Commit b4dbb2f7 authored by ishell's avatar ishell Committed by Commit bot

[deoptimizer] Do not modify stack_fp which is used as a key for lookup of...

[deoptimizer] Do not modify stack_fp which is used as a key for lookup of previously materialized objects.

BUG=chromium:604680, v8:4698
LOG=N

Review URL: https://codereview.chromium.org/1904663003

Cr-Commit-Position: refs/heads/master@{#35693}
parent 2cfac65e
...@@ -895,11 +895,8 @@ void Deoptimizer::DoComputeJSFrame(TranslatedFrame* translated_frame, ...@@ -895,11 +895,8 @@ void Deoptimizer::DoComputeJSFrame(TranslatedFrame* translated_frame,
CHECK_NULL(output_[frame_index]); CHECK_NULL(output_[frame_index]);
output_[frame_index] = output_frame; output_[frame_index] = output_frame;
// The top address for the bottommost output frame can be computed from // The top address of the frame is computed from the previous frame's top and
// the input frame pointer and the output frame's height. For all // this frame's size.
// subsequent output frames, it can be computed from the previous one's
// top address and the current frame's size.
Register fp_reg = JavaScriptFrame::fp_register();
intptr_t top_address; intptr_t top_address;
if (is_bottommost) { if (is_bottommost) {
top_address = caller_frame_top_ - output_frame_size; top_address = caller_frame_top_ - output_frame_size;
...@@ -947,7 +944,10 @@ void Deoptimizer::DoComputeJSFrame(TranslatedFrame* translated_frame, ...@@ -947,7 +944,10 @@ void Deoptimizer::DoComputeJSFrame(TranslatedFrame* translated_frame,
output_frame->SetCallerFp(output_offset, value); output_frame->SetCallerFp(output_offset, value);
intptr_t fp_value = top_address + output_offset; intptr_t fp_value = top_address + output_offset;
output_frame->SetFp(fp_value); output_frame->SetFp(fp_value);
if (is_topmost) output_frame->SetRegister(fp_reg.code(), fp_value); if (is_topmost) {
Register fp_reg = JavaScriptFrame::fp_register();
output_frame->SetRegister(fp_reg.code(), fp_value);
}
DebugPrintOutputSlot(value, frame_index, output_offset, "caller's fp\n"); DebugPrintOutputSlot(value, frame_index, output_offset, "caller's fp\n");
if (FLAG_enable_embedded_constant_pool) { if (FLAG_enable_embedded_constant_pool) {
...@@ -1117,11 +1117,8 @@ void Deoptimizer::DoComputeInterpretedFrame(TranslatedFrame* translated_frame, ...@@ -1117,11 +1117,8 @@ void Deoptimizer::DoComputeInterpretedFrame(TranslatedFrame* translated_frame,
CHECK_NULL(output_[frame_index]); CHECK_NULL(output_[frame_index]);
output_[frame_index] = output_frame; output_[frame_index] = output_frame;
// The top address for the bottommost output frame can be computed from // The top address of the frame is computed from the previous frame's top and
// the input frame pointer and the output frame's height. For all // this frame's size.
// subsequent output frames, it can be computed from the previous one's
// top address and the current frame's size.
Register fp_reg = InterpretedFrame::fp_register();
intptr_t top_address; intptr_t top_address;
if (is_bottommost) { if (is_bottommost) {
top_address = caller_frame_top_ - output_frame_size; top_address = caller_frame_top_ - output_frame_size;
...@@ -1170,7 +1167,10 @@ void Deoptimizer::DoComputeInterpretedFrame(TranslatedFrame* translated_frame, ...@@ -1170,7 +1167,10 @@ void Deoptimizer::DoComputeInterpretedFrame(TranslatedFrame* translated_frame,
output_frame->SetCallerFp(output_offset, value); output_frame->SetCallerFp(output_offset, value);
intptr_t fp_value = top_address + output_offset; intptr_t fp_value = top_address + output_offset;
output_frame->SetFp(fp_value); output_frame->SetFp(fp_value);
if (is_topmost) output_frame->SetRegister(fp_reg.code(), fp_value); if (is_topmost) {
Register fp_reg = InterpretedFrame::fp_register();
output_frame->SetRegister(fp_reg.code(), fp_value);
}
DebugPrintOutputSlot(value, frame_index, output_offset, "caller's fp\n"); DebugPrintOutputSlot(value, frame_index, output_offset, "caller's fp\n");
if (FLAG_enable_embedded_constant_pool) { if (FLAG_enable_embedded_constant_pool) {
...@@ -1334,8 +1334,8 @@ void Deoptimizer::DoComputeArgumentsAdaptorFrame( ...@@ -1334,8 +1334,8 @@ void Deoptimizer::DoComputeArgumentsAdaptorFrame(
CHECK(output_[frame_index] == NULL); CHECK(output_[frame_index] == NULL);
output_[frame_index] = output_frame; output_[frame_index] = output_frame;
