Always set the callee's context when calling a function from optimized code.

This is necessary even for recursive calls because we're sharing optimized code among closures, which could call each other and have distinct contexts.

BUG=138887
TEST=mjsunit/regress/regress-crbug-138887

Review URL: https://chromiumcodereview.appspot.com/10834031

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@12201 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
parent 1e5cf45e
...@@ -3193,14 +3193,8 @@ void LCodeGen::CallKnownFunction(Handle<JSFunction> function, ...@@ -3193,14 +3193,8 @@ void LCodeGen::CallKnownFunction(Handle<JSFunction> function,
__ LoadHeapObject(r1, function); __ LoadHeapObject(r1, function);
} }
// Change context if needed. // Change context.
bool change_context = __ ldr(cp, FieldMemOperand(r1, JSFunction::kContextOffset));
(info()->closure()->context() != function->context()) ||
scope()->contains_with() ||
(scope()->num_heap_slots() > 0);
if (change_context) {
__ ldr(cp, FieldMemOperand(r1, JSFunction::kContextOffset));
}
// Set r0 to arguments count if adaption is not needed. Assumes that r0 // Set r0 to arguments count if adaption is not needed. Assumes that r0
// is available to write to at this point. // is available to write to at this point.
......
...@@ -3013,17 +3013,8 @@ void LCodeGen::CallKnownFunction(Handle<JSFunction> function, ...@@ -3013,17 +3013,8 @@ void LCodeGen::CallKnownFunction(Handle<JSFunction> function,
__ LoadHeapObject(edi, function); __ LoadHeapObject(edi, function);
} }
// Change context if needed. // Change context.
bool change_context = __ mov(esi, FieldOperand(edi, JSFunction::kContextOffset));
(info()->closure()->context() != function->context()) ||
scope()->contains_with() ||
(scope()->num_heap_slots() > 0);
if (change_context) {
__ mov(esi, FieldOperand(edi, JSFunction::kContextOffset));
} else {
__ mov(esi, Operand(ebp, StandardFrameConstants::kContextOffset));
}
// Set eax to arguments count if adaption is not needed. Assumes that eax // Set eax to arguments count if adaption is not needed. Assumes that eax
// is available to write to at this point. // is available to write to at this point.
......
...@@ -2948,14 +2948,8 @@ void LCodeGen::CallKnownFunction(Handle<JSFunction> function, ...@@ -2948,14 +2948,8 @@ void LCodeGen::CallKnownFunction(Handle<JSFunction> function,
__ LoadHeapObject(a1, function); __ LoadHeapObject(a1, function);
} }
// Change context if needed. // Change context.
bool change_context = __ lw(cp, FieldMemOperand(a1, JSFunction::kContextOffset));
(info()->closure()->context() != function->context()) ||
scope()->contains_with() ||
(scope()->num_heap_slots() > 0);
if (change_context) {
__ lw(cp, FieldMemOperand(a1, JSFunction::kContextOffset));
}
// Set r0 to arguments count if adaption is not needed. Assumes that r0 // Set r0 to arguments count if adaption is not needed. Assumes that r0
// is available to write to at this point. // is available to write to at this point.
......
...@@ -2892,14 +2892,8 @@ void LCodeGen::CallKnownFunction(Handle<JSFunction> function, ...@@ -2892,14 +2892,8 @@ void LCodeGen::CallKnownFunction(Handle<JSFunction> function,
__ LoadHeapObject(rdi, function); __ LoadHeapObject(rdi, function);
} }
// Change context if needed. // Change context.
bool change_context = __ movq(rsi, FieldOperand(rdi, JSFunction::kContextOffset));
(info()->closure()->context() != function->context()) ||
scope()->contains_with() ||
(scope()->num_heap_slots() > 0);
if (change_context) {
__ movq(rsi, FieldOperand(rdi, JSFunction::kContextOffset));
}
// Set rax to arguments count if adaption is not needed. Assumes that rax // Set rax to arguments count if adaption is not needed. Assumes that rax
// is available to write to at this point. // is available to write to at this point.
......
// Copyright 2012 the V8 project authors. All rights reserved.
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
// met:
//
// * Redistributions of source code must retain the above copyright
// notice, this list of conditions and the following disclaimer.
// * Redistributions in binary form must reproduce the above
// copyright notice, this list of conditions and the following
// disclaimer in the documentation and/or other materials provided
// with the distribution.
// * Neither the name of Google Inc. nor the names of its
// contributors may be used to endorse or promote products derived
// from this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// Flags: --allow-natives-syntax
function worker1(ignored) {
return 100;
}
function factory(worker) {
return function(call_depth) {
if (call_depth == 0) return 10;
return 1 + worker(call_depth - 1);
}
}
var f1 = factory(worker1);
var f2 = factory(f1);
assertEquals(11, f2(1)); // Result: 1 + f1(0) == 1 + 10.
assertEquals(11, f2(1));
%OptimizeFunctionOnNextCall(f1);
assertEquals(10, f1(0)); // Terminates immediately -> returns 10.
%OptimizeFunctionOnNextCall(f2);
assertEquals(102, f2(1000)); // 1 + f1(999) == 1 + 1 + worker1(998) == 102
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment