[ignition] Fix hole check for dynamic local variables

[ignition] Fix hole check for dynamic local variables

The fast-path for dynamic local variables was previously checking the
lookup variable rather than the shadowed variable when deciding whether
to add a hole check.

BUG=669540
Committed: https://crrev.com/f6ee3b5ff36c00112b01a82ced154f5b22731ace
Cr-Commit-Position: refs/heads/master@{#41677}

[Leszek Swirski, 2016-12-05 16:32:31]

The CQ bit was checked by leszeks@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-12-05 16:32:40]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-12-05 16:56:26]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-12-05 16:56:27]

Dry run: This issue passed the CQ dry run.

[Leszek Swirski, 2016-12-05 17:11:13]

leszeks@chromium.org changed reviewers:
+ adamk@chromium.org, neis@chromium.org

[Leszek Swirski, 2016-12-05 17:11:14]

Adam and Georg, could you please check the correctness of this fix for
crbug.com/669540? Notably, we'll end up doing the hole check twice whenever the
slow path is taken, I don't think this is avoidable?

[rmcilroy, 2016-12-05 19:18:07]

rmcilroy@chromium.org changed reviewers:
+ rmcilroy@chromium.org

[rmcilroy, 2016-12-05 19:18:08]

https://codereview.chromium.org/2551023004/diff/1/src/interpreter/bytecode-ge...
File src/interpreter/bytecode-generator.cc (right):

https://codereview.chromium.org/2551023004/diff/1/src/interpreter/bytecode-ge...
src/interpreter/bytecode-generator.cc:1863: if
(local_variable->binding_needs_init()) {
This seems a bit hacky, I would rather fix the hole_check_mode in scope.cc
AccessNeedsHoleCheck (assuming this is where the error is introduced).

[Leszek Swirski, 2016-12-05 19:42:37]

https://codereview.chromium.org/2551023004/diff/1/src/interpreter/bytecode-ge...
File src/interpreter/bytecode-generator.cc (right):

https://codereview.chromium.org/2551023004/diff/1/src/interpreter/bytecode-ge...
src/interpreter/bytecode-generator.cc:1863: if
(local_variable->binding_needs_init()) {
On 2016/12/05 19:18:07, rmcilroy wrote:
> This seems a bit hacky, I would rather fix the hole_check_mode in scope.cc
> AccessNeedsHoleCheck (assuming this is where the error is introduced).

That's what I thought originally, but non-local variables were explicitly
defined as not needing init in https://codereview.chromium.org/2232343002/
(which is why I added neis and adamk as reviewers).

I'm not sure what a good representation of the semantics is -- the actual lookup
variable itself does not need a hole check (because it's done in the runtime,
and has to be done in the runtime unconditionally because it's runtime anything
can happen). On the fast path, it's the local (non-shadowed) variable that we
care about, and for this one we *do* want the hole check to be conditional, but
it's conditional on some property of the local variable. So, the "needs hole
check" for the lookup variable is correct, it's just not the same as "needs hole
check" for the local variable.

At least, that's how I understand it, I may be way off.

[adamk, 2016-12-06 19:16:42]

https://codereview.chromium.org/2551023004/diff/1/src/interpreter/bytecode-ge...
File src/interpreter/bytecode-generator.cc (right):

https://codereview.chromium.org/2551023004/diff/1/src/interpreter/bytecode-ge...
src/interpreter/bytecode-generator.cc:1863: if
(local_variable->binding_needs_init()) {
On 2016/12/05 19:42:37, Leszek Swirski wrote:
> On 2016/12/05 19:18:07, rmcilroy wrote:
> > This seems a bit hacky, I would rather fix the hole_check_mode in scope.cc
> > AccessNeedsHoleCheck (assuming this is where the error is introduced).
> 
> That's what I thought originally, but non-local variables were explicitly
> defined as not needing init in https://codereview.chromium.org/2232343002/
> (which is why I added neis and adamk as reviewers).
> 
> I'm not sure what a good representation of the semantics is -- the actual
lookup
> variable itself does not need a hole check (because it's done in the runtime,
> and has to be done in the runtime unconditionally because it's runtime
anything
> can happen). On the fast path, it's the local (non-shadowed) variable that we
> care about, and for this one we *do* want the hole check to be conditional,
but
> it's conditional on some property of the local variable. So, the "needs hole
> check" for the lookup variable is correct, it's just not the same as "needs
hole
> check" for the local variable.
> 
> At least, that's how I understand it, I may be way off.

I think it's possible for us to do this determination earlier, in
AccessNeedsHoleCheck, since we have all three pieces of data necessary: the
VariableProxy, the DYNAMIC_LOCAL variable, and the local_if_not_shadowed
variable.

It might be as simple as the following at the top of AccessNeedsHoleCheck():

if (var->mode() == DYNAMIC_LOCAL) return
AccessNeedsHoleCheck(var->local_if_not_shadowed(), proxy, scope);

[Leszek Swirski, 2016-12-07 16:08:00]

