2010-09-24 10:54:39 -07:00
|
|
|
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
|
|
|
|
|
* vim: set ts=4 sw=4 et tw=99:
|
|
|
|
|
*
|
|
|
|
|
* ***** BEGIN LICENSE BLOCK *****
|
|
|
|
|
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
|
|
|
|
|
*
|
|
|
|
|
* The contents of this file are subject to the Mozilla Public License Version
|
|
|
|
|
* 1.1 (the "License"); you may not use this file except in compliance with
|
|
|
|
|
* the License. You may obtain a copy of the License at
|
|
|
|
|
* http://www.mozilla.org/MPL/
|
|
|
|
|
*
|
|
|
|
|
* Software distributed under the License is distributed on an "AS IS" basis,
|
|
|
|
|
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
|
|
|
|
* for the specific language governing rights and limitations under the
|
|
|
|
|
* License.
|
|
|
|
|
*
|
|
|
|
|
* The Original Code is Mozilla SpiderMonkey JavaScript 1.9 code, released
|
|
|
|
|
* May 28, 2008.
|
|
|
|
|
*
|
|
|
|
|
* The Initial Developer of the Original Code is
|
|
|
|
|
* Mozilla Foundation
|
|
|
|
|
* Portions created by the Initial Developer are Copyright (C) 2010
|
|
|
|
|
* the Initial Developer. All Rights Reserved.
|
|
|
|
|
*
|
|
|
|
|
* Contributor(s):
|
|
|
|
|
*
|
|
|
|
|
* Alternatively, the contents of this file may be used under the terms of
|
|
|
|
|
* either of the GNU General Public License Version 2 or later (the "GPL"),
|
|
|
|
|
* or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
|
|
|
|
|
* in which case the provisions of the GPL or the LGPL are applicable instead
|
|
|
|
|
* of those above. If you wish to allow use of your version of this file only
|
|
|
|
|
* under the terms of either the GPL or the LGPL, and not to allow others to
|
|
|
|
|
* use your version of this file under the terms of the MPL, indicate your
|
|
|
|
|
* decision by deleting the provisions above and replace them with the notice
|
|
|
|
|
* and other provisions required by the GPL or the LGPL. If you do not delete
|
|
|
|
|
* the provisions above, a recipient may use your version of this file under
|
|
|
|
|
* the terms of any one of the MPL, the GPL or the LGPL.
|
|
|
|
|
*
|
|
|
|
|
* ***** END LICENSE BLOCK ***** */
|
|
|
|
|
|
2010-10-23 16:24:32 -07:00
|
|
|
#include "jscntxt.h"
|
2010-09-24 10:54:39 -07:00
|
|
|
#include "jscompartment.h"
|
|
|
|
|
#include "jsgc.h"
|
2011-04-15 16:56:08 -07:00
|
|
|
#include "jsgcmark.h"
|
2010-10-23 16:24:32 -07:00
|
|
|
#include "jsiter.h"
|
2011-06-09 01:12:21 -07:00
|
|
|
#include "jsmath.h"
|
2010-09-24 10:54:39 -07:00
|
|
|
#include "jsproxy.h"
|
|
|
|
|
#include "jsscope.h"
|
2010-12-22 12:02:25 -08:00
|
|
|
#include "jstracer.h"
|
2011-02-14 14:19:36 -08:00
|
|
|
#include "jswrapper.h"
|
2011-01-20 14:03:51 -08:00
|
|
|
#include "assembler/wtf/Platform.h"
|
2011-05-12 18:39:47 -07:00
|
|
|
#include "yarr/BumpPointerAllocator.h"
|
2010-10-29 15:37:13 -07:00
|
|
|
#include "methodjit/MethodJIT.h"
|
2010-09-24 10:54:39 -07:00
|
|
|
#include "methodjit/PolyIC.h"
|
|
|
|
|
#include "methodjit/MonoIC.h"
|
2011-07-27 16:03:34 -07:00
|
|
|
#include "vm/Debugger.h"
|
2010-09-24 10:54:39 -07:00
|
|
|
|
|
|
|
|
#include "jsgcinlines.h"
|
2011-03-13 19:20:06 -07:00
|
|
|
#include "jsscopeinlines.h"
|
2010-09-24 10:54:39 -07:00
|
|
|
|
2011-02-11 13:45:56 -08:00
|
|
|
#if ENABLE_YARR_JIT
|
|
|
|
|
#include "assembler/jit/ExecutableAllocator.h"
|
|
|
|
|
#endif
|
|
|
|
|
|
2010-09-24 10:54:39 -07:00
|
|
|
using namespace js;
|
|
|
|
|
using namespace js::gc;
|
|
|
|
|
|
|
|
|
|
JSCompartment::JSCompartment(JSRuntime *rt)
|
2010-12-23 15:10:25 -08:00
|
|
|
: rt(rt),
|
|
|
|
|
principals(NULL),
|
2011-01-07 23:44:57 -08:00
|
|
|
gcBytes(0),
|
|
|
|
|
gcTriggerBytes(0),
|
|
|
|
|
gcLastBytes(0),
|
2011-03-08 20:58:38 -08:00
|
|
|
hold(false),
|
2011-06-20 20:18:15 -07:00
|
|
|
#ifdef JS_TRACER
|
2011-06-20 19:47:04 -07:00
|
|
|
traceMonitor_(NULL),
|
2011-06-20 20:18:15 -07:00
|
|
|
#endif
|
2010-12-23 15:10:25 -08:00
|
|
|
data(NULL),
|
|
|
|
|
active(false),
|
2011-06-23 10:25:48 -07:00
|
|
|
hasDebugModeCodeToDrop(false),
|
2011-01-31 17:16:25 -08:00
|
|
|
#ifdef JS_METHODJIT
|
2011-06-21 16:16:23 -07:00
|
|
|
jaegerCompartment_(NULL),
|
2011-05-12 18:39:47 -07:00
|
|
|
#endif
|
|
|
|
|
#if ENABLE_YARR_JIT
|
|
|
|
|
regExpAllocator(NULL),
|
2011-01-31 17:16:25 -08:00
|
|
|
#endif
|
2011-02-25 13:07:29 -08:00
|
|
|
propertyTree(thisForCtor()),
|
2011-03-07 18:42:04 -08:00
|
|
|
emptyArgumentsShape(NULL),
|
|
|
|
|
emptyBlockShape(NULL),
|
|
|
|
|
emptyCallShape(NULL),
|
|
|
|
|
emptyDeclEnvShape(NULL),
|
|
|
|
|
emptyEnumeratorShape(NULL),
|
|
|
|
|
emptyWithShape(NULL),
|
2011-03-05 15:29:30 -08:00
|
|
|
initialRegExpShape(NULL),
|
2011-03-13 20:38:34 -07:00
|
|
|
initialStringShape(NULL),
|
Automatically turn debug mode on/off when adding/removing debuggees.
