Implement the dead temporal zone

With const and let it is possible to access the declared member before initialization. This is expected to throw a type reference error at run-time. We initialize such variables with the empty value when entering their scope and check upon access for that. For locals we place the lexically scoped variables at the end. For register allocated lexical variables we group them into one batch and remember the index/size. Change-Id: Icb493ee0de0525bb682e1bc58981a4dfd33f750e Reviewed-by: Lars Knoll <lars.knoll@qt.io>
author: Simon Hausmann <simon.hausmann@qt.io> 2018-08-21 16:51:17 +0200
committer: Simon Hausmann <simon.hausmann@qt.io> 2018-08-28 17:50:41 +0000
commit: bead103138c0d9dff3c9f927c9c4e2f44ee7db4c (patch)
tree: 32b23e94d07b5169758b426b1ad614e240dae9cd /src/qml/jit
parent: ec6996bcbed583177952f81f5bfaf1d67eb573ad (diff)
4 files changed, 38 insertions, 0 deletions
diff --git a/src/qml/jit/qv4baselineassembler.cpp b/src/qml/jit/qv4baselineassembler.cpp
index c7d8f3c72c..5950901499 100644
--- a/src/qml/jit/qv4baselineassembler.cpp
+++ b/src/qml/jit/qv4baselineassembler.cpp
@@ -66,6 +66,7 @@ namespace JIT {
 #define callHelper(x) PlatformAssemblerCommon::callRuntimeUnchecked(#x, reinterpret_cast<void *>(&x))
 
 const QV4::Value::ValueTypeInternal IntegerTag = QV4::Value::ValueTypeInternal::Integer;
+const QV4::Value::ValueTypeInternal EmptyTag = QV4::Value::ValueTypeInternal::Empty;
 
 static ReturnedValue toNumberHelper(ReturnedValue v)
 {
@@ -172,6 +173,11 @@ public:
         return branch64(Equal, AccumulatorRegister, TrustedImm64(Primitive::emptyValue().asReturnedValue()));
     }
 
+    Jump jumpNotEmpty()
+    {
+        return branch64(NotEqual, AccumulatorRegister, TrustedImm64(Primitive::emptyValue().asReturnedValue()));
+    }
+
     void toBoolean(std::function<void(RegisterID)> continuation)
     {
         urshift64(AccumulatorRegister, TrustedImm32(Value::IsIntegerConvertible_Shift), ScratchRegister);
@@ -634,6 +640,11 @@ public:
         return branch32(Equal, AccumulatorRegisterTag, TrustedImm32(Primitive::emptyValue().asReturnedValue() >> 32));
     }
 
+    Jump jumpNotEmpty()
+    {
+        return branch32(NotEqual, AccumulatorRegisterTag, TrustedImm32(Primitive::emptyValue().asReturnedValue() >> 32));
+    }
+
     void toBoolean(std::function<void(RegisterID)> continuation)
     {
         urshift32(AccumulatorRegisterTag, TrustedImm32(Value::IsIntegerConvertible_Shift - 32),
@@ -1538,6 +1549,19 @@ void BaselineAssembler::popContext()
     pasm()->storeHeapObject(PlatformAssembler::ScratchRegister, regAddr(CallData::Context));
 }
 
+void BaselineAssembler::deadTemporalZoneCheck(int offsetForSavedIP, int variableName)
+{
+    auto valueIsAliveJump = pasm()->jumpNotEmpty();
+    storeInstructionPointer(offsetForSavedIP);
+    saveAccumulatorInFrame();
+    prepareCallWithArgCount(2);
+    passInt32AsArg(variableName, 1);
+    passEngineAsArg(0);
+    ASM_GENERATE_RUNTIME_CALL(Runtime::method_throwReferenceError, CallResultDestination::Ignore);
+    gotoCatchException();
+    valueIsAliveJump.link(pasm());
+}
+
 void BaselineAssembler::ret()
 {
     pasm()->generateFunctionExit();
diff --git a/src/qml/jit/qv4baselineassembler_p.h b/src/qml/jit/qv4baselineassembler_p.h
index 4b64f91cd4..a2140ce47b 100644
--- a/src/qml/jit/qv4baselineassembler_p.h
+++ b/src/qml/jit/qv4baselineassembler_p.h
@@ -161,6 +161,7 @@ public:
     void unwindToLabel(int level, int offset);
     void pushCatchContext(int index, int name);
     void popContext();
+    void deadTemporalZoneCheck(int offsetForSavedIP, int variableName);
 
     // other stuff
     void ret();
diff --git a/src/qml/jit/qv4baselinejit.cpp b/src/qml/jit/qv4baselinejit.cpp
index b729f21059..e9f85a5c6b 100644
--- a/src/qml/jit/qv4baselinejit.cpp
+++ b/src/qml/jit/qv4baselinejit.cpp
@@ -579,6 +579,10 @@ void BaselineJIT::generate_UnwindToLabel(int level, int offset)
     as->unwindToLabel(level, absoluteOffsetForJump(offset));
 }
 
+void BaselineJIT::generate_DeadTemporalZoneCheck(int name)
+{
+    as->deadTemporalZoneCheck(nextInstructionOffset(), name);
+}
 
 void BaselineJIT::generate_ThrowException()
 {
@@ -931,6 +935,13 @@ void BaselineJIT::generate_LoadQmlImportedScripts(int result)
     as->storeReg(result);
 }
 
+void BaselineJIT::generate_InitializeBlockDeadTemporalZone(int firstReg, int count)
+{
+    as->loadValue(Primitive::emptyValue().rawValue());
+    for (int i = firstReg, end = firstReg + count; i < end; ++i)
+        as->storeReg(i);
+}
+
 void BaselineJIT::startInstruction(Instr::Type /*instr*/)
 {
     if (hasLabel())
diff --git a/src/qml/jit/qv4baselinejit_p.h b/src/qml/jit/qv4baselinejit_p.h
index 07a1853816..a3cb850fc1 100644
--- a/src/qml/jit/qv4baselinejit_p.h
+++ b/src/qml/jit/qv4baselinejit_p.h
@@ -134,6 +134,7 @@ public:
     void generate_SetUnwindHandler(int offset) override;
     void generate_UnwindDispatch() override;
     void generate_UnwindToLabel(int level, int offset) override;
+    void generate_DeadTemporalZoneCheck(int name) override;
     void generate_ThrowException() override;
     void generate_GetException() override;
     void generate_SetException() override;
@@ -208,6 +209,7 @@ public:
     void generate_Sub(int lhs) override;
     void generate_LoadQmlContext(int result) override;
     void generate_LoadQmlImportedScripts(int result) override;
+    void generate_InitializeBlockDeadTemporalZone(int firstReg, int count) override;
 
     void startInstruction(Moth::Instr::Type instr) override;
     void endInstruction(Moth::Instr::Type instr) override;
author	Simon Hausmann <simon.hausmann@qt.io>	2018-08-21 16:51:17 +0200
committer	Simon Hausmann <simon.hausmann@qt.io>	2018-08-28 17:50:41 +0000
commit	bead103138c0d9dff3c9f927c9c4e2f44ee7db4c (patch)
tree	32b23e94d07b5169758b426b1ad614e240dae9cd /src/qml/jit
parent	ec6996bcbed583177952f81f5bfaf1d67eb573ad (diff)