Changeset 150186 in webkit

Timestamp:

May 16, 2013 10:54:38 AM (11 years ago)

Author:

mark.lam@apple.com

Message:

Implement a probe mechanism for JIT generated code.
​https://bugs.webkit.org/show_bug.cgi?id=115705.

Reviewed by Geoffrey Garen.

The probe is in the form of a MacroAssembler pseudo instruction.
It takes 3 arguments: a ProbeFunction, and 2 void* args.

When inserted into the JIT at some code generation site, the probe
pseudo "instruction" will emit a minimal amount of code to save the
stack pointer, 1 (or more) scratch register(s), and the probe
arguments into a ProbeContext record on the stack. The emitted code
will then call a probe trampoline to do the rest of the work, which
consists of:

1. saving the remaining registers into the ProbeContext.
2. calling the ProbeFunction, and passing it the ProbeContext pointer.
3. restoring the registers from the ProbeContext after the ProbeFunction returns, and then returning to the JIT generated code.

The ProbeContext is stack allocated and is only valid for the duration
that the ProbeFunction is executing.

If the user supplied ProbeFunction alters the register values in the
ProbeContext, the new values will be installed into the registers upon
returning from the probe. This can be useful for some debugging or
testing purposes.

The probe mechanism is built conditional on USE(MASM_PROBE) which is
defined in config.h. USE(MASM_PROBE) will off by default.

This changeset only implements the probe mechanism for X86 and X86_64.

• CMakeLists.txt:
• GNUmakefile.list.am:
• JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
• JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
• JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
• JavaScriptCore.xcodeproj/project.pbxproj:
• Target.pri:
• assembler/MacroAssembler.h:

(MacroAssembler):
(JSC::MacroAssembler::shouldBlind):
(JSC::MacroAssembler::store32):

• assembler/MacroAssemblerX86.h:

(MacroAssemblerX86):
(JSC::MacroAssemblerX86::trustedImm32FromPtr):
(JSC::MacroAssemblerX86::probe):

• assembler/MacroAssemblerX86Common.cpp: Added.

(JSC::MacroAssemblerX86Common::ProbeContext::dumpCPURegisters):

• CPU specific register dumper called by ProbeContext::dump().

(JSC::MacroAssemblerX86Common::ProbeContext::dump):

• Prints the ProbeContext to the DataLog.
• assembler/MacroAssemblerX86Common.h:

(MacroAssemblerX86Common):
(CPUState): Added.
(ProbeContext): Added.

• assembler/MacroAssemblerX86_64.h:

(MacroAssemblerX86_64):
(JSC::MacroAssemblerX86_64::trustedImm64FromPtr):
(JSC::MacroAssemblerX86_64::probe):

• assembler/X86Assembler.h:
• config.h: Added WTF_USE_MASM_PROBE flag.
• jit/JITStubs.cpp:
• jit/JITStubs.h:
• jit/JITStubsX86.h:
• jit/JITStubsX86Common.h: Added.
• jit/JITStubsX86_64.h:

Location:

branches/dfgFourthTier/Source/JavaScriptCore

Files:

• CMakeLists.txt (modified) (1 diff)
• ChangeLog (modified) (1 diff)
• GNUmakefile.list.am (modified) (1 diff)
• JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj (modified) (2 diffs)
• JavaScriptCore.vcxproj/JavaScriptCore.vcxproj (modified) (2 diffs)
• JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters (modified) (2 diffs)
• JavaScriptCore.xcodeproj/project.pbxproj (modified) (6 diffs)
• Target.pri (modified) (1 diff)
• assembler/MacroAssembler.h (modified) (9 diffs)
• assembler/MacroAssemblerX86.h (modified) (3 diffs)
• assembler/MacroAssemblerX86Common.cpp (added)
• assembler/MacroAssemblerX86Common.h (modified) (2 diffs)
• assembler/MacroAssemblerX86_64.h (modified) (3 diffs)
• assembler/X86Assembler.h (modified) (3 diffs)
• config.h (modified) (2 diffs)
• jit/JITStubs.cpp (modified) (2 diffs)
• jit/JITStubs.h (modified) (1 diff)
• jit/JITStubsX86.h (modified) (2 diffs)
• jit/JITStubsX86Common.h (added)
• jit/JITStubsX86_64.h (modified) (2 diffs)

branches/dfgFourthTier/Source/JavaScriptCore/CMakeLists.txt

@@ -506 +506 @@
 elseif (WTF_CPU_MIPS)
 elseif (WTF_CPU_X86)
+    list(APPEND JavaScriptCore_SOURCES
+        assembler/MacroAssemblerX86Common.cpp
+    )
 elseif (WTF_CPU_X86_64)
+    list(APPEND JavaScriptCore_SOURCES
+        assembler/MacroAssemblerX86Common.cpp
+    )
 else ()
     message(FATAL_ERROR "Unknown CPU")

