From 7e89634dfe5c75db66d6adeef86af69e1b363979 Mon Sep 17 00:00:00 2001 From: "Nicolas B. Pierron" Date: Wed, 24 Sep 2014 15:42:57 +0200 Subject: [PATCH] Bug 1063653 - Add testcase. r=bhackett --- js/src/jit-test/tests/ion/bug1063653.js | 10 ++++++++++ js/src/jit/IonAnalysis.cpp | 6 ++++++ js/src/jit/Lowering.cpp | 5 +++++ 3 files changed, 21 insertions(+) create mode 100644 js/src/jit-test/tests/ion/bug1063653.js diff --git a/js/src/jit-test/tests/ion/bug1063653.js b/js/src/jit-test/tests/ion/bug1063653.js new file mode 100644 index 000000000000..9a0e162ef14f --- /dev/null +++ b/js/src/jit-test/tests/ion/bug1063653.js @@ -0,0 +1,10 @@ + +function g(x) { + return (0 > (Math.max(x, x) || x)) +} +function f() { + return g(g() >> 0) +} +for (var k = 0; k < 1; ++k) { + f(); +} diff --git a/js/src/jit/IonAnalysis.cpp b/js/src/jit/IonAnalysis.cpp index ff450b4f4c5b..1401b2bc2ca3 100644 --- a/js/src/jit/IonAnalysis.cpp +++ b/js/src/jit/IonAnalysis.cpp @@ -43,6 +43,12 @@ SplitCriticalEdgesForBlock(MIRGraph &graph, MBasicBlock *block) graph.insertBlockAfter(block, split); split->end(MGoto::New(graph.alloc(), target)); + // The entry resume point won't properly reflect state at the start of + // the split edge, so remove it. Split edges start out empty, but might + // have fallible code moved into them later. Rather than immediately + // figure out a valid resume point and pc we can use for the split edge, + // we wait until lowering (see LIRGenerator::visitBlock), where this + // will be easier. if (MResumePoint *rp = split->entryResumePoint()) { rp->releaseUses(); split->clearEntryResumePoint(); diff --git a/js/src/jit/Lowering.cpp b/js/src/jit/Lowering.cpp index e3aa75894ff9..151943d8b127 100644 --- a/js/src/jit/Lowering.cpp +++ b/js/src/jit/Lowering.cpp @@ -3969,6 +3969,11 @@ LIRGenerator::visitBlock(MBasicBlock *block) if (!visitInstruction(block->lastIns())) return false; + // If we have a resume point check that all the following blocks have one, + // otherwise reuse the last resume point as the entry resume point of the + // basic block. This is used to handle fallible code which is moved/added + // into split edge blocks, which do not have resume points. See + // SplitCriticalEdgesForBlock. if (lastResumePoint_) { for (size_t s = 0; s < block->numSuccessors(); s++) { MBasicBlock *succ = block->getSuccessor(s);