This allows most of the tests to run without the -d command-line flag.
Now a compartment is in debug mode if
* JSD1 wants debug mode on, thanks to a JS_SetDebugMode* call; OR
* JSD2 wants debug mode on, because a live Debug object has a debuggee
global in that compartment.
Since this patch only adds the second half of the rule, JSD1 should be
unaffected.
The new rule has three issues:
1. When removeDebuggee is called, it can cause debug mode to be turned
off for a compartment. If any scripts from that compartment are on
the stack, and the methodjit is enabled, returning to those stack
frames will crash.
2. When a Debug object is GC'd, it can cause debug mode to be turned off
for one or more compartments. This causes the same problem with
returning to deleted methodjit code, but the fix is different: such
Debug objects simply should not be GC'd.
3. Setting .enabled to false still does not turn off debug mode
anywhere, so it does not reduce overhead as much as it should.
A possible fix for issue #1 would be to make such removeDebuggee calls
throw; a different possibility is to turn off debug mode but leave all
the scripts alone, accepting the performance loss (as we do for JSD1 in
JSCompartment::setDebugModeFromC). The fix to issues #2 and #3 is to
tweak the rule--and to tweak the rule for Debug object GC-reachability.
--HG--
rename : js/src/jit-test/tests/debug/Debug-ctor.js => js/src/jit-test/tests/debug/Debug-ctor-01.js
2011-06-02 19:58:46 -07:00
|
|
|
debugModeBits(rt->debugMode * DebugFromC),
|
2011-06-28 14:06:34 -07:00
|
|
|
mathCache(NULL),
|
|
|
|
|
breakpointSites(rt)
|
2010-09-24 10:54:39 -07:00
|
|
|
{
|
|
|
|
|
JS_INIT_CLIST(&scripts);
|
2010-12-22 12:02:25 -08:00
|
|
|
|
2010-12-23 15:10:25 -08:00
|
|
|
PodArrayZero(scriptsToGC);
|
2010-09-24 10:54:39 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
JSCompartment::~JSCompartment()
|
|
|
|
|
{
|
2011-01-05 18:44:30 -08:00
|
|
|
#if ENABLE_YARR_JIT
|
Bug 634155: Account for NewCompartment's memory, and change allocation APIs (r=nnethercote)
This changes the allocation API, in the following way:
js_malloc -> {cx->,rt->,OffTheBooks::}malloc
js_calloc -> {cx->,rt->,OffTheBooks::}calloc
js_realloc -> {cx->,rt->,OffTheBooks::}realloc
js_free -> {cx->,rt->,Foreground::,UnwantedForeground::}free
js_new -> {cx->,rt->,OffTheBooks::}new_
js_new_array -> {cx->,rt->,OffTheBooks::}new_array
js_delete -> {cx->,rt->,Foreground::,UnwantedForeground::}delete_
This is to move as many allocations as possible through a JSContext (so that they may be aken into account by gcMallocBytes) and to move as many deallocations to the background as possible (except on error paths).
2011-03-31 01:13:49 -07:00
|
|
|
Foreground::delete_(regExpAllocator);
|
2011-01-05 18:44:30 -08:00
|
|
|
#endif
|
|
|
|
|
|
2010-10-29 15:37:13 -07:00
|
|
|
#ifdef JS_METHODJIT
|
2011-06-21 16:16:23 -07:00
|
|
|
Foreground::delete_(jaegerCompartment_);
|
2010-10-29 15:37:13 -07:00
|
|
|
#endif
|
2010-12-22 12:02:25 -08:00
|
|
|
|
2011-06-20 19:47:04 -07:00
|
|
|
#ifdef JS_TRACER
|
|
|
|
|
Foreground::delete_(traceMonitor_);
|
2010-10-29 15:37:13 -07:00
|
|
|
#endif
|
2010-12-22 12:02:25 -08:00
|
|
|
|
Bug 634155: Account for NewCompartment's memory, and change allocation APIs (r=nnethercote)
This changes the allocation API, in the following way:
js_malloc -> {cx->,rt->,OffTheBooks::}malloc
js_calloc -> {cx->,rt->,OffTheBooks::}calloc
js_realloc -> {cx->,rt->,OffTheBooks::}realloc
js_free -> {cx->,rt->,Foreground::,UnwantedForeground::}free
js_new -> {cx->,rt->,OffTheBooks::}new_
js_new_array -> {cx->,rt->,OffTheBooks::}new_array
js_delete -> {cx->,rt->,Foreground::,UnwantedForeground::}delete_
This is to move as many allocations as possible through a JSContext (so that they may be aken into account by gcMallocBytes) and to move as many deallocations to the background as possible (except on error paths).
