Changeset 33371

Timestamp:

05/12/08 23:06:47 (6 months ago)

Author:

mrowe@apple.com

Message:

Bug 18934: SQUIRRELFISH: ASSERT @ nytimes.com due to RegisterFile being clobbered
<https://bugs.webkit.org/show_bug.cgi?id=18934>

Reviewed by Geoff

Unfortunately we cannot create new statically optimised globals if there are any
tainted RegisterFiles on the RegisterFileStack. To handle this we re-introduce
(in a slightly cleaner form) the inImplicitCall concept to the RegisterFileStack.

Location:

branches/squirrelfish

Files:

• JavaScriptCore/ChangeLog (modified) (1 diff)
• JavaScriptCore/VM/Machine.cpp (modified) (1 diff)
• JavaScriptCore/VM/RegisterFileStack.cpp (modified) (2 diffs)
• JavaScriptCore/VM/RegisterFileStack.h (modified) (3 diffs)
• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/fast/js/implicit-call-with-global-reentry-expected.txt (added)
• LayoutTests/fast/js/implicit-call-with-global-reentry.html (added)
• LayoutTests/fast/js/resources/implicit-call-with-global-reentry.js (added)

branches/squirrelfish/JavaScriptCore/ChangeLog

@@ +1 @@
+2008-05-12  Oliver Hunt  <oliver@apple.com>
+
+        Reviewed by Geoff.
+
+        Bug 18934: SQUIRRELFISH: ASSERT @ nytimes.com due to RegisterFile being clobbered
+        <https://bugs.webkit.org/show_bug.cgi?id=18934>
+
+        Unfortunately we cannot create new statically optimised globals if there are any
+        tainted RegisterFiles on the RegisterFileStack.  To handle this we re-introduce
+        (in a slightly cleaner form) the inImplicitCall concept to the RegisterFileStack.
+
+        * VM/Machine.cpp:
+        (KJS::Machine::execute):
+        * VM/RegisterFileStack.cpp:
+        (KJS::RegisterFileStack::pushFunctionRegisterFile):
+        * VM/RegisterFileStack.h:
+
 2008-05-12  Geoffrey Garen  <ggaren@apple.com>
 

branches/squirrelfish/JavaScriptCore/VM/Machine.cpp

@@ -580 +580 @@
 
     RegisterFile* registerFile = registerFileStack->pushGlobalRegisterFile();
-    CodeBlock* codeBlock = &programNode->code(scopeChain, registerFileStack->current()->isGlobal());
+    CodeBlock* codeBlock = &programNode->code(scopeChain, !registerFileStack->inImplicitCall());
     registerFile->addGlobalSlots(codeBlock->numVars);
 

branches/squirrelfish/JavaScriptCore/VM/RegisterFileStack.cpp

@@ -87 +87 @@
 RegisterFile* RegisterFileStack::pushFunctionRegisterFile()
 {
+    m_functionStackDepth++;
     return allocateRegisterFile(current()->maxSize() - current()->size());
 }
@@ -92 +93 @@
 void RegisterFileStack::popFunctionRegisterFile()
 {
+    m_functionStackDepth--;
     delete m_stack.last();
     m_stack.removeLast();

branches/squirrelfish/JavaScriptCore/VM/RegisterFileStack.h

@@ -39 +39 @@
         RegisterFileStack()
             : m_globalBase(0)
+            , m_functionStackDepth(0)
         {
             allocateRegisterFile(RegisterFile::DefaultRegisterFileSize, this);
@@ -69 +70 @@
         }
 
+        bool inImplicitCall() { return m_functionStackDepth > 0; }
     private:
         typedef Vector<RegisterFile*, 4> Stack;
@@ -89 +91 @@
         Stack m_stack;
         Register* m_globalBase;
+        int m_functionStackDepth;
     };
 

branches/squirrelfish/LayoutTests/ChangeLog

@@ +1 @@
+2008-05-12  Oliver Hunt  <oliver@apple.com>
+
+        Reviewed by Geoff.
+
+        Bug 18934: SQUIRRELFISH: ASSERT @ nytimes.com due to RegisterFile being clobbered
+        <https://bugs.webkit.org/show_bug.cgi?id=18934>
+
+        Add testcases to cover global reentry from an implicit call.
+
+        * fast/js/implicit-call-with-global-reentry-expected.txt: Added.
+        * fast/js/implicit-call-with-global-reentry.html: Added.
+        * fast/js/resources/implicit-call-with-global-reentry.js: Added.
+
 2008-05-12  Geoffrey Garen  <ggaren@apple.com>