NEW154223
[JSC] Add some extra validation for the first basic block in B3 and Air 
https://bugs.webkit.org/show_bug.cgi?id=154223
Summary [JSC] Add some extra validation for the first basic block in B3 and Air
Benjamin Poulain
Reported 2016-02-13 16:34:20 PST
[JSC] Add some extra validation for the first basic block in B3 and Air
Attachments
Patch (4.77 KB, patch)
2016-02-13 16:37 PST, Benjamin Poulain 		no flags
DetailsFormatted DiffDiff
Patch (4.77 KB, patch)
2016-02-16 14:35 PST, Benjamin Poulain 		buildbot: commit-queue-
DetailsFormatted DiffDiff
Archive of layout-test-results from ews116 for mac-yosemite (932.06 KB, application/zip)
2016-02-16 15:31 PST, Build Bot 		no flags
Details
Patch (4.77 KB, patch)
2016-02-16 21:01 PST, Benjamin Poulain 		no flags
DetailsFormatted DiffDiff
Patch (4.93 KB, patch)
2016-02-17 14:41 PST, Benjamin Poulain 		fpizlo: review-
DetailsFormatted DiffDiff
Show Obsolete (4) View All Add attachment proposed patch, testcase, etc.
Benjamin Poulain
Comment 1 2016-02-13 16:37:57 PST
Created attachment 271301 [details] Patch
Csaba Osztrogonác
Comment 2 2016-02-14 23:54:12 PST
Comment on attachment 271301 [details] Patch r- due to build failures.
Benjamin Poulain
Comment 3 2016-02-16 14:35:13 PST
Created attachment 271487 [details] Patch
Build Bot
Comment 4 2016-02-16 15:31:41 PST
Comment on attachment 271487 [details] Patch Attachment 271487 [details] did not pass mac-debug-ews (mac): Output: http://webkit-queues.webkit.org/results/842033 New failing tests: js/regress/Float32Array-to-Float64Array-set.html
Build Bot
Comment 5 2016-02-16 15:31:43 PST
Created attachment 271496 [details] Archive of layout-test-results from ews116 for mac-yosemite The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews116 Port: mac-yosemite Platform: Mac OS X 10.10.5
Benjamin Poulain
Comment 6 2016-02-16 21:01:31 PST
Created attachment 271528 [details] Patch
Filip Pizlo
Comment 7 2016-02-16 21:06:53 PST
Comment on attachment 271528 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=271528&action=review > Source/JavaScriptCore/b3/B3Validate.cpp:119 > + if (m_procedure.size()) { We should also validate that m_procedure.size() > 0. > Source/JavaScriptCore/b3/B3Validate.cpp:121 > + VALIDATE(!allPredecessors.contains(entryPoint), ("At ", *entryPoint)); You could just use entryPoint->predecessors, since we validate that it's equivalent to allPredecessors.
Filip Pizlo
Comment 8 2016-02-17 06:30:58 PST
Comment on attachment 271528 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=271528&action=review I think you could improve this a lot. Turning empty procedures/codes into a validation failure is probably the most important. > Source/JavaScriptCore/b3/air/AirLiveness.h:194 > +#if !ASSERT_DISABLED You could use "if (!ASSERT_DISABLED)". You could also condiyionalize this on validation being enabled. > Source/JavaScriptCore/b3/air/AirLiveness.h:198 > + ASSERT(Adapter::isValidOnCodeEntry(index)); ... And make this a release assert > Source/JavaScriptCore/b3/air/AirValidate.cpp:97 > + if (m_code.size()) { You should validate that m_code.size() > 0.
Benjamin Poulain
Comment 9 2016-02-17 14:41:13 PST
Created attachment 271594 [details] Patch
Geoffrey Garen
Comment 10 2016-03-02 12:03:56 PST
Comment on attachment 271594 [details] Patch r=me
Filip Pizlo
Comment 11 2016-03-02 12:09:05 PST
Comment on attachment 271594 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=271594&action=review I think that the m_procedure.size() check in B3Validation should be replaced with a validation rule that m_procedure is not empty. > Source/JavaScriptCore/b3/B3Validate.cpp:119 > + if (m_procedure.size()) { This should assert that m_procedure.size() is not zero. An empty procedure is not valid.
Note You need to log in before you can comment on or make changes to this bug.