branches/dfgFourthTier/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2013-05-16  Mark Lam  <mark.lam@apple.com>
+
+        Implement a probe mechanism for JIT generated code.
+        https://bugs.webkit.org/show_bug.cgi?id=115705.
+
+        Reviewed by Geoffrey Garen.
+
+        The probe is in the form of a MacroAssembler pseudo instruction.
+        It takes 3 arguments: a ProbeFunction, and 2 void* args.
+
+        When inserted into the JIT at some code generation site, the probe
+        pseudo "instruction" will emit a minimal amount of code to save the
+        stack pointer, 1 (or more) scratch register(s), and the probe
+        arguments into a ProbeContext record on the stack. The emitted code
+        will then call a probe trampoline to do the rest of the work, which
+        consists of:
+        1. saving the remaining registers into the ProbeContext.
+        2. calling the ProbeFunction, and passing it the ProbeContext pointer.
+        3. restoring the registers from the ProbeContext after the ProbeFunction
+           returns, and then returning to the JIT generated code.
+
+        The ProbeContext is stack allocated and is only valid for the duration
+        that the ProbeFunction is executing.
+
+        If the user supplied ProbeFunction alters the register values in the
+        ProbeContext, the new values will be installed into the registers upon
+        returning from the probe. This can be useful for some debugging or
+        testing purposes.
+
+        The probe mechanism is built conditional on USE(MASM_PROBE) which is
+        defined in config.h. USE(MASM_PROBE) will off by default.
+
+        This changeset only implements the probe mechanism for X86 and X86_64.
+
+        * CMakeLists.txt:
+        * GNUmakefile.list.am:
+        * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
+        * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
+        * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
+        * JavaScriptCore.xcodeproj/project.pbxproj:
+        * Target.pri:
+        * assembler/MacroAssembler.h:
+        (MacroAssembler):
+        (JSC::MacroAssembler::shouldBlind):
+        (JSC::MacroAssembler::store32):
+        * assembler/MacroAssemblerX86.h:
+        (MacroAssemblerX86):
+        (JSC::MacroAssemblerX86::trustedImm32FromPtr):
+        (JSC::MacroAssemblerX86::probe):
+        * assembler/MacroAssemblerX86Common.cpp: Added.
+        (JSC::MacroAssemblerX86Common::ProbeContext::dumpCPURegisters):
+        - CPU specific register dumper called by ProbeContext::dump().
+        (JSC::MacroAssemblerX86Common::ProbeContext::dump):
+        - Prints the ProbeContext to the DataLog.
+        * assembler/MacroAssemblerX86Common.h:
+        (MacroAssemblerX86Common):
+        (CPUState): Added.
+        (ProbeContext): Added.
+        * assembler/MacroAssemblerX86_64.h:
+        (MacroAssemblerX86_64):
+        (JSC::MacroAssemblerX86_64::trustedImm64FromPtr):
+        (JSC::MacroAssemblerX86_64::probe):
+        * assembler/X86Assembler.h:
+        * config.h: Added WTF_USE_MASM_PROBE flag.
+        * jit/JITStubs.cpp:
+        * jit/JITStubs.h:
+        * jit/JITStubsX86.h:
+        * jit/JITStubsX86Common.h: Added.
+        * jit/JITStubsX86_64.h:
+
 2013-05-15  Mark Lam  <mark.lam@apple.com>
 

branches/dfgFourthTier/Source/JavaScriptCore/GNUmakefile.list.am

@@ -81 +81 @@
         Source/JavaScriptCore/assembler/MacroAssemblerSH4.h \
         Source/JavaScriptCore/assembler/MacroAssemblerX86.h \
+        Source/JavaScriptCore/assembler/MacroAssemblerX86Common.cpp \
         Source/JavaScriptCore/assembler/MacroAssemblerX86Common.h \
         Source/JavaScriptCore/assembler/MacroAssemblerX86_64.h \

branches/dfgFourthTier/Source/JavaScriptCore/JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj

@@ -2043 +2043 @@
                         </File>
                         <File
+                                RelativePath="..\..\assembler\MacroAssemblerX86Common.cpp"
+                                >
+                        </File>
+                        <File
                                 RelativePath="..\..\assembler\MacroAssemblerX86Common.h"
                                 >
@@ -2244 +2248 @@
                         <File
                                 RelativePath="..\..\jit\JITStubsX86.h"
+                                >
+                        </File>
+                        <File
+                                RelativePath="..\..\jit\JITStubsX86Common.h"
                                 >
                         </File>

branches/dfgFourthTier/Source/JavaScriptCore/JavaScriptCore.vcxproj/JavaScriptCore.vcxproj

@@ -162 +162 @@
     <ClCompile Include="..\assembler\LinkBuffer.cpp" />
     <ClCompile Include="..\assembler\MacroAssembler.cpp" />
+    <ClInclude Include="..\assembler\MacroAssemblerX86Common.cpp" />
     <ClCompile Include="..\bytecode\ArrayAllocationProfile.cpp" />
     <ClCompile Include="..\bytecode\ArrayProfile.cpp" />
@@ -570 +571 @@
     <ClInclude Include="..\jit\JITStubs.h" />
     <ClInclude Include="..\jit\JITStubsX86.h" />
+    <ClInclude Include="..\jit\JITStubsX86Common.h" />
     <ClInclude Include="..\jit\JITStubsX86_64.h" />
     <ClInclude Include="..\jit\JITThunks.h" />

branches/dfgFourthTier/Source/JavaScriptCore/JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters

@@ -103 +103 @@
       <Filter>assembler</Filter>
     </ClCompile>
+    <ClCompile Include="..\assembler\MacroAssemblerX86Common.cpp">
+      <Filter>assembler</Filter>
+    </ClCompile>
     <ClCompile Include="..\bytecode\ArrayAllocationProfile.cpp">
       <Filter>bytecode</Filter>
@@ -1252 +1255 @@
     </ClInclude>
     <ClInclude Include="..\jit\JITStubs.h">
+      <Filter>jit</Filter>
+    </ClInclude>
+    <ClInclude Include="..\jit\JITStubsX86.h">
+      <Filter>jit</Filter>
+    </ClInclude>
+    <ClInclude Include="..\jit\JITStubsX86Common.h">
+      <Filter>jit</Filter>
+    </ClInclude>
+    <ClInclude Include="..\jit\JITStubsX86_64.h">
       <Filter>jit</Filter>
     </ClInclude>

