Changeset 159605 in webkit for trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp

Timestamp:

Nov 20, 2013, 9:29:42 PM (12 years ago)

Author:

[email protected]

Message:

Introducing VMEntryScope to update the VM stack limit.
​https://bugs.webkit.org/show_bug.cgi?id=124634.

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

1. Introduced USE(SEPARATE_C_AND_JS_STACK) (defined in Platform.h). Currently, it is hardcoded to use separate C and JS stacks. Once we switch to using the C stack for JS frames, we'll need to fix this to only be enabled when ENABLE(LLINT_C_LOOP).

2. Stack limits are now tracked in the VM.

Logically, there are 2 stack limits:

1. m_stackLimit for the native C stack, and
2. m_jsStackLimit for the JS stack.

If USE(SEPARATE_C_AND_JS_STACK), then the 2 limits are the same
value, and are implemented as 2 fields in a union.

3. The VM native stackLimit is set as follows:
   1. Initially, the VM sets it to the limit of the stack of the thread that instantiated the VM. This allows the parser and bytecode generator to run before we enter the VM to execute JS code.

2. Upon entry into the VM to execute JS code (via one of the Interpreter::execute...() functions), we instantiate a VMEntryScope that sets the VM's stackLimit to the limit of the current thread's stack. The VMEntryScope will automatically restore the previous entryScope and stack limit upon destruction.

If USE(SEPARATE_C_AND_JS_STACK), the JSStack's methods will set the VM's
jsStackLimit whenever it grows or shrinks.

4. The VM now provides a isSafeToRecurse() function that compares the current stack pointer against its native stackLimit. This subsumes and obsoletes the VMStackBounds class.

5. The VMEntryScope class also subsumes DynamicGlobalObjectScope for tracking the JSGlobalObject that we last entered the VM with.

6. Renamed dynamicGlobalObject() to vmEntryGlobalObject() since that is the value that the function retrieves.

7. Changed JIT and LLINT code to do stack checks against the jsStackLimit in the VM class instead of the JSStack.

• API/JSBase.cpp:

(JSEvaluateScript):
(JSCheckScriptSyntax):

• API/JSContextRef.cpp:

(JSGlobalContextRetain):
(JSGlobalContextRelease):

• CMakeLists.txt:
• GNUmakefile.list.am:
• JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
• JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
• JavaScriptCore.xcodeproj/project.pbxproj:
• bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::BytecodeGenerator):

• bytecompiler/BytecodeGenerator.h:

(JSC::BytecodeGenerator::emitNode):
(JSC::BytecodeGenerator::emitNodeInConditionContext):

• debugger/Debugger.cpp:

(JSC::Debugger::detach):
(JSC::Debugger::recompileAllJSFunctions):
(JSC::Debugger::pauseIfNeeded):

• debugger/DebuggerCallFrame.cpp:

(JSC::DebuggerCallFrame::vmEntryGlobalObject):

• debugger/DebuggerCallFrame.h:
• dfg/DFGJITCompiler.cpp:

(JSC::DFG::JITCompiler::compileFunction):

• dfg/DFGOSREntry.cpp:
• ftl/FTLLink.cpp:

(JSC::FTL::link):

• ftl/FTLOSREntry.cpp:
• heap/Heap.cpp:

(JSC::Heap::lastChanceToFinalize):
(JSC::Heap::deleteAllCompiledCode):

• interpreter/CachedCall.h:

(JSC::CachedCall::CachedCall):

• interpreter/CallFrame.cpp:

(JSC::CallFrame::vmEntryGlobalObject):

• interpreter/CallFrame.h:
• interpreter/Interpreter.cpp:

(JSC::unwindCallFrame):
(JSC::Interpreter::unwind):
(JSC::Interpreter::execute):
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):
(JSC::Interpreter::prepareForRepeatCall):
(JSC::Interpreter::debug):

• interpreter/JSStack.cpp:

(JSC::JSStack::JSStack):
(JSC::JSStack::growSlowCase):

• interpreter/JSStack.h:
• interpreter/JSStackInlines.h:

(JSC::JSStack::shrink):
(JSC::JSStack::grow):

• Moved these inlined functions here from JSStack.h. It reduces some #include dependencies of JSSTack.h which had previously resulted in some EWS bots' unhappiness with this patch.

(JSC::JSStack::updateStackLimit):

• jit/JIT.cpp:

(JSC::JIT::privateCompile):

• jit/JITCall.cpp:

(JSC::JIT::compileLoadVarargs):

• jit/JITCall32_64.cpp:

(JSC::JIT::compileLoadVarargs):

• jit/JITOperations.cpp:
• llint/LLIntSlowPaths.cpp:
• llint/LowLevelInterpreter.asm:
• parser/Parser.cpp:

(JSC::::Parser):

• parser/Parser.h:

(JSC::Parser::canRecurse):

• runtime/CommonSlowPaths.h:
• runtime/Completion.cpp:

(JSC::evaluate):

• runtime/FunctionConstructor.cpp:

(JSC::constructFunctionSkippingEvalEnabledCheck):

• runtime/JSGlobalObject.cpp:
• runtime/JSGlobalObject.h:
• runtime/StringRecursionChecker.h:

(JSC::StringRecursionChecker::performCheck):

• runtime/VM.cpp:

(JSC::VM::VM):
(JSC::VM::releaseExecutableMemory):
(JSC::VM::throwException):

• runtime/VM.h:

(JSC::VM::addressOfJSStackLimit):
(JSC::VM::jsStackLimit):
(JSC::VM::setJSStackLimit):
(JSC::VM::stackLimit):
(JSC::VM::setStackLimit):
(JSC::VM::isSafeToRecurse):

• runtime/VMEntryScope.cpp: Added.

(JSC::VMEntryScope::VMEntryScope):
(JSC::VMEntryScope::~VMEntryScope):
(JSC::VMEntryScope::requiredCapacity):

• runtime/VMEntryScope.h: Added.

(JSC::VMEntryScope::globalObject):

• runtime/VMStackBounds.h: Removed.

Source/WebCore:

No new tests.

Renamed dynamicGlobalObject() to vmEntryGlobalObject().
Replaced uses of DynamicGlobalObjectScope with VMEntryScope.

• ForwardingHeaders/runtime/VMEntryScope.h: Added.
• WebCore.vcxproj/WebCore.vcxproj:
• WebCore.vcxproj/WebCore.vcxproj.filters:
• bindings/js/JSCryptoAlgorithmBuilder.cpp:

(WebCore::JSCryptoAlgorithmBuilder::add):

• bindings/js/JSCustomXPathNSResolver.cpp:

(WebCore::JSCustomXPathNSResolver::create):

• bindings/js/JSDOMBinding.cpp:

(WebCore::firstDOMWindow):

• bindings/js/JSErrorHandler.cpp:

(WebCore::JSErrorHandler::handleEvent):

• bindings/js/JSEventListener.cpp:

(WebCore::JSEventListener::handleEvent):

• bindings/js/JavaScriptCallFrame.h:

(WebCore::JavaScriptCallFrame::vmEntryGlobalObject):

• bindings/js/PageScriptDebugServer.cpp:

(WebCore::PageScriptDebugServer::recompileAllJSFunctions):

• bindings/js/ScriptDebugServer.cpp:

(WebCore::ScriptDebugServer::evaluateBreakpointAction):
(WebCore::ScriptDebugServer::handlePause):

• bindings/js/WorkerScriptDebugServer.cpp:

(WebCore::WorkerScriptDebugServer::recompileAllJSFunctions):

• bindings/objc/WebScriptObject.mm:

(WebCore::addExceptionToConsole):

• bridge/c/c_utility.cpp:

(JSC::Bindings::convertValueToNPVariant):

• bridge/objc/objc_instance.mm:

(ObjcInstance::moveGlobalExceptionToExecState):

• bridge/objc/objc_runtime.mm:

(JSC::Bindings::convertValueToObjcObject):

• bridge/objc/objc_utility.mm:

(JSC::Bindings::convertValueToObjcValue):

Source/WebKit/mac:

• WebView/WebScriptDebugger.mm:

(WebScriptDebugger::sourceParsed):

Source/WTF:

• wtf/Platform.h:
• wtf/StackBounds.h:

(WTF::StackBounds::StackBounds):

File:

• trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp (modified) (12 diffs)

trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp

@@ -67 +67 @@
 #include "StrictEvalActivation.h"
 #include "StrongInlines.h"
-#include "VMStackBounds.h"
+#include "VMEntryScope.h"
 #include "VirtualRegister.h"
 
@@ -396 +396 @@
     JSScope* scope = callFrame->scope();
 
