JIT breakpoints should be more informative
authorfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 14 May 2014 03:57:18 +0000 (03:57 +0000)
committerfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 14 May 2014 03:57:18 +0000 (03:57 +0000)
https://bugs.webkit.org/show_bug.cgi?id=132882

Reviewed by Oliver Hunt.

Introduce the notion of an AbortReason, which is a nice enumeration of coded assertion
failure names. This means that all you need to figure out why the JIT SIGTRAP'd is to look
at that platform's abort reason register (r11 on X86-64 for example).

* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.xcodeproj/project.pbxproj:
* assembler/AbortReason.h: Added.
* assembler/AbstractMacroAssembler.h:
* assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::abortWithReason):
* assembler/MacroAssemblerARMv7.h:
(JSC::MacroAssemblerARMv7::abortWithReason):
* assembler/MacroAssemblerX86.h:
(JSC::MacroAssemblerX86::abortWithReason):
* assembler/MacroAssemblerX86_64.h:
(JSC::MacroAssemblerX86_64::abortWithReason):
* dfg/DFGSlowPathGenerator.h:
(JSC::DFG::SlowPathGenerator::generate):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::bail):
(JSC::DFG::SpeculativeJIT::compileCurrentBlock):
(JSC::DFG::SpeculativeJIT::compileMakeRope):
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::emitAllocateBasicStorage):
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::fillSpeculateCell):
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGThunks.cpp:
(JSC::DFG::osrEntryThunkGenerator):
* jit/AssemblyHelpers.cpp:
(JSC::AssemblyHelpers::jitAssertIsInt32):
(JSC::AssemblyHelpers::jitAssertIsJSInt32):
(JSC::AssemblyHelpers::jitAssertIsJSNumber):
(JSC::AssemblyHelpers::jitAssertIsJSDouble):
(JSC::AssemblyHelpers::jitAssertIsCell):
(JSC::AssemblyHelpers::jitAssertTagsInPlace):
(JSC::AssemblyHelpers::jitAssertHasValidCallFrame):
(JSC::AssemblyHelpers::jitAssertIsNull):
(JSC::AssemblyHelpers::jitAssertArgumentCountSane):
(JSC::AssemblyHelpers::emitStoreStructureWithTypeInfo):
* jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::checkStackPointerAlignment):
(JSC::AssemblyHelpers::emitStoreStructureWithTypeInfo): Deleted.
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emitSlow_op_div):
* jit/JITOpcodes.cpp:
(JSC::JIT::emitSlow_op_loop_hint):
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::privateCompileCTINativeCall):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::compileGetDirectOffset):
(JSC::JIT::addStructureTransitionCheck): Deleted.
(JSC::JIT::testPrototype): Deleted.
* jit/JITPropertyAccess32_64.cpp:
(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::compileGetDirectOffset):
* jit/RegisterPreservationWrapperGenerator.cpp:
(JSC::generateRegisterRestoration):
* jit/Repatch.cpp:
(JSC::addStructureTransitionCheck):
(JSC::linkClosureCall):
* jit/ThunkGenerators.cpp:
(JSC::emitPointerValidation):
(JSC::nativeForGenerator):
* yarr/YarrJIT.cpp:
(JSC::Yarr::YarrGenerator::generate):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@168776 268f45cc-cd09-0410-ab3c-d52691b4dbfc

27 files changed:
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/JavaScriptCore.vcxproj/JavaScriptCore.vcxproj
Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
Source/JavaScriptCore/assembler/AbortReason.h [new file with mode: 0644]
Source/JavaScriptCore/assembler/AbstractMacroAssembler.h
Source/JavaScriptCore/assembler/MacroAssemblerARM64.h
Source/JavaScriptCore/assembler/MacroAssemblerARMv7.h
Source/JavaScriptCore/assembler/MacroAssemblerX86.h
Source/JavaScriptCore/assembler/MacroAssemblerX86_64.h
Source/JavaScriptCore/dfg/DFGSlowPathGenerator.h
Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h
Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp
Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
Source/JavaScriptCore/dfg/DFGThunks.cpp
Source/JavaScriptCore/jit/AssemblyHelpers.cpp
Source/JavaScriptCore/jit/AssemblyHelpers.h
Source/JavaScriptCore/jit/JIT.h
Source/JavaScriptCore/jit/JITArithmetic.cpp
Source/JavaScriptCore/jit/JITOpcodes.cpp
Source/JavaScriptCore/jit/JITOpcodes32_64.cpp
Source/JavaScriptCore/jit/JITPropertyAccess.cpp
Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp
Source/JavaScriptCore/jit/RegisterPreservationWrapperGenerator.cpp
Source/JavaScriptCore/jit/Repatch.cpp
Source/JavaScriptCore/jit/ThunkGenerators.cpp
Source/JavaScriptCore/yarr/YarrJIT.cpp

index f3252ff..d343c5d 100644 (file)
@@ -1,3 +1,81 @@
+2014-05-13  Filip Pizlo  <fpizlo@apple.com>
+
+        JIT breakpoints should be more informative
+        https://bugs.webkit.org/show_bug.cgi?id=132882
+
+        Reviewed by Oliver Hunt.
+        
+        Introduce the notion of an AbortReason, which is a nice enumeration of coded assertion
+        failure names. This means that all you need to figure out why the JIT SIGTRAP'd is to look
+        at that platform's abort reason register (r11 on X86-64 for example).
+
+        * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
+        * JavaScriptCore.xcodeproj/project.pbxproj:
+        * assembler/AbortReason.h: Added.
+        * assembler/AbstractMacroAssembler.h:
+        * assembler/MacroAssemblerARM64.h:
+        (JSC::MacroAssemblerARM64::abortWithReason):
+        * assembler/MacroAssemblerARMv7.h:
+        (JSC::MacroAssemblerARMv7::abortWithReason):
+        * assembler/MacroAssemblerX86.h:
+        (JSC::MacroAssemblerX86::abortWithReason):
+        * assembler/MacroAssemblerX86_64.h:
+        (JSC::MacroAssemblerX86_64::abortWithReason):
+        * dfg/DFGSlowPathGenerator.h:
+        (JSC::DFG::SlowPathGenerator::generate):
+        * dfg/DFGSpeculativeJIT.cpp:
+        (JSC::DFG::SpeculativeJIT::bail):
+        (JSC::DFG::SpeculativeJIT::compileCurrentBlock):
+        (JSC::DFG::SpeculativeJIT::compileMakeRope):
+        * dfg/DFGSpeculativeJIT.h:
+        (JSC::DFG::SpeculativeJIT::emitAllocateBasicStorage):
+        * dfg/DFGSpeculativeJIT32_64.cpp:
+        (JSC::DFG::SpeculativeJIT::compile):
+        * dfg/DFGSpeculativeJIT64.cpp:
+        (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
+        (JSC::DFG::SpeculativeJIT::compile):
+        * dfg/DFGThunks.cpp:
+        (JSC::DFG::osrEntryThunkGenerator):
+        * jit/AssemblyHelpers.cpp:
+        (JSC::AssemblyHelpers::jitAssertIsInt32):
+        (JSC::AssemblyHelpers::jitAssertIsJSInt32):
+        (JSC::AssemblyHelpers::jitAssertIsJSNumber):
+        (JSC::AssemblyHelpers::jitAssertIsJSDouble):
+        (JSC::AssemblyHelpers::jitAssertIsCell):
+        (JSC::AssemblyHelpers::jitAssertTagsInPlace):
+        (JSC::AssemblyHelpers::jitAssertHasValidCallFrame):
+        (JSC::AssemblyHelpers::jitAssertIsNull):
+        (JSC::AssemblyHelpers::jitAssertArgumentCountSane):
+        (JSC::AssemblyHelpers::emitStoreStructureWithTypeInfo):
+        * jit/AssemblyHelpers.h:
+        (JSC::AssemblyHelpers::checkStackPointerAlignment):
+        (JSC::AssemblyHelpers::emitStoreStructureWithTypeInfo): Deleted.
+        * jit/JIT.h:
+        * jit/JITArithmetic.cpp:
+        (JSC::JIT::emitSlow_op_div):
+        * jit/JITOpcodes.cpp:
+        (JSC::JIT::emitSlow_op_loop_hint):
+        * jit/JITOpcodes32_64.cpp:
+        (JSC::JIT::privateCompileCTINativeCall):
+        * jit/JITPropertyAccess.cpp:
+        (JSC::JIT::emit_op_get_by_val):
+        (JSC::JIT::compileGetDirectOffset):
+        (JSC::JIT::addStructureTransitionCheck): Deleted.
+        (JSC::JIT::testPrototype): Deleted.
+        * jit/JITPropertyAccess32_64.cpp:
+        (JSC::JIT::emit_op_get_by_val):
+        (JSC::JIT::compileGetDirectOffset):
+        * jit/RegisterPreservationWrapperGenerator.cpp:
+        (JSC::generateRegisterRestoration):
+        * jit/Repatch.cpp:
+        (JSC::addStructureTransitionCheck):
+        (JSC::linkClosureCall):
+        * jit/ThunkGenerators.cpp:
+        (JSC::emitPointerValidation):
+        (JSC::nativeForGenerator):
+        * yarr/YarrJIT.cpp:
+        (JSC::Yarr::YarrGenerator::generate):
+
 2014-05-13  peavo@outlook.com  <peavo@outlook.com>
 
