[turbofan] Add inlining guards to Runtime_NewArguments.

This adds debug code that makes sure that the runtime functions that materialize arguments objects, {Runtime_New[Sloppy|Strict]Arguments}, are not being called from within an inlined scope. They would produce wrong results and we should avoid producing code that does this. R=bmeurer@chromium.org Review URL: https://codereview.chromium.org/1343763002 Cr-Commit-Position: refs/heads/master@{#30761}
2015-09-16 04:32:54 -07:00 · 2015-09-16 04:32:54 -07:00 · d0e77b2909
commit d0e77b2909
parent 6209753c74
3 changed files with 23 additions and 0 deletions
--- a/src/frames.cc
+++ b/src/frames.cc
@ -727,6 +727,13 @@ bool JavaScriptFrame::IsConstructor() const {
 }


+bool JavaScriptFrame::HasInlinedFrames() {
+  List<JSFunction*> functions(1);
+  GetFunctions(&functions);
+  return functions.length() > 1;
+}
+
+
 Object* JavaScriptFrame::GetOriginalConstructor() const {
  Address fp = caller_fp();
  if (has_adapted_arguments()) {
--- a/src/frames.h
+++ b/src/frames.h
@ -576,6 +576,10 @@ class JavaScriptFrame: public StandardFrame {
  // Check if this frame is a constructor frame invoked through 'new'.
  bool IsConstructor() const;

+  // Determines whether this frame includes inlined activations. To get details
+  // about the inlined frames use {GetFunctions} and {Summarize}.
+  bool HasInlinedFrames();
+
  // Returns the original constructor function that was used in the constructor
  // call to this frame. Note that this is only valid on constructor frames.
  Object* GetOriginalConstructor() const;
--- a/src/runtime/runtime-scopes.cc
+++ b/src/runtime/runtime-scopes.cc
@ -542,6 +542,12 @@ RUNTIME_FUNCTION(Runtime_NewSloppyArguments) {
  CONVERT_ARG_HANDLE_CHECKED(JSFunction, callee, 0);
  Object** parameters = reinterpret_cast<Object**>(args[1]);
  CONVERT_SMI_ARG_CHECKED(argument_count, 2);
+#ifdef DEBUG
+  // This runtime function does not materialize the correct arguments when the
+  // caller has been inlined, better make sure we are not hitting that case.
+  JavaScriptFrameIterator it(isolate);
+  DCHECK(!it.frame()->HasInlinedFrames());
+#endif  // DEBUG
  return *NewSloppyArguments(isolate, callee, parameters, argument_count);
 }

@ -552,6 +558,12 @@ RUNTIME_FUNCTION(Runtime_NewStrictArguments) {
  CONVERT_ARG_HANDLE_CHECKED(JSFunction, callee, 0)
  Object** parameters = reinterpret_cast<Object**>(args[1]);
  CONVERT_SMI_ARG_CHECKED(argument_count, 2);
+#ifdef DEBUG
+  // This runtime function does not materialize the correct arguments when the
+  // caller has been inlined, better make sure we are not hitting that case.
+  JavaScriptFrameIterator it(isolate);
+  DCHECK(!it.frame()->HasInlinedFrames());
+#endif  // DEBUG
  return *NewStrictArguments(isolate, callee, parameters, argument_count);
 }