-    if (Debugger* debugger = callFrame->dynamicGlobalObject()->debugger()) {
+    if (Debugger* debugger = callFrame->vmEntryGlobalObject()->debugger()) {
         if (callFrame->callee())
             debugger->returnEvent(callFrame);
@@ -651 +651 @@
     ASSERT(!exceptionValue.isObject() || asObject(exceptionValue)->hasProperty(callFrame, callFrame->vm().propertyNames->stack));
 
-    Debugger* debugger = callFrame->dynamicGlobalObject()->debugger();
+    Debugger* debugger = callFrame->vmEntryGlobalObject()->debugger();
     if (debugger && debugger->needsExceptionCallbacks()) {
         // We need to clear the exception and the exception stack here in order to see if a new exception happens.
@@ -740 +740 @@
         return jsNull();
 
-    StackStats::CheckPoint stackCheckPoint;
-    const VMStackBounds vmStackBounds(vm, wtfThreadData().stack());
-    if (!vmStackBounds.isSafeToRecurse())
+    VMEntryScope entryScope(vm, scope->globalObject());
+    if (!vm.isSafeToRecurse())
         return checkedReturn(throwStackOverflowError(callFrame));
 
@@ -748 +747 @@
     // we'll handle the JSON object here. Else, we'll handle real JS code
     // below at failedJSONP.
-    DynamicGlobalObjectScope globalObjectScope(vm, scope->globalObject());
+
     Vector<JSONPData> JSONPData;
     bool parseResult;
@@ -901 +900 @@
         return jsNull();
 
-    StackStats::CheckPoint stackCheckPoint;
-    const VMStackBounds vmStackBounds(vm, wtfThreadData().stack());
-    if (!vmStackBounds.isSafeToRecurse())
-        return checkedReturn(throwStackOverflowError(callFrame));
-
     bool isJSCall = (callType == CallTypeJS);
     JSScope* scope;
@@ -917 +911 @@
         scope = callFrame->scope();
     }
-    DynamicGlobalObjectScope globalObjectScope(vm, scope->globalObject());
+
+    VMEntryScope entryScope(vm, scope->globalObject());
+    if (!vm.isSafeToRecurse())
+        return checkedReturn(throwStackOverflowError(callFrame));
 
     if (isJSCall) {
@@ -979 +976 @@
         return checkedReturn(throwStackOverflowError(callFrame));
 
-    StackStats::CheckPoint stackCheckPoint;
-    const VMStackBounds vmStackBounds(vm, wtfThreadData().stack());
-    if (!vmStackBounds.isSafeToRecurse())
-        return checkedReturn(throwStackOverflowError(callFrame));
-
     bool isJSConstruct = (constructType == ConstructTypeJS);
     JSScope* scope;
@@ -996 +988 @@
     }
 
-    DynamicGlobalObjectScope globalObjectScope(vm, scope->globalObject());
+    VMEntryScope entryScope(vm, scope->globalObject());
+    if (!vm.isSafeToRecurse())
+        return checkedReturn(throwStackOverflowError(callFrame));
 
     if (isJSConstruct) {
@@ -1066 +1060 @@
         return CallFrameClosure();
 
-    StackStats::CheckPoint stackCheckPoint;
-    const VMStackBounds vmStackBounds(vm, wtfThreadData().stack());
-    if (!vmStackBounds.isSafeToRecurse()) {
-        throwStackOverflowError(callFrame);
-        return CallFrameClosure();
-    }
-
     // Compile the callee:
     JSObject* error = functionExecutable->prepareForExecution(callFrame, scope, CodeForCall);
@@ -1166 +1153 @@
         return jsNull();
 
-    DynamicGlobalObjectScope globalObjectScope(vm, scope->globalObject());
-
-    StackStats::CheckPoint stackCheckPoint;
-    const VMStackBounds vmStackBounds(vm, wtfThreadData().stack());
-    if (!vmStackBounds.isSafeToRecurse())
-        return checkedReturn(throwStackOverflowError(callFrame));
+    VMEntryScope entryScope(vm, scope->globalObject());
+    if (!vm.isSafeToRecurse())
+        return checkedReturn(throwStackOverflowError(callFrame));        
 
     unsigned numVariables = eval->numVariables();
@@ -1252 +1236 @@
 NEVER_INLINE void Interpreter::debug(CallFrame* callFrame, DebugHookID debugHookID)
 {
-    Debugger* debugger = callFrame->dynamicGlobalObject()->debugger();
+    Debugger* debugger = callFrame->vmEntryGlobalObject()->debugger();
     if (!debugger || !debugger->needsOpDebugCallbacks())
         return;