branches/dfgFourthTier/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj

@@ -949 +949 @@
                 FE4A331F15BD2E07006F54F3 /* VMInspector.cpp in Sources */ = {isa = PBXBuildFile; fileRef = FE4A331D15BD2E07006F54F3 /* VMInspector.cpp */; };
                 FE4A332015BD2E07006F54F3 /* VMInspector.h in Headers */ = {isa = PBXBuildFile; fileRef = FE4A331E15BD2E07006F54F3 /* VMInspector.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                FE940322174442590047CF6E /* JITStubsX86Common.h in Headers */ = {isa = PBXBuildFile; fileRef = FE940321174442590047CF6E /* JITStubsX86Common.h */; settings = {ATTRIBUTES = (Private, ); }; };
+                FECE74571745456500FF9300 /* MacroAssemblerX86Common.cpp in Sources */ = {isa = PBXBuildFile; fileRef = FECE74561745456500FF9300 /* MacroAssemblerX86Common.cpp */; };
                 FED287B215EC9A5700DA8161 /* LLIntOpcode.h in Headers */ = {isa = PBXBuildFile; fileRef = FED287B115EC9A5700DA8161 /* LLIntOpcode.h */; settings = {ATTRIBUTES = (Private, ); }; };
                 FEF6835E174343CC00A32E25 /* JITStubsARM.h in Headers */ = {isa = PBXBuildFile; fileRef = FEF6835A174343CC00A32E25 /* JITStubsARM.h */; settings = {ATTRIBUTES = (Private, ); }; };
@@ -1973 +1975 @@
                 FE4A331D15BD2E07006F54F3 /* VMInspector.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = VMInspector.cpp; sourceTree = "<group>"; };
                 FE4A331E15BD2E07006F54F3 /* VMInspector.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = VMInspector.h; sourceTree = "<group>"; };
+                FE940321174442590047CF6E /* JITStubsX86Common.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JITStubsX86Common.h; sourceTree = "<group>"; };
+                FECE74561745456500FF9300 /* MacroAssemblerX86Common.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = MacroAssemblerX86Common.cpp; sourceTree = "<group>"; };
                 FED287B115EC9A5700DA8161 /* LLIntOpcode.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = LLIntOpcode.h; path = llint/LLIntOpcode.h; sourceTree = "<group>"; };
                 FEF6835A174343CC00A32E25 /* JITStubsARM.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JITStubsARM.h; sourceTree = "<group>"; };
@@ -2304 +2308 @@
                                 FEF6835C174343CC00A32E25 /* JITStubsX86_64.h */,
                                 FEF6835D174343CC00A32E25 /* JITStubsX86.h */,
+                                FE940321174442590047CF6E /* JITStubsX86Common.h */,
                                 0F5EF91B16878F78003E5C25 /* JITThunks.cpp */,
                                 0F5EF91C16878F78003E5C25 /* JITThunks.h */,
@@ -3100 +3105 @@
                                 860161E00F3A83C100F84710 /* MacroAssemblerX86.h */,
                                 860161E10F3A83C100F84710 /* MacroAssemblerX86_64.h */,
+                                FECE74561745456500FF9300 /* MacroAssemblerX86Common.cpp */,
                                 860161E20F3A83C100F84710 /* MacroAssemblerX86Common.h */,
                                 86C568DF11A213EE0007F7F0 /* MIPSAssembler.h */,
@@ -3230 +3236 @@
                                 FEF68360174343CC00A32E25 /* JITStubsX86_64.h in Headers */,
                                 FEF6835E174343CC00A32E25 /* JITStubsARM.h in Headers */,
+                                FE940322174442590047CF6E /* JITStubsX86Common.h in Headers */,
                                 FEF68361174343CC00A32E25 /* JITStubsX86.h in Headers */,
                                 86E3C61D167BABEE006D760A /* JSVirtualMachineInternal.h in Headers */,
@@ -4164 +4171 @@
                                 86EC9DD21328DF82002B2AD7 /* DFGSpeculativeJIT.cpp in Sources */,
                                 86880F1F14328BB900B08D42 /* DFGSpeculativeJIT32_64.cpp in Sources */,
+                                FECE74571745456500FF9300 /* MacroAssemblerX86Common.cpp in Sources */,
                                 86880F4D14353B2100B08D42 /* DFGSpeculativeJIT64.cpp in Sources */,
                                 0F63944015C75F1D006A597C /* DFGTypeCheckHoistingPhase.cpp in Sources */,

branches/dfgFourthTier/Source/JavaScriptCore/Target.pri

@@ -54 +54 @@
     assembler/MacroAssemblerARM.cpp \
     assembler/MacroAssemblerSH4.cpp \
+    assembler/MacroAssemblerX86Common.cpp \
     bytecode/ArrayAllocationProfile.cpp \
     bytecode/ArrayProfile.cpp \

branches/dfgFourthTier/Source/JavaScriptCore/assembler/MacroAssembler.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2008, 2012 Apple Inc. All rights reserved.
+ * Copyright (C) 2008, 2012, 2013 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -572 +572 @@
         return MacroAssemblerBase::branchTest8(cond, Address(address.base, address.offset), mask);
     }
-#else
+
+#else // !CPU(X86_64)
+
     void addPtr(RegisterID src, RegisterID dest)
     {
@@ -1068 +1070 @@
     }
 
-#endif
+#endif // ENABLE(JIT_CONSTANT_BLINDING)
 
 #endif // !CPU(X86_64)
@@ -1080 +1082 @@
         // if we've broken blinding during patch development.
         return true;
-#else
+#else // ENABLE(FORCED_JIT_BLINDING)
 
         // First off we'll special case common, "safe" values to avoid hurting
@@ -1101 +1103 @@
 
         return shouldBlindForSpecificArch(value);
-#endif
+#endif // ENABLE(FORCED_JIT_BLINDING)
     }
 
@@ -1272 +1274 @@
         store64(value, addressForPoke(index));
     }
-#endif
+#endif // CPU(X86_64)
     
     void store32(Imm32 imm, Address dest)
@@ -1281 +1283 @@
             store32(blind.value1, dest);
             xor32(blind.value2, dest);
-#else
+#else // CPU(X86) || CPU(X86_64)
             if (RegisterID scratchRegister = (RegisterID)scratchRegisterForBlinding()) {
                 loadXorBlindedConstant(xorBlindConstant(imm), scratchRegister);
@@ -1293 +1295 @@
                 store32(imm.asTrustedImm32(), dest);
             }
-#endif
+#endif // CPU(X86) || CPU(X86_64)
         } else
             store32(imm.asTrustedImm32(), dest);
@@ -1441 +1443 @@
         urshift32(src, trustedImm32ForShift(amount), dest);
     }
-#endif
+#endif // ENABLE(JIT_CONSTANT_BLINDING)
 };
 

branches/dfgFourthTier/Source/JavaScriptCore/assembler/MacroAssemblerX86.h

@@ -31 +31 @@
 #include "MacroAssemblerX86Common.h"
 
+#if USE(MASM_PROBE)
+#include <wtf/StdLibExtras.h>
+#endif
+
 namespace JSC {
 
@@ -288 +292 @@
     }
 
+#if USE(MASM_PROBE)
+    // This function emits code to preserve the CPUState (e.g. registers),
+    // call a user supplied probe function, and restore the CPUState before
+    // continuing with other JIT generated code.
+    //
+    // The user supplied probe function will be called with a single pointer to
+    // a ProbeContext struct (defined above) which contains, among other things,
+    // the preserved CPUState. This allows the user probe function to inspect
+    // the CPUState at that point in the JIT generated code.
+    //
+    // If the user probe function alters the register values in the ProbeContext,
+    // the altered values will be loaded into the CPU registers when the probe
+    // returns.
+    //
+    // The ProbeContext is stack allocated and is only valid for the duration
+    // of the call to the user probe function.
+
+    void probe(ProbeFunction, void* arg1 = 0, void* arg2 = 0);
+#endif // USE(MASM_PROBE)
+
 private:
     friend class LinkBuffer;
@@ -306 +330 @@
         X86Assembler::relinkCall(call.dataLocation(), destination.executableAddress());
     }
+
+#if USE(MASM_PROBE)
+    inline TrustedImm32 trustedImm32FromPtr(void* ptr)
+    {
+        return TrustedImm32(TrustedImmPtr(ptr));
+    }
+
+    inline TrustedImm32 trustedImm32FromPtr(ProbeFunction function)
+    {
+        return TrustedImm32(TrustedImmPtr(reinterpret_cast<void*>(function)));
+    }
+
+    inline TrustedImm32 trustedImm32FromPtr(void (*function)())
+    {
+        return TrustedImm32(TrustedImmPtr(reinterpret_cast<void*>(function)));
+    }
+#endif
 };
 
+#if USE(MASM_PROBE)
+
+extern "C" void ctiMasmProbeTrampoline();
+
+// What code is emitted for the probe?
+// ==================================
+// We want to keep the size of the emitted probe invocation code as compact as
+// possible to minimize the perturbation to the JIT generated code. However,
+// we also need to preserve the CPU registers and set up the ProbeContext to be
+// passed to the user probe function.
+//
+// Hence, we do only the minimum here to preserve the eax (to be used as a
+// scratch register) and esp registers, and pass the probe arguments. We'll let
+// the ctiMasmProbeTrampoline handle the rest of the probe invocation work
+// i.e. saving the CPUState (and setting up the ProbeContext), calling the user
+// probe function, and restoring the CPUState before returning to JIT generated
+// code.
+//
+// What values are in the saved registers?
+// ======================================
+// Conceptually, the saved registers should contain values as if the probe
+// is not present in the JIT generated code. Hence, they should contain values
+// that are expected at the start of the instruction immediately following the
+// probe.
+//
+// Specifcally, the saved esp will point to the stack position before we
+// push the ProbeContext frame. The saved eip will point to the address of
+// the instruction immediately following the probe. 
+
+inline void MacroAssemblerX86::probe(MacroAssemblerX86::ProbeFunction function, void* arg1, void* arg2)
+{
+    RegisterID esp = RegisterID::esp;
+    #define probeContextField(field) Address(esp, offsetof(ProbeContext, field))
+
+    // The X86_64 ABI specifies that the worse case stack alignment requirement
+    // is 32 bytes.
+    const int probeFrameSize = WTF::roundUpToMultipleOf(32, sizeof(ProbeContext));
+    sub32(TrustedImm32(probeFrameSize), esp);
+
+    store32(RegisterID::eax, probeContextField(cpu.eax));
+
+    move(TrustedImm32(probeFrameSize), RegisterID::eax);
+    add32(esp, RegisterID::eax);
+    store32(RegisterID::eax, probeContextField(cpu.esp));
+
+    store32(trustedImm32FromPtr(function), probeContextField(probeFunction));
+    store32(trustedImm32FromPtr(arg1), probeContextField(arg1));
+    store32(trustedImm32FromPtr(arg2), probeContextField(arg2));
+
+    move(trustedImm32FromPtr(ctiMasmProbeTrampoline), RegisterID::eax);
+    call(RegisterID::eax);
+
+    #undef probeContextField
+}
+#endif // USE(MASM_PROBE)
+
 } // namespace JSC
 

