Check for post-lower opcodes earlier than normal.

Penguinwizzard · MikeHolman · commit bf4ef6cfb039 · 2017-03-16T15:35:52.000-07:00
This change promotes several asserts to failfasts, and adds two additional ones,
in order to ensure that no post-lower opcodes are added earlier than the lowerer
phase, either by being added to the incoming bytecode buffer, or by corrupting a
part of the IR during the earlier phases of the JIT.
diff --git a/lib/Backend/BackwardPass.cpp b/lib/Backend/BackwardPass.cpp
@@ -2535,6 +2535,8 @@ BackwardPass::ProcessBlock(BasicBlock * block)
         }
 #endif
 
+        AssertOrFailFastMsg(!instr->IsLowered(), "Lowered instruction detected in pre-lower context!");
+
         this->currentInstr = instr;
         this->currentRegion = this->currentBlock->GetFirstInstr()->AsLabelInstr()->GetRegion();
         
diff --git a/lib/Backend/IR.h b/lib/Backend/IR.h
@@ -484,6 +484,7 @@ class Instr
     bool            dstIsAlwaysConvertedToInt32 : 1;
     bool            dstIsAlwaysConvertedToNumber : 1;
     bool            isCallInstrProtectedByNoProfileBailout : 1;
+    bool            isNonFastPathFrameDisplay : 1;
 protected:
     bool            isCloned:1;
     bool            hasBailOutInfo:1;
diff --git a/lib/Backend/IRBuilder.cpp b/lib/Backend/IRBuilder.cpp
@@ -704,7 +704,7 @@ IRBuilder::Build()
             }
         }
 #endif
-        AssertMsg(Js::OpCodeUtil::IsValidByteCodeOpcode(newOpcode), "Error getting opcode from m_jnReader.Op()");
+        AssertOrFailFastMsg(Js::OpCodeUtil::IsValidByteCodeOpcode(newOpcode), "Error getting opcode from m_jnReader.Op()");
 
         uint layoutAndSize = layoutSize * Js::OpLayoutType::Count + Js::OpCodeUtil::GetOpCodeLayout(newOpcode);
         switch(layoutAndSize)
@@ -6824,22 +6824,16 @@ IRBuilder::BuildEmpty(Js::OpCode newOpcode, uint32 offset)
                     Js::Constants::NoByteCodeOffset);
             }
 
-            IR::RegOpnd* tempRegOpnd = IR::RegOpnd::New(StackSym::New(this->m_func), TyVar, this->m_func);
+            IR::Instr* lfd = IR::Instr::New(
+                Js::OpCode::LdFrameDisplay,
+                this->BuildDstOpnd(this->m_func->GetJITFunctionBody()->GetLocalFrameDisplayReg()),
+                this->BuildDstOpnd(this->m_func->GetJITFunctionBody()->GetLocalClosureReg()),
+                this->BuildDstOpnd(this->m_func->GetJITFunctionBody()->GetLocalFrameDisplayReg()),
+                this->m_func);
             this->AddInstr(
-                IR::Instr::New(
-                    Js::OpCode::LdFrameDisplay,
-                    tempRegOpnd,
-                    this->BuildSrcOpnd(this->m_func->GetJITFunctionBody()->GetLocalClosureReg()),
-                    this->BuildSrcOpnd(this->m_func->GetJITFunctionBody()->GetLocalFrameDisplayReg()),
-                    this->m_func),
-                Js::Constants::NoByteCodeOffset);
-            this->AddInstr(
-                IR::Instr::New(
-                    Js::OpCode::MOV,
-                    this->BuildDstOpnd(this->m_func->GetJITFunctionBody()->GetLocalFrameDisplayReg()),
-                    tempRegOpnd,
-                    this->m_func),
+                lfd,
                 Js::Constants::NoByteCodeOffset);
+            lfd->isNonFastPathFrameDisplay = true;
         }
         break;
 
diff --git a/lib/Backend/IRBuilderAsmJs.cpp b/lib/Backend/IRBuilderAsmJs.cpp
@@ -144,7 +144,7 @@ IRBuilderAsmJs::Build()
     {
         Assert(newOpcode != Js::OpCodeAsmJs::EndOfBlock);
 
