Changeset 162598 in webkit

Timestamp:

Jan 22, 2014, 11:39:58 PM (11 years ago)

Author:

mark.lam@apple.com

Message:

Poor man's fast breakpoints for a 2.3x debugger speedup.
<​https://webkit.org/b/122836>

Reviewed by Geoffrey Garen.

Previously we gained back some performance (run at baseline JIT speeds)
when the WebInspector is opened provided no breakpoints are set. This
was achieved by simply skipping all op_debug callbacks to the debugger
if no breakpoints are set. If any breakpoints are set, the debugger will
set a m_needsOpDebugCallbacks flag which causes the callbacks to be
called, and we don't get the baseline JIT speeds anymore.

With this patch, we will now track the number of breakpoints set in the
CodeBlock that they are set in. The LLINT and baseline JIT code will
check CodeBlock::m_numBreakpoints to determine if the op_debug callbacks
need to be called. With this, we will only enable op_debug callbacks for
CodeBlocks that need it i.e. those with breakpoints set in them.

Debugger::m_needsOpDebugCallbacks is now obsoleted. The LLINT and baseline
JIT code still needs to check Debugger::m_shouldPause to determine if the
debugger is in stepping mode and hence, needs op_debug callbacks enabled
for everything until the debugger "continues" the run and exit stepping
mode.

Also in this patch, I fixed a regression in DOM breakpoints which relies
Debugger::breakProgram() to pause the debugger.

• bytecode/CodeBlock.cpp:

(JSC::CodeBlock::dumpBytecode):

• Missed accounting for op_debug's new hasBreakpointFlag operand here when it was added.

(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::hasOpDebugForLineAndColumn):

• This is needed in Debugger::toggleBreakpoint() to determine if a breakpoint falls within a CodeBlock or not. Simply checking the bounds of the CodeBlock is insufficient. For example, let's say we have the following JS code:

begin global scope
function f1() {

function f2() {

... set breakpoint here.

}

}
end global scope

Using the CodeBlock bounds alone, the breakpoint above will to appear
to be in the global program CodeBlock, and the CodeBlocks for function
f1() and f2(). With CodeBlock::hasOpDebugForLineAndColumn() we can
rule out the global program CodeBlock and f1(), and only apply the
breakpoint to f2(0 where it belongs.

CodeBlock::hasOpDebugForLineAndColumn() works by iterating over all
the opcodes in the CodeBlock to look for op_debug's. For each op_debug,
it calls CodeBlock::expressionRangeForBytecodeOffset() to do a binary
seach to get the line and column info for that op_debug. This is a
N * log(N) algorithm. However, a quick hands on test using the
WebInspector (with this patch applied) to exercise setting, breaking
on, and clearing breakpoints, as well as stepping through some code
shows no noticeable degradation of the user experience compared to the
baseline without this patch.

• bytecode/CodeBlock.h:

(JSC::CodeBlock::numBreakpoints):
(JSC::CodeBlock::numBreakpointsOffset):
(JSC::CodeBlock::addBreakpoint):
(JSC::CodeBlock::removeBreakpoint):
(JSC::CodeBlock::clearAllBreakpoints):

• debugger/Breakpoint.h:
• defined Breakpoint::unspecifiedColumn so that we can explicitly indicate when the WebInspector was setting a line breakpoint and did not provide a column value. CodeBlock::hasOpDebugForLineAndColumn() needs this information in order to loosen its matching criteria for op_debug bytecodes for the specified breakpoint line and column values provided by the debugger.

Previously, we just hijack a 0 value column as an unspecified column.
However, the WebInspector operates on 0-based ints for column values.
Hence, 0 should be a valid column value and should not be hijacked to
mean an unspecified column.

• debugger/Debugger.cpp:

(JSC::Debugger::Debugger):

• added tracking of the VM that the debugger is used with. This is needed by Debugger::breakProgram().

The VM pointer is attained from the first JSGlobalObject that the debugger
attaches to. When the debugger detaches from the last JSGlobalObject, it
will nullify its VM pointer to allow a new one to be set on the next
attach.

We were always only using each debugger instance with one VM. This change
makes it explicit with an assert to ensure that all globalObjects that
the debugger attaches to beongs to the same VM.

(JSC::Debugger::attach):
(JSC::Debugger::detach):
(JSC::Debugger::setShouldPause):

(JSC::Debugger::registerCodeBlock):
(JSC::Debugger::unregisterCodeBlock):

• registerCodeBlock() is responsible for applying pre-existing breakpoints to new CodeBlocks being installed. Similarly, unregisterCodeBlock() clears the breakpoints.

(JSC::Debugger::toggleBreakpoint):

• This is the workhorse function that checks if a breakpoint falls within a CodeBlock or not. If it does, then it can either enable or disable said breakpoint in the CodeBlock. In the current implementation, enabling/disabling the breakpoint simply means incrementing/decrementing the CodeBlock's m_numBreakpoints.

