Changeset 34085 in webkit for trunk/JavaScriptCore

Timestamp:

May 23, 2008, 10:50:51 AM (17 years ago)

Author:

[email protected]

Message:

2008-05-23 Geoffrey Garen <​[email protected]>

Reviewed by Darin Adler, Kevin McCullough, and Oliver Hunt.

Fixed <rdar://problem/5959447> Crashes and incorrect reporting in the
JavaScript profiler

• VM/Machine.cpp: (KJS::callEval): Made this profiler hooks slightly faster by passing in the eval function.

(KJS::Machine::unwindCallFrame): Fixed incorrect reporting / a crash
when unwinding from inside eval and/or program code: detect the
difference, and do the right thing. Also, be sure to notify the profiler
*before* deref'ing the scope chain, since the profiler uses the scope chain.

(KJS::Machine::execute): Fixed incorrect reporting / crash when calling
a JS function re-entrently: Machine::execute(FunctionBodyNode*...)
should not invoke the didExecute hook, because op_ret already does that.
Also, use the new function's ExecState when calling out to the profiler.
(Not important now, but could have become a subtle bug later.)

(KJS::Machine::privateExecute): Fixed a hard to reproduce crash when
profiling JS functions: notify the profiler *before* deref'ing the scope
chain, since the profiler uses the scope chain.

• kjs/object.cpp: (KJS::JSObject::call): Removed these hooks, because they are now unnecessary.

• profiler/Profile.cpp: Added a comment to explain a subtlety that only Kevin and I understood previously. (Now, the whole world can understand!)

• profiler/Profiler.cpp: (KJS::shouldExcludeFunction): Don't exclude .call and .apply. That was a hack to fix bugs that no longer exist.

Finally, sped things up a little bit by changing the "Is the profiler
running?" check into an ASSERT, since we only call into the profiler
when it's running:

(KJS::Profiler::willExecute):
(KJS::Profiler::didExecute):

Location:

trunk/JavaScriptCore

Files:

• ChangeLog (modified) (1 diff)
• VM/Machine.cpp (modified) (9 diffs)
• kjs/object.cpp (modified) (1 diff)
• profiler/Profile.cpp (modified) (2 diffs)
• profiler/Profiler.cpp (modified) (5 diffs)

trunk/JavaScriptCore/ChangeLog

@@ +1 @@
+2008-05-23  Geoffrey Garen  <[email protected]>
+
+        Reviewed by Darin Adler, Kevin McCullough, and Oliver Hunt.
+        
+        Fixed <rdar://problem/5959447> Crashes and incorrect reporting in the
+        JavaScript profiler
+
+        * VM/Machine.cpp:
+        (KJS::callEval): Made this profiler hooks slightly faster by passing in
+        the eval function.
+        
+        (KJS::Machine::unwindCallFrame): Fixed incorrect reporting / a crash
+        when unwinding from inside eval and/or program code: detect the
+        difference, and do the right thing. Also, be sure to notify the profiler
+        *before* deref'ing the scope chain, since the profiler uses the scope chain.
+
+        (KJS::Machine::execute): Fixed incorrect reporting / crash when calling
+        a JS function re-entrently: Machine::execute(FunctionBodyNode*...)
+        should not invoke the didExecute hook, because op_ret already does that.
+        Also, use the new function's ExecState when calling out to the profiler.
+        (Not important now, but could have become a subtle bug later.)
+
+        (KJS::Machine::privateExecute): Fixed a hard to reproduce crash when
+        profiling JS functions: notify the profiler *before* deref'ing the scope
+        chain, since the profiler uses the scope chain.
+
+        * kjs/object.cpp:
+        (KJS::JSObject::call): Removed these hooks, because they are now unnecessary.
+
+        * profiler/Profile.cpp: Added a comment to explain a subtlety that only
+        Kevin and I understood previously. (Now, the whole world can understand!)
+
+        * profiler/Profiler.cpp:
+        (KJS::shouldExcludeFunction): Don't exclude .call and .apply. That was
+        a hack to fix bugs that no longer exist.
+
+        Finally, sped things up a little bit by changing the "Is the profiler
+        running?" check into an ASSERT, since we only call into the profiler
+        when it's running:
+
+        (KJS::Profiler::willExecute):
+        (KJS::Profiler::didExecute):
+
 2008-05-23  Adam Roben  <[email protected]>
 

trunk/JavaScriptCore/VM/Machine.cpp

@@ -438 +438 @@
 }
 
-static NEVER_INLINE JSValue* callEval(ExecState* exec, JSObject* thisObj, ScopeChainNode* scopeChain, RegisterFile* registerFile, Register* r, int argv, int argc, JSValue*& exceptionValue)
+static NEVER_INLINE JSValue* callEval(ExecState* exec, JSObject* thisObj, JSObject* evalFunction, ScopeChainNode* scopeChain, RegisterFile* registerFile, Register* r, int argv, int argc, JSValue*& exceptionValue)
 {
     Profiler** profiler = Profiler::enabledProfilerReference();
-    JSObject* evalFunction = scopeChain->globalObject()->evalFunction();
     if (*profiler)
         (*profiler)->willExecute(exec, evalFunction);
@@ -577 +576 @@
     }
 
+    Register* callFrame = r - oldCodeBlock->numLocals - CallFrameHeaderSize;
+    
+    if (Profiler* profiler = *Profiler::enabledProfilerReference()) {
+        if (!isGlobalCallFrame(registerBase, r) && callFrame[Callee].u.jsObject) // Check for global and eval code
+            profiler->didExecute(exec, callFrame[Callee].u.jsObject);
+        else
+            profiler->didExecute(exec, codeBlock->ownerNode->sourceURL(), codeBlock->ownerNode->lineNo());
+    }
+
     if (oldCodeBlock->needsFullScopeChain)
         scopeChain->deref();
@@ -583 +591 @@
         return false;
 
-    Register* callFrame = r - oldCodeBlock->numLocals - CallFrameHeaderSize;
-    
     codeBlock = callFrame[CallerCodeBlock].u.codeBlock;
     if (!codeBlock)
@@ -602 +608 @@
     vPC = callFrame[ReturnVPC].u.vPC;
 
-    if (Profiler* profiler = *Profiler::enabledProfilerReference())
-        profiler->didExecute(exec, callFrame[Callee].u.jsObject);
     return true;
 }
@@ -669 +673 @@
         scopeChain = scopeChain->copy();
 
+    ExecState newExec(exec, this, registerFile, scopeChain, -1);
+
     Profiler** profiler = Profiler::enabledProfilerReference();
     if (*profiler)
         (*profiler)->willExecute(exec, programNode->sourceURL(), programNode->lineNo());
-
-    ExecState newExec(exec, this, registerFile, scopeChain, -1);
 
     m_reentryDepth++;
@@ -739 +743 @@
     JSValue* result = privateExecute(Normal, &newExec, registerFile, r, scopeChain, newCodeBlock, exception);
     m_reentryDepth--;
-
-    if (*profiler)
-        (*profiler)->didExecute(exec, function);
 
     registerFile->shrink(oldSize);
@@ -1865 +1866 @@
             registerFile->setSafeForReentry(true);
 
-            JSValue* result = callEval(exec, thisObject, scopeChain, registerFile, r, argv, argc, exceptionValue);
+            JSValue* result = callEval(exec, thisObject, static_cast<JSObject*>(funcVal), scopeChain, registerFile, r, argv, argc, exceptionValue);
 
             registerFile->setSafeForReentry(false);
@@ -1975 +1976 @@
             activation->copyRegisters();
         }
+
+        if (*enabledProfilerReference)
+            (*enabledProfilerReference)->didExecute(exec, callFrame[Callee].u.jsObject);
 
         if (codeBlock->needsFullScopeChain)
@@ -1996 +2000 @@
         int r0 = callFrame[ReturnValueRegister].u.i;
         r[r0].u.jsValue = returnValue;
-
-        if (*enabledProfilerReference)
-            (*enabledProfilerReference)->didExecute(exec, callFrame[Callee].u.jsObject);
 
         NEXT_OPCODE;

trunk/JavaScriptCore/kjs/object.cpp

@@ -92 +92 @@
   }
 #endif
-    CallData data;
-    JSValue *ret;
-    if (this->getCallData(data) == CallTypeJS) {
-        // A native function will enter the VM, which will allow the profiler 
-        // to detect entry
-        ret = callAsFunction(exec,thisObj,args); 
-    } else {
-        Profiler** profiler = Profiler::enabledProfilerReference();
-        if (*profiler)
-            (*profiler)->willExecute(exec, this);
-        
-        ret = callAsFunction(exec,thisObj,args); 
-        
-        if (*profiler)
-            (*profiler)->didExecute(exec, this);
-    }
+  JSValue* ret = callAsFunction(exec,thisObj,args); 
+
 #if KJS_MAX_STACK > 0
   --depth;

trunk/JavaScriptCore/profiler/Profile.cpp

@@ -57 +57 @@
 {
     ASSERT(m_currentNode);
-
     m_currentNode = m_currentNode->willExecute(callIdentifier);
 }
@@ -63 +62 @@
 void Profile::didExecute(const CallIdentifier& callIdentifier)
 {
+    ASSERT(m_currentNode);
+
+    // In case the profiler started recording calls in the middle of a stack frame,
+    // when returning up the stack it needs to insert the calls it missed on the
+    // way down.
     if (m_currentNode == m_headNode) {
         m_currentNode = ProfileNode::create(callIdentifier, m_headNode.get(), m_headNode.get());

trunk/JavaScriptCore/profiler/Profiler.cpp

@@ -99 +99 @@
 }
 
-static inline bool shouldExcludeFunction(ExecState* exec, JSObject* calledFunction)
-{
-    if (!calledFunction->inherits(&InternalFunctionImp::info))
-        return false;
-    // Don't record a call for function.call and function.apply.
-    if (static_cast<InternalFunctionImp*>(calledFunction)->functionName() == exec->propertyNames().call)
-        return true;
-    if (static_cast<InternalFunctionImp*>(calledFunction)->functionName() == exec->propertyNames().apply)
-        return true;
-    return false;
-}
-
 static inline void dispatchFunctionToProfiles(const Vector<RefPtr<Profile> >& profiles, Profile::ProfileFunction function, const CallIdentifier& callIdentifier, unsigned currentPageGroupIdentifier)
 {
@@ -120 +108 @@
 void Profiler::willExecute(ExecState* exec, JSObject* calledFunction)
 {
-    if (m_currentProfiles.isEmpty())
-        return;
-
-    if (shouldExcludeFunction(exec, calledFunction))
-        return;
+    ASSERT(!m_currentProfiles.isEmpty());
 
     dispatchFunctionToProfiles(m_currentProfiles, &Profile::willExecute, createCallIdentifier(calledFunction), exec->lexicalGlobalObject()->pageGroupIdentifier());
@@ -131 +115 @@
 void Profiler::willExecute(ExecState* exec, const UString& sourceURL, int startingLineNumber)
 {
-    if (m_currentProfiles.isEmpty())
-        return;
+    ASSERT(!m_currentProfiles.isEmpty());
 
     CallIdentifier callIdentifier = createCallIdentifier(sourceURL, startingLineNumber);
@@ -141 +124 @@
 void Profiler::didExecute(ExecState* exec, JSObject* calledFunction)
 {
-    if (m_currentProfiles.isEmpty())
-        return;
-
-    if (shouldExcludeFunction(exec, calledFunction))
-        return;
+    ASSERT(!m_currentProfiles.isEmpty());
 
     dispatchFunctionToProfiles(m_currentProfiles, &Profile::didExecute, createCallIdentifier(calledFunction), exec->lexicalGlobalObject()->pageGroupIdentifier());
@@ -152 +131 @@
 void Profiler::didExecute(ExecState* exec, const UString& sourceURL, int startingLineNumber)
 {
-    if (m_currentProfiles.isEmpty())
-        return;
+    ASSERT(!m_currentProfiles.isEmpty());
 
     dispatchFunctionToProfiles(m_currentProfiles, &Profile::didExecute, createCallIdentifier(sourceURL, startingLineNumber), exec->lexicalGlobalObject()->pageGroupIdentifier());