Bug 1130481 - IonMonkey: Assert that Ion frames are properly aligned. r=bbouvier
authorNicolas B. Pierron <nicolas.b.pierron@mozilla.com>
Thu, 12 Feb 2015 14:53:06 +0100
changeset 228813 e7e6e82492cb8156e0e217aae3312c3f6785d76e
parent 228812 25c0f57abbdb02343609db99e72339a405841c4e
child 228814 9fd1f192c0e8a512033d27bcbc4bb8fad312c488
push id55536
push usernpierron@mozilla.com
push dateThu, 12 Feb 2015 13:53:23 +0000
treeherdermozilla-inbound@e7e6e82492cb [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbbouvier
bugs1130481
milestone38.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1130481 - IonMonkey: Assert that Ion frames are properly aligned. r=bbouvier
js/src/jit/CodeGenerator.cpp
js/src/jit/JitFrames.cpp
js/src/jit/arm/CodeGenerator-arm.cpp
js/src/jit/mips/CodeGenerator-mips.cpp
js/src/jit/shared/CodeGenerator-x86-shared.cpp
--- a/js/src/jit/CodeGenerator.cpp
+++ b/js/src/jit/CodeGenerator.cpp
@@ -2001,16 +2001,20 @@ CodeGenerator::visitOsrEntry(LOsrEntry *
     if (isProfilerInstrumentationEnabled())
         masm.profilerEnterFrame(StackPointer, temp);
 
     // Allocate the full frame for this function
     // Note we have a new entry here. So we reset MacroAssembler::framePushed()
     // to 0, before reserving the stack.
     MOZ_ASSERT(masm.framePushed() == frameSize());
     masm.setFramePushed(0);
+
+    // Ensure that the Ion frames is properly aligned.
+    masm.assertStackAlignment(JitStackAlignment, 0);
+
     masm.reserveStack(frameSize());
 }
 
 void
 CodeGenerator::visitOsrScopeChain(LOsrScopeChain *lir)
 {
     const LAllocation *frame   = lir->getOperand(0);
     const LDefinition *object  = lir->getDef(0);
--- a/js/src/jit/JitFrames.cpp
+++ b/js/src/jit/JitFrames.cpp
@@ -3123,19 +3123,17 @@ AssertJitStackInvariants(JSContext *cx)
                 // Ideally, we should not have such requirement, but keep the
                 // alignment-delta as part of the Safepoint such that we can pad
                 // accordingly when making out-of-line calls.  In the mean time,
                 // let us have check-points where we can garantee that
                 // everything can properly be aligned before adding complexity.
                 MOZ_RELEASE_ASSERT(frames.ionScript()->frameSize() % JitStackAlignment == 0,
                   "Ensure that if the Ion frame is aligned, then the spill base is also aligned");
 
-                InlineFrameIterator lastInlinedFrame(cx, &frames);
-                jsbytecode *pc = lastInlinedFrame.pc();
-                if (JSOp(*pc) == JSOP_FUNAPPLY) {
+                if (isScriptedCallee) {
                     MOZ_RELEASE_ASSERT(prevFrameSize % JitStackAlignment == 0,
                       "The ion frame should keep the alignment");
                 }
             }
 
             // The stack is dynamically aligned by baseline stubs before calling
             // any jitted code.
             if (frames.prevType() == JitFrame_BaselineStub && isScriptedCallee) {
--- a/js/src/jit/arm/CodeGenerator-arm.cpp
+++ b/js/src/jit/arm/CodeGenerator-arm.cpp
@@ -47,16 +47,19 @@ CodeGeneratorARM::generatePrologue()
 #ifdef JS_USE_LINK_REGISTER
     masm.pushReturnAddress();
 #endif
 
     // If profiling, save the current frame pointer to a per-thread global field.
     if (isProfilerInstrumentationEnabled())
         masm.profilerEnterFrame(StackPointer, CallTempReg0);
 
+    // Ensure that the Ion frames is properly aligned.
+    masm.assertStackAlignment(JitStackAlignment, 0);
+
     // Note that this automatically sets MacroAssembler::framePushed().
     masm.reserveStack(frameSize());
     masm.checkStackAlignment();
 
     emitTracelogIonStart();
 
     return true;
 }
--- a/js/src/jit/mips/CodeGenerator-mips.cpp
+++ b/js/src/jit/mips/CodeGenerator-mips.cpp
@@ -44,16 +44,19 @@ CodeGeneratorMIPS::generatePrologue()
 {
     MOZ_ASSERT(masm.framePushed() == 0);
     MOZ_ASSERT(!gen->compilingAsmJS());
 
     // If profiling, save the current frame pointer to a per-thread global field.
     if (isProfilerInstrumentationEnabled())
         masm.profilerEnterFrame(StackPointer, CallTempReg0);
 
+    // Ensure that the Ion frames is properly aligned.
+    masm.assertStackAlignment(JitStackAlignment, 0);
+
     // Note that this automatically sets MacroAssembler::framePushed().
     masm.reserveStack(frameSize());
     masm.checkStackAlignment();
 
     emitTracelogIonStart();
 
     return true;
 }
--- a/js/src/jit/shared/CodeGenerator-x86-shared.cpp
+++ b/js/src/jit/shared/CodeGenerator-x86-shared.cpp
@@ -43,16 +43,19 @@ CodeGeneratorX86Shared::generatePrologue
 {
     MOZ_ASSERT(masm.framePushed() == 0);
     MOZ_ASSERT(!gen->compilingAsmJS());
 
     // If profiling, save the current frame pointer to a per-thread global field.
     if (isProfilerInstrumentationEnabled())
         masm.profilerEnterFrame(StackPointer, CallTempReg0);
 
+    // Ensure that the Ion frames is properly aligned.
+    masm.assertStackAlignment(JitStackAlignment, 0);
+
     // Note that this automatically sets MacroAssembler::framePushed().
     masm.reserveStack(frameSize());
 
     emitTracelogIonStart();
 
     return true;
 }