Changeset 180907 in webkit

Timestamp:

Mar 2, 2015 4:24:24 PM (9 years ago)

Author:

mark.lam@apple.com

Message:

Source/JavaScriptCore:
Exception stack unwinding in JSC hangs while the Timeline Profiler is enabled.
<​https://webkit.org/b/142191>

Reviewed by Geoffrey Garen.

Imagine a scenario where the Inspector is paused / suspended at a breakpoint or
while the user is stepping through JS code. The user then tries to evaluate an
expression in the console, and that evaluation results in an exception being
thrown. Currently, if the Timeline Profiler is enabled while this exception is
being thrown, the WebProcess will hang while trying to handle that exception.

The issue is that the Timeline Profiler's ProfileGenerator::didExecute() will
return early and decline to process ProfileNodes if the Inspector is paused.
This is proper because it does not want to count work done for injected scripts
(e.g. from the console) towards the timeline profile of the webpage being run.
However, this is in conflict with ProfileGenerator::exceptionUnwind()'s
expectation that didExecute() will process ProfileNodes in order to do the stack
unwinding for the exception handling. As a result,
ProfileGenerator::exceptionUnwind() hangs.

ProfileGenerator::exceptionUnwind() is in error. While the Inspector is paused,
there will not be any ProfileNodes that it needs to "unwind". Hence, the fix is
simply to return early also in ProfileGenerator::exceptionUnwind() if the
Inspector is paused.

• profiler/ProfileGenerator.cpp:

(JSC::ProfileGenerator::exceptionUnwind):

LayoutTests:
Last gardening after r177774

Unreviewed.

Patch by Myles C. Maxfield <​mmaxfield@apple.com> on 2015-03-02

• fast/text/font-kerning-expected.html:
• fast/text/font-variant-ligatures-expected.html:
• fast/text/whitespace/inline-whitespace-wrapping-7-expected.html:
• fast/text/whitespace/inline-whitespace-wrapping-7.html:
• mathml/presentation/scripts-subsup-expected.html:
• mathml/presentation/scripts-subsup.html:
• platform/mac/TestExpectations:
• platform/mac/fast/text/multiple-codeunit-vertical-upright-expected.html:
• platform/mac/fast/text/multiple-codeunit-vertical-upright.html:
• platform/mac/fast/text/resources/multiple-codeunit-vertical-upright.otf: Removed.
• svg/text/svg-font-word-rounding-hacks-spaces-expected.html:
• svg/text/svg-font-word-rounding-hacks-spaces.html:
• svg/text/tspan-outline-expected.svg:
• svg/text/tspan-outline.html:

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/inspector/timeline/exception-in-injected-script-while-recording-expected.txt (added)
• LayoutTests/inspector/timeline/exception-in-injected-script-while-recording.html (added)
• Source/JavaScriptCore/ChangeLog (modified) (1 diff)
• Source/JavaScriptCore/profiler/ProfileGenerator.cpp (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ -19 +19 @@
         * svg/text/tspan-outline-expected.svg:
         * svg/text/tspan-outline.html:
+
+2015-03-02  Mark Lam  <mark.lam@apple.com>
+
+        Exception stack unwinding in JSC hangs while the Timeline Profiler is enabled.
+        <https://webkit.org/b/142191>
+
+        Reviewed by Geoffrey Garen.
+
+        * inspector/timeline/exception-in-injected-script-while-recording-expected.txt: Added.
+        * inspector/timeline/exception-in-injected-script-while-recording.html: Added.
 
 2015-03-02  Mark Lam  <mark.lam@apple.com>

trunk/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2015-03-02  Mark Lam  <mark.lam@apple.com>
+
+        Exception stack unwinding in JSC hangs while the Timeline Profiler is enabled.
+        <https://webkit.org/b/142191>
+
+        Reviewed by Geoffrey Garen.
+
+        Imagine a scenario where the Inspector is paused / suspended at a breakpoint or
+        while the user is stepping through JS code. The user then tries to evaluate an
+        expression in the console, and that evaluation results in an exception being
+        thrown. Currently, if the Timeline Profiler is enabled while this exception is
+        being thrown, the WebProcess will hang while trying to handle that exception.
+
+        The issue is that the Timeline Profiler's ProfileGenerator::didExecute() will
+        return early and decline to process ProfileNodes if the Inspector is paused.
+        This is proper because it does not want to count work done for injected scripts
+        (e.g. from the console) towards the timeline profile of the webpage being run.
+        However, this is in conflict with ProfileGenerator::exceptionUnwind()'s
+        expectation that didExecute() will process ProfileNodes in order to do the stack
+        unwinding for the exception handling. As a result,
+        ProfileGenerator::exceptionUnwind() hangs.
+
+        ProfileGenerator::exceptionUnwind() is in error. While the Inspector is paused,
+        there will not be any ProfileNodes that it needs to "unwind". Hence, the fix is
+        simply to return early also in ProfileGenerator::exceptionUnwind() if the
+        Inspector is paused.
+
+        * profiler/ProfileGenerator.cpp:
+        (JSC::ProfileGenerator::exceptionUnwind):
+
 2015-03-02  Filip Pizlo  <fpizlo@apple.com>
 

trunk/Source/JavaScriptCore/profiler/ProfileGenerator.cpp

@@ -195 +195 @@
 void ProfileGenerator::exceptionUnwind(ExecState* handlerCallFrame, const CallIdentifier&)
 {
+    if (m_suspended)
+        return;
+
     // If the current node was called by the handler (==) or any
     // more nested function (>) the we have exited early from it.