Closed
Bug 1116591
Opened 9 years ago
Closed 9 years ago
Actually give a few MIR opcodes a type policy where they clearly intended to have one but failed to say the magic words correctly
Categories
(Core :: JavaScript Engine: JIT, defect)
Core
JavaScript Engine: JIT
Tracking
()
RESOLVED
FIXED
mozilla37
People
(Reporter: Waldo, Assigned: Waldo)
Details
Attachments
(4 files)
|
2.73 KB,
patch
|
nbp
:
review+
|
Details | Diff | Splinter Review |
|
3.02 KB,
patch
|
nbp
:
review+
|
Details | Diff | Splinter Review |
|
24.33 KB,
patch
|
nbp
:
review+
|
Details | Diff | Splinter Review |
|
24.46 KB,
patch
|
nbp
:
review+
|
Details | Diff | Splinter Review |
Various MIR instructions clearly-inadvertently are lacking type policies
|
Assignee | |
Comment 1•9 years ago
|
||
Don't have testcase(s) yet, will try to scrounge some up before landing. Not sure if this'll need backporting yet -- MSubstr is the only one that might be riding release trains outside nightly at this point. I have more patches to make all TypePolicys final to prevent this mistake, and to force every MIR instruction to affirmatively say it doesn't want a type policy if indeed it doesn't, but those can wait a little past this immediate bug-fix. (They indicated that these three are the only instructions mistakenly inheriting from TypePolicys instead of from ::Data, tho.)
Attachment #8542696 -
Flags: review?(nicolas.b.pierron)
|
||
Comment 2•9 years ago
|
||
Comment on attachment 8542696 [details] [diff] [review] Patch Review of attachment 8542696 [details] [diff] [review]: ----------------------------------------------------------------- ::: js/src/jit/MIR.h @@ +12049,4 @@ > > class MCompareExchangeTypedArrayElement > : public MAryInstruction<4>, > + public MixPolicy< MixPolicy<ObjectPolicy<0>, IntPolicy<1> >, MixPolicy<IntPolicy<2>, IntPolicy<3> > >::Data nit: Mix4Policy ? ::: js/src/jit/TypePolicy.cpp @@ +993,4 @@ > _(Mix3Policy<ObjectPolicy<0>, ObjectPolicy<1>, IntPolicy<2> >) \ > _(Mix3Policy<StringPolicy<0>, ObjectPolicy<1>, StringPolicy<2> >) \ > _(Mix3Policy<StringPolicy<0>, StringPolicy<1>, StringPolicy<2> >) \ > + _(Mix3Policy<StringPolicy<0>, IntPolicy<1>, IntPolicy<2>>) \ nit: Keep this list sorted, by moving it up by 2 lines.
Attachment #8542696 -
Flags: review?(nicolas.b.pierron) → review+
|
|
Assignee | |
Comment 3•9 years ago
|
||
Delta patch for adding Mix4Policy, posted in case anyone wants to see it -- trivial enough I'm not going to bother asking for review on it.
|
|
Assignee | |
Comment 4•9 years ago
|
||
With the next patch the finality here is kind of belt-and-suspenders, but it seems nice anyway. The more safeguards against inheriting from the wrong thing, the better.
Attachment #8542711 -
Flags: review?(nicolas.b.pierron)
|
|
Assignee | |
Comment 5•9 years ago
|
||
The sibling thisTypeSpecialization() looks like it'd want similar treatment, but it appears vastly rarer to actually call that, not immediately obvious what instructions would have it called -- and finally, if the global one's called we just crash. Not great, but also not prone to badness. If someone else wants to vacuum that up into the right fix, props to 'em, but I'm not touching it.
Attachment #8542712 -
Flags: review?(nicolas.b.pierron)
|
|
||
Updated•9 years ago
|
Attachment #8542710 -
Flags: review+
|
|
||
Comment 6•9 years ago
|
||
Comment on attachment 8542711 [details] [diff] [review] Make all TypePolicy subclasses final to prevent the mistake of inheriting from one (rather than inheriting from its nested Data class) Review of attachment 8542711 [details] [diff] [review]: ----------------------------------------------------------------- ::: js/src/jit/TypePolicy.h @@ +68,1 @@ > static MDefinition *alwaysBoxAt(TempAllocator &alloc, MInstruction *at, MDefinition *operand); I think it would make sense to remove the BoxInputs class, and just define alwaysBoxAt outside of it to make it usable in IonAnalysis.cpp. Otherwise, it can be made a static member of the TypePolicy base class. @@ +68,2 @@ > static MDefinition *alwaysBoxAt(TempAllocator &alloc, MInstruction *at, MDefinition *operand); > + static bool adjustInputs(TempAllocator &alloc, MInstruction *def); Is this function still used? @@ +73,3 @@ > { > public: > SPECIALIZATION_DATA_; to-fix: Use EMPTY_DATA_ instead of SPECIALIZATION_DATA_, as the adjustInputs function for this type policy does not on any specialization() field hold by the MIR instruction which has this type policy.
Attachment #8542711 -
Flags: review?(nicolas.b.pierron) → review+
|
|
||
Comment 7•9 years ago
|
||
Comment on attachment 8542712 [details] [diff] [review] Make every MIR opcode's typePolicy() member function consult op::thisTypePolicy(), never the global thisTypePolicy() method Review of attachment 8542712 [details] [diff] [review]: ----------------------------------------------------------------- ::: js/src/jit/MIR.h @@ +980,5 @@ > }; > > +class MNullaryInstruction > + : public MAryInstruction<0>, > + public NoTypePolicy Do you think it would make sense to have NoTypePolicy::Data instead, to make it match others TypePolicy definitions? ::: js/src/jit/TypePolicy.h @@ +62,4 @@ > > #define SPECIALIZATION_DATA_ INHERIT_DATA_(TypeSpecializationData) > > +class NoTypePolicy This is pure cosmetic, but I would expect NoTypePolicy to inherit from TypePolicy, but this might be me reading too many bad class inheritance :P Still I think that "NoType" is a form of "TypePolicy". @@ +65,5 @@ > +class NoTypePolicy > +{ > + public: > + static TypePolicy *thisTypePolicy() { > + return nullptr; In which case it make sense to have this function defined in a Data structure.
Attachment #8542712 -
Flags: review?(nicolas.b.pierron) → review+
|
||
Comment 8•9 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/59f8e01e7133 https://hg.mozilla.org/mozilla-central/rev/92c8c395677f https://hg.mozilla.org/mozilla-central/rev/d3a71d1c2180 https://hg.mozilla.org/mozilla-central/rev/d9557e125ac3
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla37
|
|
Assignee | |
Comment 9•9 years ago
|
||
(In reply to Nicolas B. Pierron [:nbp] from comment #7) > Do you think it would make sense to have NoTypePolicy::Data instead, to make > it match others TypePolicy definitions? I did it this way at first, then changed to no ::Data. Still kinda waffly about it, so I switched to ::Data when landing. > This is pure cosmetic, but I would expect NoTypePolicy to inherit from > TypePolicy, but this might be me reading too many bad class inheritance :P > Still I think that "NoType" is a form of "TypePolicy". It's explicitly claiming *not* to be a type policy, I think. But yeah, there is a minor contention that could be had here. Given NoTypePolicy should never be instantiated, seems worth not having the inheritance, and pointless extra vtable, &c.
You need to log in
before you can comment on or make changes to this bug.
Description
•