Changeset 160960 in webkit

Timestamp:

Dec 20, 2013, 11:11:59 PM (11 years ago)

Author:

mark.lam@apple.com

Message:

CStack: Introduce JSStack::ensureCapacityFor().
​https://bugs.webkit.org/show_bug.cgi?id=126109.

Not yet reviewed.

Client code should use JSStack::ensureCapacityFor() when checking for
available stack space for pushing JS frames or making arity adjustments.
JSStack::ensureCapacityFor() works for both cases of the JS stack on the
C stack or as a sperate stack.

JSStack::grow() is now private, and is only used by the C Loop LLINT.

Also made some other JSStack methods private as they are not needed
outside of the JSSTack class.

• dfg/DFGOSREntry.cpp:

(JSC::DFG::prepareOSREntry):

• ftl/FTLOSREntry.cpp:

(JSC::FTL::prepareOSREntry):

• interpreter/Interpreter.cpp:

(JSC::sizeFrameForVarargs):

• interpreter/JSStack.h:
• interpreter/JSStackInlines.h:

(JSC::JSStack::ensureCapacityFor):
(JSC::JSStack::topOfStackForCapacityCheck):

• llint/LLIntSlowPaths.cpp:

(JSC::LLInt::LLINT_SLOW_PATH_DECL):

• runtime/CommonSlowPaths.h:

(JSC::CommonSlowPaths::arityCheckFor):

Location:

branches/jsCStack/Source/JavaScriptCore

Files:

• ChangeLog (modified) (1 diff)
• dfg/DFGOSREntry.cpp (modified) (1 diff)
• ftl/FTLOSREntry.cpp (modified) (1 diff)
• interpreter/Interpreter.cpp (modified) (5 diffs)
• interpreter/JSStack.h (modified) (4 diffs)
• interpreter/JSStackInlines.h (modified) (1 diff)
• llint/LLIntSlowPaths.cpp (modified) (1 diff)
• runtime/CommonSlowPaths.h (modified) (1 diff)

branches/jsCStack/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2013-12-20  Mark Lam  <mark.lam@apple.com>
+
+        CStack: Introduce JSStack::ensureCapacityFor().
+        https://bugs.webkit.org/show_bug.cgi?id=126109.
+
+        Not yet reviewed.
+
+        Client code should use JSStack::ensureCapacityFor() when checking for
+        available stack space for pushing JS frames or making arity adjustments.
+        JSStack::ensureCapacityFor() works for both cases of the JS stack on the
+        C stack or as a sperate stack.
+
+        JSStack::grow() is now private, and is only used by the C Loop LLINT.
+
+        Also made some other JSStack methods private as they are not needed
+        outside of the JSSTack class.
+
+        * dfg/DFGOSREntry.cpp:
+        (JSC::DFG::prepareOSREntry):
+        * ftl/FTLOSREntry.cpp:
+        (JSC::FTL::prepareOSREntry):
+        * interpreter/Interpreter.cpp:
+        (JSC::sizeFrameForVarargs):
+        * interpreter/JSStack.h:
+        * interpreter/JSStackInlines.h:
+        (JSC::JSStack::ensureCapacityFor):
+        (JSC::JSStack::topOfStackForCapacityCheck):
+        * llint/LLIntSlowPaths.cpp:
+        (JSC::LLInt::LLINT_SLOW_PATH_DECL):
+        * runtime/CommonSlowPaths.h:
+        (JSC::CommonSlowPaths::arityCheckFor):
+
 2013-12-20  Filip Pizlo  <fpizlo@apple.com>
 

branches/jsCStack/Source/JavaScriptCore/dfg/DFGOSREntry.cpp

@@ -189 +189 @@
     
     unsigned frameSize = jitCode->common.requiredRegisterCountForExecutionAndExit();
-    if (!vm->interpreter->stack().grow(&exec->registers()[virtualRegisterForLocal(frameSize).offset()])) {
+    if (!vm->interpreter->stack().ensureCapacityFor(&exec->registers()[virtualRegisterForLocal(frameSize - 1).offset()])) {
         if (Options::verboseOSR())
             dataLogF("    OSR failed because stack growth failed.\n");

branches/jsCStack/Source/JavaScriptCore/ftl/FTLOSREntry.cpp

@@ -81 +81 @@
     
     int stackFrameSize = entryCode->common.requiredRegisterCountForExecutionAndExit();
-    if (!vm.interpreter->stack().grow(&exec->registers()[virtualRegisterForLocal(stackFrameSize).offset()])) {
+    if (!vm.interpreter->stack().ensureCapacityFor(&exec->registers()[virtualRegisterForLocal(stackFrameSize - 1).offset()])) {
         if (Options::verboseOSR())
             dataLog("    OSR failed because stack growth failed.\n");

branches/jsCStack/Source/JavaScriptCore/interpreter/Interpreter.cpp

@@ -161 +161 @@
         unsigned paddedCalleeFrameOffset = WTF::roundUpToMultipleOf(stackAlignmentRegisters(), -firstFreeRegister + argumentCountIncludingThis + JSStack::CallFrameHeaderSize + 1);
         CallFrame* newCallFrame = CallFrame::create(callFrame->registers() - paddedCalleeFrameOffset);
-        if (argumentCountIncludingThis > Arguments::MaxArguments + 1 || !stack->grow(newCallFrame->registers())) {
+        if (argumentCountIncludingThis > Arguments::MaxArguments + 1 || !stack->ensureCapacityFor(newCallFrame->registers())) {
             callFrame->vm().throwException(callFrame, createStackOverflowError(callFrame));
             return 0;
@@ -172 +172 @@
         unsigned paddedCalleeFrameOffset = WTF::roundUpToMultipleOf(stackAlignmentRegisters(),  -firstFreeRegister + argumentCountIncludingThis + JSStack::CallFrameHeaderSize + 1);
         CallFrame* newCallFrame = CallFrame::create(callFrame->registers() - paddedCalleeFrameOffset);
-        if (!stack->grow(newCallFrame->registers())) {
+        if (!stack->ensureCapacityFor(newCallFrame->registers())) {
             callFrame->vm().throwException(callFrame, createStackOverflowError(callFrame));
             return 0;
@@ -189 +189 @@
         unsigned paddedCalleeFrameOffset = WTF::roundUpToMultipleOf(stackAlignmentRegisters(), -firstFreeRegister + CallFrame::offsetFor(argCount + 1));
         CallFrame* newCallFrame = CallFrame::create(callFrame->registers() - paddedCalleeFrameOffset);
-        if (argCount > Arguments::MaxArguments || !stack->grow(newCallFrame->registers())) {
+        if (argCount > Arguments::MaxArguments || !stack->ensureCapacityFor(newCallFrame->registers())) {
             callFrame->vm().throwException(callFrame, createStackOverflowError(callFrame));
             return 0;
@@ -201 +201 @@
         unsigned paddedCalleeFrameOffset = WTF::roundUpToMultipleOf(stackAlignmentRegisters(), -firstFreeRegister + CallFrame::offsetFor(argCount + 1));
         CallFrame* newCallFrame = CallFrame::create(callFrame->registers() - paddedCalleeFrameOffset);
-        if (argCount > Arguments::MaxArguments || !stack->grow(newCallFrame->registers())) {
+        if (argCount > Arguments::MaxArguments || !stack->ensureCapacityFor(newCallFrame->registers())) {
             callFrame->vm().throwException(callFrame, createStackOverflowError(callFrame));
             return 0;
@@ -212 +212 @@
     unsigned paddedCalleeFrameOffset = WTF::roundUpToMultipleOf(stackAlignmentRegisters(), -firstFreeRegister + CallFrame::offsetFor(argCount + 1));
     CallFrame* newCallFrame = CallFrame::create(callFrame->registers() - paddedCalleeFrameOffset);
-    if (argCount > Arguments::MaxArguments || !stack->grow(newCallFrame->registers())) {
+    if (argCount > Arguments::MaxArguments || !stack->ensureCapacityFor(newCallFrame->registers())) {
         callFrame->vm().throwException(callFrame,  createStackOverflowError(callFrame));
         return 0;

branches/jsCStack/Source/JavaScriptCore/interpreter/JSStack.h

@@ -82 +82 @@
         ~JSStack();
         
+        bool ensureCapacityFor(Register* newTopOfStack);
+
         void gatherConservativeRoots(ConservativeRoots&);
         void gatherConservativeRoots(ConservativeRoots&, JITStubRoutineSet&, CodeBlockSet&);
@@ -93 +95 @@
         size_t size() const { return highAddress() - lowAddress(); }
 