branches/dfgFourthTier/Source/JavaScriptCore/assembler/MacroAssemblerX86Common.h

@@ -34 +34 @@
 namespace JSC {
 
+struct JITStackFrame;
+
 class MacroAssemblerX86Common : public AbstractMacroAssembler<X86Assembler> {
 protected:
@@ -1437 +1439 @@
         return X86Assembler::maxJumpReplacementSize();
     }
+
+#if USE(MASM_PROBE)
+    struct CPUState {
+        #define DECLARE_REGISTER(_type, _regName) \
+            _type _regName;
+        FOR_EACH_CPU_REGISTER(DECLARE_REGISTER)
+        #undef DECLARE_REGISTER
+    };
+
+    struct ProbeContext;
+    typedef void (*ProbeFunction)(struct ProbeContext*);
+
+    struct ProbeContext {
+        ProbeFunction probeFunction;
+        void* arg1;
+        void* arg2;
+        JITStackFrame* jitStackFrame;
+        CPUState cpu;
+
+        void dump(const char* indentation = 0);
+    private:
+        void dumpCPURegisters(const char* indentation);
+    };
+#endif // USE(MASM_PROBE)
 
 protected:

branches/dfgFourthTier/Source/JavaScriptCore/assembler/MacroAssemblerX86_64.h

@@ -31 +31 @@
 #include "MacroAssemblerX86Common.h"
 
+#if USE(MASM_PROBE)
+#include <wtf/StdLibExtras.h>
+#endif
+
 #define REPTACH_OFFSET_CALL_R11 3
 
@@ -613 +617 @@
     }
 
+#if USE(MASM_PROBE)
+    // This function emits code to preserve the CPUState (e.g. registers),
+    // call a user supplied probe function, and restore the CPUState before
+    // continuing with other JIT generated code.
+    //
+    // The user supplied probe function will be called with a single pointer to
+    // a ProbeContext struct (defined above) which contains, among other things,
+    // the preserved CPUState. This allows the user probe function to inspect
+    // the CPUState at that point in the JIT generated code.
+    //
+    // If the user probe function alters the register values in the ProbeContext,
+    // the altered values will be loaded into the CPU registers when the probe
+    // returns.
+    //
+    // The ProbeContext is stack allocated and is only valid for the duration
+    // of the call to the user probe function.
+
+    void probe(ProbeFunction, void* arg1 = 0, void* arg2 = 0);
+#endif // USE(MASM_PROBE)
+
 private:
     friend class LinkBuffer;
@@ -635 +659 @@
     }
 
+#if USE(MASM_PROBE)
+    inline TrustedImm64 trustedImm64FromPtr(void* ptr)
+    {
+        return TrustedImm64(TrustedImmPtr(ptr));
+    }
+
+    inline TrustedImm64 trustedImm64FromPtr(ProbeFunction function)
+    {
+        return TrustedImm64(TrustedImmPtr(reinterpret_cast<void*>(function)));
+    }
+
+    inline TrustedImm64 trustedImm64FromPtr(void (*function)())
+    {
+        return TrustedImm64(TrustedImmPtr(reinterpret_cast<void*>(function)));
+    }
+#endif
 };
 
+#if USE(MASM_PROBE)
+
+extern "C" void ctiMasmProbeTrampoline();
+
+// What code is emitted for the probe?
+// ==================================
+// We want to keep the size of the emitted probe invocation code as compact as
+// possible to minimize the perturbation to the JIT generated code. However,
+// we also need to preserve the CPU registers and set up the ProbeContext to be
+// passed to the user probe function.
+//
+// Hence, we do only the minimum here to preserve the rax (to be used as a
+// scratch register) and rsp registers, and pass the probe arguments. We'll let
+// the ctiMasmProbeTrampoline handle the rest of the probe invocation work
+// i.e. saving the CPUState (and setting up the ProbeContext), calling the user
+// probe function, and restoring the CPUState before returning to JIT generated
+// code.
+//
+// What values are in the saved registers?
+// ======================================
+// Conceptually, the saved registers should contain values as if the probe
+// is not present in the JIT generated code. Hence, they should contain values
+// that are expected at the start of the instruction immediately following the
+// probe.
+//
+// Specifcally, the saved rsp will point to the stack position before we
+// push the ProbeContext frame. The saved rip will point to the address of
+// the instruction immediately following the probe. 
+
+inline void MacroAssemblerX86_64::probe(MacroAssemblerX86_64::ProbeFunction function, void* arg1, void* arg2)
+{
+    RegisterID esp = RegisterID::esp;
+    #define probeContextField(field) Address(esp, offsetof(ProbeContext, field))
+
+    // The X86_64 ABI specifies that the worse case stack alignment requirement
+    // is 32 bytes.
+    const int probeFrameSize = WTF::roundUpToMultipleOf(32, sizeof(ProbeContext));
+    sub64(TrustedImm32(probeFrameSize), esp);
+
+    store64(RegisterID::eax, probeContextField(cpu.eax));
+
+    move(TrustedImm32(probeFrameSize), RegisterID::eax);
+    add64(esp, RegisterID::eax);
+    store64(RegisterID::eax, probeContextField(cpu.esp));
+
+    store64(trustedImm64FromPtr(function), probeContextField(probeFunction));
+    store64(trustedImm64FromPtr(arg1), probeContextField(arg1));
+    store64(trustedImm64FromPtr(arg2), probeContextField(arg2));
+
+    move(trustedImm64FromPtr(ctiMasmProbeTrampoline), RegisterID::eax);
+    call(RegisterID::eax);
+
+    #undef probeContextField
+}
+#endif // USE(MASM_PROBE)
+
 } // namespace JSC
 

branches/dfgFourthTier/Source/JavaScriptCore/assembler/X86Assembler.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2008, 2012 Apple Inc. All rights reserved.
+ * Copyright (C) 2008, 2012, 2013 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -35 +35 @@
 #include <wtf/Vector.h>
 