-        AssertMsg(Js::OpCodeUtilAsmJs::IsValidByteCodeOpcode(newOpcode), "Error getting opcode from m_jnReader.Op()");
+        AssertOrFailFastMsg(Js::OpCodeUtilAsmJs::IsValidByteCodeOpcode(newOpcode), "Error getting opcode from m_jnReader.Op()");
 
         uint layoutAndSize = layoutSize * Js::OpLayoutTypeAsmJs::Count + Js::OpCodeUtilAsmJs::GetOpCodeLayout(newOpcode);
         switch (layoutAndSize)
diff --git a/lib/Backend/Lower.cpp b/lib/Backend/Lower.cpp
@@ -23484,7 +23484,7 @@ void Lowerer::LowerLdFrameDisplay(IR::Instr *instr, bool doStackFrameDisplay)
     // If the dst opnd is a byte code temp, that indicates we're prepending a block scope or some such and
     // shouldn't attempt to do this.
     if (envDepth == (uint16)-1 ||
-        (!doStackFrameDisplay && instr->GetDst()->AsRegOpnd()->m_sym->IsTempReg(instr->m_func)) ||
+        (!doStackFrameDisplay && (instr->isNonFastPathFrameDisplay || instr->GetDst()->AsRegOpnd()->m_sym->IsTempReg(instr->m_func))) ||
         PHASE_OFF(Js::FrameDisplayFastPathPhase, func))
     {
         if (isStrict)

Original file line number	Diff line number	Diff line change
`@@ -2535,6 +2535,8 @@ BackwardPass::ProcessBlock(BasicBlock * block)`
`2535`	`2535`	`}`
`2536`	`2536`	`#endif`
`2537`	`2537`
	`2538`	`+ AssertOrFailFastMsg(!instr->IsLowered(), "Lowered instruction detected in pre-lower context!");`
	`2539`	`+`
`2538`	`2540`	`this->currentInstr = instr;`
`2539`	`2541`	`this->currentRegion = this->currentBlock->GetFirstInstr()->AsLabelInstr()->GetRegion();`
`2540`	`2542`
Original file line number	Diff line number	Diff line change
`@@ -144,7 +144,7 @@ IRBuilderAsmJs::Build()`
`144`	`144`	`{`
`145`	`145`	`Assert(newOpcode != Js::OpCodeAsmJs::EndOfBlock);`
`146`	`146`
`147`		`- AssertMsg(Js::OpCodeUtilAsmJs::IsValidByteCodeOpcode(newOpcode), "Error getting opcode from m_jnReader.Op()");`
	`147`	`+ AssertOrFailFastMsg(Js::OpCodeUtilAsmJs::IsValidByteCodeOpcode(newOpcode), "Error getting opcode from m_jnReader.Op()");`
`148`	`148`
`149`	`149`	`uint layoutAndSize = layoutSize * Js::OpLayoutTypeAsmJs::Count + Js::OpCodeUtilAsmJs::GetOpCodeLayout(newOpcode);`
`150`	`150`	`switch (layoutAndSize)`
Original file line number	Diff line number	Diff line change
`@@ -23484,7 +23484,7 @@ void Lowerer::LowerLdFrameDisplay(IR::Instr *instr, bool doStackFrameDisplay)`
`23484`	`23484`	`// If the dst opnd is a byte code temp, that indicates we're prepending a block scope or some such and`
`23485`	`23485`	`// shouldn't attempt to do this.`
`23486`	`23486`	`if (envDepth == (uint16)-1 \|\|`
`23487`		`- (!doStackFrameDisplay && instr->GetDst()->AsRegOpnd()->m_sym->IsTempReg(instr->m_func)) \|\|`
	`23487`	`+ (!doStackFrameDisplay && (instr->isNonFastPathFrameDisplay \|\| instr->GetDst()->AsRegOpnd()->m_sym->IsTempReg(instr->m_func))) \|\|`
`23488`	`23488`	`PHASE_OFF(Js::FrameDisplayFastPathPhase, func))`
`23489`	`23489`	`{`
`23490`	`23490`	`if (isStrict)`