(JSC::Debugger::applyBreakpoints):

(JSC::Debugger::ToggleBreakpointFunctor::ToggleBreakpointFunctor):
(JSC::Debugger::ToggleBreakpointFunctor::operator()):
(JSC::Debugger::toggleBreakpoint):

• Iterates all relevant CodeBlocks and apply the specified breakpoint if appropriate. This is called when a new breakpoint is being defined by the WebInspector and needs to be applied to an already installed CodeBlock.

(JSC::Debugger::setBreakpoint):
(JSC::Debugger::removeBreakpoint):
(JSC::Debugger::hasBreakpoint):
(JSC::Debugger::ClearBreakpointsFunctor::ClearBreakpointsFunctor):
(JSC::Debugger::ClearBreakpointsFunctor::operator()):
(JSC::Debugger::clearBreakpoints):

(JSC::Debugger::breakProgram):

• Fixed a regression that broke DOM breakpoints. The issue is that with the skipping of op_debug callbacks, we don't always have an updated m_currentCallFrame. Normally, m_currentCallFrame is provided as arg in the op_debug callback. In this case, we can get the CallFrame* from m_vm->topCallFrame.

(JSC::Debugger::updateCallFrameAndPauseIfNeeded):
(JSC::Debugger::pauseIfNeeded):
(JSC::Debugger::willExecuteProgram):

• debugger/Debugger.h:

(JSC::Debugger::Debugger):
(JSC::Debugger::shouldPause):

• heap/CodeBlockSet.h:

(JSC::CodeBlockSet::iterate):

• heap/Heap.h:

(JSC::Heap::forEachCodeBlock):

• Added utility to iterate all CodeBlocks in the heap / VM.

• interpreter/Interpreter.cpp:

(JSC::Interpreter::debug):

• jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_debug):

• jit/JITOpcodes32_64.cpp:

(JSC::JIT::emit_op_debug):

• llint/LowLevelInterpreter.asm:
• These now checks CodeBlock::m_numBreakpoints and Debugger::m_shouldPause instead of Debugger::m_needsOpDebugCallbacks.

• runtime/Executable.cpp:

(JSC::ScriptExecutable::installCode):

Location:

trunk/Source/JavaScriptCore

Files:

• ChangeLog (modified) (1 diff)
• bytecode/CodeBlock.cpp (modified) (4 diffs)
• bytecode/CodeBlock.h (modified) (2 diffs)
• debugger/Breakpoint.h (modified) (1 diff)
• debugger/Debugger.cpp (modified) (18 diffs)
• debugger/Debugger.h (modified) (9 diffs)
• heap/CodeBlockSet.h (modified) (1 diff)
• heap/Heap.h (modified) (2 diffs)
• interpreter/Interpreter.cpp (modified) (1 diff)
• jit/JITOpcodes.cpp (modified) (1 diff)
• jit/JITOpcodes32_64.cpp (modified) (1 diff)
• llint/LowLevelInterpreter.asm (modified) (1 diff)
• runtime/Executable.cpp (modified) (1 diff)