+#if USE(MASM_PROBE)
+#include <xmmintrin.h>
+#endif
+
 namespace JSC {
 
@@ -72 +76 @@
         xmm7,
     } XMMRegisterID;
+
+#if USE(MASM_PROBE)
+    #define FOR_EACH_CPU_REGISTER(V) \
+        FOR_EACH_CPU_GPREGISTER(V) \
+        FOR_EACH_CPU_FPREGISTER(V)
+
+    #define FOR_EACH_CPU_GPREGISTER(V) \
+        V(void*, eax) \
+        V(void*, ecx) \
+        V(void*, edx) \
+        V(void*, ebx) \
+        V(void*, esp) \
+        V(void*, ebp) \
+        V(void*, esi) \
+        V(void*, edi) \
+        FOR_EACH_X86_64_CPU_GPREGISTER(V) \
+        V(void*, eip)
+
+    #define FOR_EACH_CPU_FPREGISTER(V) \
+        V(__m128, xmm0) \
+        V(__m128, xmm1) \
+        V(__m128, xmm2) \
+        V(__m128, xmm3) \
+        V(__m128, xmm4) \
+        V(__m128, xmm5) \
+        V(__m128, xmm6) \
+        V(__m128, xmm7)
+
+#if CPU(X86)
+    #define FOR_EACH_X86_64_CPU_GPREGISTER(V) // Nothing to add.
+#elif CPU(X86_64)
+    #define FOR_EACH_X86_64_CPU_GPREGISTER(V) \
+        V(void*, r8) \
+        V(void*, r9) \
+        V(void*, r10) \
+        V(void*, r11) \
+        V(void*, r12) \
+        V(void*, r13) \
+        V(void*, r14) \
+        V(void*, r15)
+#endif // CPU(X86_64)
+#endif // USE(MASM_PROBE)
 }
 

branches/dfgFourthTier/Source/JavaScriptCore/config.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2006, 2007, 2008 Apple Inc. All rights reserved.
+ * Copyright (C) 2006, 2007, 2008, 2013 Apple Inc. All rights reserved.
  * Copyright (C) 2006 Samuel Weinig <sam.weinig@gmail.com>
  *
@@ -77 +77 @@
 #define SKIP_STATIC_CONSTRUCTORS_ON_GCC 1
 #endif
+
+// Enable the following if you want to use the MacroAssembler::probe() facility
+// to do JIT debugging.
+#define WTF_USE_MASM_PROBE 0
+

branches/dfgFourthTier/Source/JavaScriptCore/jit/JITStubs.cpp

@@ -34 +34 @@
 #include "JITStubs.h"
 
-#include "CommonSlowPaths.h"
 #include "Arguments.h"
 #include "ArrayConstructor.h"
@@ -40 +39 @@
 #include "CodeBlock.h"
 #include "CodeProfiling.h"
+#include "CommonSlowPaths.h"
 #include "DFGOSREntry.h"
 #include "Debugger.h"

branches/dfgFourthTier/Source/JavaScriptCore/jit/JITStubs.h

@@ -317 +317 @@
         && returnAddress.value() < bitwise_cast<void*>(&ctiTrampolineEnd);
 }
+#endif
+
+#if USE(MASM_PROBE)
+extern "C" void ctiMasmProbeTrampoline();
 #endif
 

branches/dfgFourthTier/Source/JavaScriptCore/jit/JITStubsX86.h

@@ -32 +32 @@
 #define JITStubsX86_h
 
+#include "JITStubsX86Common.h"
+
 #if !CPU(X86)
 #error "JITStubsX86.h should only be #included if CPU(X86)"
@@ -96 +98 @@
 );
 
