Changeset 163223 in webkit

Timestamp:

Jan 31, 2014 5:24:39 PM (10 years ago)

Author:

mark.lam@apple.com

Message:

Avoid eagerly creating the JSActivation when the debugger is attached.
<​https://webkit.org/b/127910>

Reviewed by Oliver Hunt.

Octane scores for this patch:

baseline w/o WebInspector: 11621
patched w/o WebInspector: 11801
baseline w/ WebInspector: 3295
patched w/ WebInspector: 7070 2.1x improvement

1. Because debugger can potentially create a closure from any call frame, we need every function to allocate an activation register and check for the need to tear off the activation (if needed) on return.

However, we do not need to eagerly create the activation object.
This patch implements the optimization to defer creation of the
activation object until we actually need it i.e. when:

1. We encounter a "eval", "with", or "catch" statement.
2. We've paused in the debugger, and called DebuggerCallFrame::scope().

2. The UnlinkedCodeBlock provides a needsFullScopeChain flag that is used to indicate whether the linked CodeBlock will need an activation object or not. Under normal circumstances, needsFullScopeChain and needsActivation are synonymous. However, with a debugger attached, we want the CodeBlock to always allocate an activationRegister even if it does not need a "full scope chain".

Hence, we apply the following definitions to the "flags":

1. UnlinkedCodeBlock::needsFullScopeChain() - this flag indicates that the parser discovered JS artifacts (e.g. use of "eval", "with", etc.) that requires an activation.

BytecodeGenerator's destinationForAssignResult() and leftHandSideNeedsCopy()
checks needsFullScopeChain().

2. UnlinkedCodeBlock::hasActivationRegister() - this flag indicates that an activation register was created for the UnlinkedCodeBlock either because it needsFullScopeChain() or because the debugger is attached.

3. CodeBlock::needsActivation() reflects UnlinkedCodeBlock's hasActivationRegister().

3. Introduced BytecodeGenerator::emitPushFunctionNameScope() and BytecodeGenerator::emitPushCatchScope() because the JSNameScope pushed for a function name cannot be popped unlike the JSNameScope pushed for a "catch". Hence, we have 2 functions to handle the 2 cases differently.

4. Removed DebuggerCallFrame::evaluateWithCallFrame() and require that all debugger evaluations go through the DebuggerCallFrame::evaluate(). This ensures that debugger evaluations require a DebuggerCallFrame.

DebuggerCallFrame::evaluateWithCallFrame() was used previously because
we didn't want to instantiate a DebuggerCallFrame on every debug hook
callback. However, we now only call the debug hooks when needed, and
this no longer poses a performance problem.

In addition, when the debug hook does an eval to test a breakpoint
condition, it is incorrect to evaluate it without a DebuggerCallFrame
anyway.

5. Added some utility functions to the CallFrame to make it easier to work with the activation register in the frame (if present). These utility functions should only be called if the CodeBlock::needsActivation() is true (which indicates the presence of the activation register). The utlity functions are:

1. CallFrame::hasActivation()
   • checks if the frame's activation object has been created.

2. CallFrame::activation()
   • returns the frame's activation object.

3. CallFrame::uncheckedActivation()
   • returns the JSValue in the frame's activation register. May be null.

4. CallFrame::setActivation()
   • sets the frame's activation object.

• bytecode/CodeBlock.cpp:

(JSC::CodeBlock::dumpBytecode):

• added symbollic dumping of ResolveMode and ResolveType values for some bytecodes.

(JSC::CodeBlock::CodeBlock):

• bytecode/CodeBlock.h:

(JSC::CodeBlock::activationRegister):
(JSC::CodeBlock::uncheckedActivationRegister):
(JSC::CodeBlock::needsActivation):

• bytecode/UnlinkedCodeBlock.h:

(JSC::UnlinkedCodeBlock::needsFullScopeChain):
(JSC::UnlinkedCodeBlock::hasActivationRegister):

• bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::resolveCallee):
(JSC::BytecodeGenerator::createActivationIfNecessary):
(JSC::BytecodeGenerator::emitCallEval):
(JSC::BytecodeGenerator::emitReturn):
(JSC::BytecodeGenerator::emitPushWithScope):
(JSC::BytecodeGenerator::emitPushFunctionNameScope):
(JSC::BytecodeGenerator::emitPushCatchScope):

• bytecompiler/BytecodeGenerator.h:
• bytecompiler/NodesCodegen.cpp:

(JSC::TryNode::emitBytecode):

• debugger/Debugger.cpp:

(JSC::Debugger::hasBreakpoint):
(JSC::Debugger::pauseIfNeeded):

• debugger/DebuggerCallFrame.cpp:

(JSC::DebuggerCallFrame::scope):
(JSC::DebuggerCallFrame::evaluate):

• debugger/DebuggerCallFrame.h:
• dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::parseCodeBlock):

• dfg/DFGGraph.h:
• Removed an unused function DFGGraph::needsActivation().
• interpreter/CallFrame.cpp:

(JSC::CallFrame::activation):
(JSC::CallFrame::setActivation):

• interpreter/CallFrame.h:

(JSC::ExecState::hasActivation):
(JSC::ExecState::registers):

• interpreter/CallFrameInlines.h:

(JSC::CallFrame::uncheckedActivation):

• interpreter/Interpreter.cpp:

(JSC::unwindCallFrame):
(JSC::Interpreter::unwind):

• jit/JITOperations.cpp:
• llint/LLIntSlowPaths.cpp:

(JSC::LLInt::LLINT_SLOW_PATH_DECL):

• runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

• runtime/JSScope.cpp:
• runtime/JSScope.h:

(JSC::resolveModeName):
(JSC::resolveTypeName):

• utility functions for decoding names of the ResolveMode and ResolveType. These are used in CodeBlock::dumpBytecode().

