Closed Bug 1602681 Opened 4 years ago Closed 4 years ago

Disambiguate OSR pc arguments in a few places

Categories

(Core :: JavaScript Engine: JIT, task, P1)

Product:
Core
Component:
JavaScript Engine: JIT
Type:
task

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1602390

People

(Reporter: jandem, Assigned: jandem)

Details

Attachments

(1 obsolete file)

Some functions take a jsbytecode* pc argument: if it's a JSOP_LOOPHEAD they treat it as OSR and else it must be script->code(). However this is ambiguous as scripts can start with JSOP_LOOPHEAD for while-loops.

We could change to jsbytecode* osrPc and use nullptr for the non-OSR case so there's never any confusion.

Some functions took a pc argument: if it's a JSOP_LOOPHEAD they treated it as
OSR and else it must be script->code() indicating prologue code. However this
is ambiguous as scripts can start with JSOP_LOOPHEAD for while-loops.

This patch changes the code to pass an osrPc instead: if nullptr it's for the
prologue and else it must be a JSOP_LOOPHEAD pc. This avoids any ambiguity and
is similar to what we already do elsewhere.

This patch exposes a bailout issue with --ion-eager when JSOP_LOOPHEAD is the first op in a script. IsPrologueBailout thinks we're doing a prologue bailout when we resume at the LOOPHEAD op so we end up with an enter-Ion => bailout-to-prologue => enter-Ion loop.

Until we improve the prologue logic I think we should just emit a JSOP_NOP for now. That fixes this bug + bug 1602390.

Attachment #9114807 - Attachment is obsolete: true
Priority: -- → P1

Fixing this differently in bug 1602390.

Status: ASSIGNED → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: