Fix issue 265 by handling extra statement state on the frame based on...

src/codegen-ia32.cc

 // Copyright 2006-2008 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 62 matching lines @@
 CodeGenerator::CodeGenerator(int buffer_size, Handle<Script> script,
                              bool is_eval)
     : is_eval_(is_eval),
       script_(script),
       deferred_(8),
       masm_(new MacroAssembler(NULL, buffer_size)),
       scope_(NULL),
       frame_(NULL),
       allocator_(NULL),
       state_(NULL),
-      break_stack_height_(0),
       loop_nesting_(0),
       function_return_is_shadowed_(false),
       in_spilled_code_(false) {
 }
 
 
 // Calling conventions:
 // ebp: caller's frame pointer
 // esp: stack pointer
 // edi: called JS function
 // esi: callee's context
 
 void CodeGenerator::GenCode(FunctionLiteral* fun) {
   // Record the position for debugging purposes.
   CodeForFunctionPosition(fun);
 
   ZoneList<Statement*>* body = fun->body();
 
   // Initialize state.
   ASSERT(scope_ == NULL);
   scope_ = fun->scope();
   ASSERT(allocator_ == NULL);
   RegisterAllocator register_allocator(this);
   allocator_ = &register_allocator;
   ASSERT(frame_ == NULL);
   frame_ = new VirtualFrame(this);
-  function_return_.Initialize(this, JumpTarget::BIDIRECTIONAL);
-  function_return_is_shadowed_ = false;
   set_in_spilled_code(false);
 
   // Adjust for function-level loop nesting.
   loop_nesting_ += fun->loop_nesting();
 
   {
     CodeGenState state(this);
 
     // Entry:
     // Stack: receiver, arguments, return address.
     // ebp: caller's frame pointer
     // esp: stack pointer
     // edi: called JS function
     // esi: callee's context
     allocator_->Initialize();
     frame_->Enter();
-    // tos: code slot
+
 #ifdef DEBUG
     if (strlen(FLAG_stop_at) > 0 &&
         fun->name()->IsEqualTo(CStrVector(FLAG_stop_at))) {
       frame_->SpillAll();
       __ int3();
     }
 #endif
 
     // Allocate space for locals and initialize them.
     frame_->AllocateStackSlots(scope_->num_stack_slots());
+    // Initialize the function return target after the locals are set
+    // up, because it needs the expected frame height from the frame.
+    function_return_.Initialize(this, JumpTarget::BIDIRECTIONAL);
+    function_return_is_shadowed_ = false;
 
     // Allocate the arguments object and copy the parameters into it.
     if (scope_->arguments() != NULL) {
       ASSERT(scope_->arguments_shadow() != NULL);
       Comment cmnt(masm_, "[ Allocate arguments object");
       ArgumentsAccessStub stub(ArgumentsAccessStub::NEW_OBJECT);
       frame_->PushFunction();
       frame_->PushReceiverSlotAddress();
       frame_->Push(Smi::FromInt(scope_->num_parameters()));
       Result answer = frame_->CallStub(&stub, 3);
@@ skipping 1405 matching lines @@
   for (int i = 0; has_valid_frame() && i < statements->length(); i++) {
     Visit(statements->at(i));
   }
 }
 
 
 void CodeGenerator::VisitBlock(Block* node) {
   ASSERT(!in_spilled_code());
   Comment cmnt(masm_, "[ Block");
   CodeForStatementPosition(node);
-  node->set_break_stack_height(break_stack_height_);
   node->break_target()->Initialize(this);
   VisitStatements(node->statements());
   if (node->break_target()->is_linked()) {
     node->break_target()->Bind();
   }
 }
 
 
 void CodeGenerator::DeclareGlobals(Handle<FixedArray> pairs) {
   frame_->Push(pairs);
@@ skipping 181 matching lines @@
       frame_->Drop();
     }
   }
 
   if (exit.is_linked()) {
     exit.Bind();
   }
 }
 
 
-void CodeGenerator::CleanStack(int num_bytes) {
-  ASSERT(num_bytes % kPointerSize == 0);
-  frame_->Drop(num_bytes / kPointerSize);
-}
-
-
 void CodeGenerator::VisitContinueStatement(ContinueStatement* node) {
   ASSERT(!in_spilled_code());
   Comment cmnt(masm_, "[ ContinueStatement");
   CodeForStatementPosition(node);
-  CleanStack(break_stack_height_ - node->target()->break_stack_height());
   node->target()->continue_target()->Jump();
 }
 
 
 void CodeGenerator::VisitBreakStatement(BreakStatement* node) {
   ASSERT(!in_spilled_code());
   Comment cmnt(masm_, "[ BreakStatement");
   CodeForStatementPosition(node);
-  CleanStack(break_stack_height_ - node->target()->break_stack_height());
   node->target()->break_target()->Jump();
 }
 
 
 void CodeGenerator::VisitReturnStatement(ReturnStatement* node) {
   ASSERT(!in_spilled_code());
   Comment cmnt(masm_, "[ ReturnStatement");
 
   if (function_return_is_shadowed_) {
     // If the function return is shadowed, we spill all information
@@ skipping 217 matching lines @@
   }
 
   delete start_frame;
 }
 
 
 void CodeGenerator::VisitSwitchStatement(SwitchStatement* node) {
   ASSERT(!in_spilled_code());
   Comment cmnt(masm_, "[ SwitchStatement");
   CodeForStatementPosition(node);
-  node->set_break_stack_height(break_stack_height_);
   node->break_target()->Initialize(this);
 