         [Win] Enum type with value zero is compatible with void*, potential cause of crashes.
index e67bf85..f57d1aa 100644 (file)
     <ClInclude Include="..\API\JSWrapperMap.h" />
     <ClInclude Include="..\API\OpaqueJSString.h" />
     <ClInclude Include="..\API\WebKitAvailability.h" />
+    <ClInclude Include="..\assembler\AbortReason.h" />
     <ClInclude Include="..\assembler\AbstractMacroAssembler.h" />
     <ClInclude Include="..\assembler\AssemblerBuffer.h" />
     <ClInclude Include="..\assembler\CodeLocation.h" />
index 4508d74..c353aa0 100644 (file)
                0F1E3A461534CBAF000F9456 /* DFGArgumentPosition.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F1E3A431534CBAD000F9456 /* DFGArgumentPosition.h */; settings = {ATTRIBUTES = (Private, ); }; };
                0F1E3A471534CBB9000F9456 /* DFGDoubleFormatState.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F1E3A441534CBAD000F9456 /* DFGDoubleFormatState.h */; settings = {ATTRIBUTES = (Private, ); }; };
                0F1E3A67153A21E2000F9456 /* DFGSilentRegisterSavePlan.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F1E3A65153A21DF000F9456 /* DFGSilentRegisterSavePlan.h */; settings = {ATTRIBUTES = (Private, ); }; };
+               0F1FE51C1922A3BC006987C5 /* AbortReason.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F1FE51B1922A3BC006987C5 /* AbortReason.h */; settings = {ATTRIBUTES = (Private, ); }; };
                0F21C27D14BE727A00ADC64B /* CodeSpecializationKind.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F21C27914BE727300ADC64B /* CodeSpecializationKind.h */; settings = {ATTRIBUTES = (Private, ); }; };
                0F21C27F14BEAA8200ADC64B /* BytecodeConventions.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F21C27E14BEAA8000ADC64B /* BytecodeConventions.h */; settings = {ATTRIBUTES = (Private, ); }; };
                0F235BD317178E1C00690C7F /* FTLExitArgument.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F235BBD17178E1C00690C7F /* FTLExitArgument.cpp */; };
                0F1E3A441534CBAD000F9456 /* DFGDoubleFormatState.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = DFGDoubleFormatState.h; path = dfg/DFGDoubleFormatState.h; sourceTree = "<group>"; };
                0F1E3A501537C2CB000F9456 /* DFGSlowPathGenerator.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = DFGSlowPathGenerator.h; path = dfg/DFGSlowPathGenerator.h; sourceTree = "<group>"; };
                0F1E3A65153A21DF000F9456 /* DFGSilentRegisterSavePlan.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = DFGSilentRegisterSavePlan.h; path = dfg/DFGSilentRegisterSavePlan.h; sourceTree = "<group>"; };
+               0F1FE51B1922A3BC006987C5 /* AbortReason.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = AbortReason.h; sourceTree = "<group>"; };
                0F21C27914BE727300ADC64B /* CodeSpecializationKind.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CodeSpecializationKind.h; sourceTree = "<group>"; };
                0F21C27E14BEAA8000ADC64B /* BytecodeConventions.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = BytecodeConventions.h; sourceTree = "<group>"; };
                0F235BBD17178E1C00690C7F /* FTLExitArgument.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = FTLExitArgument.cpp; path = ftl/FTLExitArgument.cpp; sourceTree = "<group>"; };
                9688CB120ED12B4E001D649F /* assembler */ = {
                        isa = PBXGroup;
                        children = (
+                               0F1FE51B1922A3BC006987C5 /* AbortReason.h */,
                                860161DF0F3A83C100F84710 /* AbstractMacroAssembler.h */,
                                8640923B156EED3B00566CB2 /* ARM64Assembler.h */,
                                86D3B2BF10156BDE002865E7 /* ARMAssembler.cpp */,
                                C21122E215DD9AB300790E3A /* GCThreadSharedData.h in Headers */,
                                A532439418569709002ED692 /* generate-combined-inspector-json.py in Headers */,
                                0F2B66E017B6B5AB00A7AE3F /* GenericTypedArrayView.h in Headers */,
+                               0F1FE51C1922A3BC006987C5 /* AbortReason.h in Headers */,
                                0F2B66E117B6B5AB00A7AE3F /* GenericTypedArrayViewInlines.h in Headers */,
                                0F9332A014CA7DCD0085F3C6 /* GetByIdStatus.h in Headers */,
                                0F0332C418B01763005F979A /* GetByIdVariant.h in Headers */,
diff --git a/Source/JavaScriptCore/assembler/AbortReason.h b/Source/JavaScriptCore/assembler/AbortReason.h
new file mode 100644 (file)
index 0000000..d1bd4e5
--- /dev/null
@@ -0,0 +1,75 @@
+/*
+ * Copyright (C) 2014 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
+ */
+
+#ifndef AbortReason_h
+#define AbortReason_h
+
+namespace JSC {
+
+// It's important to not change the values of existing abort reasons unless we really
+// have to. For this reason there is a BASIC-style numbering that should allow us to
+// sneak new reasons in without changing the numbering of existing reasons - at least
+// for a while.
+enum AbortReason {
+    AHCallFrameMisaligned                             =  10,
+    AHIndexingTypeIsValid                             =  20,
+    AHInsaneArgumentCount                             =  30,
+    AHIsNotCell                                       =  40,
+    AHIsNotInt32                                      =  50,
+    AHIsNotJSDouble                                   =  60,
+    AHIsNotJSInt32                                    =  70,
+    AHIsNotJSNumber                                   =  80,
+    AHIsNotNull                                       =  90,
+    AHStackPointerMisaligned                          = 100,
+    AHStructureIDIsValid                              = 110,
+    AHTagMaskNotInPlace                               = 120,
+    AHTagTypeNumberNotInPlace                         = 130,
+    AHTypeInfoInlineTypeFlagsAreValid                 = 140,
+    AHTypeInfoIsValid                                 = 150,
+    DFGBailed                                         = 160,
+    DFGBasicStorageAllocatorZeroSize                  = 170,
+    DFGIsNotCell                                      = 180,
+    DFGIneffectiveWatchpoint                          = 190,
+    DFGNegativeStringLength                           = 200,
+    DFGSlowPathGeneratorFellThrough                   = 210,
+    DFGUnreachableBasicBlock                          = 220,
+    DFGUnreasonableOSREntryJumpDestination            = 230,
+    JITDivOperandsAreNotNumbers                       = 240,
+    JITGetByValResultIsNotEmpty                       = 250,
+    JITNotSupported                                   = 260,
+    JITOffsetIsNotOutOfLine                           = 270,
+    JITUnreasonableLoopHintJumpTarget                 = 280,
+    RPWUnreasonableJumpTarget                         = 290,
+    RepatchIneffectiveWatchpoint                      = 300,
+    RepatchInsaneArgumentCount                        = 310,
+    TGInvalidPointer                                  = 320,
+    TGNotSupported                                    = 330,
+    YARRNoInputConsumed                               = 340,
+};
+
+} // namespace JSC
+
+#endif // AbortReason_h
+
index cedfab8..a209900 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2008, 2012 Apple Inc. All rights reserved.
+ * Copyright (C) 2008, 2012, 2014 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -26,6 +26,7 @@
 #ifndef AbstractMacroAssembler_h
 #define AbstractMacroAssembler_h
 
+#include "AbortReason.h"
 #include "AssemblerBuffer.h"
 #include "CodeLocation.h"
 #include "MacroAssemblerCodeRef.h"
index da29d29..64147b3 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2012 Apple Inc. All rights reserved.
+ * Copyright (C) 2012, 2014 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -806,6 +806,12 @@ public:
         return label;
     }
 
+    void abortWithReason(AbortReason reason)
+    {
+        move(TrustedImm32(reason), dataTempRegister);
+        breakpoint();
+    }
+
     ConvertibleLoadLabel convertibleLoadPtr(Address address, RegisterID dest)
     {
         ConvertibleLoadLabel result(this);
index a154b19..276b815 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2009, 2010 Apple Inc. All rights reserved.
+ * Copyright (C) 2009, 2010, 2014 Apple Inc. All rights reserved.
  * Copyright (C) 2010 University of Szeged
  *
  * Redistribution and use in source and binary forms, with or without
@@ -632,6 +632,12 @@ public:
         m_assembler.ldr(dest, addressTempRegister, ARMThumbImmediate::makeUInt16(0));
     }
     
+    void abortWithReason(AbortReason reason)
+    {
+        move(TrustedImm32(reason), dataTempRegister);
+        breakpoint();
+    }
+
     ConvertibleLoadLabel convertibleLoadPtr(Address address, RegisterID dest)
     {
         ConvertibleLoadLabel result(this);
index 61f432e..a0857cf 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2008 Apple Inc. All rights reserved.
+ * Copyright (C) 2008, 2014 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -111,6 +111,12 @@ public:
         m_assembler.movzbl_mr(address, dest);
     }
 
