Title: [202519] trunk/Source/_javascript_Core
- Revision
- 202519
- Author
- [email protected]
- Date
- 2016-06-27 16:26:41 -0700 (Mon, 27 Jun 2016)
Log Message
Crashing at an unreachable code trap in FTL should give more information
https://bugs.webkit.org/show_bug.cgi?id=159177
Reviewed by Saam Barati.
This stuffs information into registers so that we have some chance of seeing what happened
by looking at the register dumps.
* assembler/AbortReason.h:
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::ftlUnreachable):
(JSC::FTL::DFG::LowerDFGToB3::compileBlock):
(JSC::FTL::DFG::LowerDFGToB3::crash):
Modified Paths
Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (202518 => 202519)
--- trunk/Source/_javascript_Core/ChangeLog 2016-06-27 22:26:41 UTC (rev 202518)
+++ trunk/Source/_javascript_Core/ChangeLog 2016-06-27 23:26:41 UTC (rev 202519)
@@ -1,5 +1,21 @@
2016-06-27 Filip Pizlo <[email protected]>
+ Crashing at an unreachable code trap in FTL should give more information
+ https://bugs.webkit.org/show_bug.cgi?id=159177
+
+ Reviewed by Saam Barati.
+
+ This stuffs information into registers so that we have some chance of seeing what happened
+ by looking at the register dumps.
+
+ * assembler/AbortReason.h:
+ * ftl/FTLLowerDFGToB3.cpp:
+ (JSC::FTL::DFG::ftlUnreachable):
+ (JSC::FTL::DFG::LowerDFGToB3::compileBlock):
+ (JSC::FTL::DFG::LowerDFGToB3::crash):
+
+2016-06-27 Filip Pizlo <[email protected]>
+
Clean up resetting reachability in B3/Air
https://bugs.webkit.org/show_bug.cgi?id=159170
Modified: trunk/Source/_javascript_Core/assembler/AbortReason.h (202518 => 202519)
--- trunk/Source/_javascript_Core/assembler/AbortReason.h 2016-06-27 22:26:41 UTC (rev 202518)
+++ trunk/Source/_javascript_Core/assembler/AbortReason.h 2016-06-27 23:26:41 UTC (rev 202519)
@@ -60,6 +60,7 @@
DFGUnreachableNode = 225,
DFGUnreasonableOSREntryJumpDestination = 230,
DFGVarargsThrowingPathDidNotThrow = 235,
+ FTLCrash = 236,
JITDidReturnFromTailCall = 237,
JITDivOperandsAreNotNumbers = 240,
JITGetByValResultIsNotEmpty = 250,
Modified: trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp (202518 => 202519)
--- trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp 2016-06-27 22:26:41 UTC (rev 202518)
+++ trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp 2016-06-27 23:26:41 UTC (rev 202519)
@@ -90,12 +90,7 @@
std::atomic<int> compileCounter;
-#if ASSERT_DISABLED
-NO_RETURN_DUE_TO_CRASH static void ftlUnreachable()
-{
- CRASH();
-}
-#else
+#if !ASSERT_DISABLED
NO_RETURN_DUE_TO_CRASH static void ftlUnreachable(
CodeBlock* codeBlock, BlockIndex blockIndex, unsigned nodeIndex)
{
@@ -393,7 +388,7 @@
if (!m_highBlock->cfaHasVisited) {
if (verboseCompilationEnabled())
dataLog("Bailing because CFA didn't reach.\n");
- crash(m_highBlock->index, UINT_MAX);
+ crash(m_highBlock, nullptr);
return;
}
@@ -11241,14 +11236,23 @@
void crash()
{
- crash(m_highBlock->index, m_node->index());
+ crash(m_highBlock, m_node);
}
- void crash(BlockIndex blockIndex, unsigned nodeIndex)
+ void crash(DFG::BasicBlock* block, Node* node)
{
+ BlockIndex blockIndex = block->index;
+ unsigned nodeIndex = node ? node->index() : UINT_MAX;
#if ASSERT_DISABLED
- m_out.call(m_out.voidType, m_out.operation(ftlUnreachable));
- UNUSED_PARAM(blockIndex);
- UNUSED_PARAM(nodeIndex);
+ m_out.patchpoint(Void)->setGenerator(
+ [=] (CCallHelpers& jit, const StackmapGenerationParams&) {
+ AllowMacroScratchRegisterUsage allowScratch(jit);
+
+ jit.move(CCallHelpers::TrustedImm32(blockIndex), GPRInfo::regT0);
+ jit.move(CCallHelpers::TrustedImm32(nodeIndex), GPRInfo::regT1);
+ if (node)
+ jit.move(CCallHelpers::TrustedImm32(node->op()), GPRInfo::regT2);
+ jit.abortWithReason(FTLCrash);
+ });
#else
m_out.call(
m_out.voidType,
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes