Changeset 132182 in webkit for trunk/Source/JavaScriptCore/interpreter/CallFrame.h

Timestamp:

Oct 23, 2012, 12:12:29 AM (13 years ago)

Author:

[email protected]

Message:

Make topCallFrame reliable.
​https://bugs.webkit.org/show_bug.cgi?id=98928.

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

• VM entry points and the GC now uses topCallFrame.
• The callerFrame value in CallFrames are now always the previous frame on the stack, except for the first frame which has a callerFrame of 0 (not counting the HostCallFrameFlag). Hence, we can now traverse every frame on the stack all the way back to the first frame.
• GlobalExec's will no longer be used as the callerFrame values in call frames.
• Added fences and traps for debugging the JSStack in debug builds.

• bytecode/SamplingTool.h:

(SamplingTool):
(JSC::SamplingTool::CallRecord::CallRecord):

• dfg/DFGOperations.cpp:
• Fixed 2 DFG helper functions to flush topCallFrame as expected.
• dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::prepareForExternalCall):

• interpreter/CallFrame.h:

(JSC::ExecState::callerFrameNoFlags):
(ExecState):
(JSC::ExecState::argIndexForRegister):
(JSC::ExecState::getArgumentUnsafe):

• interpreter/CallFrameClosure.h:

(CallFrameClosure):

• interpreter/Interpreter.cpp:

(JSC):
(JSC::eval):
(JSC::Interpreter::Interpreter):
(JSC::Interpreter::throwException):
(JSC::Interpreter::execute):
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):
(JSC::Interpreter::prepareForRepeatCall):
(JSC::Interpreter::endRepeatCall):

• interpreter/Interpreter.h:

(JSC):
(Interpreter):

• interpreter/JSStack.cpp:

(JSC::JSStack::JSStack):
(JSC::JSStack::gatherConservativeRoots):
(JSC::JSStack::disableErrorStackReserve):

• interpreter/JSStack.h:

(JSC):
(JSStack):
(JSC::JSStack::installFence):
(JSC::JSStack::validateFence):
(JSC::JSStack::installTrapsAfterFrame):

• interpreter/JSStackInlines.h: Added.

(JSC):
(JSC::JSStack::getTopOfFrame):
(JSC::JSStack::getTopOfStack):
(JSC::JSStack::getStartOfFrame):
(JSC::JSStack::pushFrame):
(JSC::JSStack::popFrame):
(JSC::JSStack::generateFenceValue):
(JSC::JSStack::installFence):
(JSC::JSStack::validateFence):
(JSC::JSStack::installTrapsAfterFrame):

• jit/JITStubs.cpp:

(JSC::jitCompileFor):
(JSC::lazyLinkFor):

• Set frame->codeBlock to 0 for both the above because they are called with partially intitialized frames (cb uninitialized), but may trigger a GC.

(JSC::DEFINE_STUB_FUNCTION):

• runtime/JSGlobalData.cpp:

(JSC::JSGlobalData::JSGlobalData):

LayoutTests:

• Re-baseline some tests to match the new stack dump results.

• http/tests/inspector/console-resource-errors-expected.txt:
• http/tests/inspector/stacktraces/csp-injected-content-warning-contains-stacktrace-expected.txt:
• http/tests/inspector/stacktraces/csp-inline-warning-contains-stacktrace-expected.txt:

File:

• trunk/Source/JavaScriptCore/interpreter/CallFrame.h (modified) (2 diffs)

trunk/Source/JavaScriptCore/interpreter/CallFrame.h

@@ -257 +257 @@
         CodeBlock* someCodeBlockForPossiblyInlinedCode() { return codeBlock(); }
 #endif
+        CallFrame* callerFrameNoFlags() { return callerFrame()->removeHostCallFrameFlag(); }
         
         // Call this to get the true call frame (accounted for inlining and any
@@ -282 +283 @@
         ~ExecState();
 
+        // The following are for internal use in debugging and verification
+        // code only and not meant as an API for general usage:
+
+        size_t argIndexForRegister(Register* reg)
+        {
+            // The register at 'offset' number of slots from the frame pointer
+            // i.e.
+            //       reg = frame[offset];
+            //   ==> reg = frame + offset;
+            //   ==> offset = reg - frame;
+            int offset = reg - this->registers();
+
+            // The offset is defined (based on argumentOffset()) to be:
+            //       offset = s_firstArgumentOffset - argIndex;
+            // Hence:
+            //       argIndex = s_firstArgumentOffset - offset;
+            size_t argIndex = s_firstArgumentOffset - offset;
+            return argIndex;
+        }
+
+        JSValue getArgumentUnsafe(size_t argIndex)
+        {
+            // User beware! This method does not verify that there is a valid
+            // argument at the specified argIndex. This is used for debugging
+            // and verification code only. The caller is expected to know what
+            // he/she is doing when calling this method.
+            return this[argumentOffset(argIndex)].jsValue();
+        }
+
+        friend class JSStack;
         friend class VMInspector;
     };