+#if USE(MASM_PROBE)
+asm (
+".globl " SYMBOL_STRING(ctiMasmProbeTrampoline) "\n"
+HIDE_SYMBOL(ctiMasmProbeTrampoline) "\n"
+SYMBOL_STRING(ctiMasmProbeTrampoline) ":" "\n"
+
+    // MacroAssembler::probe() has already generated code to save/store the
+    // values for eax and esp in the ProbeContext. Save/store the remaining
+    // registers here.
+
+    "popl %eax" "\n"
+    "movl %eax, " STRINGIZE_VALUE_OF(PROBE_CPU_EIP_OFFSET) "(%esp)" "\n"
+
+    "movl %ebp, " STRINGIZE_VALUE_OF(PROBE_CPU_EBP_OFFSET) "(%esp)" "\n"
+    "movl %esp, %ebp" "\n" // Save the ProbeContext*.
+
+    "movl %ecx, " STRINGIZE_VALUE_OF(PROBE_CPU_ECX_OFFSET) "(%ebp)" "\n"
+    "movl %edx, " STRINGIZE_VALUE_OF(PROBE_CPU_EDX_OFFSET) "(%ebp)" "\n"
+    "movl %ebx, " STRINGIZE_VALUE_OF(PROBE_CPU_EBX_OFFSET) "(%ebp)" "\n"
+    "movl %esi, " STRINGIZE_VALUE_OF(PROBE_CPU_ESI_OFFSET) "(%ebp)" "\n"
+    "movl %edi, " STRINGIZE_VALUE_OF(PROBE_CPU_EDI_OFFSET) "(%ebp)" "\n"
+
+    "movdqa %xmm0, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM0_OFFSET) "(%ebp)" "\n"
+    "movdqa %xmm1, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM1_OFFSET) "(%ebp)" "\n"
+    "movdqa %xmm2, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM2_OFFSET) "(%ebp)" "\n"
+    "movdqa %xmm3, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM3_OFFSET) "(%ebp)" "\n"
+    "movdqa %xmm4, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM4_OFFSET) "(%ebp)" "\n"
+    "movdqa %xmm5, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM5_OFFSET) "(%ebp)" "\n"
+    "movdqa %xmm6, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM6_OFFSET) "(%ebp)" "\n"
+    "movdqa %xmm7, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM7_OFFSET) "(%ebp)" "\n"
+
+    "movl " STRINGIZE_VALUE_OF(PROBE_CPU_ESP_OFFSET) "(%ebp), %eax" "\n"
+    "movl %eax, " STRINGIZE_VALUE_OF(PROBE_JIT_STACK_FRAME_OFFSET) "(%ebp)" "\n"
+
+    // Reserve stack space for the arg while maintaining the required stack
+    // pointer 32 byte alignment:
+    "subl $0x20, %esp" "\n"
+    "movl %ebp, 0(%esp)" "\n" // the ProbeContext* arg.
+
+    "call *" STRINGIZE_VALUE_OF(PROBE_PROBE_FUNCTION_OFFSET) "(%ebp)" "\n"
+
+    // To enable probes to modify register state, we copy all regiesters
+    // out of the ProbeContext before returning.
+
+    "movl " STRINGIZE_VALUE_OF(PROBE_CPU_EAX_OFFSET) "(%ebp), %eax" "\n"
+    "movl " STRINGIZE_VALUE_OF(PROBE_CPU_ECX_OFFSET) "(%ebp), %ecx" "\n"
+    "movl " STRINGIZE_VALUE_OF(PROBE_CPU_EDX_OFFSET) "(%ebp), %edx" "\n"
+    "movl " STRINGIZE_VALUE_OF(PROBE_CPU_EBX_OFFSET) "(%ebp), %ebx" "\n"
+    "movl " STRINGIZE_VALUE_OF(PROBE_CPU_ESP_OFFSET) "(%ebp), %esp" "\n"
+    "movl " STRINGIZE_VALUE_OF(PROBE_CPU_ESI_OFFSET) "(%ebp), %esi" "\n"
+    "movl " STRINGIZE_VALUE_OF(PROBE_CPU_EDI_OFFSET) "(%ebp), %edi" "\n"
+
+    "movdqa " STRINGIZE_VALUE_OF(PROBE_CPU_XMM0_OFFSET) "(%ebp), %xmm0" "\n"
+    "movdqa " STRINGIZE_VALUE_OF(PROBE_CPU_XMM1_OFFSET) "(%ebp), %xmm1" "\n"
+    "movdqa " STRINGIZE_VALUE_OF(PROBE_CPU_XMM2_OFFSET) "(%ebp), %xmm2" "\n"
+    "movdqa " STRINGIZE_VALUE_OF(PROBE_CPU_XMM3_OFFSET) "(%ebp), %xmm3" "\n"
+    "movdqa " STRINGIZE_VALUE_OF(PROBE_CPU_XMM4_OFFSET) "(%ebp), %xmm4" "\n"
+    "movdqa " STRINGIZE_VALUE_OF(PROBE_CPU_XMM5_OFFSET) "(%ebp), %xmm5" "\n"
+    "movdqa " STRINGIZE_VALUE_OF(PROBE_CPU_XMM6_OFFSET) "(%ebp), %xmm6" "\n"
+    "movdqa " STRINGIZE_VALUE_OF(PROBE_CPU_XMM7_OFFSET) "(%ebp), %xmm7" "\n"
+
+    "pushl " STRINGIZE_VALUE_OF(PROBE_CPU_EIP_OFFSET) "(%ebp)" "\n"
+
+    "movl " STRINGIZE_VALUE_OF(PROBE_CPU_EBP_OFFSET) "(%ebp), %ebp" "\n"
+    "ret" "\n"
+);
+#endif // USE(MASM_PROBE)
+
 #endif // COMPILER(GCC)
 

branches/dfgFourthTier/Source/JavaScriptCore/jit/JITStubsX86_64.h

@@ -31 +31 @@
 #ifndef JITStubsX86_64_h
 #define JITStubsX86_64_h
+
+#include "JITStubsX86Common.h"
 
 #if !CPU(X86_64)
@@ -111 +113 @@
 );
 