+    void abortWithReason(AbortReason reason)
+    {
+        move(TrustedImm32(reason), X86Registers::eax);
+        breakpoint();
+    }
+
     ConvertibleLoadLabel convertibleLoadPtr(Address address, RegisterID dest)
     {
         ConvertibleLoadLabel result = ConvertibleLoadLabel(this);
index e70e257..c92d785 100644 (file)
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2008, 2012 Apple Inc. All rights reserved.
+ * Copyright (C) 2008, 2012, 2014 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -629,6 +629,12 @@ public:
         return Jump(m_assembler.jCC(x86Condition(cond)));
     }
 
+    void abortWithReason(AbortReason reason)
+    {
+        move(TrustedImm32(reason), X86Registers::r11);
+        breakpoint();
+    }
+
     ConvertibleLoadLabel convertibleLoadPtr(Address address, RegisterID dest)
     {
         ConvertibleLoadLabel result = ConvertibleLoadLabel(this);
index 5fee3b2..4e87d4f 100644 (file)
@@ -50,7 +50,7 @@ public:
         jit->m_currentNode = m_currentNode;
         generateInternal(jit);
         if (!ASSERT_DISABLED)
-            jit->m_jit.breakpoint(); // make sure that the generator jumps back to somewhere
+            jit->m_jit.abortWithReason(DFGSlowPathGeneratorFellThrough);
     }
     MacroAssembler::Label label() const { return m_label; }
     virtual MacroAssembler::Call call() const
index aae7f21..4db4af4 100644 (file)
@@ -1341,7 +1341,7 @@ void SpeculativeJIT::compileMovHint(Node* node)
 void SpeculativeJIT::bail()
 {
     m_compileOkay = true;
-    m_jit.breakpoint();
+    m_jit.abortWithReason(DFGBailed);
     clearGenerationInfo();
 }
 
@@ -1360,7 +1360,7 @@ void SpeculativeJIT::compileCurrentBlock()
         // Don't generate code for basic blocks that are unreachable according to CFA.
         // But to be sure that nobody has generated a jump to this block, drop in a
         // breakpoint here.
-        m_jit.breakpoint();
+        m_jit.abortWithReason(DFGUnreachableBasicBlock);
         return;
     }
 
@@ -2821,7 +2821,7 @@ void SpeculativeJIT::compileMakeRope(Node* node)
     if (!ASSERT_DISABLED) {
         JITCompiler::Jump ok = m_jit.branch32(
             JITCompiler::GreaterThanOrEqual, allocatorGPR, TrustedImm32(0));
-        m_jit.breakpoint();
+        m_jit.abortWithReason(DFGNegativeStringLength);
         ok.link(&m_jit);
     }
     for (unsigned i = 1; i < numOpGPRs; ++i) {
@@ -2837,7 +2837,7 @@ void SpeculativeJIT::compileMakeRope(Node* node)
     if (!ASSERT_DISABLED) {
         JITCompiler::Jump ok = m_jit.branch32(
             JITCompiler::GreaterThanOrEqual, allocatorGPR, TrustedImm32(0));
-        m_jit.breakpoint();
+        m_jit.abortWithReason(DFGNegativeStringLength);
         ok.link(&m_jit);
     }
     m_jit.store32(allocatorGPR, JITCompiler::Address(resultGPR, JSString::offsetOfLength()));
index 978dfe4..238a18a 100644 (file)
@@ -2143,7 +2143,7 @@ public:
 #ifndef NDEBUG
         m_jit.move(size, resultGPR);
         MacroAssembler::Jump nonZeroSize = m_jit.branchTest32(MacroAssembler::NonZero, resultGPR);
-        m_jit.breakpoint();
+        m_jit.abortWithReason(DFGBasicStorageAllocatorZeroSize);
         nonZeroSize.link(&m_jit);
 #endif
 
index c52f378..74eeddb 100644 (file)
@@ -3709,7 +3709,7 @@ void SpeculativeJIT::compile(Node* node)
 #if !ASSERT_DISABLED
         SpeculateCellOperand op1(this, node->child1());
         JITCompiler::Jump isOK = m_jit.branchPtr(JITCompiler::Equal, JITCompiler::Address(op1.gpr(), JSCell::structureIDOffset()), TrustedImmPtr(node->structure()));
-        m_jit.breakpoint();
+        m_jit.abortWithReason(DFGIneffectiveWatchpoint);
         isOK.link(&m_jit);
 #else
         speculateCell(node->child1());
index 340c906..8671222 100644 (file)
@@ -1036,7 +1036,7 @@ GPRReg SpeculativeJIT::fillSpeculateCell(Edge edge)
         m_gprs.lock(gpr);
         if (!ASSERT_DISABLED) {
             MacroAssembler::Jump checkCell = branchIsCell(JSValueRegs(gpr));
-            m_jit.breakpoint();
+            m_jit.abortWithReason(DFGIsNotCell);
             checkCell.link(&m_jit);
         }
         return gpr;
@@ -3782,7 +3782,7 @@ void SpeculativeJIT::compile(Node* node)
             JITCompiler::Equal, 
             JITCompiler::Address(op1.gpr(), JSCell::structureIDOffset()), 
             node->structure());
-        m_jit.breakpoint();
+        m_jit.abortWithReason(DFGIneffectiveWatchpoint);
         isOK.link(&m_jit);
 #else
         speculateCell(node->child1());
index 2b372f3..dd99d30 100644 (file)
@@ -127,7 +127,7 @@ MacroAssemblerCodeRef osrEntryThunkGenerator(VM* vm)
     
     jit.loadPtr(MacroAssembler::Address(GPRInfo::regT0, offsetOfTargetPC), GPRInfo::regT1);
     MacroAssembler::Jump ok = jit.branchPtr(MacroAssembler::Above, GPRInfo::regT1, MacroAssembler::TrustedImmPtr(bitwise_cast<void*>(static_cast<intptr_t>(1000))));
-    jit.breakpoint();
+    jit.abortWithReason(DFGUnreasonableOSREntryJumpDestination);
     ok.link(&jit);
     jit.jump(GPRInfo::regT1);
     