The CQ bit was checked by leszeks@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-12-07 16:08:11]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[Leszek Swirski, 2016-12-07 16:09:52]

https://codereview.chromium.org/2551023004/diff/1/src/interpreter/bytecode-ge...
File src/interpreter/bytecode-generator.cc (right):

https://codereview.chromium.org/2551023004/diff/1/src/interpreter/bytecode-ge...
src/interpreter/bytecode-generator.cc:1863: if
(local_variable->binding_needs_init()) {
On 2016/12/06 19:16:42, adamk wrote:
> On 2016/12/05 19:42:37, Leszek Swirski wrote:
> > On 2016/12/05 19:18:07, rmcilroy wrote:
> > > This seems a bit hacky, I would rather fix the hole_check_mode in scope.cc
> > > AccessNeedsHoleCheck (assuming this is where the error is introduced).
> > 
> > That's what I thought originally, but non-local variables were explicitly
> > defined as not needing init in https://codereview.chromium.org/2232343002/
> > (which is why I added neis and adamk as reviewers).
> > 
> > I'm not sure what a good representation of the semantics is -- the actual
> lookup
> > variable itself does not need a hole check (because it's done in the
runtime,
> > and has to be done in the runtime unconditionally because it's runtime
> anything
> > can happen). On the fast path, it's the local (non-shadowed) variable that
we
> > care about, and for this one we *do* want the hole check to be conditional,
> but
> > it's conditional on some property of the local variable. So, the "needs hole
> > check" for the lookup variable is correct, it's just not the same as "needs
> hole
> > check" for the local variable.
> > 
> > At least, that's how I understand it, I may be way off.
> 
> I think it's possible for us to do this determination earlier, in
> AccessNeedsHoleCheck, since we have all three pieces of data necessary: the
> VariableProxy, the DYNAMIC_LOCAL variable, and the local_if_not_shadowed
> variable.
> 
> It might be as simple as the following at the top of AccessNeedsHoleCheck():
> 
> if (var->mode() == DYNAMIC_LOCAL) return
> AccessNeedsHoleCheck(var->local_if_not_shadowed(), proxy, scope);

Fair enough, I was worried that changing it here would be a violation of the
semantics (or too tight a coupling with the execution), but if you're both fine
with it then sure. Done.

[commit-bot: I haz the power, 2016-12-07 16:33:18]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-12-07 16:33:19]

Dry run: This issue passed the CQ dry run.

[adamk, 2016-12-07 17:37:41]

lgtm once you add a DCHECK and a comment

https://codereview.chromium.org/2551023004/diff/20001/src/ast/scopes.cc
File src/ast/scopes.cc (right):

https://codereview.chromium.org/2551023004/diff/20001/src/ast/scopes.cc#newco...
src/ast/scopes.cc:1654: return
AccessNeedsHoleCheck(var->local_if_not_shadowed(), proxy, scope);
Can you add a DCHECK here:

DCHECK(!var->binding_needs_init());

And a comment? The comment should say that dynamically-introduced variables
themselves never need a hole check (since they're VAR bindings, either from var
or function declarations), but that the thing they shadow might need a hole
check.

[Leszek Swirski, 2016-12-13 14:00:47]

On 2016/12/07 17:37:41, adamk wrote:
> lgtm once you add a DCHECK and a comment
> 
> https://codereview.chromium.org/2551023004/diff/20001/src/ast/scopes.cc
> File src/ast/scopes.cc (right):
> 
>
https://codereview.chromium.org/2551023004/diff/20001/src/ast/scopes.cc#newco...
> src/ast/scopes.cc:1654: return
> AccessNeedsHoleCheck(var->local_if_not_shadowed(), proxy, scope);
> Can you add a DCHECK here:
> 
> DCHECK(!var->binding_needs_init());
> 
> And a comment? The comment should say that dynamically-introduced variables
> themselves never need a hole check (since they're VAR bindings, either from
var
> or function declarations), but that the thing they shadow might need a hole
> check.

Thanks Adam, I shamelessly stole your text for the comment.

[Leszek Swirski, 2016-12-13 14:00:52]

The CQ bit was checked by leszeks@chromium.org

[Leszek Swirski, 2016-12-13 14:00:52]

The patchset sent to the CQ was uploaded after l-g-t-m from adamk@chromium.org
Link to the patchset: https://codereview.chromium.org/2551023004/#ps40001
(title: "Add a DCHECK and a comment")

[commit-bot: I haz the power, 2016-12-13 14:00:57]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-12-13 14:28:21]

CQ is committing da patch.

Bot data: {"patchset_id": 40001, "attempt_start_ts": 1481637652090260,
"parent_rev": "165d331f47b778f10e06e8666af267313da20d9a", "commit_rev":
"ce9ae98e1b391fa2e0827b9b2ca4c00abfb0a16f"}

[commit-bot: I haz the power, 2016-12-13 14:28:27]

Description was changed from

==========
[ignition] Fix hole check for dynamic local variables

The fast-path for dynamic local variables was previously checking the
lookup variable rather than the shadowed variable when deciding whether
to add a hole check.

BUG=669540
==========

to

==========
[ignition] Fix hole check for dynamic local variables

The fast-path for dynamic local variables was previously checking the
lookup variable rather than the shadowed variable when deciding whether
to add a hole check.

BUG=669540

Review-Url: https://codereview.chromium.org/2551023004
==========

[commit-bot: I haz the power, 2016-12-13 14:28:27]

Committed patchset #3 (id:40001)

[commit-bot: I haz the power, 2016-12-13 14:29:20]

Description was changed from

==========
[ignition] Fix hole check for dynamic local variables

The fast-path for dynamic local variables was previously checking the
lookup variable rather than the shadowed variable when deciding whether
to add a hole check.

BUG=669540

Review-Url: https://codereview.chromium.org/2551023004
==========

to

==========
[ignition] Fix hole check for dynamic local variables

The fast-path for dynamic local variables was previously checking the
lookup variable rather than the shadowed variable when deciding whether
to add a hole check.

BUG=669540

Committed: https://crrev.com/f6ee3b5ff36c00112b01a82ced154f5b22731ace
Cr-Commit-Position: refs/heads/master@{#41677}
==========

[commit-bot: I haz the power, 2016-12-13 14:29:20]

Patchset 3 (id:??) landed as
https://crrev.com/f6ee3b5ff36c00112b01a82ced154f5b22731ace
Cr-Commit-Position: refs/heads/master@{#41677}