trunk/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2014-01-22  Mark Lam  <mark.lam@apple.com>
+
+        Poor man's fast breakpoints for a 2.3x debugger speedup.
+        <https://webkit.org/b/122836>
+
+        Reviewed by Geoffrey Garen.
+
+        Previously we gained back some performance (run at baseline JIT speeds)
+        when the WebInspector is opened provided no breakpoints are set. This
+        was achieved by simply skipping all op_debug callbacks to the debugger
+        if no breakpoints are set. If any breakpoints are set, the debugger will
+        set a m_needsOpDebugCallbacks flag which causes the callbacks to be
+        called, and we don't get the baseline JIT speeds anymore.
+
+        With this patch, we will now track the number of breakpoints set in the
+        CodeBlock that they are set in. The LLINT and baseline JIT code will
+        check CodeBlock::m_numBreakpoints to determine if the op_debug callbacks
+        need to be called. With this, we will only enable op_debug callbacks for
+        CodeBlocks that need it i.e. those with breakpoints set in them.
+
+        Debugger::m_needsOpDebugCallbacks is now obsoleted. The LLINT and baseline
+        JIT code still needs to check Debugger::m_shouldPause to determine if the
+        debugger is in stepping mode and hence, needs op_debug callbacks enabled
+        for everything until the debugger "continues" the run and exit stepping
+        mode.
+
+        Also in this patch, I fixed a regression in DOM breakpoints which relies
+        Debugger::breakProgram() to pause the debugger.
+
+        * bytecode/CodeBlock.cpp:
+        (JSC::CodeBlock::dumpBytecode):
+        - Missed accounting for op_debug's new hasBreakpointFlag operand here when
+          it was added.
+        (JSC::CodeBlock::CodeBlock):
+        (JSC::CodeBlock::hasOpDebugForLineAndColumn):
+        - This is needed in Debugger::toggleBreakpoint() to determine if a
+          breakpoint falls within a CodeBlock or not. Simply checking the bounds
+          of the CodeBlock is insufficient. For example, let's say we have the
+          following JS code:
+
+              // begin global scope
+              function f1() {
+                  function f2() {
+                     ... // set breakpoint here.
+                  }
+              }
+              // end global scope
+
+          Using the CodeBlock bounds alone, the breakpoint above will to appear
+          to be in the global program CodeBlock, and the CodeBlocks for function
+          f1() and f2(). With CodeBlock::hasOpDebugForLineAndColumn() we can
+          rule out the global program CodeBlock and f1(), and only apply the
+          breakpoint to f2(0 where it belongs.
+
+          CodeBlock::hasOpDebugForLineAndColumn() works by iterating over all
+          the opcodes in the CodeBlock to look for op_debug's. For each op_debug,
+          it calls CodeBlock::expressionRangeForBytecodeOffset() to do a binary
+          seach to get the line and column info for that op_debug. This is a
+          N * log(N) algorithm. However, a quick hands on test using the
+          WebInspector (with this patch applied) to exercise setting, breaking
+          on, and clearing breakpoints, as well as stepping through some code
+          shows no noticeable degradation of the user experience compared to the
+          baseline without this patch.
+
+        * bytecode/CodeBlock.h:
+        (JSC::CodeBlock::numBreakpoints):
+        (JSC::CodeBlock::numBreakpointsOffset):
+        (JSC::CodeBlock::addBreakpoint):
+        (JSC::CodeBlock::removeBreakpoint):
+        (JSC::CodeBlock::clearAllBreakpoints):
+        * debugger/Breakpoint.h:
+        - defined Breakpoint::unspecifiedColumn so that we can explicitly indicate
+          when the WebInspector was setting a line breakpoint and did not provide
+          a column value. CodeBlock::hasOpDebugForLineAndColumn() needs this
+          information in order to loosen its matching criteria for op_debug
+          bytecodes for the specified breakpoint line and column values provided
+          by the debugger.
+
+          Previously, we just hijack a 0 value column as an unspecified column.
+          However, the WebInspector operates on 0-based ints for column values.
+          Hence, 0 should be a valid column value and should not be hijacked to
+          mean an unspecified column.
+
+        * debugger/Debugger.cpp:
+        (JSC::Debugger::Debugger):
+        - added tracking of the VM that the debugger is used with. This is
+          needed by Debugger::breakProgram().
+
+          The VM pointer is attained from the first JSGlobalObject that the debugger
+          attaches to. When the debugger detaches from the last JSGlobalObject, it
+          will nullify its VM pointer to allow a new one to be set on the next
+          attach.
+
+          We were always only using each debugger instance with one VM. This change
+          makes it explicit with an assert to ensure that all globalObjects that
+          the debugger attaches to beongs to the same VM.
+
+        (JSC::Debugger::attach):
+        (JSC::Debugger::detach):
+        (JSC::Debugger::setShouldPause):
+
+        (JSC::Debugger::registerCodeBlock):
+        (JSC::Debugger::unregisterCodeBlock):
+        - registerCodeBlock() is responsible for applying pre-existing breakpoints
+          to new CodeBlocks being installed. Similarly, unregisterCodeBlock()
+          clears the breakpoints.
+
+        (JSC::Debugger::toggleBreakpoint):
+        - This is the workhorse function that checks if a breakpoint falls within
+          a CodeBlock or not. If it does, then it can either enable or disable
+          said breakpoint in the CodeBlock. In the current implementation,
+          enabling/disabling the breakpoint simply means incrementing/decrementing
+          the CodeBlock's m_numBreakpoints.
+
+        (JSC::Debugger::applyBreakpoints):
+
+        (JSC::Debugger::ToggleBreakpointFunctor::ToggleBreakpointFunctor):
+        (JSC::Debugger::ToggleBreakpointFunctor::operator()):
+        (JSC::Debugger::toggleBreakpoint):
+        - Iterates all relevant CodeBlocks and apply the specified breakpoint
+          if appropriate. This is called when a new breakpoint is being defined
+          by the WebInspector and needs to be applied to an already installed
+          CodeBlock.
+
+        (JSC::Debugger::setBreakpoint):
+        (JSC::Debugger::removeBreakpoint):
+        (JSC::Debugger::hasBreakpoint):
+        (JSC::Debugger::ClearBreakpointsFunctor::ClearBreakpointsFunctor):
+        (JSC::Debugger::ClearBreakpointsFunctor::operator()):
+        (JSC::Debugger::clearBreakpoints):
+
+        (JSC::Debugger::breakProgram):
+        - Fixed a regression that broke DOM breakpoints. The issue is that with
+          the skipping of op_debug callbacks, we don't always have an updated
+          m_currentCallFrame. Normally, m_currentCallFrame is provided as arg
+          in the op_debug callback. In this case, we can get the CallFrame* from
+          m_vm->topCallFrame.
+
+        (JSC::Debugger::updateCallFrameAndPauseIfNeeded):
+        (JSC::Debugger::pauseIfNeeded):
+        (JSC::Debugger::willExecuteProgram):
+        * debugger/Debugger.h:
+        (JSC::Debugger::Debugger):
+        (JSC::Debugger::shouldPause):
+
+        * heap/CodeBlockSet.h:
+        (JSC::CodeBlockSet::iterate):
+        * heap/Heap.h:
+        (JSC::Heap::forEachCodeBlock):
+        - Added utility to iterate all CodeBlocks in the heap / VM.
+
+        * interpreter/Interpreter.cpp:
+        (JSC::Interpreter::debug):
+
+        * jit/JITOpcodes.cpp:
+        (JSC::JIT::emit_op_debug):
+        * jit/JITOpcodes32_64.cpp:
+        (JSC::JIT::emit_op_debug):
+        * llint/LowLevelInterpreter.asm:
+        - These now checks CodeBlock::m_numBreakpoints and Debugger::m_shouldPause
+          instead of Debugger::m_needsOpDebugCallbacks.
+
+        * runtime/Executable.cpp:
+        (JSC::ScriptExecutable::installCode):
+
 2014-01-22  Myles C. Maxfield  <mmaxfield@apple.com>
 

trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp

@@ -1353 +1353 @@
         case op_debug: {
             int debugHookID = (++it)->u.operand;
+            int hasBreakpointFlag = (++it)->u.operand;
             printLocationAndOp(out, exec, location, it, "debug");
-            out.printf("%s", debugHookName(debugHookID));
+            out.printf("%s %d", debugHookName(debugHookID), hasBreakpointFlag);
             break;
         }
@@ -1469 +1470 @@
     , m_didFailFTLCompilation(false)
     , m_unlinkedCode(*other.m_vm, other.m_ownerExecutable.get(), other.m_unlinkedCode.get())
+    , m_numBreakpoints(0)
     , m_ownerExecutable(*other.m_vm, other.m_ownerExecutable.get(), other.m_ownerExecutable.get())
     , m_vm(other.m_vm)
@@ -1523 +1525 @@
     , m_didFailFTLCompilation(false)
     , m_unlinkedCode(m_globalObject->vm(), ownerExecutable, unlinkedCodeBlock)
+    , m_numBreakpoints(0)
     , m_ownerExecutable(m_globalObject->vm(), ownerExecutable, ownerExecutable)
     , m_vm(unlinkedCodeBlock->vm())
@@ -2567 +2570 @@
 }
 
+bool CodeBlock::hasOpDebugForLineAndColumn(unsigned line, unsigned column)
+{
+    Interpreter* interpreter = vm()->interpreter;
+    const Instruction* begin = instructions().begin();
+    const Instruction* end = instructions().end();
+    for (const Instruction* it = begin; it != end;) {
+        OpcodeID opcodeID = interpreter->getOpcodeID(it->u.opcode);
+        if (opcodeID == op_debug) {
+            unsigned bytecodeOffset = it - begin;
+            int unused;
+            unsigned opDebugLine;
+            unsigned opDebugColumn;
+            expressionRangeForBytecodeOffset(bytecodeOffset, unused, unused, unused, opDebugLine, opDebugColumn);
+            if (line == opDebugLine && (column == Breakpoint::unspecifiedColumn || column == opDebugColumn))
+                return true;
+        }
+        it += opcodeLengths[opcodeID];
+    }
+    return false;
+}
+
 void CodeBlock::shrinkToFit(ShrinkMode shrinkMode)
 {

trunk/Source/JavaScriptCore/bytecode/CodeBlock.h

@@ -870 +870 @@
     unsigned frameRegisterCount();
 
+    bool hasOpDebugForLineAndColumn(unsigned line, unsigned column);
+
+    int numBreakpoints() const { return m_numBreakpoints; }
+    static ptrdiff_t numBreakpointsOffset() { return OBJECT_OFFSETOF(CodeBlock, m_numBreakpoints); }
+
+    void addBreakpoint(int numBreakpoints) { m_numBreakpoints += numBreakpoints; }
+    void removeBreakpoint(int numBreakpoints)
+    {
+        m_numBreakpoints -= numBreakpoints;
+        ASSERT(m_numBreakpoints >= 0);
+    }
+    void clearAllBreakpoints() { m_numBreakpoints = 0; }
+
     // FIXME: Make these remaining members private.
 
@@ -1006 +1019 @@
     WriteBarrier<UnlinkedCodeBlock> m_unlinkedCode;
     int m_numParameters;
+    int m_numBreakpoints;
     WriteBarrier<ScriptExecutable> m_ownerExecutable;
     VM* m_vm;

trunk/Source/JavaScriptCore/debugger/Breakpoint.h

@@ -60 +60 @@
     String condition;
     bool autoContinue;
+
+    static const unsigned unspecifiedColumn = UINT_MAX;
 };
 

trunk/Source/JavaScriptCore/debugger/Debugger.cpp

@@ -1 +1 @@
 /*
- *  Copyright (C) 2008, 2013 Apple Inc. All rights reserved.
+ *  Copyright (C) 2008, 2013, 2014 Apple Inc. All rights reserved.
  *  Copyright (C) 1999-2001 Harri Porten (porten@kde.org)
  *  Copyright (C) 2001 Peter Kelly (pmk@post.com)
@@ -25 +25 @@
 #include "Debugger.h"
 
+#include "CodeBlock.h"
 #include "DebuggerCallFrame.h"
 #include "Error.h"
+
 #include "HeapIterationScope.h"
 #include "Interpreter.h"
@@ -140 +142 @@
 
 Debugger::Debugger(bool isInWorkerThread)
-    : m_pauseOnExceptionsState(DontPauseOnExceptions)
+    : m_vm(nullptr)
+    , m_pauseOnExceptionsState(DontPauseOnExceptions)
     , m_pauseOnNextStatement(false)
     , m_isPaused(false)
@@ -152 +155 @@
     , m_lastExecutedSourceID(noSourceID)
     , m_topBreakpointID(noBreakpointID)
-    , m_needsOpDebugCallbacks(false)
     , m_shouldPause(false)
 {
@@ -167 +169 @@
 {
     ASSERT(!globalObject->debugger());
+    if (!m_vm)
+        m_vm = &globalObject->vm();
+    else
+        ASSERT(m_vm == &globalObject->vm());
     globalObject->setDebugger(this);
     m_globalObjects.add(globalObject);
@@ -185 +191 @@
     m_globalObjects.remove(globalObject);
     globalObject->setDebugger(0);
+    if (!m_globalObjects.size())
+        m_vm = nullptr;
 }
 
@@ -190 +198 @@
 {
     m_shouldPause = value;
-    updateNeedForOpDebugCallbacks();
+}
+
+void Debugger::registerCodeBlock(CodeBlock* codeBlock)
+{
+    applyBreakpoints(codeBlock);
+}
+
+void Debugger::unregisterCodeBlock(CodeBlock* codeBlock)
+{
+    codeBlock->clearAllBreakpoints();
+}
+
+void Debugger::toggleBreakpoint(CodeBlock* codeBlock, Breakpoint& breakpoint, BreakpointState enabledOrNot)
+{
+    ASSERT(codeBlock->jitCode()->jitType() == JITCode::InterpreterThunk
+        || codeBlock->jitCode()->jitType() == JITCode::BaselineJIT);
+
+    ScriptExecutable* executable = codeBlock->ownerExecutable();
+
+    SourceID sourceID = static_cast<SourceID>(executable->sourceID());
+    if (breakpoint.sourceID != sourceID)
+        return;
+
+    unsigned line = breakpoint.line;
+    unsigned column = breakpoint.column;
+
+    unsigned startLine = executable->lineNo();
+    unsigned startColumn = executable->startColumn();
+    unsigned endLine = executable->lastLine();
+    unsigned endColumn = executable->endColumn();
+
+    // Inspector breakpoint line and column values are zero-based but the executable
+    // and CodeBlock line and column values are one-based.
+    line += 1;
+    column = column ? column + 1 : Breakpoint::unspecifiedColumn;
+
+    if (line < startLine || line > endLine)
+        return;
+    if (column != Breakpoint::unspecifiedColumn) {
+        if (line == startLine && column < startColumn)
+            return;
+        if (line == endLine && column > endColumn)
+            return;
+    }
+    if (!codeBlock->hasOpDebugForLineAndColumn(line, column))
+        return;
+
+    if (enabledOrNot == BreakpointEnabled)
+        codeBlock->addBreakpoint(1);
+    else
+        codeBlock->removeBreakpoint(1);
+}
+
+void Debugger::applyBreakpoints(CodeBlock* codeBlock)
+{
+    BreakpointIDToBreakpointMap& breakpoints = m_breakpointIDToBreakpoint;
+    for (auto it = breakpoints.begin(); it != breakpoints.end(); ++it) {
+        Breakpoint& breakpoint = *it->value;
+        toggleBreakpoint(codeBlock, breakpoint, BreakpointEnabled);
+    }
+}
+
+class Debugger::ToggleBreakpointFunctor {
+public:
+    ToggleBreakpointFunctor(Debugger* debugger, Breakpoint& breakpoint, BreakpointState enabledOrNot)
+        : m_debugger(debugger)
+        , m_breakpoint(breakpoint)
+        , m_enabledOrNot(enabledOrNot)
+    {
+    }
+
+    bool operator()(CodeBlock* codeBlock)
+    {
+        if (m_debugger == codeBlock->globalObject()->debugger())
+            m_debugger->toggleBreakpoint(codeBlock, m_breakpoint, m_enabledOrNot);
+        return false;
+    }
+
+private:
+    Debugger* m_debugger;
+    Breakpoint& m_breakpoint;
+    BreakpointState m_enabledOrNot;
+};
+
+void Debugger::toggleBreakpoint(Breakpoint& breakpoint, Debugger::BreakpointState enabledOrNot)
+{
+    if (!m_vm)
+        return;
+    HeapIterationScope iterationScope(m_vm->heap);
+    ToggleBreakpointFunctor functor(this, breakpoint, enabledOrNot);
+    m_vm->heap.forEachCodeBlock(functor);
 }
 
@@ -206 +304 @@
     HeapIterationScope iterationScope(vm->heap);
     vm->heap.objectSpace().forEachLiveCell(iterationScope, recompiler);
-}
-
-void Debugger::updateNeedForOpDebugCallbacks()
-{
-    size_t numberOfBreakpoints = m_breakpointIDToBreakpoint.size();
-    m_needsOpDebugCallbacks = m_shouldPause || numberOfBreakpoints;
 }
 
@@ -248 +340 @@
     m_breakpointIDToBreakpoint.set(id, &breakpoints.last());
 
-    updateNeedForOpDebugCallbacks();
+    toggleBreakpoint(breakpoint, BreakpointEnabled);
 
     return id;
@@ -267 +359 @@
     LineToBreakpointsMap::iterator breaksIt = it->value.find(breakpoint.line);
     ASSERT(breaksIt != it->value.end());
+
+    toggleBreakpoint(breakpoint, BreakpointDisabled);
 
     BreakpointsInLine& breakpoints = breaksIt->value;
@@ -283 +377 @@
         }
     }
-
-    updateNeedForOpDebugCallbacks();
 }
 
@@ -311 +403 @@
         unsigned breakColumn = breakpoints[i].column;
         // Since frontend truncates the indent, the first statement in a line must match the breakpoint (line,0).
+        ASSERT(this == m_currentCallFrame->codeBlock()->globalObject()->debugger());
         if ((line != m_lastExecutedLine && line == breakLine && !breakColumn)
             || (line == breakLine && column == breakColumn)) {
@@ -346 +439 @@
 }
 
+class Debugger::ClearBreakpointsFunctor {
+public:
+    ClearBreakpointsFunctor(Debugger* debugger)
+        : m_debugger(debugger)
+    {
+    }
+
+    bool operator()(CodeBlock* codeBlock)
+    {
+        if (codeBlock->numBreakpoints() && m_debugger == codeBlock->globalObject()->debugger())
+            codeBlock->clearAllBreakpoints();
+        return false;
+    }
+
+private:
+    Debugger* m_debugger;
+};
+
 void Debugger::clearBreakpoints()
 {
@@ -352 +463 @@
     m_sourceIDToBreakpoints.clear();
 
-    updateNeedForOpDebugCallbacks();
+    if (!m_vm)
+        return;
+    HeapIterationScope iterationScope(m_vm->heap);
+    ClearBreakpointsFunctor functor(this);
+    m_vm->heap.forEachCodeBlock(functor);
 }
 
@@ -374 +489 @@
 void Debugger::breakProgram()
 {
-    if (m_isPaused || !m_currentCallFrame)
+    if (m_isPaused)
         return;
 
     m_pauseOnNextStatement = true;
     setShouldPause(true);
+    m_currentCallFrame = m_vm->topCallFrame;
+    ASSERT(m_currentCallFrame);
     pauseIfNeeded(m_currentCallFrame);
 }
@@ -433 +550 @@
     updateCallFrame(callFrame);
     pauseIfNeeded(callFrame);
-    if (!needsOpDebugCallbacks())
+    if (!shouldPause())
         m_currentCallFrame = 0;
 }
@@ -478 +595 @@
     if (!m_pauseOnNextStatement && !m_pauseOnCallFrame) {
         setShouldPause(false);
-        if (!needsOpDebugCallbacks())
-            m_currentCallFrame = 0;
+        m_currentCallFrame = nullptr;
     }
 }
@@ -549 +665 @@
     if (!m_isInWorkerThread)
         updateCallFrameAndPauseIfNeeded(callFrame);
-    else if (needsOpDebugCallbacks())
+    else if (shouldPause())
         updateCallFrame(callFrame);
 }

trunk/Source/JavaScriptCore/debugger/Debugger.h

@@ -2 +2 @@
  *  Copyright (C) 1999-2001 Harri Porten (porten@kde.org)
  *  Copyright (C) 2001 Peter Kelly (pmk@post.com)
- *  Copyright (C) 2008, 2009, 2013 Apple Inc. All rights reserved.
+ *  Copyright (C) 2008, 2009, 2013, 2014 Apple Inc. All rights reserved.
  *
  *  This library is free software; you can redistribute it and/or
@@ -49 +49 @@
     virtual ~Debugger();
 