index f8cd128..f5518a3 100644 (file)
@@ -84,7 +84,7 @@ void AssemblyHelpers::jitAssertIsInt32(GPRReg gpr)
 {
 #if CPU(X86_64)
     Jump checkInt32 = branch64(BelowOrEqual, gpr, TrustedImm64(static_cast<uintptr_t>(0xFFFFFFFFu)));
-    breakpoint();
+    abortWithReason(AHIsNotInt32);
     checkInt32.link(this);
 #else
     UNUSED_PARAM(gpr);
@@ -94,14 +94,14 @@ void AssemblyHelpers::jitAssertIsInt32(GPRReg gpr)
 void AssemblyHelpers::jitAssertIsJSInt32(GPRReg gpr)
 {
     Jump checkJSInt32 = branch64(AboveOrEqual, gpr, GPRInfo::tagTypeNumberRegister);
-    breakpoint();
+    abortWithReason(AHIsNotJSInt32);
     checkJSInt32.link(this);
 }
 
 void AssemblyHelpers::jitAssertIsJSNumber(GPRReg gpr)
 {
     Jump checkJSNumber = branchTest64(MacroAssembler::NonZero, gpr, GPRInfo::tagTypeNumberRegister);
-    breakpoint();
+    abortWithReason(AHIsNotJSNumber);
     checkJSNumber.link(this);
 }
 
@@ -110,25 +110,26 @@ void AssemblyHelpers::jitAssertIsJSDouble(GPRReg gpr)
     Jump checkJSInt32 = branch64(AboveOrEqual, gpr, GPRInfo::tagTypeNumberRegister);
     Jump checkJSNumber = branchTest64(MacroAssembler::NonZero, gpr, GPRInfo::tagTypeNumberRegister);
     checkJSInt32.link(this);
-    breakpoint();
+    abortWithReason(AHIsNotJSDouble);
     checkJSNumber.link(this);
 }
 
 void AssemblyHelpers::jitAssertIsCell(GPRReg gpr)
 {
     Jump checkCell = branchTest64(MacroAssembler::Zero, gpr, GPRInfo::tagMaskRegister);
-    breakpoint();
+    abortWithReason(AHIsNotCell);
     checkCell.link(this);
 }
 
 void AssemblyHelpers::jitAssertTagsInPlace()
 {
     Jump ok = branch64(Equal, GPRInfo::tagTypeNumberRegister, TrustedImm64(TagTypeNumber));
+    abortWithReason(AHTagTypeNumberNotInPlace);
     breakpoint();
     ok.link(this);
     
     ok = branch64(Equal, GPRInfo::tagMaskRegister, TrustedImm64(TagMask));
-    breakpoint();
+    abortWithReason(AHTagMaskNotInPlace);
     ok.link(this);
 }
 #elif USE(JSVALUE32_64)
@@ -140,7 +141,7 @@ void AssemblyHelpers::jitAssertIsInt32(GPRReg gpr)
 void AssemblyHelpers::jitAssertIsJSInt32(GPRReg gpr)
 {
     Jump checkJSInt32 = branch32(Equal, gpr, TrustedImm32(JSValue::Int32Tag));
-    breakpoint();
+    abortWithReason(AHIsNotJSInt32);
     checkJSInt32.link(this);
 }
 
@@ -148,7 +149,7 @@ void AssemblyHelpers::jitAssertIsJSNumber(GPRReg gpr)
 {
     Jump checkJSInt32 = branch32(Equal, gpr, TrustedImm32(JSValue::Int32Tag));
     Jump checkJSDouble = branch32(Below, gpr, TrustedImm32(JSValue::LowestTag));
-    breakpoint();
+    abortWithReason(AHIsNotJSNumber);
     checkJSInt32.link(this);
     checkJSDouble.link(this);
 }
@@ -156,14 +157,14 @@ void AssemblyHelpers::jitAssertIsJSNumber(GPRReg gpr)
 void AssemblyHelpers::jitAssertIsJSDouble(GPRReg gpr)
 {
     Jump checkJSDouble = branch32(Below, gpr, TrustedImm32(JSValue::LowestTag));
-    breakpoint();
+    abortWithReason(AHIsNotJSDouble);
     checkJSDouble.link(this);
 }
 
 void AssemblyHelpers::jitAssertIsCell(GPRReg gpr)
 {
     Jump checkCell = branch32(Equal, gpr, TrustedImm32(JSValue::CellTag));
-    breakpoint();
+    abortWithReason(AHIsNotCell);
     checkCell.link(this);
 }
 
@@ -175,25 +176,54 @@ void AssemblyHelpers::jitAssertTagsInPlace()
 void AssemblyHelpers::jitAssertHasValidCallFrame()
 {
     Jump checkCFR = branchTestPtr(Zero, GPRInfo::callFrameRegister, TrustedImm32(7));
-    breakpoint();
+    abortWithReason(AHCallFrameMisaligned);
     checkCFR.link(this);
 }
 
 void AssemblyHelpers::jitAssertIsNull(GPRReg gpr)
 {
     Jump checkNull = branchTestPtr(Zero, gpr);
-    breakpoint();
+    abortWithReason(AHIsNotNull);
     checkNull.link(this);
 }
 
 void AssemblyHelpers::jitAssertArgumentCountSane()
 {
     Jump ok = branch32(Below, payloadFor(JSStack::ArgumentCount), TrustedImm32(10000000));
-    breakpoint();
+    abortWithReason(AHInsaneArgumentCount);
     ok.link(this);
 }
 #endif // !ASSERT_DISABLED
 