+#if USE(MASM_PROBE)
+asm (
+".globl " SYMBOL_STRING(ctiMasmProbeTrampoline) "\n"
+HIDE_SYMBOL(ctiMasmProbeTrampoline) "\n"
+SYMBOL_STRING(ctiMasmProbeTrampoline) ":" "\n"
+
+    // MacroAssembler::probe() has already generated code to save/store the
+    // values for rax and rsp in the ProbeContext. Save/store the remaining
+    // registers here.
+
+    "popq %rax" "\n"
+    "movq %rax, " STRINGIZE_VALUE_OF(PROBE_CPU_EIP_OFFSET) "(%rsp)" "\n"
+
+    "movq %rbp, " STRINGIZE_VALUE_OF(PROBE_CPU_EBP_OFFSET) "(%rsp)" "\n"
+    "movq %rsp, %rbp" "\n" // Save the ProbeContext*.
+
+    "movq %rcx, " STRINGIZE_VALUE_OF(PROBE_CPU_ECX_OFFSET) "(%rbp)" "\n"
+    "movq %rdx, " STRINGIZE_VALUE_OF(PROBE_CPU_EDX_OFFSET) "(%rbp)" "\n"
+    "movq %rbx, " STRINGIZE_VALUE_OF(PROBE_CPU_EBX_OFFSET) "(%rbp)" "\n"
+    "movq %rsi, " STRINGIZE_VALUE_OF(PROBE_CPU_ESI_OFFSET) "(%rbp)" "\n"
+    "movq %rdi, " STRINGIZE_VALUE_OF(PROBE_CPU_EDI_OFFSET) "(%rbp)" "\n"
+
+    "movq %r8, " STRINGIZE_VALUE_OF(PROBE_CPU_R8_OFFSET) "(%rbp)" "\n"
+    "movq %r9, " STRINGIZE_VALUE_OF(PROBE_CPU_R9_OFFSET) "(%rbp)" "\n"
+    "movq %r10, " STRINGIZE_VALUE_OF(PROBE_CPU_R10_OFFSET) "(%rbp)" "\n"
+    "movq %r11, " STRINGIZE_VALUE_OF(PROBE_CPU_R11_OFFSET) "(%rbp)" "\n"
+    "movq %r12, " STRINGIZE_VALUE_OF(PROBE_CPU_R12_OFFSET) "(%rbp)" "\n"
+    "movq %r13, " STRINGIZE_VALUE_OF(PROBE_CPU_R13_OFFSET) "(%rbp)" "\n"
+    "movq %r14, " STRINGIZE_VALUE_OF(PROBE_CPU_R14_OFFSET) "(%rbp)" "\n"
+    "movq %r15, " STRINGIZE_VALUE_OF(PROBE_CPU_R15_OFFSET) "(%rbp)" "\n"
+
+    "movdqa %xmm0, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM0_OFFSET) "(%rbp)" "\n"
+    "movdqa %xmm1, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM1_OFFSET) "(%rbp)" "\n"
+    "movdqa %xmm2, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM2_OFFSET) "(%rbp)" "\n"
+    "movdqa %xmm3, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM3_OFFSET) "(%rbp)" "\n"
+    "movdqa %xmm4, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM4_OFFSET) "(%rbp)" "\n"
+    "movdqa %xmm5, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM5_OFFSET) "(%rbp)" "\n"
+    "movdqa %xmm6, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM6_OFFSET) "(%rbp)" "\n"
+    "movdqa %xmm7, " STRINGIZE_VALUE_OF(PROBE_CPU_XMM7_OFFSET) "(%rbp)" "\n"
+
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_ESP_OFFSET) "(%rbp), %rax" "\n"
+    "movq %rax, " STRINGIZE_VALUE_OF(PROBE_JIT_STACK_FRAME_OFFSET) "(%rbp)" "\n"
+
+    "movq %rbp, %rdi" "\n" // the ProbeContext* arg.
+    "call *" STRINGIZE_VALUE_OF(PROBE_PROBE_FUNCTION_OFFSET) "(%rbp)" "\n"
+
+    // To enable probes to modify register state, we copy all regiesters
+    // out of the ProbeContext before returning.
+
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_EAX_OFFSET) "(%rbp), %rax" "\n"
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_ECX_OFFSET) "(%rbp), %rcx" "\n"
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_EDX_OFFSET) "(%rbp), %rdx" "\n"
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_EBX_OFFSET) "(%rbp), %rbx" "\n"
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_ESP_OFFSET) "(%rbp), %rsp" "\n"
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_ESI_OFFSET) "(%rbp), %rsi" "\n"
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_EDI_OFFSET) "(%rbp), %rdi" "\n"
+
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_R8_OFFSET) "(%rbp), %r8" "\n"
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_R9_OFFSET) "(%rbp), %r9" "\n"
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_R10_OFFSET) "(%rbp), %r10" "\n"
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_R11_OFFSET) "(%rbp), %r11" "\n"
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_R12_OFFSET) "(%rbp), %r12" "\n"
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_R13_OFFSET) "(%rbp), %r13" "\n"
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_R14_OFFSET) "(%rbp), %r14" "\n"
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_R15_OFFSET) "(%rbp), %r15" "\n"
+
+    "movdqa " STRINGIZE_VALUE_OF(PROBE_CPU_XMM0_OFFSET) "(%rbp), %xmm0" "\n"
+    "movdqa " STRINGIZE_VALUE_OF(PROBE_CPU_XMM1_OFFSET) "(%rbp), %xmm1" "\n"
+    "movdqa " STRINGIZE_VALUE_OF(PROBE_CPU_XMM2_OFFSET) "(%rbp), %xmm2" "\n"
+    "movdqa " STRINGIZE_VALUE_OF(PROBE_CPU_XMM3_OFFSET) "(%rbp), %xmm3" "\n"
+    "movdqa " STRINGIZE_VALUE_OF(PROBE_CPU_XMM4_OFFSET) "(%rbp), %xmm4" "\n"
+    "movdqa " STRINGIZE_VALUE_OF(PROBE_CPU_XMM5_OFFSET) "(%rbp), %xmm5" "\n"
+    "movdqa " STRINGIZE_VALUE_OF(PROBE_CPU_XMM6_OFFSET) "(%rbp), %xmm6" "\n"
+    "movdqa " STRINGIZE_VALUE_OF(PROBE_CPU_XMM7_OFFSET) "(%rbp), %xmm7" "\n"
+
+    "pushq " STRINGIZE_VALUE_OF(PROBE_CPU_EIP_OFFSET) "(%rbp)" "\n"
+
+    "movq " STRINGIZE_VALUE_OF(PROBE_CPU_EBP_OFFSET) "(%rbp), %rbp" "\n"
+    "ret" "\n"
+);
+#endif // USE(MASM_PROBE)
+
 #endif // COMPILER(GCC)