2011-03-31 01:13:49 -07:00
|
|
|
Foreground::delete_(mathCache);
|
2010-12-23 15:10:25 -08:00
|
|
|
|
2010-12-22 12:02:25 -08:00
|
|
|
#ifdef DEBUG
|
|
|
|
|
for (size_t i = 0; i != JS_ARRAY_LENGTH(scriptsToGC); ++i)
|
|
|
|
|
JS_ASSERT(!scriptsToGC[i]);
|
|
|
|
|
#endif
|
2010-09-24 10:54:39 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool
|
|
|
|
|
JSCompartment::init()
|
|
|
|
|
{
|
|
|
|
|
chunk = NULL;
|
2010-10-13 11:49:22 -07:00
|
|
|
for (unsigned i = 0; i < FINALIZE_LIMIT; i++)
|
|
|
|
|
arenas[i].init();
|
2011-05-19 12:01:08 -07:00
|
|
|
freeLists.init();
|
2010-10-29 15:37:13 -07:00
|
|
|
if (!crossCompartmentWrappers.init())
|
|
|
|
|
return false;
|
|
|
|
|
|
2011-07-14 16:02:12 -07:00
|
|
|
if (!scriptFilenameTable.init())
|
2010-10-29 15:37:13 -07:00
|
|
|
return false;
|
|
|
|
|
|
2011-05-12 18:39:47 -07:00
|
|
|
regExpAllocator = rt->new_<WTF::BumpPointerAllocator>();
|
2011-01-05 18:44:30 -08:00
|
|
|
if (!regExpAllocator)
|
|
|
|
|
return false;
|
|
|
|
|
|
2011-02-11 16:31:32 -08:00
|
|
|
if (!backEdgeTable.init())
|
|
|
|
|
return false;
|
|
|
|
|
|
2011-06-28 14:06:34 -07:00
|
|
|
return debuggees.init() && breakpointSites.init();
|
2010-09-24 10:54:39 -07:00
|
|
|
}
|
|
|
|
|
|
2011-05-03 17:12:58 -07:00
|
|
|
#ifdef JS_METHODJIT
|
2011-06-21 16:16:23 -07:00
|
|
|
bool
|
|
|
|
|
JSCompartment::ensureJaegerCompartmentExists(JSContext *cx)
|
|
|
|
|
{
|
|
|
|
|
if (jaegerCompartment_)
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
mjit::JaegerCompartment *jc = cx->new_<mjit::JaegerCompartment>();
|
|
|
|
|
if (!jc)
|
2010-10-29 15:37:13 -07:00
|
|
|
return false;
|
2011-06-21 16:16:23 -07:00
|
|
|
if (!jc->Initialize()) {
|
|
|
|
|
cx->delete_(jc);
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
jaegerCompartment_ = jc;
|
2011-05-22 03:09:28 -07:00
|
|
|
return true;
|
2010-09-24 10:54:39 -07:00
|
|
|
}
|
|
|
|
|
|
2011-05-03 17:12:58 -07:00
|
|
|
size_t
|
|
|
|
|
JSCompartment::getMjitCodeSize() const
|
|
|
|
|
{
|
2011-06-21 16:16:23 -07:00
|
|
|
return jaegerCompartment_ ? jaegerCompartment_->execAlloc()->getCodeSize() : 0;
|
2011-05-03 17:12:58 -07:00
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2010-09-24 10:54:39 -07:00
|
|
|
bool
|
|
|
|
|
JSCompartment::arenaListsAreEmpty()
|
|
|
|
|
{
|
2010-10-13 11:49:22 -07:00
|
|
|
for (unsigned i = 0; i < FINALIZE_LIMIT; i++) {
|
2011-04-25 13:05:30 -07:00
|
|
|
if (!arenas[i].isEmpty())
|
2010-09-24 10:54:39 -07:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2011-02-14 14:19:36 -08:00
|
|
|
static bool
|
|
|
|
|
IsCrossCompartmentWrapper(JSObject *wrapper)
|
|
|
|
|
{
|
2011-02-15 11:17:14 -08:00
|
|
|
return wrapper->isWrapper() &&
|
|
|
|
|
!!(JSWrapper::wrapperHandler(wrapper)->flags() & JSWrapper::CROSS_COMPARTMENT);
|
2011-02-14 14:19:36 -08:00
|
|
|
}
|
|
|
|
|
|
2010-09-24 10:54:39 -07:00
|
|
|
bool
|
|
|
|
|
JSCompartment::wrap(JSContext *cx, Value *vp)
|
|
|
|
|
{
|
|
|
|
|
JS_ASSERT(cx->compartment == this);
|
|
|
|
|
|
|
|
|
|
uintN flags = 0;
|
|
|
|
|
|
|
|
|
|
JS_CHECK_RECURSION(cx, return false);
|
|
|
|
|
|
|
|
|
|
/* Only GC things have to be wrapped or copied. */
|
|
|
|
|
if (!vp->isMarkable())
|
|
|
|
|
return true;
|
|
|
|
|
|
2010-09-30 16:50:06 -07:00
|
|
|
if (vp->isString()) {
|
|
|
|
|
JSString *str = vp->toString();
|
|
|
|
|
|
2011-03-14 13:55:55 -07:00
|
|
|
/* Static atoms do not have to be wrapped. */
|
|
|
|
|
if (str->isStaticAtom())
|
2010-09-30 16:50:06 -07:00
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
/* If the string is already in this compartment, we are done. */
|
2011-03-14 13:59:53 -07:00
|
|
|
if (str->compartment() == this)
|
2010-09-30 16:50:06 -07:00
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
/* If the string is an atom, we don't have to copy. */
|
2011-03-14 13:55:55 -07:00
|
|
|
if (str->isAtom()) {
|
2011-03-14 13:59:53 -07:00
|
|
|
JS_ASSERT(str->compartment() == cx->runtime->atomsCompartment);
|
2010-09-30 16:50:06 -07:00
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
2010-09-24 10:54:39 -07:00
|
|
|
|
2010-10-10 15:36:38 -07:00
|
|
|
/*
|
|
|
|
|
* Wrappers should really be parented to the wrapped parent of the wrapped
|
|
|
|
|
* object, but in that case a wrapped global object would have a NULL
|
2011-03-14 15:37:04 -07:00
|
|
|
* parent without being a proper global object (JSCLASS_IS_GLOBAL). Instead
|
|
|
|
|
,
|
2010-10-10 15:36:38 -07:00
|
|
|
* we parent all wrappers to the global object in their home compartment.
|
|
|
|
|
* This loses us some transparency, and is generally very cheesy.