+void AssemblyHelpers::emitStoreStructureWithTypeInfo(AssemblyHelpers& jit, TrustedImmPtr structure, RegisterID dest)
+{
+    const Structure* structurePtr = static_cast<const Structure*>(structure.m_value);
+#if USE(JSVALUE64)
+    jit.store64(TrustedImm64(structurePtr->idBlob()), MacroAssembler::Address(dest, JSCell::structureIDOffset()));
+    if (!ASSERT_DISABLED) {
+        Jump correctStructure = jit.branch32(Equal, MacroAssembler::Address(dest, JSCell::structureIDOffset()), TrustedImm32(structurePtr->id()));
+        jit.abortWithReason(AHStructureIDIsValid);
+        correctStructure.link(&jit);
+
+        Jump correctIndexingType = jit.branch8(Equal, MacroAssembler::Address(dest, JSCell::indexingTypeOffset()), TrustedImm32(structurePtr->indexingType()));
+        jit.abortWithReason(AHIndexingTypeIsValid);
+        correctIndexingType.link(&jit);
+
+        Jump correctType = jit.branch8(Equal, MacroAssembler::Address(dest, JSCell::typeInfoTypeOffset()), TrustedImm32(structurePtr->typeInfo().type()));
+        jit.abortWithReason(AHTypeInfoIsValid);
+        correctType.link(&jit);
+
+        Jump correctFlags = jit.branch8(Equal, MacroAssembler::Address(dest, JSCell::typeInfoFlagsOffset()), TrustedImm32(structurePtr->typeInfo().inlineTypeFlags()));
+        jit.abortWithReason(AHTypeInfoInlineTypeFlagsAreValid);
+        correctFlags.link(&jit);
+    }
+#else
+    // Do a 32-bit wide store to initialize the cell's fields.
+    jit.store32(TrustedImm32(structurePtr->objectInitializationBlob()), MacroAssembler::Address(dest, JSCell::indexingTypeOffset()));
+    jit.storePtr(structure, MacroAssembler::Address(dest, JSCell::structureIDOffset()));
+#endif
+}
+
 } // namespace JSC
 
 #endif // ENABLE(JIT)
index 80ae7ff..d173696 100644 (file)
@@ -62,7 +62,7 @@ public:
         // This check is both unneeded and harder to write correctly for ARM64
 #if !defined(NDEBUG) && !CPU(ARM64)
         Jump stackPointerAligned = branchTestPtr(Zero, stackPointerRegister, TrustedImm32(0xf));
-        breakpoint();
+        abortWithReason(AHStackPointerMisaligned);
         stackPointerAligned.link(this);
 #endif
     }
@@ -629,34 +629,7 @@ public:
 #endif
     }
 
-    static void emitStoreStructureWithTypeInfo(AssemblyHelpers& jit, TrustedImmPtr structure, RegisterID dest)
-    {
-        const Structure* structurePtr = static_cast<const Structure*>(structure.m_value);
-#if USE(JSVALUE64)
-        jit.store64(TrustedImm64(structurePtr->idBlob()), MacroAssembler::Address(dest, JSCell::structureIDOffset()));
-#ifndef NDEBUG
-        Jump correctStructure = jit.branch32(Equal, MacroAssembler::Address(dest, JSCell::structureIDOffset()), TrustedImm32(structurePtr->id()));
-        jit.breakpoint();
-        correctStructure.link(&jit);
-
-        Jump correctIndexingType = jit.branch8(Equal, MacroAssembler::Address(dest, JSCell::indexingTypeOffset()), TrustedImm32(structurePtr->indexingType()));
-        jit.breakpoint();
-        correctIndexingType.link(&jit);
-
-        Jump correctType = jit.branch8(Equal, MacroAssembler::Address(dest, JSCell::typeInfoTypeOffset()), TrustedImm32(structurePtr->typeInfo().type()));
-        jit.breakpoint();
-        correctType.link(&jit);
-
-        Jump correctFlags = jit.branch8(Equal, MacroAssembler::Address(dest, JSCell::typeInfoFlagsOffset()), TrustedImm32(structurePtr->typeInfo().inlineTypeFlags()));
-        jit.breakpoint();
-        correctFlags.link(&jit);
-#endif
-#else
-        // Do a 32-bit wide store to initialize the cell's fields.
-        jit.store32(TrustedImm32(structurePtr->objectInitializationBlob()), MacroAssembler::Address(dest, JSCell::indexingTypeOffset()));
-        jit.storePtr(structure, MacroAssembler::Address(dest, JSCell::structureIDOffset()));
-#endif
-    }
+    static void emitStoreStructureWithTypeInfo(AssemblyHelpers& jit, TrustedImmPtr structure, RegisterID dest);
 
     Jump checkMarkByte(GPRReg cell)
     {
index 3e13122..b851e81 100644 (file)
@@ -306,10 +306,6 @@ namespace JSC {
         void emitLoadInt32ToDouble(int index, FPRegisterID value);
         Jump emitJumpIfCellNotObject(RegisterID cellReg);
 
-        Jump addStructureTransitionCheck(JSCell*, Structure*, StructureStubInfo*, RegisterID scratch);
-        void addStructureTransitionCheck(JSCell*, Structure*, StructureStubInfo*, JumpList& failureCases, RegisterID scratch);
-        void testPrototype(JSValue, JumpList& failureCases, StructureStubInfo*);
-
         enum WriteBarrierMode { UnconditionalWriteBarrier, ShouldFilterBase, ShouldFilterValue, ShouldFilterBaseAndValue };
         // value register in write barrier is used before any scratch registers
         // so may safely be the same as either of the scratch registers.
index c436a24..167e413 100644 (file)
@@ -955,9 +955,8 @@ void JIT::emitSlow_op_div(Instruction* currentInstruction, Vector<SlowCaseEntry>
     int op2 = currentInstruction[3].u.operand;
     OperandTypes types = OperandTypes::fromInt(currentInstruction[4].u.operand);
     if (types.first().definitelyIsNumber() && types.second().definitelyIsNumber()) {
-#ifndef NDEBUG
-        breakpoint();
-#endif
+        if (!ASSERT_DISABLED)
+            abortWithReason(JITDivOperandsAreNotNumbers);
         return;
     }
     if (!isOperandConstantImmediateDouble(op1) && !isOperandConstantImmediateInt(op1)) {
index 90a813e..d650a14 100644 (file)
@@ -1106,7 +1106,7 @@ void JIT::emitSlow_op_loop_hint(Instruction*, Vector<SlowCaseEntry>::iterator& i
         Jump noOptimizedEntry = branchTestPtr(Zero, returnValueGPR);
         if (!ASSERT_DISABLED) {
             Jump ok = branchPtr(MacroAssembler::Above, regT0, TrustedImmPtr(bitwise_cast<void*>(static_cast<intptr_t>(1000))));
-            breakpoint();
+            abortWithReason(JITUnreasonableLoopHintJumpTarget);
             ok.link(this);
         }
         jump(returnValueGPR);
index a8b3de0..5c16d13 100644 (file)
@@ -101,7 +101,7 @@ JIT::CodeRef JIT::privateCompileCTINativeCall(VM* vm, NativeFunction func)
     restoreReturnAddressBeforeReturn(regT3);
 #else
 #error "JIT not supported on this platform."
-    breakpoint();
+    abortWithReason(JITNotSupported);
 #endif // CPU(X86)
 