Location:

trunk/Source/JavaScriptCore

Files:

• ChangeLog (modified) (1 diff)
• bytecode/CodeBlock.cpp (modified) (6 diffs)
• bytecode/CodeBlock.h (modified) (4 diffs)
• bytecode/UnlinkedCodeBlock.h (modified) (3 diffs)
• bytecompiler/BytecodeGenerator.cpp (modified) (18 diffs)
• bytecompiler/BytecodeGenerator.h (modified) (3 diffs)
• bytecompiler/NodesCodegen.cpp (modified) (1 diff)
• debugger/Debugger.cpp (modified) (3 diffs)
• debugger/DebuggerCallFrame.cpp (modified) (5 diffs)
• debugger/DebuggerCallFrame.h (modified) (3 diffs)
• dfg/DFGByteCodeParser.cpp (modified) (1 diff)
• dfg/DFGGraph.h (modified) (2 diffs)
• interpreter/CallFrame.cpp (modified) (3 diffs)
• interpreter/CallFrame.h (modified) (4 diffs)
• interpreter/CallFrameInlines.h (modified) (2 diffs)
• interpreter/Interpreter.cpp (modified) (3 diffs)
• jit/JITOperations.cpp (modified) (2 diffs)
• llint/LLIntSlowPaths.cpp (modified) (2 diffs)
• runtime/CommonSlowPaths.cpp (modified) (1 diff)
• runtime/JSScope.cpp (modified) (2 diffs)
• runtime/JSScope.h (modified) (2 diffs)