|
|
|
|
|
*/
|
2011-02-19 19:50:19 -08:00
|
|
|
JSObject *global;
|
2011-05-24 16:08:40 -07:00
|
|
|
if (cx->hasfp()) {
|
2011-02-19 19:50:19 -08:00
|
|
|
global = cx->fp()->scopeChain().getGlobal();
|
|
|
|
|
} else {
|
|
|
|
|
global = cx->globalObject;
|
2011-07-13 16:47:10 -07:00
|
|
|
if (!NULLABLE_OBJ_TO_INNER_OBJECT(cx, global))
|
2011-02-19 19:50:19 -08:00
|
|
|
return false;
|
|
|
|
|
}
|
2010-10-10 15:36:38 -07:00
|
|
|
|
2010-09-24 10:54:39 -07:00
|
|
|
/* Unwrap incoming objects. */
|
|
|
|
|
if (vp->isObject()) {
|
|
|
|
|
JSObject *obj = &vp->toObject();
|
|
|
|
|
|
|
|
|
|
/* If the object is already in this compartment, we are done. */
|
2010-09-30 16:50:06 -07:00
|
|
|
if (obj->compartment() == this)
|
2010-09-24 10:54:39 -07:00
|
|
|
return true;
|
|
|
|
|
|
2010-10-23 16:24:32 -07:00
|
|
|
/* Translate StopIteration singleton. */
|
|
|
|
|
if (obj->getClass() == &js_StopIterationClass)
|
|
|
|
|
return js_FindClassObject(cx, NULL, JSProto_StopIteration, vp);
|
|
|
|
|
|
2010-09-24 10:54:39 -07:00
|
|
|
/* Don't unwrap an outer window proxy. */
|
|
|
|
|
if (!obj->getClass()->ext.innerObject) {
|
|
|
|
|
obj = vp->toObject().unwrap(&flags);
|
|
|
|
|
vp->setObject(*obj);
|
2010-10-24 13:21:33 -07:00
|
|
|
if (obj->getCompartment() == this)
|
2010-10-10 15:36:38 -07:00
|
|
|
return true;
|
2010-09-28 17:02:43 -07:00
|
|
|
|
2011-01-07 09:19:54 -08:00
|
|
|
if (cx->runtime->preWrapObjectCallback) {
|
2010-10-10 15:36:38 -07:00
|
|
|
obj = cx->runtime->preWrapObjectCallback(cx, global, obj, flags);
|
2011-01-07 09:19:54 -08:00
|
|
|
if (!obj)
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2010-10-10 15:36:38 -07:00
|
|
|
|
|
|
|
|
vp->setObject(*obj);
|
2010-10-24 13:21:33 -07:00
|
|
|
if (obj->getCompartment() == this)
|
2010-09-28 17:02:43 -07:00
|
|
|
return true;
|
|
|
|
|
} else {
|
2011-01-07 09:19:54 -08:00
|
|
|
if (cx->runtime->preWrapObjectCallback) {
|
2010-10-10 15:47:22 -07:00
|
|
|
obj = cx->runtime->preWrapObjectCallback(cx, global, obj, flags);
|
2011-01-07 09:19:54 -08:00
|
|
|
if (!obj)
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2010-10-10 15:47:22 -07:00
|
|
|
|
2010-09-28 17:02:43 -07:00
|
|
|
JS_ASSERT(!obj->isWrapper() || obj->getClass()->ext.innerObject);
|
|
|
|
|
vp->setObject(*obj);
|
2010-09-24 10:54:39 -07:00
|
|
|
}
|
|
|
|
|
|
2010-10-10 15:36:38 -07:00
|
|
|
#ifdef DEBUG
|
|
|
|
|
{
|
|
|
|
|
JSObject *outer = obj;
|
|
|
|
|
OBJ_TO_OUTER_OBJECT(cx, outer);
|
|
|
|
|
JS_ASSERT(outer && outer == obj);
|
|
|
|
|
}
|
|
|
|
|
#endif
|
2010-09-24 10:54:39 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* If we already have a wrapper for this value, use it. */
|
|
|
|
|
if (WrapperMap::Ptr p = crossCompartmentWrappers.lookup(*vp)) {
|
|
|
|
|
*vp = p->value;
|
2011-02-14 14:19:36 -08:00
|
|
|
if (vp->isObject()) {
|
|
|
|
|
JSObject *obj = &vp->toObject();
|
|
|
|
|
JS_ASSERT(IsCrossCompartmentWrapper(obj));
|
|
|
|
|
if (obj->getParent() != global) {
|
|
|
|
|
do {
|
|
|
|
|
obj->setParent(global);
|
|
|
|
|
obj = obj->getProto();
|
|
|
|
|
} while (obj && IsCrossCompartmentWrapper(obj));
|
|
|
|
|
}
|
|
|
|
|
}
|
2010-09-24 10:54:39 -07:00
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (vp->isString()) {
|
|
|
|
|
Value orig = *vp;
|
|
|
|
|
JSString *str = vp->toString();
|
2010-12-06 10:26:58 -08:00
|
|
|
const jschar *chars = str->getChars(cx);
|
|
|
|
|
if (!chars)
|
|
|
|
|
return false;
|
|
|
|
|
JSString *wrapped = js_NewStringCopyN(cx, chars, str->length());
|
2010-09-24 10:54:39 -07:00
|
|
|
if (!wrapped)
|
|
|
|
|
return false;
|
|
|
|
|
vp->setString(wrapped);
|
|
|
|
|
return crossCompartmentWrappers.put(orig, *vp);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
JSObject *obj = &vp->toObject();
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Recurse to wrap the prototype. Long prototype chains will run out of
|
|
|
|
|
* stack, causing an error in CHECK_RECURSE.
|
|
|
|
|
*
|
|
|
|
|
* Wrapping the proto before creating the new wrapper and adding it to the
|
|
|
|
|
* cache helps avoid leaving a bad entry in the cache on OOM. But note that
|
|
|
|
|
* if we wrapped both proto and parent, we would get infinite recursion
|
|
|
|
|
* here (since Object.prototype->parent->proto leads to Object.prototype
|
|
|
|
|
* itself).
|
|
|
|
|
*/
|
|
|
|
|
JSObject *proto = obj->getProto();
|
|
|
|
|
if (!wrap(cx, &proto))
|
|
|
|
|
return false;
|
|
|
|
|
|
2010-09-17 14:54:40 -07:00
|
|
|
/*
|
|
|
|
|
* We hand in the original wrapped object into the wrap hook to allow
|
|
|
|
|
* the wrap hook to reason over what wrappers are currently applied
|
|
|
|
|
* to the object.
