015-08-04 18:03:30 UTC (rev 187867)
+++ branches/jsc-tailcall/Source/JavaScriptCore/jit/JITCall.cpp 2015-08-04 18:30:20 UTC (rev 187868)
</span><span class="lines">@@ -197,8 +197,6 @@
</span><span class="cx"> if (opcodeID == op_tail_call || opcodeID == op_tail_call_varargs) {
</span><span class="cx"> prepareForTailCallSlow();
</span><span class="cx"> m_callCompilationInfo[callLinkInfoIndex].hotPathOther = emitNakedTailCall();
</span><del>- // We must never come back here
- breakpoint();
</del><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -226,8 +224,7 @@
</span><span class="cx"> m_callCompilationInfo[callLinkInfoIndex].callReturnLocation = emitNakedCall(m_vm->getCTIStub(linkCallThunkGenerator).code());
</span><span class="cx">
</span><span class="cx"> if (opcodeID == op_tail_call || opcodeID == op_tail_call_varargs) {
</span><del>- // We must never come back here
- breakpoint();
</del><ins>+ abortWithReason(JITDidReturnFromTailCall);
</ins><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="branchesjsctailcallSourceJavaScriptCorejitJITCall32_64cpp"></a>
<div class="modfile"><h4>Modified: branches/jsc-tailcall/Source/JavaScriptCore/jit/JITCall32_64.cpp (187867 => 187868)</h4>
<pre class="diff"><span>
<span class="info">--- branches/jsc-tailcall/Source/JavaScriptCore/jit/JITCall32_64.cpp 2015-08-04 18:03:30 UTC (rev 187867)
+++ branches/jsc-tailcall/Source/JavaScriptCore/jit/JITCall32_64.cpp 2015-08-04 18:30:20 UTC (rev 187868)
</span><span class="lines">@@ -282,8 +282,6 @@
</span><span class="cx"> if (opcodeID == op_tail_call || opcodeID == op_tail_call_varargs) {
</span><span class="cx"> prepareForTailCallSlow();
</span><span class="cx"> m_callCompilationInfo[callLinkInfoIndex].hotPathOther = emitNakedTailCall();
</span><del>- // We must never come back here
- breakpoint();
</del><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -311,8 +309,7 @@
</span><span class="cx"> m_callCompilationInfo[callLinkInfoIndex].callReturnLocation = emitNakedCall(m_vm->getCTIStub(linkCallThunkGenerator).code());
</span><span class="cx">
</span><span class="cx"> if (opcodeID == op_tail_call || opcodeID == op_tail_call_varargs) {
</span><del>- // We must never come back here
- breakpoint();
</del><ins>+ abortWithReason(JITDidReturnFromTailCall);
</ins><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre>
</div>
</div>
</body>
</html>