// The top address of the frame is computed from the previous // The top address of the frame is computed from the previous frame's top and
// frame's top and this frame's size. // this frame's size.
intptr_t top_address; intptr_t top_address;
if (is_bottommost) { if (is_bottommost) {
top_address = caller_frame_top_ - output_frame_size; top_address = caller_frame_top_ - output_frame_size;
...@@ -1485,7 +1485,6 @@ void Deoptimizer::DoComputeTailCallerFrame(TranslatedFrame* translated_frame, ...@@ -1485,7 +1485,6 @@ void Deoptimizer::DoComputeTailCallerFrame(TranslatedFrame* translated_frame,
offset, stack_fp_, new_stack_fp, caller_frame_top_, offset, stack_fp_, new_stack_fp, caller_frame_top_,
new_caller_frame_top); new_caller_frame_top);
} }
stack_fp_ = new_stack_fp;
caller_frame_top_ = new_caller_frame_top; caller_frame_top_ = new_caller_frame_top;
caller_fp_ = adaptor_caller_fp; caller_fp_ = adaptor_caller_fp;
caller_pc_ = adaptor_caller_pc; caller_pc_ = adaptor_caller_pc;
...@@ -1521,8 +1520,8 @@ void Deoptimizer::DoComputeConstructStubFrame(TranslatedFrame* translated_frame, ...@@ -1521,8 +1520,8 @@ void Deoptimizer::DoComputeConstructStubFrame(TranslatedFrame* translated_frame,
DCHECK(output_[frame_index] == NULL); DCHECK(output_[frame_index] == NULL);
output_[frame_index] = output_frame; output_[frame_index] = output_frame;
// The top address of the frame is computed from the previous // The top address of the frame is computed from the previous frame's top and
// frame's top and this frame's size. // this frame's size.
intptr_t top_address; intptr_t top_address;
top_address = output_[frame_index - 1]->GetTop() - output_frame_size; top_address = output_[frame_index - 1]->GetTop() - output_frame_size;
output_frame->SetTop(top_address); output_frame->SetTop(top_address);
...@@ -1807,13 +1806,9 @@ void Deoptimizer::DoComputeCompiledStubFrame(TranslatedFrame* translated_frame, ...@@ -1807,13 +1806,9 @@ void Deoptimizer::DoComputeCompiledStubFrame(TranslatedFrame* translated_frame,
CHECK_EQ(frame_index, 0); CHECK_EQ(frame_index, 0);
output_[frame_index] = output_frame; output_[frame_index] = output_frame;
// The top address for the output frame can be computed from the input // The top address of the frame is computed from the previous frame's top and
// frame pointer and the output frame's height. Subtract space for the // this frame's size.
// context and function slots. intptr_t top_address = caller_frame_top_ - output_frame_size;
Register fp_reg = StubFailureTrampolineFrame::fp_register();
intptr_t top_address =
stack_fp_ - StubFailureTrampolineFrameConstants::kFixedFrameSizeFromFp -
height_in_bytes;
output_frame->SetTop(top_address); output_frame->SetTop(top_address);
// Set caller's PC (JSFunction continuation). // Set caller's PC (JSFunction continuation).
...@@ -1827,7 +1822,8 @@ void Deoptimizer::DoComputeCompiledStubFrame(TranslatedFrame* translated_frame, ...@@ -1827,7 +1822,8 @@ void Deoptimizer::DoComputeCompiledStubFrame(TranslatedFrame* translated_frame,
value = caller_fp_; value = caller_fp_;
output_frame_offset -= kFPOnStackSize; output_frame_offset -= kFPOnStackSize;
output_frame->SetCallerFp(output_frame_offset, value); output_frame->SetCallerFp(output_frame_offset, value);
intptr_t frame_ptr = stack_fp_; intptr_t frame_ptr = top_address + output_frame_offset;
Register fp_reg = StubFailureTrampolineFrame::fp_register();
output_frame->SetRegister(fp_reg.code(), frame_ptr); output_frame->SetRegister(fp_reg.code(), frame_ptr);
output_frame->SetFp(frame_ptr); output_frame->SetFp(frame_ptr);
DebugPrintOutputSlot(value, frame_index, output_frame_offset, DebugPrintOutputSlot(value, frame_index, output_frame_offset,
......
// Copyright 2016 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Flags: --allow-natives-syntax --harmony-tailcalls
function h() {
var res = g.arguments;
return res;
}
function g(o) {
var res = h();
return res;
}
function f1() {
var o = { x : 42 };
var res = g(o);
return 1;
}
function f0(a, b) {
"use strict";
return f1(5);
}
function boom(b) {
if (b) throw new Error("boom!");
}
%NeverOptimizeFunction(h);
f0();
f0();
%OptimizeFunctionOnNextCall(f0);
boom(false);
boom(false);
%OptimizeFunctionOnNextCall(boom);
try {
f0(1, 2, 3);
boom(true, 1, 2, 3);
} catch (e) {
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment