Bug 857845 - More StackFrame cleanup r=luke

--HG--
extra : rebase_source : 36e325eb2df7e5916acc6ca6a42e3d4ddd168d46

js/src/ion/Ion.cpp

@@ -1944,8 +1944,6 @@ EnterIon(JSContext *cx, StackFrame *fp, void *jitcode)
 
     void *calleeToken;
     if (fp->isFunctionFrame()) {
-        fp->cleanupTornValues();
-
         // CountArgSlot include |this| and the |scopeChain| and maybe |argumentsObj|.
         // Keep |this|, but discard the others.
         maxArgc = CountArgSlots(fp->script(), fp->fun()) - StartArgSlot(fp->script(), fp->fun());

js/src/vm/Stack-inl.h

@@ -109,7 +109,6 @@ StackFrame::initCallFrame(JSContext *cx, JSFunction &callee,
     exec.fun = &callee;
     u.nactual = nactual;
     scopeChain_ = callee.environment();
-    ncode_ = NULL;
     initPrev(cx);
     blockChain_= NULL;
     JS_ASSERT(!hasBlockChain());
@@ -118,40 +117,6 @@ StackFrame::initCallFrame(JSContext *cx, JSFunction &callee,
     initVarsToUndefined();
 }
 
-/*
- * Reinitialize the StackFrame fields that have been initialized up to the
- * point of FixupArity in the function prologue.
- */
-inline void
-StackFrame::initFixupFrame(StackFrame *prev, StackFrame::Flags flags, void *ncode, unsigned nactual)
-{
-    JS_ASSERT((flags & ~(CONSTRUCTING |
-                         FUNCTION |
-                         OVERFLOW_ARGS |
-                         UNDERFLOW_ARGS)) == 0);
-
-    flags_ = FUNCTION | flags;
-    prev_ = prev;
-    ncode_ = ncode;
-    u.nactual = nactual;
-}
-
-inline bool
-StackFrame::jitHeavyweightFunctionPrologue(JSContext *cx)
-{
-    JS_ASSERT(isNonEvalFunctionFrame());
-    JS_ASSERT(fun()->isHeavyweight());
-
-    CallObject *callobj = CallObject::createForFunction(cx, this);
-    if (!callobj)
-        return false;
-
-    pushOnScopeChain(*callobj);
-    flags_ |= HAS_CALL_OBJ;
-
-    return true;
-}
-
 inline void
 StackFrame::initVarsToUndefined()
 {
@@ -336,16 +301,6 @@ StackSpace::ensureSpace(JSContext *cx, MaybeReportError report, Value *from, ptr
     return true;
 }
 
-inline Value *
-StackSpace::getStackLimit(JSContext *cx, MaybeReportError report)
-{
-    FrameRegs &regs = cx->regs();
-    unsigned nvals = regs.fp()->script()->nslots + STACK_JIT_EXTRA;
-    return ensureSpace(cx, report, regs.sp, nvals)
-           ? conservativeEnd_
-           : NULL;
-}
-
 /*****************************************************************************/
 
 JS_ALWAYS_INLINE StackFrame *
@@ -358,8 +313,7 @@ ContextStack::getCallFrame(JSContext *cx, MaybeReportError report, const CallArg
     Value *firstUnused = args.end();
     JS_ASSERT(firstUnused == space().firstUnused());
 
-    /* Include extra space to satisfy the method-jit stackLimit invariant. */
-    unsigned nvals = VALUES_PER_STACK_FRAME + script->nslots + StackSpace::STACK_JIT_EXTRA;
+    unsigned nvals = VALUES_PER_STACK_FRAME + script->nslots;
 
     /* Maintain layout invariant: &formals[0] == ((Value *)fp) - nformal. */
 
@@ -439,15 +393,6 @@ ContextStack::popInlineFrame(FrameRegs &regs)
     regs.popFrame(newsp);
 }
 
-inline void
-ContextStack::popFrameAfterOverflow()
-{
-    /* Restore the regs to what they were on entry to JSOP_CALL. */
-    FrameRegs &regs = seg_->regs();
-    StackFrame *fp = regs.fp();
-    regs.popFrame(fp->actuals() + fp->numActualArgs());
-}
-
 inline JSScript *
 ContextStack::currentScript(jsbytecode **ppc,
                             MaybeAllowCrossCompartment allowCrossCompartment) const

js/src/vm/Stack.cpp

@@ -102,7 +102,6 @@ StackFrame::initExecuteFrame(JSScript *script, StackFrame *prevLink, AbstractFra
 #endif
 
 #ifdef DEBUG
-    ncode_ = (void *)0xbad;
     Debug_SetValueRangeToCrashOnTouch(&rval_, 1);
     hookData_ = (void *)0xbad;
 #endif
@@ -228,24 +227,6 @@ StackFrame::copyRawFrameSlots(AutoValueVector *vec)
     return true;
 }
 
-static void
-CleanupTornValue(StackFrame *fp, Value *vp)
-{
-    if (vp->isObject() && !vp->toGCThing())
-        vp->setObject(fp->global());
-    if (vp->isString() && !vp->toGCThing())
-        vp->setString(fp->compartment()->rt->emptyString);
-}
-
-void
-StackFrame::cleanupTornValues()
-{
-    for (size_t i = 0; i < numFormalArgs(); i++)
-        CleanupTornValue(this, &formals()[i]);
-    for (size_t i = 0; i < script()->nfixed; i++)
-        CleanupTornValue(this, &slots()[i]);
-}
-
 static inline void
 AssertDynamicScopeMatchesStaticScope(JSContext *cx, JSScript *script, JSObject *scope)
 {
@@ -389,19 +370,6 @@ StackFrame::epilogue(JSContext *cx)
         setReturnValue(ObjectValue(constructorThis()));
 }
 
-bool
-StackFrame::jitStrictEvalPrologue(JSContext *cx)
-{
-    JS_ASSERT(isStrictEvalFrame());
-    CallObject *callobj = CallObject::createForStrictEval(cx, this);
-    if (!callobj)
-        return false;
-
-    pushOnScopeChain(*callobj);
-    flags_ |= HAS_CALL_OBJ;
-    return true;
-}
-
 bool
 StackFrame::pushBlock(JSContext *cx, StaticBlockObject &block)
 {
@@ -720,15 +688,6 @@ StackSpace::ensureSpaceSlow(JSContext *cx, MaybeReportError report, Value *from,
     return true;
 }
 
-bool
-StackSpace::tryBumpLimit(JSContext *cx, Value *from, unsigned nvals, Value **limit)
-{
-    if (!ensureSpace(cx, REPORT_ERROR, from, nvals))
-        return false;
-    *limit = conservativeEnd_;
-    return true;
-}
-
 size_t
 StackSpace::sizeOf()
 {

js/src/vm/Stack.h

@@ -334,7 +334,6 @@ class StackFrame
     } u;
     mutable JSObject    *scopeChain_;   /* if HAS_SCOPECHAIN, current scope chain */
     StackFrame          *prev_;         /* if HAS_PREVPC, previous cx->regs->fp */
-    void                *ncode_;        /* for a jit frame, return address for method JIT */
     Value               rval_;          /* if HAS_RVAL, return value of the frame */
     StaticBlockObject   *blockChain_;   /* if HAS_BLOCKCHAIN, innermost let block */
     ArgumentsObject     *argsObj_;      /* if HAS_ARGS_OBJ, the call's arguments object */
@@ -385,9 +384,6 @@ class StackFrame
     void initCallFrame(JSContext *cx, JSFunction &callee,
                        JSScript *script, uint32_t nactual, StackFrame::Flags flags);
 
-    /* Used for getFixupFrame (for FixupArity). */
-    void initFixupFrame(StackFrame *prev, StackFrame::Flags flags, void *ncode, unsigned nactual);
-
     /* Used for eval. */
     void initExecuteFrame(JSScript *script, StackFrame *prevLink, AbstractFramePtr prev,
                           FrameRegs *regs, const Value &thisv, JSObject &scopeChain,
@@ -416,10 +412,6 @@ class StackFrame
     bool prologue(JSContext *cx);
     void epilogue(JSContext *cx);
 
-    /* Subsets of 'prologue' called from jit code. */
-    inline bool jitHeavyweightFunctionPrologue(JSContext *cx);
-    bool jitStrictEvalPrologue(JSContext *cx);
-
     /* Called from IonMonkey to transition from bailouts. */
     void initFromBailout(JSContext *cx, ion::SnapshotIterator &iter);
     bool initFunctionScopeObjects(JSContext *cx);
@@ -560,8 +552,6 @@ class StackFrame
     inline bool forEachCanonicalActualArg(Op op, unsigned start = 0, unsigned count = unsigned(-1));
     template <class Op> inline bool forEachFormalArg(Op op);
 
-    void cleanupTornValues();
-
     /*
      * Arguments object
      *
@@ -843,20 +833,6 @@ class StackFrame
         markReturnValue();
     }
 
-    /* Native-code return address */
-
-    void *nativeReturnAddress() const {
-        return ncode_;
-    }
-
-    void setNativeReturnAddress(void *addr) {
-        ncode_ = addr;
-    }
-
-    void **addressOfNativeReturnAddress() {
-        return &ncode_;
-    }
-
     /*
      * A "generator" frame is a function frame associated with a generator.
      * Since generators are not executed LIFO, the VM copies a single abstract
@@ -1260,10 +1236,6 @@ class StackSegment
     void popInvokeArgsEnd(Value *prev) {
         invokeArgsEnd_ = prev;
     }
-
-    /* For jit access: */
-
-    static const size_t offsetOfRegs() { return offsetof(StackSegment, regs_); }
 };
 
 static const size_t VALUES_PER_STACK_SEGMENT = sizeof(StackSegment) / sizeof(Value);
@@ -1348,33 +1320,6 @@ class StackSpace
 
     StackSegment &containingSegment(const StackFrame *target) const;
 
-    /*
-     * Extra space to reserve on the stack for method JIT frames, beyond the
-     * frame's nslots. This may be used for inlined stack frames, slots storing
-     * loop invariant code, or to reserve space for pushed callee frames. Note
-     * that this space should be reserved when pushing interpreter frames as
-     * well, so that we don't need to check the stack when entering the method
-     * JIT at loop heads or safe points.
-     */
-    static const size_t STACK_JIT_EXTRA = (/*~VALUES_PER_STACK_FRAME*/ 8 + 18) * 10;
-
-    /*
-     * Return a limit against which jit code can check for. This limit is not
-     * necessarily the end of the stack since we lazily commit stack memory on
-     * some platforms. Thus, when the stack limit is exceeded, the caller should
-     * use tryBumpLimit to attempt to increase the stack limit by committing
-     * more memory. If the stack is truly exhausted, tryBumpLimit will report an
-     * error and return NULL.
-     *
-     * An invariant of the methodjit is that there is always space to push a
-     * frame on top of the current frame's expression stack (which can be at
-     * most script->nslots deep). getStackLimit ensures that the returned limit
-     * does indeed have this required space and reports an error and returns
-     * NULL if this reserve space cannot be allocated.
-     */
-    inline Value *getStackLimit(JSContext *cx, MaybeReportError report);
-    bool tryBumpLimit(JSContext *cx, Value *from, unsigned nvals, Value **limit);
-
     /* Called during GC: mark segments, frames, and slots under firstUnused. */
     void mark(JSTracer *trc);
 
@@ -1527,9 +1472,6 @@ class ContextStack
                          InitialFrameFlags initial, Value **stackLimit);
     void popInlineFrame(FrameRegs &regs);
 
-    /* Pop a partially-pushed frame after hitting the limit before throwing. */
-    void popFrameAfterOverflow();
-
     /*
      * Get the topmost script and optional pc on the stack. By default, this
      * function only returns a JSScript in the current compartment, returning