-    bool needsOpDebugCallbacks() const { return m_needsOpDebugCallbacks; }
-    static ptrdiff_t needsOpDebugCallbacksOffset() { return OBJECT_OFFSETOF(Debugger, m_needsOpDebugCallbacks); }
+    bool shouldPause() const { return m_shouldPause; }
+    static ptrdiff_t shouldPauseOffset() { return OBJECT_OFFSETOF(Debugger, m_shouldPause); }
 
     JSC::DebuggerCallFrame* currentDebuggerCallFrame() const;
@@ -105 +105 @@
     void recompileAllJSFunctions(VM*);
 
+    void registerCodeBlock(CodeBlock*);
+    void unregisterCodeBlock(CodeBlock*);
+
 protected:
     virtual bool needPauseHandling(JSGlobalObject*) { return false; }
@@ -129 +132 @@
     typedef Vector<Breakpoint> BreakpointsInLine;
     typedef HashMap<unsigned, BreakpointsInLine, WTF::IntHash<int>, WTF::UnsignedWithZeroKeyHashTraits<int>> LineToBreakpointsMap;
-    typedef HashMap<SourceID, LineToBreakpointsMap> SourceIDToBreakpointsMap;
+    typedef HashMap<SourceID, LineToBreakpointsMap, WTF::IntHash<SourceID>, WTF::UnsignedWithZeroKeyHashTraits<SourceID>> SourceIDToBreakpointsMap;
+
+    class ToggleBreakpointFunctor;
+    class ClearBreakpointsFunctor;
 
     class PauseReasonDeclaration {
@@ -149 +155 @@
     bool hasBreakpoint(SourceID, const TextPosition&, Breakpoint* hitBreakpoint);
 
-    bool shouldPause() const { return m_shouldPause; }
     void setShouldPause(bool);
     void updateNeedForOpDebugCallbacks();
@@ -162 +167 @@
     void pauseIfNeeded(JSC::CallFrame*);
 
+    enum BreakpointState {
+        BreakpointDisabled,
+        BreakpointEnabled
+    };
+    void toggleBreakpoint(CodeBlock*, Breakpoint&, BreakpointState);
+    void applyBreakpoints(CodeBlock*);
+    void toggleBreakpoint(Breakpoint&, BreakpointState);
+
+    VM* m_vm;
     HashSet<JSGlobalObject*> m_globalObjects;
 
@@ -182 +196 @@
     SourceIDToBreakpointsMap m_sourceIDToBreakpoints;
 
-    bool m_needsOpDebugCallbacks;
     bool m_shouldPause;
 
@@ -196 +209 @@
 class Debugger {
 public:
-    Debugger(bool = false) : m_needsOpDebugCallbacks(false) { }
-    bool needsOpDebugCallbacks() const { return false; }
+    Debugger(bool = false)
+        : m_shouldPause(false)
+    {
+    }
+    bool shouldPause() const { return false; }
     bool needsExceptionCallbacks() const { return false; }
     void detach(JSGlobalObject*) { }
@@ -209 +225 @@
     void didReachBreakpoint(CallFrame*) { }
 
-    bool m_needsOpDebugCallbacks;
+private:
+    bool m_shouldPause;
 };
 

trunk/Source/JavaScriptCore/heap/CodeBlockSet.h

@@ -72 +72 @@
     void rememberCurrentlyExecutingCodeBlocks(Heap*);
 
+    // Visits each CodeBlock in the heap until the visitor function returns true
+    // to indicate that it is done iterating, or until every CodeBlock has been
+    // visited.
+    template<typename Functor> void iterate(Functor& functor)
+    {
+        for (auto &codeBlock : m_set) {
+            bool done = functor(codeBlock);
+            if (done)
+                break;
+        }
+    }
+
 private:
     // This is not a set of RefPtr<CodeBlock> because we need to be able to find

trunk/Source/JavaScriptCore/heap/Heap.h

@@ -175 +175 @@
         template<typename Functor> typename Functor::ReturnType forEachProtectedCell(Functor&);
         template<typename Functor> typename Functor::ReturnType forEachProtectedCell();
+        template<typename Functor> inline void forEachCodeBlock(Functor&);
 