trunk/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2014-01-31  Mark Lam  <mark.lam@apple.com>
+
+        Avoid eagerly creating the JSActivation when the debugger is attached.
+        <https://webkit.org/b/127910>
+
+        Reviewed by Oliver Hunt.
+
+        Octane scores for this patch:
+            baseline w/o WebInspector: 11621
+            patched  w/o WebInspector: 11801
+            baseline w/ WebInspector:  3295
+            patched  w/ WebInspector:  7070   2.1x improvement
+
+        1. Because debugger can potentially create a closure from any call frame,
+           we need every function to allocate an activation register and check for
+           the need to tear off the activation (if needed) on return.
+
+           However, we do not need to eagerly create the activation object.
+           This patch implements the optimization to defer creation of the
+           activation object until we actually need it i.e. when:
+
+           1. We encounter a "eval", "with", or "catch" statement.
+           2. We've paused in the debugger, and called DebuggerCallFrame::scope().
+
+        2. The UnlinkedCodeBlock provides a needsFullScopeChain flag that is used
+           to indicate whether the linked CodeBlock will need an activation
+           object or not. Under normal circumstances, needsFullScopeChain and
+           needsActivation are synonymous. However, with a debugger attached, we
+           want the CodeBlock to always allocate an activationRegister even if
+           it does not need a "full scope chain".
+
+           Hence, we apply the following definitions to the "flags":
+
+           1. UnlinkedCodeBlock::needsFullScopeChain() - this flag indicates that
+              the parser discovered JS artifacts (e.g. use of "eval", "with", etc.)
+              that requires an activation.
+
+              BytecodeGenerator's destinationForAssignResult() and leftHandSideNeedsCopy()
+              checks needsFullScopeChain().
+
+           2. UnlinkedCodeBlock::hasActivationRegister() - this flag indicates that
+              an activation register was created for the UnlinkedCodeBlock either
+              because it needsFullScopeChain() or because the debugger is attached.
+
+           3. CodeBlock::needsActivation() reflects UnlinkedCodeBlock's
+              hasActivationRegister().
+
+        3. Introduced BytecodeGenerator::emitPushFunctionNameScope() and
+           BytecodeGenerator::emitPushCatchScope() because the JSNameScope
+           pushed for a function name cannot be popped unlike the JSNameScope
+           pushed for a "catch". Hence, we have 2 functions to handle the 2 cases
+           differently.
+
+        4. Removed DebuggerCallFrame::evaluateWithCallFrame() and require that all
+           debugger evaluations go through the DebuggerCallFrame::evaluate(). This
+           ensures that debugger evaluations require a DebuggerCallFrame.
+
+           DebuggerCallFrame::evaluateWithCallFrame() was used previously because
+           we didn't want to instantiate a DebuggerCallFrame on every debug hook
+           callback. However, we now only call the debug hooks when needed, and
+           this no longer poses a performance problem.
+
+           In addition, when the debug hook does an eval to test a breakpoint
+           condition, it is incorrect to evaluate it without a DebuggerCallFrame
+           anyway.
+
+        5. Added some utility functions to the CallFrame to make it easier to work
+           with the activation register in the frame (if present). These utility
+           functions should only be called if the CodeBlock::needsActivation() is
+           true (which indicates the presence of the activation register). The
+           utlity functions are:
+
+           1. CallFrame::hasActivation()
+              - checks if the frame's activation object has been created.
+
+           2. CallFrame::activation()
+              - returns the frame's activation object.
+
+           3. CallFrame::uncheckedActivation()
+              - returns the JSValue in the frame's activation register. May be null.
+
+           4. CallFrame::setActivation()
+              - sets the frame's activation object.
+
+        * bytecode/CodeBlock.cpp:
+        (JSC::CodeBlock::dumpBytecode):
+        - added symbollic dumping of ResolveMode and ResolveType values for some
+          bytecodes.
+        (JSC::CodeBlock::CodeBlock):
+        * bytecode/CodeBlock.h:
+        (JSC::CodeBlock::activationRegister):
+        (JSC::CodeBlock::uncheckedActivationRegister):
+        (JSC::CodeBlock::needsActivation):
+        * bytecode/UnlinkedCodeBlock.h:
+        (JSC::UnlinkedCodeBlock::needsFullScopeChain):
+        (JSC::UnlinkedCodeBlock::hasActivationRegister):
+        * bytecompiler/BytecodeGenerator.cpp:
+        (JSC::BytecodeGenerator::BytecodeGenerator):
+        (JSC::BytecodeGenerator::resolveCallee):
+        (JSC::BytecodeGenerator::createActivationIfNecessary):
+        (JSC::BytecodeGenerator::emitCallEval):
+        (JSC::BytecodeGenerator::emitReturn):
+        (JSC::BytecodeGenerator::emitPushWithScope):
+        (JSC::BytecodeGenerator::emitPushFunctionNameScope):
+        (JSC::BytecodeGenerator::emitPushCatchScope):
+        * bytecompiler/BytecodeGenerator.h:
+        * bytecompiler/NodesCodegen.cpp:
+        (JSC::TryNode::emitBytecode):
+        * debugger/Debugger.cpp:
+        (JSC::Debugger::hasBreakpoint):
+        (JSC::Debugger::pauseIfNeeded):
+        * debugger/DebuggerCallFrame.cpp:
+        (JSC::DebuggerCallFrame::scope):
+        (JSC::DebuggerCallFrame::evaluate):
+        * debugger/DebuggerCallFrame.h:
+        * dfg/DFGByteCodeParser.cpp:
+        (JSC::DFG::ByteCodeParser::parseCodeBlock):
+        * dfg/DFGGraph.h:
+        - Removed an unused function DFGGraph::needsActivation().
+        * interpreter/CallFrame.cpp:
+        (JSC::CallFrame::activation):
+        (JSC::CallFrame::setActivation):
+        * interpreter/CallFrame.h:
+        (JSC::ExecState::hasActivation):
+        (JSC::ExecState::registers):
+        * interpreter/CallFrameInlines.h:
+        (JSC::CallFrame::uncheckedActivation):
+        * interpreter/Interpreter.cpp:
+        (JSC::unwindCallFrame):
+        (JSC::Interpreter::unwind):
+        * jit/JITOperations.cpp:
+        * llint/LLIntSlowPaths.cpp:
+        (JSC::LLInt::LLINT_SLOW_PATH_DECL):
+        * runtime/CommonSlowPaths.cpp:
+        (JSC::SLOW_PATH_DECL):
+
+        * runtime/JSScope.cpp:
+        * runtime/JSScope.h:
+        (JSC::resolveModeName):
+        (JSC::resolveTypeName):
+        - utility functions for decoding names of the ResolveMode and ResolveType.
+          These are used in CodeBlock::dumpBytecode().
+
 2014-01-31  Michael Saboff  <msaboff@apple.com>
 

trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp

@@ -533 +533 @@
             unmodifiedArgumentsRegister(argumentsRegister()).offset());
     }
-    if (needsFullScopeChain() && codeType() == FunctionCode)
+    if (needsActivation() && codeType() == FunctionCode)
         out.printf("; activation in r%d", activationRegister().offset());
     out.printf("\n");
@@ -1383 +1383 @@
             int r0 = (++it)->u.operand;
             int id0 = (++it)->u.operand;
-            int resolveModeAndType = (++it)->u.operand;
-            ++it; // depth
+            ResolveModeAndType modeAndType = ResolveModeAndType((++it)->u.operand);
+            int depth = (++it)->u.operand;
             printLocationAndOp(out, exec, location, it, "resolve_scope");
-            out.printf("%s, %s, %d", registerName(r0).data(), idName(id0, identifier(id0)).data(), resolveModeAndType);
+            out.printf("%s, %s, %u<%s|%s>, %d", registerName(r0).data(), idName(id0, identifier(id0)).data(),
+                modeAndType.operand(), resolveModeName(modeAndType.mode()), resolveTypeName(modeAndType.type()),
+                depth);
             ++it;
             break;
@@ -1394 +1396 @@
             int r1 = (++it)->u.operand;
             int id0 = (++it)->u.operand;
-            int resolveModeAndType = (++it)->u.operand;
+            ResolveModeAndType modeAndType = ResolveModeAndType((++it)->u.operand);
             ++it; // Structure
-            ++it; // Operand
+            int operand = (++it)->u.operand; // Operand
             ++it; // Skip value profile.
             printLocationAndOp(out, exec, location, it, "get_from_scope");
-            out.printf("%s, %s, %s, %d", registerName(r0).data(), registerName(r1).data(), idName(id0, identifier(id0)).data(), resolveModeAndType);
+            out.printf("%s, %s, %s, %u<%s|%s>, <structure>, %d",
+                registerName(r0).data(), registerName(r1).data(), idName(id0, identifier(id0)).data(),
+                modeAndType.operand(), resolveModeName(modeAndType.mode()), resolveTypeName(modeAndType.type()),
+                operand);
             break;
         }
@@ -1406 +1411 @@
             int id0 = (++it)->u.operand;
             int r1 = (++it)->u.operand;
-            int resolveModeAndType = (++it)->u.operand;
+            ResolveModeAndType modeAndType = ResolveModeAndType((++it)->u.operand);
             ++it; // Structure
-            ++it; // Operand
+            int operand = (++it)->u.operand; // Operand
             printLocationAndOp(out, exec, location, it, "put_to_scope");
-            out.printf("%s, %s, %s, %d", registerName(r0).data(), idName(id0, identifier(id0)).data(), registerName(r1).data(), resolveModeAndType);
+            out.printf("%s, %s, %s, %u<%s|%s>, <structure>, %d",
+                registerName(r0).data(), idName(id0, identifier(id0)).data(), registerName(r1).data(),
+                modeAndType.operand(), resolveModeName(modeAndType.mode()), resolveTypeName(modeAndType.type()),
+                operand);
             break;
         }
@@ -1543 +1551 @@
     , m_activationRegister(unlinkedCodeBlock->activationRegister())
     , m_isStrictMode(unlinkedCodeBlock->isStrictMode())
-    , m_needsActivation(unlinkedCodeBlock->needsFullScopeChain() && unlinkedCodeBlock->codeType() == FunctionCode)
+    , m_needsActivation(unlinkedCodeBlock->hasActivationRegister() && unlinkedCodeBlock->codeType() == FunctionCode)
     , m_source(sourceProvider)
     , m_sourceOffset(sourceOffset)
@@ -1868 +1876 @@
     if (Options::dumpGeneratedBytecodes())
         dumpBytecode();
-
     
     m_heap->m_codeBlocks.add(this);

trunk/Source/JavaScriptCore/bytecode/CodeBlock.h

@@ -306 +306 @@
     VirtualRegister thisRegister() const { return m_thisRegister; }
 
-    bool needsFullScopeChain() const { return m_unlinkedCode->needsFullScopeChain(); }
     bool usesEval() const { return m_unlinkedCode->usesEval(); }
 
@@ -333 +332 @@
     VirtualRegister activationRegister() const
     {
-        ASSERT(needsFullScopeChain());
+        ASSERT(m_activationRegister.isValid());
         return m_activationRegister;
     }
@@ -339 +338 @@
     VirtualRegister uncheckedActivationRegister()
     {
-        if (!needsFullScopeChain())
-            return VirtualRegister();
-        return activationRegister();
+        return m_activationRegister;
     }
 
@@ -348 +345 @@
     bool needsActivation() const
     {
+        ASSERT(m_activationRegister.isValid() == m_needsActivation);
         return m_needsActivation;
     }

trunk/Source/JavaScriptCore/bytecode/UnlinkedCodeBlock.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2012, 2013 Apple Inc. All Rights Reserved.
+ * Copyright (C) 2012, 2013, 2014 Apple Inc. All Rights Reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -270 +270 @@
 
     bool needsFullScopeChain() const { return m_needsFullScopeChain; }
-    void setNeedsFullScopeChain(bool needsFullScopeChain) { m_needsFullScopeChain = needsFullScopeChain; }
 
     void addExpressionInfo(unsigned instructionOffset, int divot,
@@ -426 +425 @@
     VirtualRegister thisRegister() const { return m_thisRegister; }
     VirtualRegister activationRegister() const { return m_activationRegister; }
-
+    bool hasActivationRegister() const { return m_activationRegister.isValid(); }
 
     void addPropertyAccessInstruction(unsigned propertyAccessInstruction)

trunk/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp

@@ -158 +158 @@
     , m_codeBlock(vm, codeBlock)
     , m_thisRegister(CallFrame::thisArgumentOffset())
+    , m_activationRegister(0)
     , m_emptyValueRegister(0)
     , m_globalObjectRegister(0)
@@ -165 +166 @@
     , m_nextConstantOffset(0)
     , m_globalConstantIndex(0)
-    , m_hasCreatedActivation(true)
     , m_firstLazyFunction(0)
     , m_lastLazyFunction(0)
@@ -178 +178 @@
     , m_isBuiltinFunction(false)
 {
-    if (m_shouldEmitDebugHooks)
-        m_codeBlock->setNeedsFullScopeChain(true);
-
     m_codeBlock->setNumParameters(1); // Allocate space for "this"
 
@@ -213 +210 @@
     , m_nextConstantOffset(0)
     , m_globalConstantIndex(0)
-    , m_hasCreatedActivation(false)
     , m_firstLazyFunction(0)
     , m_lastLazyFunction(0)
@@ -231 +227 @@
     }
 
-    if (m_shouldEmitDebugHooks)
-        m_codeBlock->setNeedsFullScopeChain(true);
-
     m_symbolTable->setUsesNonStrictEval(codeBlock->usesEval() && !codeBlock->isStrictMode());
     Vector<Identifier> boundParameterProperties;
@@ -247 +240 @@
 
     emitOpcode(op_enter);
-    if (m_codeBlock->needsFullScopeChain()) {
+    if (m_codeBlock->needsFullScopeChain() || m_shouldEmitDebugHooks) {
         m_activationRegister = addVar();
         emitInitLazyRegister(m_activationRegister);
@@ -316 +309 @@
     // Captured variables and functions go first so that activations don't have
     // to step over the non-captured locals to mark them.
-    m_hasCreatedActivation = false;
     if (functionBody->hasCapturedVariables()) {
         for (size_t i = 0; i < functionStack.size(); ++i) {
@@ -322 +314 @@
             const Identifier& ident = function->ident();
             if (functionBody->captures(ident)) {
-                if (!m_hasCreatedActivation) {
-                    m_hasCreatedActivation = true;
-                    emitOpcode(op_create_activation);
-                    instructions().append(m_activationRegister->index());
-                }
                 m_functions.add(ident.impl());
                 emitNewFunction(addVar(ident, IsVariable, IsWatchable), IsCaptured, function);
@@ -337 +324 @@
         }
     }
+
+    m_symbolTable->setCaptureEnd(virtualRegisterForLocal(codeBlock->m_numVars).offset());
+
     bool canLazilyCreateFunctions = !functionBody->needsActivationForMoreThanVariables() && !m_shouldEmitDebugHooks;
-    if (!canLazilyCreateFunctions && !m_hasCreatedActivation) {
-        m_hasCreatedActivation = true;
-        emitOpcode(op_create_activation);
-        instructions().append(m_activationRegister->index());
-    }
-
-    m_symbolTable->setCaptureEnd(virtualRegisterForLocal(codeBlock->m_numVars).offset());
-
     m_firstLazyFunction = codeBlock->m_numVars;
     for (size_t i = 0; i < functionStack.size(); ++i) {
@@ -428 +410 @@
     , m_codeBlock(vm, codeBlock)
     , m_thisRegister(CallFrame::thisArgumentOffset())
+    , m_activationRegister(0)
     , m_emptyValueRegister(0)
     , m_globalObjectRegister(0)
@@ -435 +418 @@
     , m_nextConstantOffset(0)
     , m_globalConstantIndex(0)
-    , m_hasCreatedActivation(true)
     , m_firstLazyFunction(0)
     , m_lastLazyFunction(0)
@@ -448 +430 @@
     , m_isBuiltinFunction(false)
 {
-    m_codeBlock->setNeedsFullScopeChain(true);
-
     m_symbolTable->setUsesNonStrictEval(codeBlock->usesEval() && !codeBlock->isStrictMode());
     m_codeBlock->setNumParameters(1);
@@ -492 +472 @@
     // If non-strict eval is in play, we use a separate object in the scope chain for the callee's name.
     if (m_codeBlock->usesEval() && !m_codeBlock->isStrictMode())
-        emitPushNameScope(functionBodyNode->ident(), &m_calleeRegister, ReadOnly | DontDelete);
+        emitPushFunctionNameScope(functionBodyNode->ident(), &m_calleeRegister, ReadOnly | DontDelete);
 
     if (!functionBodyNode->captures(functionBodyNode->ident()))
@@ -1643 +1623 @@
 void BytecodeGenerator::createActivationIfNecessary()
 {
-    if (m_hasCreatedActivation)
-        return;
-    if (!m_codeBlock->needsFullScopeChain())
+    if (!m_activationRegister)
         return;
     emitOpcode(op_create_activation);
@@ -1653 +1631 @@
 RegisterID* BytecodeGenerator::emitCallEval(RegisterID* dst, RegisterID* func, CallArguments& callArguments, const JSTextPosition& divot, const JSTextPosition& divotStart, const JSTextPosition& divotEnd)
 {
+    createActivationIfNecessary();
     return emitCall(op_call_eval, dst, func, NoExpectedFunction, callArguments, divot, divotStart, divotEnd);
 }
@@ -1825 +1804 @@
 RegisterID* BytecodeGenerator::emitReturn(RegisterID* src)
 {
-    if (m_codeBlock->needsFullScopeChain()) {
+    if (m_activationRegister) {
         emitOpcode(op_tear_off_activation);
         instructions().append(m_activationRegister->index());
@@ -1933 +1912 @@
     m_localScopeDepth++;
 
+    createActivationIfNecessary();
     return emitUnaryNoDstOp(op_push_with_scope, scope);
 }
@@ -2275 +2255 @@
 }
 
-void BytecodeGenerator::emitPushNameScope(const Identifier& property, RegisterID* value, unsigned attributes)
-{
+void BytecodeGenerator::emitPushFunctionNameScope(const Identifier& property, RegisterID* value, unsigned attributes)
+{
+    emitOpcode(op_push_name_scope);
+    instructions().append(addConstant(property));
+    instructions().append(value->index());
+    instructions().append(attributes);
+}
+
+void BytecodeGenerator::emitPushCatchScope(const Identifier& property, RegisterID* value, unsigned attributes)
+{
+    createActivationIfNecessary();
+
     ControlFlowContext context;
     context.isFinallyBlock = false;

trunk/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2008, 2009, 2012, 2013 Apple Inc. All rights reserved.
+ * Copyright (C) 2008, 2009, 2012, 2013, 2014 Apple Inc. All rights reserved.
  * Copyright (C) 2008 Cameron Zwarich <cwzwarich@uwaterloo.ca>
  * Copyright (C) 2012 Igalia, S.L.
@@ -426 +426 @@
         void emitThrowReferenceError(const String& message);
 
-        void emitPushNameScope(const Identifier& property, RegisterID* value, unsigned attributes);
+        void emitPushFunctionNameScope(const Identifier& property, RegisterID* value, unsigned attributes);
+        void emitPushCatchScope(const Identifier& property, RegisterID* value, unsigned attributes);
 
         RegisterID* emitPushWithScope(RegisterID* scope);
@@ -656 +657 @@
         int m_globalVarStorageOffset;
 
-        bool m_hasCreatedActivation;
         int m_firstLazyFunction;
         int m_lastLazyFunction;

trunk/Source/JavaScriptCore/bytecompiler/NodesCodegen.cpp

@@ -2217 +2217 @@
         }
         
-        generator.emitPushNameScope(m_exceptionIdent, exceptionRegister.get(), DontDelete);
+        generator.emitPushCatchScope(m_exceptionIdent, exceptionRegister.get(), DontDelete);
         generator.emitNode(dst, m_catchBlock);
         generator.emitPopScope();

trunk/Source/JavaScriptCore/debugger/Debugger.cpp

@@ -454 +454 @@
 
     JSValue exception;
-    JSValue result = DebuggerCallFrame::evaluateWithCallFrame(m_currentCallFrame, breakpoints[i].condition, exception);
+    DebuggerCallFrame* debuggerCallFrame = currentDebuggerCallFrame();
+    JSValue result = debuggerCallFrame->evaluate(breakpoints[i].condition, exception);
 
     // We can lose the debugger while executing JavaScript.
@@ -622 +623 @@
     pauseNow |= (m_pauseOnCallFrame == m_currentCallFrame);
 
+    DebuggerCallFrameScope debuggerCallFrameScope(*this);
+
     intptr_t sourceID = DebuggerCallFrame::sourceIDForCallFrame(m_currentCallFrame);
     TextPosition position = DebuggerCallFrame::positionForCallFrame(m_currentCallFrame);
@@ -628 +631 @@
     if (!pauseNow)
         return;
-
-    DebuggerCallFrameScope debuggerCallFrameScope(*this);
 
     // Make sure we are not going to pause again on breakpoint actions by

trunk/Source/JavaScriptCore/debugger/DebuggerCallFrame.cpp

@@ -1 +1 @@
 /*
- * Copyright (C) 2008, 2013 Apple Inc. All rights reserved.
+ * Copyright (C) 2008, 2013, 2014 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -30 +30 @@
 #include "DebuggerCallFrame.h"
 
-#include "JSFunction.h"
+#include "CallFrameInlines.h"
 #include "CodeBlock.h"
 #include "Interpreter.h"
+#include "JSActivation.h"
+#include "JSFunction.h"
 #include "Operations.h"
 #include "Parser.h"
@@ -111 +113 @@
     if (!isValid())
         return 0;
+
+    CodeBlock* codeBlock = m_callFrame->codeBlock();
+    if (codeBlock && codeBlock->needsActivation() && !m_callFrame->hasActivation()) {
+        JSActivation* activation = JSActivation::create(*codeBlock->vm(), m_callFrame, codeBlock);
+        m_callFrame->setActivation(activation);
+        m_callFrame->setScope(activation);
+    }
+
     return m_callFrame->scope();
 }
@@ -133 +143 @@
 
 // Evaluate some JavaScript code in the scope of this frame.
-JSValue DebuggerCallFrame::evaluate(const String& script, JSValue& exception) const
-{
-    ASSERT(isValid());
-    return evaluateWithCallFrame(m_callFrame, script, exception);
-}
-
-JSValue DebuggerCallFrame::evaluateWithCallFrame(CallFrame* callFrame, const String& script, JSValue& exception)
-{
+JSValue DebuggerCallFrame::evaluate(const String& script, JSValue& exception)
+{
+    ASSERT(isValid());
+    CallFrame* callFrame = m_callFrame;
     if (!callFrame)
         return jsNull();
@@ -158 +164 @@
 
     JSValue thisValue = thisValueForCallFrame(callFrame);
-    JSValue result = vm.interpreter->execute(eval, callFrame, thisValue, callFrame->scope());
+    JSValue result = vm.interpreter->execute(eval, callFrame, thisValue, scope());
     if (vm.exception()) {
         exception = vm.exception();

trunk/Source/JavaScriptCore/debugger/DebuggerCallFrame.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2008, 2013 Apple Inc. All rights reserved.
+ * Copyright (C) 2008, 2013, 2014 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -63 +63 @@
     JS_EXPORT_PRIVATE Type type() const;
     JS_EXPORT_PRIVATE JSValue thisValue() const;
-    JS_EXPORT_PRIVATE JSValue evaluate(const String&, JSValue& exception) const;
+    JSValue evaluate(const String&, JSValue& exception);
 
     bool isValid() const { return !!m_callFrame; }
@@ -71 +71 @@
     // made private soon. Other clients should not use these.
 