-        bool grow(Register* topOfStack);
-        
         static size_t committedByteCount();
         static void initializeThreading();
 
-        Register* topOfFrameFor(CallFrame*);
         Register* startOfFrameFor(CallFrame*);
-        Register* topOfStack();
 
         CallFrame* pushFrame(class CodeBlock*, JSScope*, int argsCount, JSObject* callee);
@@ -121 +119 @@
 
     private:
+
+        inline Register* topOfFrameFor(CallFrame*);
+        inline Register* topOfStack();
+        inline Register* topOfStackForCapacityCheck();
+
         Register* lowAddress() const
         {
@@ -144 +147 @@
 #endif
 
+        bool grow(Register* topOfStack);
         bool growSlowCase(Register*);
         void shrink(Register*);

branches/jsCStack/Source/JavaScriptCore/interpreter/JSStackInlines.h

@@ -34 +34 @@
 namespace JSC {
 
+inline bool JSStack::ensureCapacityFor(Register* newTopOfStack)
+{
+#if ENABLE(LLINT_C_LOOP)
+    return grow(newTopOfStack);
+#else
+    ASSERT(wtfThreadData().stack().isGrowingDownward());
+    Register* topOfStack = topOfStackForCapacityCheck();
+    if (newTopOfStack > topOfStack)
+        return true;
+    size_t neededCapacity = (topOfStack - newTopOfStack) * sizeof(Register);
+    return m_vm.isSafeToRecurse(neededCapacity);
+#endif
+}
+
+inline Register* JSStack::topOfStackForCapacityCheck()
+{
+#if !ENABLE(LLINT_C_LOOP)
+    // We're trying to get an estimate of the top of the stack for the purpose
+    // of a capacity check. If m_topCallFrame is 0, then we can't calculate an
+    // accurate top of stack value. Just use the current stack position as an
+    // estimate for the top of the stack from where JS code will start executing.
+    // This is conservative, but it will be safe.
+    if (!m_topCallFrame) {
+        Register* p = reinterpret_cast<Register*>(&p);
+        return p;
+    }
+#endif
+    return topOfStack() + 1;
+}
+
 inline Register* JSStack::topOfFrameFor(CallFrame* frame)
 {

branches/jsCStack/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp

@@ -442 +442 @@
     dataLogF("Current end is at %p.\n", exec->vm().interpreter->stack().end());
 #endif
-    ASSERT(!exec->vm().interpreter->stack().containsAddress(&exec->registers()[virtualRegisterForLocal(exec->codeBlock()->m_numCalleeRegisters).offset()]));
-    if (UNLIKELY(!vm.interpreter->stack().grow(&exec->registers()[virtualRegisterForLocal(exec->codeBlock()->m_numCalleeRegisters).offset()]))) {
+
+    // For JIT enabled builds which uses the C stack, the stack is not growable.
+    // Hence, if we get here, then we know a stack overflow is imminent. So, just
+    // throw the StackOverflowError unconditionally.
+#if ENABLE(LLINT_C_LOOP)
+    ASSERT(!exec->vm().interpreter->stack().containsAddress(exec->topOfFrame()));
+    if (UNLIKELY(!vm.interpreter->stack().ensureCapacityFor(exec->topOfFrame())))
+#endif
+    {
         exec = exec->callerFrame();
         CommonSlowPaths::interpreterThrowInCaller(exec, createStackOverflowError(exec));

branches/jsCStack/Source/JavaScriptCore/runtime/CommonSlowPaths.h

@@ -68 +68 @@
     int paddedStackSpace = WTF::roundUpToMultipleOf(stackAlignmentRegisters(), neededStackSpace);
 
-#if ENABLE(LLINT_CLOOP)
-    if (!stack->grow(exec->registers() - passedStackSpace))
+    if (!stack->ensureCapacityFor(exec->registers() - paddedStackSpace))
         return -1;
-#else
-    UNUSED_PARAM(stack);
-    if (!exec->vm().isSafeToRecurse(paddedStackSpace * sizeof(Register)))
-        return -1;
-#endif // ENABLE(LLINT_CLOOP)
-
     return paddedStackSpace / stackAlignmentRegisters();
 }