Title: [106596] trunk
- Revision
- 106596
- Author
- [email protected]
- Date
- 2012-02-02 15:18:13 -0800 (Thu, 02 Feb 2012)
Log Message
retrieveCallerFromVMCode should call trueCallerFrame
https://bugs.webkit.org/show_bug.cgi?id=77684
Source/_javascript_Core:
Reviewed by Oliver Hunt.
* interpreter/Interpreter.cpp:
(JSC::Interpreter::retrieveCallerFromVMCode):
LayoutTests:
Rubber stamped by Oliver Hunt.
* fast/js/dfg-inline-function-dot-caller-expected.txt: Added.
* fast/js/dfg-inline-function-dot-caller.html: Added.
* fast/js/script-tests/dfg-inline-function-dot-caller.js: Added.
(resultArray):
(object.nonInlineable.nonInlineable.if):
(object.nonInlineable):
(object.inlineable):
(makeInlinableCall):
(g):
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (106595 => 106596)
--- trunk/LayoutTests/ChangeLog 2012-02-02 23:03:45 UTC (rev 106595)
+++ trunk/LayoutTests/ChangeLog 2012-02-02 23:18:13 UTC (rev 106596)
@@ -1,3 +1,20 @@
+2012-02-02 Filip Pizlo <[email protected]>
+
+ retrieveCallerFromVMCode should call trueCallerFrame
+ https://bugs.webkit.org/show_bug.cgi?id=77684
+
+ Rubber stamped by Oliver Hunt.
+
+ * fast/js/dfg-inline-function-dot-caller-expected.txt: Added.
+ * fast/js/dfg-inline-function-dot-caller.html: Added.
+ * fast/js/script-tests/dfg-inline-function-dot-caller.js: Added.
+ (resultArray):
+ (object.nonInlineable.nonInlineable.if):
+ (object.nonInlineable):
+ (object.inlineable):
+ (makeInlinableCall):
+ (g):
+
2012-02-02 Chris Marrin <[email protected]>
Turn on CSS Filters on Windows
Added: trunk/LayoutTests/fast/js/dfg-inline-function-dot-caller-expected.txt (0 => 106596)
--- trunk/LayoutTests/fast/js/dfg-inline-function-dot-caller-expected.txt (rev 0)
+++ trunk/LayoutTests/fast/js/dfg-inline-function-dot-caller-expected.txt 2012-02-02 23:18:13 UTC (rev 106596)
@@ -0,0 +1,14 @@
+Tests that DFG inlining does not brak function.arguments.caller.
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS resultArray.length is 4
+PASS resultArray[3] is "g"
+PASS resultArray[2] is "makeInlinableCall"
+PASS resultArray[1] is "inlineable"
+PASS resultArray[0] is "nonInlineable"
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
Added: trunk/LayoutTests/fast/js/dfg-inline-function-dot-caller.html (0 => 106596)
--- trunk/LayoutTests/fast/js/dfg-inline-function-dot-caller.html (rev 0)
+++ trunk/LayoutTests/fast/js/dfg-inline-function-dot-caller.html 2012-02-02 23:18:13 UTC (rev 106596)
@@ -0,0 +1,10 @@
+<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
+<html>
+<head>
+<script src=""
+</head>
+<body>
+<script src=""
+<script src=""
+</body>
+</html>
Added: trunk/LayoutTests/fast/js/script-tests/dfg-inline-function-dot-caller.js (0 => 106596)
--- trunk/LayoutTests/fast/js/script-tests/dfg-inline-function-dot-caller.js (rev 0)
+++ trunk/LayoutTests/fast/js/script-tests/dfg-inline-function-dot-caller.js 2012-02-02 23:18:13 UTC (rev 106596)
@@ -0,0 +1,46 @@
+description(
+"Tests that DFG inlining does not brak function.arguments.caller."
+);
+
+var callCount = 0;
+
+var resultArray = []
+
+function throwError() {
+ throw {};
+}
+var object = {
+ nonInlineable : function nonInlineable() {
+ if (0) return [arguments, function(){}];
+ if (++callCount == 9999999) {
+ var f = nonInlineable;
+ while (f) {
+ resultArray.push(f.name);
+ f=f.arguments.callee.caller;
+ }
+ }
+ },
+ inlineable : function inlineable() {
+ this.nonInlineable();
+ }
+}
+function makeInlinableCall(o) {
+ for (var i = 0; i < 10000; i++)
+ o.inlineable();
+}
+
+function g() {
+ var j = 0;
+ for (var i = 0; i < 1000; i++) {
+ j++;
+ makeInlinableCall(object);
+ }
+}
+g();
+
+shouldBe("resultArray.length", "4");
+shouldBe("resultArray[3]", "\"g\"");
+shouldBe("resultArray[2]", "\"makeInlinableCall\"");
+shouldBe("resultArray[1]", "\"inlineable\"");
+shouldBe("resultArray[0]", "\"nonInlineable\"");
+
Modified: trunk/Source/_javascript_Core/ChangeLog (106595 => 106596)
--- trunk/Source/_javascript_Core/ChangeLog 2012-02-02 23:03:45 UTC (rev 106595)
+++ trunk/Source/_javascript_Core/ChangeLog 2012-02-02 23:18:13 UTC (rev 106596)
@@ -1,3 +1,13 @@
+2012-02-02 Filip Pizlo <[email protected]>
+
+ retrieveCallerFromVMCode should call trueCallerFrame
+ https://bugs.webkit.org/show_bug.cgi?id=77684
+
+ Reviewed by Oliver Hunt.
+
+ * interpreter/Interpreter.cpp:
+ (JSC::Interpreter::retrieveCallerFromVMCode):
+
2012-02-02 Kalev Lember <[email protected]>
[GTK] Implement current executable path finding for win32
Modified: trunk/Source/_javascript_Core/interpreter/Interpreter.cpp (106595 => 106596)
--- trunk/Source/_javascript_Core/interpreter/Interpreter.cpp 2012-02-02 23:03:45 UTC (rev 106595)
+++ trunk/Source/_javascript_Core/interpreter/Interpreter.cpp 2012-02-02 23:18:13 UTC (rev 106596)
@@ -5126,11 +5126,12 @@
CallFrame* functionCallFrame = findFunctionCallFrameFromVMCode(callFrame, function);
if (!functionCallFrame)
return jsNull();
-
- CallFrame* callerFrame = functionCallFrame->callerFrame();
- if (callerFrame->hasHostCallFrameFlag())
+
+ if (functionCallFrame->callerFrame()->hasHostCallFrameFlag())
return jsNull();
+ CallFrame* callerFrame = functionCallFrame->trueCallerFrame();
+
JSValue caller = callerFrame->callee();
if (!caller)
return jsNull();
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes
