op_throw_static_error's use of its first operand should be reflected in DFG BytecodeU...
authormark.lam@apple.com <mark.lam@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 8 May 2017 22:24:29 +0000 (22:24 +0000)
committermark.lam@apple.com <mark.lam@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 8 May 2017 22:24:29 +0000 (22:24 +0000)
https://bugs.webkit.org/show_bug.cgi?id=171786
<rdar://problem/32051023>

Reviewed by Saam Barati.

JSTests:

* stress/bug-171786.js: Added.

Source/JavaScriptCore:

* bytecode/BytecodeDumper.cpp:
(JSC::BytecodeDumper<Block>::dumpBytecode):
- Fix BytecodeDumper to dump op_throw_static_error correctly.  Previously,
  it was expecting op1 to always be a constant.  r206870 changed it to take a
  variable string as well.

* bytecode/BytecodeUseDef.h:
(JSC::computeUsesForBytecodeOffset):
- Fix the bug.

* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
- Move the Phantom of op1 after the ThrowStaticError node, because technically,
  the ThrowStaticError represents op_throw_static_error, and op_throw_static_error
  uses op1.  In practice, this probably doesn't matter, but let's have the code
  accurately communicate the behavior we're expecting.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@216459 268f45cc-cd09-0410-ab3c-d52691b4dbfc

JSTests/ChangeLog
JSTests/stress/bug-171786.js [new file with mode: 0644]
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/bytecode/BytecodeDumper.cpp
Source/JavaScriptCore/bytecode/BytecodeUseDef.h
Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp

index fa9deb4..c149918 100644 (file)
@@ -1,3 +1,13 @@
+2017-05-08  Mark Lam  <mark.lam@apple.com>
+
+        op_throw_static_error's use of its first operand should be reflected in DFG BytecodeUseDef as well.
+        https://bugs.webkit.org/show_bug.cgi?id=171786
+        <rdar://problem/32051023>
+
+        Reviewed by Saam Barati.
+
+        * stress/bug-171786.js: Added.
+
 2017-05-06  Oleksandr Skachkov  <gskachkov@gmail.com>
 
         [ES6] Arrow function. Issue in access to this after eval('super()') within constructor
diff --git a/JSTests/stress/bug-171786.js b/JSTests/stress/bug-171786.js
new file mode 100644 (file)
index 0000000..2e46755
--- /dev/null
@@ -0,0 +1,15 @@
+
+function foo(i, x) {
+    return String.prototype.big.call(x);
+}
+noInline(foo);
+
+for (var i = 0; i < 1000; i++) {
+    try {
+        if (i < 200)
+            foo(i, "hello");
+        else
+            foo(i, undefined);
+    } catch(e) {
+    }
+}
index 4493b0e..744b00e 100644 (file)
@@ -1,3 +1,28 @@
+2017-05-08  Mark Lam  <mark.lam@apple.com>
+
+        op_throw_static_error's use of its first operand should be reflected in DFG BytecodeUseDef as well.
+        https://bugs.webkit.org/show_bug.cgi?id=171786
+        <rdar://problem/32051023>
+
+        Reviewed by Saam Barati.
+
+        * bytecode/BytecodeDumper.cpp:
+        (JSC::BytecodeDumper<Block>::dumpBytecode):
+        - Fix BytecodeDumper to dump op_throw_static_error correctly.  Previously,
+          it was expecting op1 to always be a constant.  r206870 changed it to take a
+          variable string as well.
+
+        * bytecode/BytecodeUseDef.h:
+        (JSC::computeUsesForBytecodeOffset):
+        - Fix the bug.
+
+        * dfg/DFGByteCodeParser.cpp:
+        (JSC::DFG::ByteCodeParser::parseBlock):
+        - Move the Phantom of op1 after the ThrowStaticError node, because technically,
+          the ThrowStaticError represents op_throw_static_error, and op_throw_static_error
+          uses op1.  In practice, this probably doesn't matter, but let's have the code
+          accurately communicate the behavior we're expecting.
+
 2017-05-08  JF Bastien  <jfbastien@apple.com>
 
         WebAssembly: don't just emit extended offset adds for patch
index a73ffdd..75a5420 100644 (file)
@@ -1543,10 +1543,10 @@ void BytecodeDumper<Block>::dumpBytecode(PrintStream& out, const typename Block:
         break;
     }
     case op_throw_static_error: {
-        int k0 = (++it)->u.operand;
+        int r0 = (++it)->u.operand;
         ErrorType k1 = static_cast<ErrorType>((++it)->u.unsignedValue);
         printLocationAndOp(out, location, it, "throw_static_error");
-        out.printf("%s, ", constantName(k0).data());
+        out.printf("%s, ", registerName(r0).data());
         out.print(k1);
         break;
     }
index 30f0545..87a5cbd 100644 (file)
@@ -40,7 +40,6 @@ void computeUsesForBytecodeOffset(Block* codeBlock, OpcodeID opcodeID, Instructi
     // No uses.
     case op_new_regexp:
     case op_new_array_buffer:
-    case op_throw_static_error:
     case op_debug:
     case op_jneq_ptr:
     case op_loop_hint:
@@ -70,7 +69,8 @@ void computeUsesForBytecodeOffset(Block* codeBlock, OpcodeID opcodeID, Instructi
     case op_jneq_null:
     case op_dec:
     case op_inc:
-    case op_log_shadow_chicken_prologue: {
+    case op_log_shadow_chicken_prologue:
+    case op_throw_static_error: {
         ASSERT(opcodeLengths[opcodeID] > 1);
         functor(codeBlock, instruction, opcodeID, instruction[1].u.operand);
         return;
index bcb3212..78a5fb7 100644 (file)
@@ -5037,8 +5037,8 @@ bool ByteCodeParser::parseBlock(unsigned limit)
             LAST_OPCODE(op_throw);
             
         case op_throw_static_error:
-            addToGraph(Phantom, get(VirtualRegister(currentInstruction[1].u.operand))); // Keep argument live.
             addToGraph(ThrowStaticError);
+            addToGraph(Phantom, get(VirtualRegister(currentInstruction[1].u.operand))); // Keep argument live.
             flushForTerminal();
             addToGraph(Unreachable);
             LAST_OPCODE(op_throw_static_error);