Changeset 153211 in webkit for trunk/Source/JavaScriptCore/interpreter/CallFrame.cpp

Timestamp:

Jul 24, 2013, 9:02:07 PM (12 years ago)

Author:

[email protected]

Message:

fourthTier: CallFrame::trueCallFrame() should populate the bytecodeOffset field
when reifying inlined frames..
​https://bugs.webkit.org/show_bug.cgi?id=117209.

Reviewed by Geoffrey Garen.

When reifying an inlined frame, we fill in its CodeBlock, and
bytecodeOffset. We also set the InlinedFrame bit in the location field.
This is needed in order to iterate the stack correctly. Here's why:

Let's say we have the following stack trace:

X calls A inlines B inlines C calls D

Based on the above scenario,

1. D's callerFrame points to A (not C).
2. A has a codeOriginIndex that points to C.

When iterating the stack (from D back towards X), we will encounter A
twice:

t1. when trying to find C as D's caller.

This is the time when we reify B and C using the
codeOriginIndex in A, and return C as the caller frame of D.

t2. when getting's the reified B's caller.

This time, we don't run the reification process, and
just take A as the caller frame of B.

To discern which treatment of the DFG frame (i.e. A) we need to apply,
we check if the callee is an inlined frame:

If callee is NOT an inlined frame (e.g. frame D), apply treatment t1.
If callee is an inlined frame (e.g. frame B), apply treatment t2.

Why not just reify A by replacing its codeOriginIndex with A's
bytecodeOffset?

We can't do this because D's callerFrame pointer still points to A, and
needs to remain that way because we did not deopt A. It remains a DFG
frame which inlined B and C.

If we replace the codeOriginIndex in A with A's bytecodeOffset, we will
only get to iterate the stack correctly once. If we try to iterate the
stack a second time, we will not have the information from the
codeOriginIndex to tell us that D's caller is actually the inlined C,
and not A.

To recap, when reifying frames for stack iteration purposes, the DFG
frame needs to hold on to its codeOriginIndex. This in turn means the
DFG frame will need to be treated in 2 possible ways, and we need to
know if a callee frame is an inlined frame in order to choose the
correct treatment for the DFG frame.

Other changes:

• Simplified Interpreter::getCallerInfo().
• Removed CodeBlock::codeOriginForReturn() and supporting code which is now unneeded.
• Moved CallFrame location bit encoding from the CodeOrigin to the new CallFrame::Location class.
• Explicitly tagged inlined frames. This is necessary in order to iterate the stack correctly as explained above.

• bytecode/CodeBlock.cpp:
• bytecode/CodeBlock.h:

(JSC::CodeBlock::codeOrigins):
(CodeBlock):
(JSC::CodeBlock::codeOrigin):
(RareData):

• bytecode/CodeOrigin.h:

(CodeOrigin):

• dfg/DFGJITCompiler.cpp:

(JSC::DFG::JITCompiler::link):

• dfg/DFGJITCompiler.h:

(JSC::DFG::JITCompiler::beginCall):

• interpreter/CallFrame.cpp:

(JSC::CallFrame::trueCallFrame):
(JSC::CallFrame::trueCallerFrame):
(JSC::CallFrame::bytecodeOffsetFromCodeOriginIndex):

• interpreter/CallFrame.h:

(Location):
(ExecState):
(JSC::ExecState::trueCallerFrame):
(JSC::ExecState::callerFrameNoFlags):

• interpreter/CallFrameInlines.h:

(JSC::CallFrame::Location::encode):
(JSC::CallFrame::Location::decode):
(JSC::CallFrame::Location::isBytecodeOffset):
(JSC::CallFrame::Location::isCodeOriginIndex):
(JSC::CallFrame::Location::isInlinedFrame):
(JSC::CallFrame::isInlinedFrame):
(JSC::CallFrame::setIsInlinedFrame):
(JSC::CallFrame::hasLocationAsBytecodeOffset):
(JSC::CallFrame::hasLocationAsCodeOriginIndex):
(JSC::CallFrame::locationAsBytecodeOffset):
(JSC::CallFrame::setLocationAsBytecodeOffset):
(JSC::CallFrame::locationAsCodeOriginIndex):

• interpreter/Interpreter.cpp:

(JSC::getCallerInfo):
(JSC::Interpreter::getStackTrace):
(JSC::Interpreter::findFunctionCallFrameFromVMCode):

• runtime/Arguments.cpp:

(JSC::Arguments::tearOff):

File:

• trunk/Source/JavaScriptCore/interpreter/CallFrame.cpp (modified) (6 diffs)

trunk/Source/JavaScriptCore/interpreter/CallFrame.cpp

@@ -53 +53 @@
 {
     ASSERT(codeBlock());
-    ASSERT(!CodeOrigin::isHandle(offset));
+    ASSERT(Location::isBytecodeOffset(offset));
     setCurrentVPC(codeBlock()->instructions().begin() + offset);
     ASSERT(hasLocationAsBytecodeOffset());
@@ -69 +69 @@
     
 #if ENABLE(DFG_JIT)
-bool CallFrame::isInlineCallFrameSlow()
-{
-    if (!callee())
-        return false;
-    JSCell* calleeAsFunctionCell = getJSFunction(callee());
-    if (!calleeAsFunctionCell)
-        return false;
-    JSFunction* calleeAsFunction = jsCast<JSFunction*>(calleeAsFunctionCell);
-    return calleeAsFunction->executable() != codeBlock()->ownerExecutable();
-}
-
-CallFrame* CallFrame::trueCallFrame(AbstractPC pc)
+CallFrame* CallFrame::trueCallFrame()
 {
     // Am I an inline call frame? If so, we're done.
-    if (isInlineCallFrame())
+    if (isInlinedFrame())
         return this;
     
@@ -96 +85 @@
         return this;
     
-    // At this point the PC must be due either to the DFG, or it must be unset.
-    ASSERT(pc.hasJITReturnAddress() || !pc);
-    
     // Try to determine the CodeOrigin. If we don't have a pc set then the only way
     // that this makes sense is if the CodeOrigin index was set in the call frame.
-    // FIXME: Note that you will see "Not currently in inlined code" comments below.
-    // Currently, we do not record code origins for code that is not inlined, because
-    // the only thing that we use code origins for is determining the inline stack.
-    // But in the future, we'll want to use this same functionality (having a code
-    // origin mapping for any calls out of JIT code) to determine the PC at any point
-    // in the stack even if not in inlined code. When that happens, the code below
-    // will have to change the way it detects the presence of inlining: it will always
-    // get a code origin, but sometimes, that code origin will not have an inline call
-    // frame. In that case, this method should bail and return this.
     CodeOrigin codeOrigin;
-    if (pc.isSet()) {
-        ReturnAddressPtr currentReturnPC = pc.jitReturnAddress();
-        
-        bool hasCodeOrigin = machineCodeBlock->codeOriginForReturn(currentReturnPC, codeOrigin);
-        ASSERT(hasCodeOrigin);
-        if (!hasCodeOrigin) {
-            // In release builds, if we find ourselves in a situation where the return PC doesn't
-            // correspond to a valid CodeOrigin, we return zero instead of continuing. Some of
-            // the callers of trueCallFrame() will be able to recover and do conservative things,
-            // while others will crash.
-            return 0;
-        }
-    } else {
-        unsigned index = locationAsCodeOriginIndex();
-        ASSERT(machineCodeBlock->canGetCodeOrigin(index));
-        if (!machineCodeBlock->canGetCodeOrigin(index)) {
-            // See above. In release builds, we try to protect ourselves from crashing even
-            // though stack walking will be goofed up.
-            return 0;
-        }
-        codeOrigin = machineCodeBlock->codeOrigin(index);
+    unsigned index = locationAsCodeOriginIndex();
+    ASSERT(machineCodeBlock->canGetCodeOrigin(index));
+    if (!machineCodeBlock->canGetCodeOrigin(index)) {
+        // See above. In release builds, we try to protect ourselves from crashing even
+        // though stack walking will be goofed up.
+        return 0;
     }
+    codeOrigin = machineCodeBlock->codeOrigin(index);
 
     if (!codeOrigin.inlineCallFrame)
         return this; // Not currently in inlined code.
-    
+
+    CodeOrigin innerMostCodeOrigin = codeOrigin;
+
     for (InlineCallFrame* inlineCallFrame = codeOrigin.inlineCallFrame; inlineCallFrame;) {
         InlineCallFrame* nextInlineCallFrame = inlineCallFrame->caller.inlineCallFrame;
@@ -145 +110 @@
         
