From 8e1c6d1cd8e59b55aa17151f0d0de93907699096 Mon Sep 17 00:00:00 2001 From: "Nicolas B. Pierron" Date: Fri, 24 Apr 2015 16:26:08 +0200 Subject: [PATCH] Bug 1149119 - Do not inline bound functions with non-atomized arguments. r=jandem --- js/src/jit/IonBuilder.cpp | 24 +----------------------- js/src/jit/IonBuilder.h | 3 --- js/src/jit/MCallOptimize.cpp | 13 ++++++------- 3 files changed, 7 insertions(+), 33 deletions(-) diff --git a/js/src/jit/IonBuilder.cpp b/js/src/jit/IonBuilder.cpp index 397eb88178f3..3772e980e1ee 100644 --- a/js/src/jit/IonBuilder.cpp +++ b/js/src/jit/IonBuilder.cpp @@ -12873,17 +12873,8 @@ IonBuilder::storeReferenceTypedObjectValue(MDefinition* typedObj, MConstant* IonBuilder::constant(const Value& v) { - // For performance reason (TLS) and error code handling (AtomizeString), we - // should prefer the specialized frunction constantMaybeAtomize instead of - // constant. MOZ_ASSERT(!v.isString() || v.toString()->isAtom(), - "To handle non-atomized strings, you should use constantMaybeAtomize instead of constant."); - if (v.isString() && MOZ_UNLIKELY(!v.toString()->isAtom())) { - MConstant* cst = constantMaybeAtomize(v); - if (!cst) - js::CrashAtUnhandlableOOM("Use constantMaybeAtomize."); - return cst; - } + "Handle non-atomized strings outside IonBuilder."); MConstant* c = MConstant::New(alloc(), v, constraints()); current->add(c); @@ -12896,19 +12887,6 @@ IonBuilder::constantInt(int32_t i) return constant(Int32Value(i)); } -MConstant* -IonBuilder::constantMaybeAtomize(const Value& v) -{ - if (!v.isString() || v.toString()->isAtom()) - return constant(v); - - JSContext* cx = GetJitContext()->cx; - JSAtom* atom = js::AtomizeString(cx, v.toString()); - if (!atom) - return nullptr; - return constant(StringValue(atom)); -} - MDefinition* IonBuilder::getCallee() { diff --git a/js/src/jit/IonBuilder.h b/js/src/jit/IonBuilder.h index 8a51d719e9d2..dcfa98f12abb 100644 --- a/js/src/jit/IonBuilder.h +++ b/js/src/jit/IonBuilder.h @@ -353,9 +353,6 @@ class IonBuilder MConstant* constant(const Value& v); MConstant* constantInt(int32_t i); - // Note: This function might return nullptr in case of failure. - MConstant* constantMaybeAtomize(const Value& v); - // Improve the type information at tests bool improveTypesAtTest(MDefinition* ins, bool trueBranch, MTest* test); bool improveTypesAtCompare(MCompare* ins, bool trueBranch, MTest* test); diff --git a/js/src/jit/MCallOptimize.cpp b/js/src/jit/MCallOptimize.cpp index 2f70a9ef7e4d..3a7f56d2050a 100644 --- a/js/src/jit/MCallOptimize.cpp +++ b/js/src/jit/MCallOptimize.cpp @@ -2769,11 +2769,15 @@ IonBuilder::inlineBoundFunction(CallInfo& nativeCallInfo, JSFunction* target) const Value val = target->getBoundFunctionArgument(i); if (val.isObject() && gc::IsInsideNursery(&val.toObject())) return InliningStatus_NotInlined; + if (val.isString() && !val.toString()->isAtom()) + return InliningStatus_NotInlined; } const Value thisVal = target->getBoundFunctionThis(); if (thisVal.isObject() && gc::IsInsideNursery(&thisVal.toObject())) return InliningStatus_NotInlined; + if (thisVal.isString() && !thisVal.toString()->isAtom()) + return InliningStatus_NotInlined; size_t argc = target->getBoundFunctionArgumentCount() + nativeCallInfo.argc(); if (argc > ARGS_LENGTH_MAX) @@ -2783,18 +2787,13 @@ IonBuilder::inlineBoundFunction(CallInfo& nativeCallInfo, JSFunction* target) CallInfo callInfo(alloc(), nativeCallInfo.constructing()); callInfo.setFun(constant(ObjectValue(*scriptedTarget))); - MConstant* thisConst = constantMaybeAtomize(thisVal); - if (!thisConst) - return InliningStatus_Error; - callInfo.setThis(thisConst); + callInfo.setThis(constant(thisVal)); if (!callInfo.argv().reserve(argc)) return InliningStatus_Error; for (size_t i = 0; i < target->getBoundFunctionArgumentCount(); i++) { - MConstant* argConst = constantMaybeAtomize(target->getBoundFunctionArgument(i)); - if (!argConst) - return InliningStatus_Error; + MConstant* argConst = constant(target->getBoundFunctionArgument(i)); callInfo.argv().infallibleAppend(argConst); } for (size_t i = 0; i < nativeCallInfo.argc(); i++)