Bug 1112161 - Assert that Ion's fun.apply calls are correctly aligned. r=bbouvier

This commit is contained in:
Nicolas B. Pierron 2015-02-12 14:53:05 +01:00
parent 64ea2a9822
commit 30dad431d0
2 changed files with 41 additions and 6 deletions

View File

@ -53,19 +53,40 @@ for (var l = 0; l < 4; l++) {
ionFrameSize_args[l][a] = gen_ionFrameSize(30 + l, a, "ionFrameSize_callee_verify");;
}
// Check ion frames during function calls are always correctly aligned.
function ionFrame_funApply_0() {
assertJitStackInvariants.apply(this, arguments);
}
function ionFrame_funApply_1() {
ionFrame_funApply_0.apply(this, arguments);
}
for (i = 0; i < 40; i++) {
entryFrame_1();
entryFrame_1(0);
entryFrame_1(0, 1);
rectifierFrame_1(i);
rectifierFrame_2(i);
rectifierFrame_3(i);
rectifierFrame_4(i);
ionFrameSize_0(i);
ionFrameSize_1(i);
ionFrameSize_2(i);
ionFrameSize_3(i);
for (var l = 0; l < 4; l++)
for (var a = 0; a < 4; a++)
ionFrameSize_args[l][a](i);
ionFrame_funApply_0();
ionFrame_funApply_0(1);
ionFrame_funApply_0(1, 2);
ionFrame_funApply_0(1, 2, 3);
ionFrame_funApply_1();
ionFrame_funApply_1(1);
ionFrame_funApply_1(1, 2);
ionFrame_funApply_1(1, 2, 3);
}

View File

@ -3087,14 +3087,16 @@ AssertJitStackInvariants(JSContext *cx)
{
for (JitActivationIterator activations(cx->runtime()); !activations.done(); ++activations) {
JitFrameIterator frames(activations);
size_t prevFrameSize = 0;
size_t frameSize = 0;
for (; !frames.done(); ++frames) {
size_t calleeFp = reinterpret_cast<size_t>(frames.fp());
size_t callerFp = reinterpret_cast<size_t>(frames.prevFp());
MOZ_ASSERT(callerFp >= calleeFp);
prevFrameSize = frameSize;
frameSize = callerFp - calleeFp;
if (frames.prevType() == JitFrame_Rectifier) {
size_t calleeFp = reinterpret_cast<size_t>(frames.fp());
size_t callerFp = reinterpret_cast<size_t>(frames.prevFp());
MOZ_ASSERT(callerFp >= calleeFp);
size_t frameSize = callerFp - calleeFp;
MOZ_RELEASE_ASSERT(frameSize % JitStackAlignment == 0,
"The rectifier frame should keep the alignment");
@ -3110,6 +3112,12 @@ AssertJitStackInvariants(JSContext *cx)
"The frame size is optimal");
}
if (frames.type() == JitFrame_Exit) {
// For the moment, we do not keep the JitStackAlignment
// alignment for exit frames.
frameSize -= ExitFrameLayout::Size();
}
if (frames.isIonJS()) {
// Ideally, we should not have such requirement, but keep the
// alignment-delta as part of the Safepoint such that we can pad
@ -3118,8 +3126,14 @@ AssertJitStackInvariants(JSContext *cx)
// everything can properly be aligned before adding complexity.
MOZ_RELEASE_ASSERT(frames.ionScript()->frameSize() % JitStackAlignment == 0,
"Ensure that if the Ion frame is aligned, then the spill base is also aligned");
}
InlineFrameIterator lastInlinedFrame(cx, &frames);
jsbytecode *pc = lastInlinedFrame.pc();
if (JSOp(*pc) == JSOP_FUNAPPLY) {
MOZ_RELEASE_ASSERT(prevFrameSize % JitStackAlignment == 0,
"The ion frame should keep the alignment");
}
}
}
MOZ_RELEASE_ASSERT(frames.type() == JitFrame_Entry,