     // Check for an exception
index d65e4cf..bdb92b5 100644 (file)
@@ -139,11 +139,11 @@ void JIT::emit_op_get_by_val(Instruction* currentInstruction)
     
     Label done = label();
     
-#if !ASSERT_DISABLED
-    Jump resultOK = branchTest64(NonZero, regT0);
-    breakpoint();
-    resultOK.link(this);
-#endif
+    if (!ASSERT_DISABLED) {
+        Jump resultOK = branchTest64(NonZero, regT0);
+        abortWithReason(JITGetByValResultIsNotEmpty);
+        resultOK.link(this);
+    }
 
     emitValueProfilingSite();
     emitPutVirtualRegister(dst);
@@ -252,11 +252,11 @@ void JIT::compileGetDirectOffset(RegisterID base, RegisterID result, RegisterID
         addPtr(TrustedImm32(JSObject::offsetOfInlineStorage() - (firstOutOfLineOffset - 2) * sizeof(EncodedJSValue)), base, scratch);
         done.link(this);
     } else {
-#if !ASSERT_DISABLED
-        Jump isOutOfLine = branch32(GreaterThanOrEqual, offset, TrustedImm32(firstOutOfLineOffset));
-        breakpoint();
-        isOutOfLine.link(this);
-#endif
+        if (!ASSERT_DISABLED) {
+            Jump isOutOfLine = branch32(GreaterThanOrEqual, offset, TrustedImm32(firstOutOfLineOffset));
+            abortWithReason(JITOffsetIsNotOutOfLine);
+            isOutOfLine.link(this);
+        }
         loadPtr(Address(base, JSObject::butterflyOffset()), scratch);
         neg32(offset);
     }
@@ -976,42 +976,6 @@ void JIT::emitWriteBarrier(JSCell* owner)
 #endif // ENABLE(GGC)
 }
 
-JIT::Jump JIT::addStructureTransitionCheck(JSCell* object, Structure* structure, StructureStubInfo* stubInfo, RegisterID scratch)
-{
-    if (object->structure() == structure && structure->transitionWatchpointSetIsStillValid()) {
-        structure->addTransitionWatchpoint(stubInfo->addWatchpoint(m_codeBlock));
-#if !ASSERT_DISABLED
-        move(TrustedImmPtr(object), scratch);
-        Jump ok = branchStructure(Equal, Address(scratch, JSCell::structureIDOffset()), structure);
-        breakpoint();
-        ok.link(this);
-#endif
-        Jump result; // Returning an unset jump this way because otherwise VC++ would complain.
-        return result;
-    }
-    
-    move(TrustedImmPtr(object), scratch);
-    return branchStructure(NotEqual, Address(scratch, JSCell::structureIDOffset()), structure);
-}
-
-void JIT::addStructureTransitionCheck(JSCell* object, Structure* structure, StructureStubInfo* stubInfo, JumpList& failureCases, RegisterID scratch)
-{
-    Jump failureCase = addStructureTransitionCheck(object, structure, stubInfo, scratch);
-    if (!failureCase.isSet())
-        return;
-    
-    failureCases.append(failureCase);
-}
-
-void JIT::testPrototype(JSValue prototype, JumpList& failureCases, StructureStubInfo* stubInfo)
-{
-    if (prototype.isNull())
-        return;
-
-    ASSERT(prototype.isCell());
-    addStructureTransitionCheck(prototype.asCell(), prototype.asCell()->structure(), stubInfo, failureCases, regT3);
-}
-
 void JIT::privateCompileGetByVal(ByValInfo* byValInfo, ReturnAddressPtr returnAddress, JITArrayMode arrayMode)
 {
     Instruction* currentInstruction = m_codeBlock->instructions().begin() + byValInfo->bytecodeIndex;
index ac9355e..8a87c50 100644 (file)
@@ -161,11 +161,11 @@ void JIT::emit_op_get_by_val(Instruction* currentInstruction)
     
     Label done = label();
 
-#if !ASSERT_DISABLED
-    Jump resultOK = branch32(NotEqual, regT1, TrustedImm32(JSValue::EmptyValueTag));
-    breakpoint();
-    resultOK.link(this);
-#endif
+    if (!ASSERT_DISABLED) {
+        Jump resultOK = branch32(NotEqual, regT1, TrustedImm32(JSValue::EmptyValueTag));
+        abortWithReason(JITGetByValResultIsNotEmpty);
+        resultOK.link(this);
+    }
 
     emitValueProfilingSite();
     emitStore(dst, regT1, regT0);
@@ -601,11 +601,11 @@ void JIT::compileGetDirectOffset(RegisterID base, RegisterID resultTag, Register
         addPtr(TrustedImmPtr(JSObject::offsetOfInlineStorage() - (firstOutOfLineOffset - 2) * sizeof(EncodedJSValue)), base);
         done.link(this);
     } else {
-#if !ASSERT_DISABLED
-        Jump isOutOfLine = branch32(GreaterThanOrEqual, offset, TrustedImm32(firstOutOfLineOffset));
-        breakpoint();
-        isOutOfLine.link(this);
-#endif
+        if (!ASSERT_DISABLED) {
+            Jump isOutOfLine = branch32(GreaterThanOrEqual, offset, TrustedImm32(firstOutOfLineOffset));
+            abortWithReason(JITOffsetIsNotOutOfLine);
+            isOutOfLine.link(this);
+        }
         loadPtr(Address(base, JSObject::butterflyOffset()), base);
         neg32(offset);
     }
index 1bb780c..a401ea6 100644 (file)
@@ -211,7 +211,7 @@ static void generateRegisterRestoration(AssemblyHelpers& jit)
     if (!ASSERT_DISABLED) {
         AssemblyHelpers::Jump ok = jit.branchPtr(
             AssemblyHelpers::Above, GPRInfo::regT1, AssemblyHelpers::TrustedImmPtr(static_cast<size_t>(0x1000)));
-        jit.breakpoint();
+        jit.abortWithReason(RPWUnreasonableJumpTarget);
         ok.link(&jit);
     }
     