   // Compile the switch value.
   Load(node->tag());
 
   if (TryGenerateFastCaseSwitchStatement(node)) {
     return;
   }
 
   ZoneList<CaseClause*>* cases = node->cases();
@@ skipping 107 matching lines @@
   if (node->break_target()->is_linked()) {
     node->break_target()->Bind();
   }
 }
 
 
 void CodeGenerator::VisitLoopStatement(LoopStatement* node) {
   ASSERT(!in_spilled_code());
   Comment cmnt(masm_, "[ LoopStatement");
   CodeForStatementPosition(node);
-  node->set_break_stack_height(break_stack_height_);
   node->break_target()->Initialize(this);
 
   // Simple condition analysis.  ALWAYS_TRUE and ALWAYS_FALSE represent a
   // known result for the test expression, with no side effects.
   enum { ALWAYS_TRUE, ALWAYS_FALSE, DONT_KNOW } info = DONT_KNOW;
   if (node->cond() == NULL) {
     ASSERT(node->type() == LoopStatement::FOR_LOOP);
     info = ALWAYS_TRUE;
   } else {
     Literal* lit = node->cond()->AsLiteral();
@@ skipping 302 matching lines @@
   DecrementLoopNesting();
 }
 
 
 void CodeGenerator::VisitForInStatement(ForInStatement* node) {
   ASSERT(!in_spilled_code());
   VirtualFrame::SpilledScope spilled_scope(this);
   Comment cmnt(masm_, "[ ForInStatement");
   CodeForStatementPosition(node);
 
-  // We keep stuff on the stack while the body is executing.
-  // Record it, so that a break/continue crossing this statement
-  // can restore the stack.
-  const int kForInStackSize = 5 * kPointerSize;
-  break_stack_height_ += kForInStackSize;
-  node->set_break_stack_height(break_stack_height_);
-  node->break_target()->Initialize(this);
-  node->continue_target()->Initialize(this);
-
   JumpTarget primitive(this);
   JumpTarget jsobject(this);
   JumpTarget fixed_array(this);
   JumpTarget entry(this, JumpTarget::BIDIRECTIONAL);
   JumpTarget end_del_check(this);
   JumpTarget exit(this);
 
   // Get the object to enumerate over (converted to JSObject).
   LoadAndSpill(node->enumerable());
 
@@ skipping 68 matching lines @@
   frame_->EmitPush(eax);  // <- slot 2
 
   // Push the length of the array and the initial index onto the stack.
   __ mov(eax, FieldOperand(eax, FixedArray::kLengthOffset));
   __ shl(eax, kSmiTagSize);
   frame_->EmitPush(eax);  // <- slot 1
   frame_->EmitPush(Immediate(Smi::FromInt(0)));  // <- slot 0
 
   // Condition.
   entry.Bind();
+  // Grab the current frame's height for the break and continue
+  // targets only after all the state is pushed on the frame.
+  node->break_target()->Initialize(this);
+  node->continue_target()->Initialize(this);
+
   __ mov(eax, frame_->ElementAt(0));  // load the current count
   __ cmp(eax, frame_->ElementAt(1));  // compare to the array length
   node->break_target()->Branch(above_equal);
 
   // Get the i'th entry of the array.
   __ mov(edx, frame_->ElementAt(2));
   __ mov(ebx, Operand(edx, eax, times_2,
                       FixedArray::kHeaderSize - kHeapObjectTag));
 
   // Get the expected map from the stack or a zero map in the
@@ skipping 62 matching lines @@
   __ add(Operand(eax), Immediate(Smi::FromInt(1)));
   frame_->EmitPush(eax);
   entry.Jump();
 
   // Cleanup.
   node->break_target()->Bind();
   frame_->Drop(5);
 
   // Exit.
   exit.Bind();
-
-  break_stack_height_ -= kForInStackSize;
 }
 
 
 void CodeGenerator::VisitTryCatch(TryCatch* node) {
   ASSERT(!in_spilled_code());
   VirtualFrame::SpilledScope spilled_scope(this);
   Comment cmnt(masm_, "[ TryCatch");
   CodeForStatementPosition(node);
 
   JumpTarget try_block(this);
@@ skipping 245 matching lines @@
     }
   }
 
   // --- Finally block ---
   finally_block.Bind();
 
   // Push the state on the stack.
   frame_->EmitPush(ecx);
 
   // We keep two elements on the stack - the (possibly faked) result
-  // and the state - while evaluating the finally block. Record it, so
-  // that a break/continue crossing this statement can restore the
-  // stack.
-  const int kFinallyStackSize = 2 * kPointerSize;
-  break_stack_height_ += kFinallyStackSize;
-
+  // and the state - while evaluating the finally block.
+  //
   // Generate code for the statements in the finally block.
   VisitStatementsAndSpill(node->finally_block()->statements());
 
-  break_stack_height_ -= kFinallyStackSize;
   if (has_valid_frame()) {
     JumpTarget exit(this);
     // Restore state and return value or faked TOS.
     frame_->EmitPop(ecx);
     frame_->EmitPop(eax);
 
     // Generate code to jump to the right destination for all used
     // formerly shadowing targets.
     for (int i = 0; i <= nof_escapes; i++) {
       if (shadows[i]->is_bound()) {
@@ skipping 3999 matching lines @@
 
   // Slow-case: Go through the JavaScript implementation.
   __ bind(&slow);
   __ InvokeBuiltin(Builtins::INSTANCE_OF, JUMP_FUNCTION);
 }
 
 
 #undef __
 
 } }  // namespace v8::internal