-    JS_EXPORT_PRIVATE static JSValue evaluateWithCallFrame(CallFrame*, const String& script, JSValue& exception);
     JS_EXPORT_PRIVATE static TextPosition positionForCallFrame(CallFrame*);
     JS_EXPORT_PRIVATE static SourceID sourceIDForCallFrame(CallFrame*);

trunk/Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp

@@ -3621 +3621 @@
         dataLog(
             ": captureCount = ", codeBlock->symbolTable() ? codeBlock->symbolTable()->captureCount() : 0,
-            ", needsFullScopeChain = ", codeBlock->needsFullScopeChain(),
-            ", needsActivation = ", codeBlock->ownerExecutable()->needsActivation(),
+            ", needsActivation = ", codeBlock->needsActivation(),
             ", isStrictMode = ", codeBlock->ownerExecutable()->isStrictMode(), "\n");
         codeBlock->baselineVersion()->dumpBytecode();

trunk/Source/JavaScriptCore/dfg/DFGGraph.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2011, 2012, 2013 Apple Inc. All rights reserved.
+ * Copyright (C) 2011, 2012, 2013, 2014 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -570 +570 @@
         
         return MethodOfGettingAValueProfile(valueProfileFor(node));
-    }
-    
-    bool needsActivation() const
-    {
-        return m_codeBlock->needsFullScopeChain() && m_codeBlock->codeType() != GlobalCode;
     }
     

trunk/Source/JavaScriptCore/interpreter/CallFrame.cpp

@@ -1 +1 @@
 /*
- * Copyright (C) 2008, 2013 Apple Inc. All Rights Reserved.
+ * Copyright (C) 2008, 2013, 2014 Apple Inc. All Rights Reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -30 +30 @@
 #include "CodeBlock.h"
 #include "Interpreter.h"
+#include "JSActivation.h"
 #include "Operations.h"
 #include "VMEntryScope.h"
@@ -135 +136 @@
 }
 
+JSActivation* CallFrame::activation() const
+{
+    CodeBlock* codeBlock = this->codeBlock();
+    RELEASE_ASSERT(codeBlock->needsActivation());
+    VirtualRegister activationRegister = codeBlock->activationRegister();
+    return registers()[activationRegister.offset()].Register::activation();
+}
+
+void CallFrame::setActivation(JSActivation* activation)
+{
+    CodeBlock* codeBlock = this->codeBlock();
+    RELEASE_ASSERT(codeBlock->needsActivation());
+    VirtualRegister activationRegister = codeBlock->activationRegister();
+    registers()[activationRegister.offset()] = activation;
+}
+
 } // namespace JSC

trunk/Source/JavaScriptCore/interpreter/CallFrame.h

@@ -2 +2 @@
  *  Copyright (C) 1999-2001 Harri Porten (porten@kde.org)
  *  Copyright (C) 2001 Peter Kelly (pmk@post.com)
- *  Copyright (C) 2003, 2007, 2008, 2011, 2013 Apple Inc. All rights reserved.
+ *  Copyright (C) 2003, 2007, 2008, 2011, 2013, 2014 Apple Inc. All rights reserved.
  *
  *  This library is free software; you can redistribute it and/or
@@ -50 +50 @@
             return this[JSStack::ScopeChain].Register::scope();
         }
+
+        bool hasActivation() const { return !!uncheckedActivation(); }
+        JSActivation* activation() const;
+        inline JSValue uncheckedActivation() const;
 
         // Global object in which execution began.
@@ -109 +113 @@
         static CallFrame* create(Register* callFrameBase) { return static_cast<CallFrame*>(callFrameBase); }
         Register* registers() { return this; }
+        const Register* registers() const { return this; }
 
         CallFrame& operator=(const Register& r) { *static_cast<Register*>(this) = r; return *this; }
@@ -202 +207 @@
         void setCallerFrame(CallFrame* frame) { callerFrameAndPC().callerFrame = frame; }
         void setScope(JSScope* scope) { static_cast<Register*>(this)[JSStack::ScopeChain] = scope; }
+        void setActivation(JSActivation*);
 