index 973c261..55108bb 100644 (file)
@@ -132,17 +132,18 @@ static void addStructureTransitionCheck(
 {
     if (object->structure() == structure && structure->transitionWatchpointSetIsStillValid()) {
         structure->addTransitionWatchpoint(stubInfo.addWatchpoint(codeBlock));
-#if !ASSERT_DISABLED
-        // If we execute this code, the object must have the structure we expect. Assert
-        // this in debug modes.
-        jit.move(MacroAssembler::TrustedImmPtr(object), scratchGPR);
-        MacroAssembler::Jump ok = branchStructure(jit,
-            MacroAssembler::Equal,
-            MacroAssembler::Address(scratchGPR, JSCell::structureIDOffset()),
-            structure);
-        jit.breakpoint();
-        ok.link(&jit);
-#endif
+        if (!ASSERT_DISABLED) {
+            // If we execute this code, the object must have the structure we expect. Assert
+            // this in debug modes.
+            jit.move(MacroAssembler::TrustedImmPtr(object), scratchGPR);
+            MacroAssembler::Jump ok = branchStructure(
+                jit,
+                MacroAssembler::Equal,
+                MacroAssembler::Address(scratchGPR, JSCell::structureIDOffset()),
+                structure);
+            jit.abortWithReason(RepatchIneffectiveWatchpoint);
+            ok.link(&jit);
+        }
         return;
     }
     
@@ -1571,7 +1572,7 @@ void linkClosureCall(
     if (!ASSERT_DISABLED) {
         CCallHelpers::Jump okArgumentCount = stubJit.branch32(
             CCallHelpers::Below, CCallHelpers::Address(CCallHelpers::stackPointerRegister, static_cast<ptrdiff_t>(sizeof(Register) * JSStack::ArgumentCount) + offsetToFrame + PayloadOffset), CCallHelpers::TrustedImm32(10000000));
-        stubJit.breakpoint();
+        stubJit.abortWithReason(RepatchInsaneArgumentCount);
         okArgumentCount.link(&stubJit);
     }
 
index 823ae40..98d11fb 100644 (file)
@@ -45,17 +45,14 @@ namespace JSC {
 
 inline void emitPointerValidation(CCallHelpers& jit, GPRReg pointerGPR)
 {
-#if !ASSERT_DISABLED
+    if (ASSERT_DISABLED)
+        return;
     CCallHelpers::Jump isNonZero = jit.branchTestPtr(CCallHelpers::NonZero, pointerGPR);
-    jit.breakpoint();
+    jit.abortWithReason(TGInvalidPointer);
     isNonZero.link(&jit);
     jit.pushToSave(pointerGPR);
     jit.load8(pointerGPR, pointerGPR);
     jit.popToRestore(pointerGPR);
-#else
-    UNUSED_PARAM(jit);
-    UNUSED_PARAM(pointerGPR);
-#endif
 }
 
 // We will jump here if the JIT code tries to make a call, but the
@@ -373,7 +370,7 @@ static MacroAssemblerCodeRef nativeForGenerator(VM* vm, CodeSpecializationKind k
 #else
 #error "JIT not supported on this platform."
     UNUSED_PARAM(executableOffsetToFunction);
-    breakpoint();
+    abortWithReason(TGNotSupported);
 #endif
 
     // Check for an exception
index 364a72d..1544df0 100644 (file)
@@ -1639,16 +1639,14 @@ class YarrGenerator : private MacroAssembler {
                 const RegisterID indexTemporary = regT0;
                 ASSERT(term->quantityCount == 1);
 
-#ifndef NDEBUG
                 // Runtime ASSERT to make sure that the nested alternative handled the
                 // "no input consumed" check.
-                if (term->quantityType != QuantifierFixedCount && !term->parentheses.disjunction->m_minimumSize) {
+                if (!ASSERT_DISABLED && term->quantityType != QuantifierFixedCount && !term->parentheses.disjunction->m_minimumSize) {
                     Jump pastBreakpoint;
                     pastBreakpoint = branch32(NotEqual, index, Address(stackPointerRegister, term->frameLocation * sizeof(void*)));
-                    breakpoint();
+                    abortWithReason(YARRNoInputConsumed);
                     pastBreakpoint.link(this);
                 }
-#endif
 
                 // If the parenthese are capturing, store the ending index value to the
                 // captures array, offsetting as necessary.
@@ -1695,16 +1693,16 @@ class YarrGenerator : private MacroAssembler {
             }
             case OpParenthesesSubpatternTerminalEnd: {
                 YarrOp& beginOp = m_ops[op.m_previousOp];
-#ifndef NDEBUG
-                PatternTerm* term = op.m_term;
-
-                // Runtime ASSERT to make sure that the nested alternative handled the
-                // "no input consumed" check.
-                Jump pastBreakpoint;
-                pastBreakpoint = branch32(NotEqual, index, Address(stackPointerRegister, term->frameLocation * sizeof(void*)));
-                breakpoint();
-                pastBreakpoint.link(this);
-#endif
+                if (!ASSERT_DISABLED) {
+                    PatternTerm* term = op.m_term;
+                    
+                    // Runtime ASSERT to make sure that the nested alternative handled the
+                    // "no input consumed" check.
+                    Jump pastBreakpoint;
+                    pastBreakpoint = branch32(NotEqual, index, Address(stackPointerRegister, term->frameLocation * sizeof(void*)));
+                    abortWithReason(YARRNoInputConsumed);
+                    pastBreakpoint.link(this);
+                }
 
                 // We know that the match is non-zero, we can accept it  and
                 // loop back up to the head of the subpattern.