         // Fill in the inlinedCaller
-        inlinedCaller->setCodeBlock(machineCodeBlock);
+        inlinedCaller->setCodeBlock(inlineCallFrame->baselineCodeBlock());
         if (calleeAsFunction)
             inlinedCaller->setScope(calleeAsFunction->scope());
@@ -155 +120 @@
         inlinedCaller->setInlineCallFrame(inlineCallFrame);
         inlinedCaller->setArgumentCountIncludingThis(inlineCallFrame->arguments.size());
+        inlinedCaller->setLocationAsBytecodeOffset(codeOrigin.bytecodeIndex);
+        inlinedCaller->setIsInlinedFrame();
         if (calleeAsFunction)
             inlinedCaller->setCallee(calleeAsFunction);
         
+        codeOrigin = inlineCallFrame->caller;
         inlineCallFrame = nextInlineCallFrame;
     }
     
-    return this + codeOrigin.inlineCallFrame->stackOffset;
+    return this + innerMostCodeOrigin.inlineCallFrame->stackOffset;
 }
         
 CallFrame* CallFrame::trueCallerFrame()
 {
+    CallFrame* callerFrame = this->callerFrame()->removeHostCallFrameFlag();
     if (!codeBlock())
-        return callerFrame()->removeHostCallFrameFlag();
+        return callerFrame;
 
     // this -> The callee; this is either an inlined callee in which case it already has
@@ -177 +146 @@
 
     // Am I an inline call frame? If so, we're done.
-    if (isInlineCallFrame())
-        return callerFrame()->removeHostCallFrameFlag();
+    if (isInlinedFrame())
+        return callerFrame;
     
     // I am a machine call frame, so the question is: is my caller a machine call frame
     // that has inlines or a machine call frame that doesn't?
-    CallFrame* machineCaller = callerFrame()->removeHostCallFrameFlag();
-    if (!machineCaller)
+    if (!callerFrame)
         return 0;
-    ASSERT(!machineCaller->isInlineCallFrame());
+
+    if (!callerFrame->codeBlock())
+        return callerFrame;
+    ASSERT(!callerFrame->isInlinedFrame());
     
-    // Figure out how we want to get the current code location.
-    if (!hasReturnPC() || returnAddressIsInCtiTrampoline(returnPC()))
-        return machineCaller->trueCallFrameFromVMCode()->removeHostCallFrameFlag();
-    
-    return machineCaller->trueCallFrame(returnPC())->removeHostCallFrameFlag();
+    return callerFrame->trueCallFrame()->removeHostCallFrameFlag();
 }
 
-CodeBlock* CallFrame::someCodeBlockForPossiblyInlinedCode()
+unsigned CallFrame::bytecodeOffsetFromCodeOriginIndex()
 {
-    if (!isInlineCallFrame())
-        return codeBlock();
-    
-    return jsCast<FunctionExecutable*>(inlineCallFrame()->executable.get())->baselineCodeBlockFor(
-        inlineCallFrame()->isCall ? CodeForCall : CodeForConstruct);
+    ASSERT(hasLocationAsCodeOriginIndex());
+    CodeBlock* codeBlock = this->codeBlock();
+    ASSERT(codeBlock);
+
+    CodeOrigin codeOrigin;
+    unsigned index = locationAsCodeOriginIndex();
+    ASSERT(codeBlock->canGetCodeOrigin(index));
+    codeOrigin = codeBlock->codeOrigin(index);
+
+    for (InlineCallFrame* inlineCallFrame = codeOrigin.inlineCallFrame; inlineCallFrame;) {
+        if (inlineCallFrame->baselineCodeBlock() == codeBlock)
+            return codeOrigin.bytecodeIndex;
+
+        codeOrigin = inlineCallFrame->caller;
+        inlineCallFrame = codeOrigin.inlineCallFrame;
+    }
+    return codeOrigin.bytecodeIndex;
 }
 
-#endif
+#endif // ENABLE(DFG_JIT)
 
 Register* CallFrame::frameExtentInternal()