         HandleSet* handleSet() { return &m_handleSet; }
@@ -433 +434 @@
     }
 
+    template<typename Functor> inline void Heap::forEachCodeBlock(Functor& functor)
+    {
+        return m_codeBlocks.iterate<Functor>(functor);
+    }
+
     inline void* Heap::allocateWithNormalDestructor(size_t bytes)
     {

trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp

@@ -1206 +1206 @@
 {
     Debugger* debugger = callFrame->vmEntryGlobalObject()->debugger();
-    if (!debugger || !debugger->needsOpDebugCallbacks())
+    if (!debugger)
         return;
+    ASSERT(debugger->shouldPause() || callFrame->codeBlock()->numBreakpoints() || callFrame->hadException());
 
     switch (debugHookID) {

trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp

@@ -716 +716 @@
 #elif ENABLE(JAVASCRIPT_DEBUGGER)
     JSGlobalObject* globalObject = codeBlock()->globalObject();
-    Debugger* debugger = globalObject->debugger();
     char* debuggerAddress = reinterpret_cast<char*>(globalObject) + JSGlobalObject::debuggerOffset();
     Jump noDebugger = branchTestPtr(Zero, AbsoluteAddress(debuggerAddress));
-    char* flagAddress = reinterpret_cast<char*>(debugger) + Debugger::needsOpDebugCallbacksOffset();
-    Jump skipDebugHook = branchTest8(Zero, AbsoluteAddress(flagAddress));
+
+    Debugger* debugger = globalObject->debugger();
+    char* shouldPauseAddress = reinterpret_cast<char*>(debugger) + Debugger::shouldPauseOffset();
+    Jump callbackNeeded = branchTest8(NonZero, AbsoluteAddress(shouldPauseAddress));
+
+    char* numBreakpointsAddress = reinterpret_cast<char*>(codeBlock()) + CodeBlock::numBreakpointsOffset();
+    load32(numBreakpointsAddress, regT0);
+    Jump noBreakpointSet = branchTest32(Zero, regT0);
+
+    callbackNeeded.link(this);
     callOperation(operationDebug, currentInstruction[1].u.operand);
-    skipDebugHook.link(this);
+
+    noBreakpointSet.link(this);
     noDebugger.link(this);
 #else

trunk/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp

@@ -998 +998 @@
 #elif ENABLE(JAVASCRIPT_DEBUGGER)
     JSGlobalObject* globalObject = codeBlock()->globalObject();
-    Debugger* debugger = globalObject->debugger();
     char* debuggerAddress = reinterpret_cast<char*>(globalObject) + JSGlobalObject::debuggerOffset();
     loadPtr(debuggerAddress, regT0);
     Jump noDebugger = branchTestPtr(Zero, regT0);
-    char* flagAddress = reinterpret_cast<char*>(debugger) + Debugger::needsOpDebugCallbacksOffset();
-    Jump skipDebugHook = branchTest8(Zero, AbsoluteAddress(flagAddress));
+
+    Debugger* debugger = globalObject->debugger();
+    char* shouldPauseAddress = reinterpret_cast<char*>(debugger) + Debugger::shouldPauseOffset();
+    Jump callbackNeeded = branchTest8(NonZero, AbsoluteAddress(shouldPauseAddress));
+
+    char* numBreakpointsAddress = reinterpret_cast<char*>(codeBlock()) + CodeBlock::numBreakpointsOffset();
+    load32(numBreakpointsAddress, regT0);
+    Jump noBreakpointSet = branchTest32(Zero, regT0);
+
+    callbackNeeded.link(this);
     callOperation(operationDebug, currentInstruction[1].u.operand);
-    skipDebugHook.link(this);
+
+    noBreakpointSet.link(this);
     noDebugger.link(this);
 #else

trunk/Source/JavaScriptCore/llint/LowLevelInterpreter.asm

@@ -836 +836 @@
 _llint_op_debug:
     traceExecution()
-    loadp CodeBlock[cfr], t0
-    loadp CodeBlock::m_globalObject[t0], t0
+    loadp CodeBlock[cfr], t1
+    loadp CodeBlock::m_globalObject[t1], t0
     loadp JSGlobalObject::m_debugger[t0], t0
     btiz t0, .opDebugDone
-    loadb Debugger::m_needsOpDebugCallbacks[t0], t0
-    btbz t0, .opDebugDone
-
+
+    loadb Debugger::m_shouldPause[t0], t0
+    btbnz t0, .opDebugDoCallback
+
+    loadi CodeBlock::m_numBreakpoints[t1], t0
+    btiz t0, .opDebugDone
+
+.opDebugDoCallback:
     callSlowPath(_llint_slow_path_debug)
 .opDebugDone:                    

trunk/Source/JavaScriptCore/runtime/Executable.cpp

@@ -173 +173 @@
     if (oldCodeBlock)
         oldCodeBlock->unlinkIncomingCalls();
+
+    Debugger* debugger = genericCodeBlock->globalObject()->debugger();
+    if (debugger)
+        debugger->registerCodeBlock(genericCodeBlock);
 }