         ALWAYS_INLINE void init(CodeBlock* codeBlock, Instruction* vPC, JSScope* scope,

trunk/Source/JavaScriptCore/interpreter/CallFrameInlines.h

@@ -28 +28 @@
 
 #include "CallFrame.h"
+#include "CodeBlock.h"
 
 namespace JSC  {
@@ -139 +140 @@
 }
 
+inline JSValue CallFrame::uncheckedActivation() const
+{
+    CodeBlock* codeBlock = this->codeBlock();
+    RELEASE_ASSERT(codeBlock->needsActivation());
+    VirtualRegister activationRegister = codeBlock->activationRegister();
+    return registers()[activationRegister.offset()].jsValue();
+}
+
 } // namespace JSC
 

trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp

@@ -33 +33 @@
 #include "Arguments.h"
 #include "BatchedTransitionOptimizer.h"
-#include "CallFrame.h"
 #include "CallFrameClosure.h"
 #include "CallFrameInlines.h"
@@ -429 +428 @@
         RELEASE_ASSERT(!visitor->isInlinedFrame());
 #endif
-        activation = callFrame->uncheckedR(codeBlock->activationRegister().offset()).jsValue();
+        activation = callFrame->uncheckedActivation();
         if (activation)
             jsCast<JSActivation*>(activation)->tearOff(*scope->vm());
@@ -713 +712 @@
     // Unwind the scope chain within the exception handler's call frame.
     int targetScopeDepth = handler->scopeDepth;
-    if (codeBlock->needsActivation() && callFrame->uncheckedR(codeBlock->activationRegister().offset()).jsValue())
+    if (codeBlock->needsActivation() && callFrame->hasActivation())
         ++targetScopeDepth;
 

trunk/Source/JavaScriptCore/jit/JITOperations.cpp

@@ -616 +616 @@
 {
     ASSERT(exec->codeBlock()->codeType() != FunctionCode
-        || !exec->codeBlock()->needsFullScopeChain()
-        || exec->uncheckedR(exec->codeBlock()->activationRegister().offset()).jsValue());
+        || !exec->codeBlock()->needsActivation()
+        || exec->hasActivation());
 
     execCallee->setScope(exec->scope());
@@ -1521 +1521 @@
     NativeCallFrameTracer tracer(&vm, exec);
 
-    ASSERT(exec->codeBlock()->needsFullScopeChain());
+    ASSERT(exec->codeBlock()->needsActivation());
     jsCast<JSActivation*>(activationCell)->tearOff(vm);
 }

trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp

@@ -983 +983 @@
     LLINT_BEGIN();
     CodeBlock* codeBlock = exec->codeBlock();
-    ASSERT(codeBlock->codeType() != FunctionCode
-           || !codeBlock->needsFullScopeChain()
-           || exec->uncheckedR(codeBlock->activationRegister().offset()).jsValue());
+    ASSERT(codeBlock->codeType() != FunctionCode || !codeBlock->needsActivation() || exec->hasActivation());
 #if LLINT_SLOW_PATH_TRACING
     dataLogF("Creating function!\n");
@@ -1211 +1209 @@
 {
     LLINT_BEGIN();
-    ASSERT(exec->codeBlock()->needsFullScopeChain());
+    ASSERT(exec->codeBlock()->needsActivation());
     jsCast<JSActivation*>(LLINT_OP(1).jsValue())->tearOff(vm);
     LLINT_END();

trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.cpp

@@ -271 +271 @@
     BEGIN();
     CodeBlock* codeBlock = exec->codeBlock();
-    ASSERT(
-        codeBlock->codeType() != FunctionCode
-        || !codeBlock->needsFullScopeChain()
-        || exec->uncheckedR(codeBlock->activationRegister().offset()).jsValue());
+    ASSERT(codeBlock->codeType() != FunctionCode || !codeBlock->needsActivation() || exec->hasActivation());
     JSValue value = JSFunction::create(vm, codeBlock->functionDecl(pc[2].u.operand), exec->scope());
     if (VariableWatchpointSet* set = pc[3].u.watchpointSet)

trunk/Source/JavaScriptCore/runtime/JSScope.cpp

@@ -1 +1 @@
 /*
- * Copyright (C) 2012, 2013 Apple Inc. All Rights Reserved.
+ * Copyright (C) 2012, 2013, 2014 Apple Inc. All Rights Reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -158 +158 @@
 }
 
+const char* resolveModeName(ResolveMode mode)
+{
+    static const char* const names[] = {
+        "ThrowIfNotFound",
+        "DoNotThrowIfNotFound"
+    };
+    return names[mode];
+}
+
+const char* resolveTypeName(ResolveType type)
+{
+    static const char* const names[] = {
+        "GlobalProperty",
+        "GlobalVar",
+        "ClosureVar",
+        "GlobalPropertyWithVarInjectionChecks",
+        "GlobalVarWithVarInjectionChecks",
+        "ClosureVarWithVarInjectionChecks",
+        "Dynamic"
+    };
+    ASSERT(type < sizeof(names) / sizeof(names[0]));
+    return names[type];
+}
+
 } // namespace JSC

trunk/Source/JavaScriptCore/runtime/JSScope.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2012, 2013 Apple Inc. All Rights Reserved.
+ * Copyright (C) 2012, 2013, 2014 Apple Inc. All Rights Reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -55 +55 @@
 };
 
+const char* resolveModeName(ResolveMode mode);
+const char* resolveTypeName(ResolveType type);
+
 inline ResolveType makeType(ResolveType type, bool needsVarInjectionChecks)
 {