|
|
|
|
|
*/
|
|
|
|
|
JSObject *wrapper = cx->runtime->wrapObjectCallback(cx, obj, proto, global, flags);
|
|
|
|
|
if (!wrapper)
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
vp->setObject(*wrapper);
|
|
|
|
|
|
|
|
|
|
wrapper->setProto(proto);
|
|
|
|
|
if (!crossCompartmentWrappers.put(wrapper->getProxyPrivate(), *vp))
|
|
|
|
|
return false;
|
|
|
|
|
|
2010-09-24 10:54:39 -07:00
|
|
|
wrapper->setParent(global);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool
|
|
|
|
|
JSCompartment::wrap(JSContext *cx, JSString **strp)
|
|
|
|
|
{
|
|
|
|
|
AutoValueRooter tvr(cx, StringValue(*strp));
|
|
|
|
|
if (!wrap(cx, tvr.addr()))
|
|
|
|
|
return false;
|
|
|
|
|
*strp = tvr.value().toString();
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool
|
|
|
|
|
JSCompartment::wrap(JSContext *cx, JSObject **objp)
|
|
|
|
|
{
|
|
|
|
|
if (!*objp)
|
|
|
|
|
return true;
|
|
|
|
|
AutoValueRooter tvr(cx, ObjectValue(**objp));
|
|
|
|
|
if (!wrap(cx, tvr.addr()))
|
|
|
|
|
return false;
|
|
|
|
|
*objp = &tvr.value().toObject();
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool
|
|
|
|
|
JSCompartment::wrapId(JSContext *cx, jsid *idp)
|
|
|
|
|
{
|
|
|
|
|
if (JSID_IS_INT(*idp))
|
|
|
|
|
return true;
|
|
|
|
|
AutoValueRooter tvr(cx, IdToValue(*idp));
|
|
|
|
|
if (!wrap(cx, tvr.addr()))
|
|
|
|
|
return false;
|
|
|
|
|
return ValueToId(cx, tvr.value(), idp);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool
|
|
|
|
|
JSCompartment::wrap(JSContext *cx, PropertyOp *propp)
|
|
|
|
|
{
|
|
|
|
|
Value v = CastAsObjectJsval(*propp);
|
|
|
|
|
if (!wrap(cx, &v))
|
|
|
|
|
return false;
|
|
|
|
|
*propp = CastAsPropertyOp(v.toObjectOrNull());
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2011-02-09 11:31:40 -08:00
|
|
|
bool
|
|
|
|
|
JSCompartment::wrap(JSContext *cx, StrictPropertyOp *propp)
|
|
|
|
|
{
|
|
|
|
|
Value v = CastAsObjectJsval(*propp);
|
|
|
|
|
if (!wrap(cx, &v))
|
|
|
|
|
return false;
|
|
|
|
|
*propp = CastAsStrictPropertyOp(v.toObjectOrNull());
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2010-09-24 10:54:39 -07:00
|
|
|
bool
|
|
|
|
|
JSCompartment::wrap(JSContext *cx, PropertyDescriptor *desc)
|
|
|
|
|
{
|
|
|
|
|
return wrap(cx, &desc->obj) &&
|
|
|
|
|
(!(desc->attrs & JSPROP_GETTER) || wrap(cx, &desc->getter)) &&
|
|
|
|
|
(!(desc->attrs & JSPROP_SETTER) || wrap(cx, &desc->setter)) &&
|
|
|
|
|
wrap(cx, &desc->value);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool
|
|
|
|
|
JSCompartment::wrap(JSContext *cx, AutoIdVector &props)
|
|
|
|
|
{
|
|
|
|
|
jsid *vector = props.begin();
|
|
|
|
|
jsint length = props.length();
|
|
|
|
|
for (size_t n = 0; n < size_t(length); ++n) {
|
|
|
|
|
if (!wrapId(cx, &vector[n]))
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2011-01-06 06:13:48 -08:00
|
|
|
#if defined JS_METHODJIT && defined JS_MONOIC
|
2010-12-17 16:33:04 -08:00
|
|
|
/*
|
|
|
|
|
* Check if the pool containing the code for jit should be destroyed, per the
|
|
|
|
|
* heuristics in JSCompartment::sweep.
|
|
|
|
|
*/
|
|
|
|
|
static inline bool
|
|
|
|
|
ScriptPoolDestroyed(JSContext *cx, mjit::JITScript *jit,
|
|
|
|
|
uint32 releaseInterval, uint32 &counter)
|
|
|
|
|
{
|
|
|
|
|
JSC::ExecutablePool *pool = jit->code.m_executablePool;
|
|
|
|
|
if (pool->m_gcNumber != cx->runtime->gcNumber) {
|
|
|
|
|
/*
|
|
|
|
|
* The m_destroy flag may have been set in a previous GC for a pool which had
|
|
|
|
|
* references we did not remove (e.g. from the compartment's ExecutableAllocator)
|
|
|
|
|
* and is still around. Forget we tried to destroy it in such cases.
|
|
|
|
|
*/
|
|
|
|
|
pool->m_destroy = false;
|
|
|
|
|
pool->m_gcNumber = cx->runtime->gcNumber;
|
|
|
|
|
if (--counter == 0) {
|
|
|
|
|
pool->m_destroy = true;
|
|
|
|
|
counter = releaseInterval;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return pool->m_destroy;
|
|
|
|
|
}
|
2011-01-06 06:13:48 -08:00
|
|
|
#endif
|
2010-12-17 16:33:04 -08:00
|
|
|
|
2011-02-04 10:59:07 -08:00
|
|
|
/*
|
|
|
|
|
* This method marks pointers that cross compartment boundaries. It should be
|
2011-03-08 20:58:38 -08:00
|
|
|
* called only for per-compartment GCs, since full GCs naturally follow pointers
|
2011-02-04 10:59:07 -08:00
|
|
|
* across compartments.
|
|
|
|
|
*/
|
2011-01-07 23:44:57 -08:00
|
|
|
void
|
2011-03-08 20:58:38 -08:00
|
|
|
JSCompartment::markCrossCompartmentWrappers(JSTracer *trc)
|
2011-01-07 23:44:57 -08:00
|
|
|
{
|
2011-03-08 20:58:38 -08:00
|
|
|
JS_ASSERT(trc->context->runtime->gcCurrentCompartment);
|
|
|
|
|
|
2011-01-07 23:44:57 -08:00
|
|
|
for (WrapperMap::Enum e(crossCompartmentWrappers); !e.empty(); e.popFront())
|
|
|
|
|
MarkValue(trc, e.front().key, "cross-compartment wrapper");
|
|
|
|
|
}
|
|
|
|
|
|
2010-09-24 10:54:39 -07:00
|
|
|
void
|
2010-12-17 16:33:04 -08:00
|
|
|
JSCompartment::sweep(JSContext *cx, uint32 releaseInterval)
|
2010-09-24 10:54:39 -07:00
|
|
|
{
|
|
|
|
|
chunk = NULL;
|
2011-03-08 20:58:38 -08:00
|
|
|
|
2010-09-24 10:54:39 -07:00
|
|
|
/* Remove dead wrappers from the table. */
|
|
|
|
|
for (WrapperMap::Enum e(crossCompartmentWrappers); !e.empty(); e.popFront()) {
|
2011-01-07 23:44:57 -08:00
|
|
|
JS_ASSERT_IF(IsAboutToBeFinalized(cx, e.front().key.toGCThing()) &&
|
|
|
|
|
!IsAboutToBeFinalized(cx, e.front().value.toGCThing()),
|
2010-10-10 15:49:38 -07:00
|
|
|
e.front().key.isString());
|
2011-01-07 23:44:57 -08:00
|
|
|
if (IsAboutToBeFinalized(cx, e.front().key.toGCThing()) ||
|
|
|
|
|
IsAboutToBeFinalized(cx, e.front().value.toGCThing())) {
|
2010-09-24 10:54:39 -07:00
|
|
|
e.removeFront();
|
2010-10-10 15:49:38 -07:00
|
|
|
}
|
2010-09-24 10:54:39 -07:00
|
|
|
}
|
2010-09-27 05:29:01 -07:00
|
|
|
|
2011-03-07 18:42:04 -08:00
|
|
|
/* Remove dead empty shapes. */
|
2011-03-23 11:57:44 -07:00
|
|
|
if (emptyArgumentsShape && IsAboutToBeFinalized(cx, emptyArgumentsShape))
|
2011-03-07 18:42:04 -08:00
|
|
|
emptyArgumentsShape = NULL;
|
2011-03-23 11:57:44 -07:00
|
|
|
if (emptyBlockShape && IsAboutToBeFinalized(cx, emptyBlockShape))
|
2011-03-07 18:42:04 -08:00
|
|
|
emptyBlockShape = NULL;
|
2011-03-23 11:57:44 -07:00
|
|
|
if (emptyCallShape && IsAboutToBeFinalized(cx, emptyCallShape))
|
2011-03-07 18:42:04 -08:00
|
|
|
emptyCallShape = NULL;
|
2011-03-23 11:57:44 -07:00
|
|
|
if (emptyDeclEnvShape && IsAboutToBeFinalized(cx, emptyDeclEnvShape))
|
2011-03-07 18:42:04 -08:00
|
|
|
emptyDeclEnvShape = NULL;
|
2011-03-23 11:57:44 -07:00
|
|
|
if (emptyEnumeratorShape && IsAboutToBeFinalized(cx, emptyEnumeratorShape))
|
2011-03-07 18:42:04 -08:00
|
|
|
emptyEnumeratorShape = NULL;
|
2011-03-23 11:57:44 -07:00
|
|
|
if (emptyWithShape && IsAboutToBeFinalized(cx, emptyWithShape))
|
2011-03-07 18:42:04 -08:00
|
|
|
emptyWithShape = NULL;
|
|
|
|
|
|
2011-03-05 15:29:30 -08:00
|
|
|
if (initialRegExpShape && IsAboutToBeFinalized(cx, initialRegExpShape))
|
|
|
|
|
initialRegExpShape = NULL;
|
2011-03-13 20:38:34 -07:00
|
|
|
if (initialStringShape && IsAboutToBeFinalized(cx, initialStringShape))
|
|
|
|
|
initialStringShape = NULL;
|
2011-03-05 15:29:30 -08:00
|
|
|
|
2011-06-28 14:06:34 -07:00
|
|
|
sweepBreakpoints(cx);
|
|
|
|
|
|
2010-12-22 14:00:06 -08:00
|
|
|
#ifdef JS_TRACER
|
2011-06-20 19:47:04 -07:00
|
|
|
if (hasTraceMonitor())
|
|
|
|
|
traceMonitor()->sweep(cx);
|
2010-12-22 14:00:06 -08:00
|
|
|
#endif
|
|
|
|
|
|
2010-09-27 05:29:01 -07:00
|
|
|
#if defined JS_METHODJIT && defined JS_MONOIC
|
2010-12-17 16:33:04 -08:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* The release interval is the frequency with which we should try to destroy
|
|
|
|
|
* executable pools by releasing all JIT code in them, zero to never destroy pools.
|
|
|
|
|
* Initialize counter so that the first pool will be destroyed, and eventually drive
|
|
|
|
|
* the amount of JIT code in never-used compartments to zero. Don't discard anything
|
|
|
|
|
* for compartments which currently have active stack frames.
|
|
|
|
|
*/
|
|
|
|
|
uint32 counter = 1;
|
2011-06-23 10:25:48 -07:00
|
|
|
bool discardScripts = !active && (releaseInterval != 0 || hasDebugModeCodeToDrop);
|
|
|
|
|
if (discardScripts)
|
|
|
|
|
hasDebugModeCodeToDrop = false;
|
2010-12-17 16:33:04 -08:00
|
|
|
|
2010-09-27 05:29:01 -07:00
|
|
|
for (JSCList *cursor = scripts.next; cursor != &scripts; cursor = cursor->next) {
|
|
|
|
|
JSScript *script = reinterpret_cast<JSScript *>(cursor);
|
2010-12-17 16:33:04 -08:00
|
|
|
if (script->hasJITCode()) {
|
2011-01-07 23:44:57 -08:00
|
|
|
mjit::ic::SweepCallICs(cx, script, discardScripts);
|
2010-12-17 16:33:04 -08:00
|
|
|
if (discardScripts) {
|
|
|
|
|
if (script->jitNormal &&
|
|
|
|
|
ScriptPoolDestroyed(cx, script->jitNormal, releaseInterval, counter)) {
|
|
|
|
|
mjit::ReleaseScriptCode(cx, script);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
if (script->jitCtor &&
|
|
|
|
|
ScriptPoolDestroyed(cx, script->jitCtor, releaseInterval, counter)) {
|
|
|
|
|
mjit::ReleaseScriptCode(cx, script);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2010-09-27 05:29:01 -07:00
|
|
|
}
|
2010-12-17 16:33:04 -08:00
|
|
|
|
|
|
|
|
#endif /* JS_METHODJIT && JS_MONOIC */
|
|
|
|
|
|
|
|
|
|
active = false;
|
2010-09-24 10:54:39 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
JSCompartment::purge(JSContext *cx)
|
|
|
|
|
{
|
2010-09-27 05:29:01 -07:00
|
|
|
freeLists.purge();
|
2011-01-24 16:30:16 -08:00
|
|
|
dtoaCache.purge();
|
2010-09-27 05:29:01 -07:00
|
|
|
|
2010-12-22 12:02:25 -08:00
|
|
|
/* Destroy eval'ed scripts. */
|
|
|
|
|
js_DestroyScriptsToGC(cx, this);
|
|
|
|
|
|
2010-12-29 11:09:04 -08:00
|
|
|
nativeIterCache.purge();
|
2011-03-03 15:28:25 -08:00
|
|
|
toSourceCache.destroyIfConstructed();
|
2010-12-29 11:09:04 -08:00
|
|
|
|
2010-12-22 12:02:25 -08:00
|
|
|
#ifdef JS_TRACER
|
|
|
|
|
/*
|
|
|
|
|
* If we are about to regenerate shapes, we have to flush the JIT cache,
|
|
|
|
|
* which will eventually abort any current recording.
|
|
|
|
|
*/
|
|
|
|
|
if (cx->runtime->gcRegenShapes)
|
2011-06-20 19:47:04 -07:00
|
|
|
if (hasTraceMonitor())
|
|
|
|
|
traceMonitor()->needFlush = JS_TRUE;
|
2010-12-22 12:02:25 -08:00
|
|
|
#endif
|
|
|
|
|
|
2010-09-24 10:54:39 -07:00
|
|
|
#ifdef JS_METHODJIT
|
2011-07-19 14:21:58 -07:00
|
|
|
js::CheckCompartmentScripts(this);
|
|
|
|
|
|
2010-09-24 10:54:39 -07:00
|
|
|
for (JSScript *script = (JSScript *)scripts.next;
|
|
|
|
|
&script->links != &scripts;
|
|
|
|
|
script = (JSScript *)script->links.next) {
|
2010-10-04 14:13:33 -07:00
|
|
|
if (script->hasJITCode()) {
|
2010-09-24 10:54:39 -07:00
|
|
|
# if defined JS_POLYIC
|
|
|
|
|
mjit::ic::PurgePICs(cx, script);
|
|
|
|
|
# endif
|
|
|
|
|
# if defined JS_MONOIC
|
|
|
|
|
/*
|
2010-12-17 16:33:04 -08:00
|
|
|
* MICs do not refer to data which can be GC'ed and do not generate stubs
|
|
|
|
|
* which might need to be discarded, but are sensitive to shape regeneration.
|
2010-09-24 10:54:39 -07:00
|
|
|
*/
|
|
|
|
|
if (cx->runtime->gcRegenShapes)
|
|
|
|
|
mjit::ic::PurgeMICs(cx, script);
|
|
|
|
|
# endif
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
}
|
2010-12-23 15:10:25 -08:00
|
|
|
|
|
|
|
|
MathCache *
|
|
|
|
|
JSCompartment::allocMathCache(JSContext *cx)
|
|
|
|
|
{
|
|
|
|
|
JS_ASSERT(!mathCache);
|
Bug 634155: Account for NewCompartment's memory, and change allocation APIs (r=nnethercote)
This changes the allocation API, in the following way:
js_malloc -> {cx->,rt->,OffTheBooks::}malloc
js_calloc -> {cx->,rt->,OffTheBooks::}calloc
js_realloc -> {cx->,rt->,OffTheBooks::}realloc
js_free -> {cx->,rt->,Foreground::,UnwantedForeground::}free
js_new -> {cx->,rt->,OffTheBooks::}new_
js_new_array -> {cx->,rt->,OffTheBooks::}new_array
js_delete -> {cx->,rt->,Foreground::,UnwantedForeground::}delete_
This is to move as many allocations as possible through a JSContext (so that they may be aken into account by gcMallocBytes) and to move as many deallocations to the background as possible (except on error paths).
2011-03-31 01:13:49 -07:00
|
|
|
mathCache = cx->new_<MathCache>();
|
2010-12-23 15:10:25 -08:00
|
|
|
if (!mathCache)
|
|
|
|
|
js_ReportOutOfMemory(cx);
|
|
|
|
|
return mathCache;
|
|
|
|
|
}
|
2011-02-11 16:31:32 -08:00
|
|
|
|
2011-06-20 20:18:15 -07:00
|
|
|
#ifdef JS_TRACER
|
2011-06-20 19:47:04 -07:00
|
|
|
TraceMonitor *
|
|
|
|
|
JSCompartment::allocAndInitTraceMonitor(JSContext *cx)
|
|
|
|
|
{
|
|
|
|
|
JS_ASSERT(!traceMonitor_);
|
|
|
|
|
traceMonitor_ = cx->new_<TraceMonitor>();
|
|
|
|
|
if (!traceMonitor_)
|
|
|
|
|
return NULL;
|
|
|
|
|
if (!traceMonitor_->init(cx->runtime)) {
|
|
|
|
|
Foreground::delete_(traceMonitor_);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
return traceMonitor_;
|
|
|
|
|
}
|
2011-06-20 20:18:15 -07:00
|
|
|
#endif
|
2011-06-20 19:47:04 -07:00
|
|
|
|
2011-02-11 16:31:32 -08:00
|
|
|
size_t
|
|
|
|
|
JSCompartment::backEdgeCount(jsbytecode *pc) const
|
|
|
|
|
{
|
|
|
|
|
if (BackEdgeMap::Ptr p = backEdgeTable.lookup(pc))
|
|
|
|
|
return p->value;
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
size_t
|
|
|
|
|
JSCompartment::incBackEdgeCount(jsbytecode *pc)
|
|
|
|
|
{
|
2011-03-23 17:40:11 -07:00
|
|
|
if (BackEdgeMap::Ptr p = backEdgeTable.lookupWithDefault(pc, 0))
|
|
|
|
|
return ++p->value;
|
|
|
|
|
return 1; /* oom not reported by backEdgeTable, so ignore. */
|
2011-02-11 16:31:32 -08:00
|
|
|
}
|
|
|
|
|
|
2011-04-18 15:42:07 -07:00
|
|
|
bool
|
2011-04-21 12:44:53 -07:00
|
|
|
JSCompartment::isAboutToBeCollected(JSGCInvocationKind gckind)
|
|
|
|
|
{
|
2011-04-18 15:42:07 -07:00
|
|
|
return !hold && (arenaListsAreEmpty() || gckind == GC_LAST_CONTEXT);
|
|
|
|
|
}
|
Automatically turn debug mode on/off when adding/removing debuggees.
This allows most of the tests to run without the -d command-line flag.
Now a compartment is in debug mode if
* JSD1 wants debug mode on, thanks to a JS_SetDebugMode* call; OR
* JSD2 wants debug mode on, because a live Debug object has a debuggee
global in that compartment.
Since this patch only adds the second half of the rule, JSD1 should be
unaffected.
The new rule has three issues:
1. When removeDebuggee is called, it can cause debug mode to be turned
off for a compartment. If any scripts from that compartment are on
the stack, and the methodjit is enabled, returning to those stack
frames will crash.
2. When a Debug object is GC'd, it can cause debug mode to be turned off
for one or more compartments. This causes the same problem with
returning to deleted methodjit code, but the fix is different: such
Debug objects simply should not be GC'd.
3. Setting .enabled to false still does not turn off debug mode
anywhere, so it does not reduce overhead as much as it should.
A possible fix for issue #1 would be to make such removeDebuggee calls
throw; a different possibility is to turn off debug mode but leave all
the scripts alone, accepting the performance loss (as we do for JSD1 in
JSCompartment::setDebugModeFromC). The fix to issues #2 and #3 is to
tweak the rule--and to tweak the rule for Debug object GC-reachability.
--HG--
rename : js/src/jit-test/tests/debug/Debug-ctor.js => js/src/jit-test/tests/debug/Debug-ctor-01.js
2011-06-02 19:58:46 -07:00
|
|
|
|
|
|
|
|
bool
|
2011-06-23 10:25:48 -07:00
|
|
|
JSCompartment::hasScriptsOnStack(JSContext *cx)
|
Automatically turn debug mode on/off when adding/removing debuggees.
This allows most of the tests to run without the -d command-line flag.
Now a compartment is in debug mode if
* JSD1 wants debug mode on, thanks to a JS_SetDebugMode* call; OR
* JSD2 wants debug mode on, because a live Debug object has a debuggee
global in that compartment.
Since this patch only adds the second half of the rule, JSD1 should be
unaffected.
The new rule has three issues:
1. When removeDebuggee is called, it can cause debug mode to be turned
off for a compartment. If any scripts from that compartment are on
the stack, and the methodjit is enabled, returning to those stack
frames will crash.
2. When a Debug object is GC'd, it can cause debug mode to be turned off
for one or more compartments. This causes the same problem with
returning to deleted methodjit code, but the fix is different: such
Debug objects simply should not be GC'd.
3. Setting .enabled to false still does not turn off debug mode
anywhere, so it does not reduce overhead as much as it should.
A possible fix for issue #1 would be to make such removeDebuggee calls
throw; a different possibility is to turn off debug mode but leave all
the scripts alone, accepting the performance loss (as we do for JSD1 in
JSCompartment::setDebugModeFromC). The fix to issues #2 and #3 is to
tweak the rule--and to tweak the rule for Debug object GC-reachability.
--HG--
rename : js/src/jit-test/tests/debug/Debug-ctor.js => js/src/jit-test/tests/debug/Debug-ctor-01.js
2011-06-02 19:58:46 -07:00
|
|
|
{
|
|
|
|
|
for (AllFramesIter i(cx->stack.space()); !i.done(); ++i) {
|
|
|
|
|
JSScript *script = i.fp()->maybeScript();
|
|
|
|
|
if (script && script->compartment == this)
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool
|
|
|
|
|
JSCompartment::setDebugModeFromC(JSContext *cx, bool b)
|
|
|
|
|
{
|
|
|
|
|
bool enabledBefore = debugMode();
|
|
|
|
|
bool enabledAfter = (debugModeBits & ~uintN(DebugFromC)) || b;
|
|
|
|
|
|
|
|
|
|
// Debug mode can be enabled only when no scripts from the target
|
|
|
|
|
// compartment are on the stack. It would even be incorrect to discard just
|
|
|
|
|
// the non-live scripts' JITScripts because they might share ICs with live
|
|
|
|
|
// scripts (bug 632343).
|
|
|
|
|
//
|
|
|
|
|
// We do allow disabling debug mode while scripts are on the stack. In
|
|
|
|
|
// that case the debug-mode code for those scripts remains, so subsequently
|
|
|
|
|
// hooks may be called erroneously, even though debug mode is supposedly
|
|
|
|
|
// off, and we have to live with it.
|
|
|
|
|
//
|
|
|
|
|
bool onStack = false;
|
|
|
|
|
if (enabledBefore != enabledAfter) {
|
2011-06-23 10:25:48 -07:00
|
|
|
onStack = hasScriptsOnStack(cx);
|
Automatically turn debug mode on/off when adding/removing debuggees.
This allows most of the tests to run without the -d command-line flag.
Now a compartment is in debug mode if
* JSD1 wants debug mode on, thanks to a JS_SetDebugMode* call; OR
* JSD2 wants debug mode on, because a live Debug object has a debuggee
global in that compartment.
Since this patch only adds the second half of the rule, JSD1 should be
unaffected.
The new rule has three issues:
1. When removeDebuggee is called, it can cause debug mode to be turned
off for a compartment. If any scripts from that compartment are on
the stack, and the methodjit is enabled, returning to those stack
frames will crash.
2. When a Debug object is GC'd, it can cause debug mode to be turned off
for one or more compartments. This causes the same problem with
returning to deleted methodjit code, but the fix is different: such
Debug objects simply should not be GC'd.
3. Setting .enabled to false still does not turn off debug mode
anywhere, so it does not reduce overhead as much as it should.
A possible fix for issue #1 would be to make such removeDebuggee calls
throw; a different possibility is to turn off debug mode but leave all
the scripts alone, accepting the performance loss (as we do for JSD1 in
JSCompartment::setDebugModeFromC). The fix to issues #2 and #3 is to
tweak the rule--and to tweak the rule for Debug object GC-reachability.
--HG--
rename : js/src/jit-test/tests/debug/Debug-ctor.js => js/src/jit-test/tests/debug/Debug-ctor-01.js
2011-06-02 19:58:46 -07:00
|
|
|
if (b && onStack) {
|
|
|
|
|
JS_ReportErrorNumber(cx, js_GetErrorMessage, NULL, JSMSG_DEBUG_NOT_IDLE);
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
debugModeBits = (debugModeBits & ~uintN(DebugFromC)) | (b * DebugFromC);
|
|
|
|
|
JS_ASSERT(debugMode() == enabledAfter);
|
|
|
|
|
if (enabledBefore != enabledAfter && !onStack)
|
|
|
|
|
updateForDebugMode(cx);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
JSCompartment::updateForDebugMode(JSContext *cx)
|
|
|
|
|
{
|
|
|
|
|
#ifdef JS_METHODJIT
|
2011-06-23 10:25:48 -07:00
|
|
|
bool enabled = debugMode();
|
|
|
|
|
|
|
|
|
|
if (enabled) {
|
|
|
|
|
JS_ASSERT(!hasScriptsOnStack(cx));
|
|
|
|
|
} else if (hasScriptsOnStack(cx)) {
|
|
|
|
|
hasDebugModeCodeToDrop = true;
|
|
|
|
|
return;
|
|
|
|
|
}
|
Automatically turn debug mode on/off when adding/removing debuggees.
This allows most of the tests to run without the -d command-line flag.
Now a compartment is in debug mode if
* JSD1 wants debug mode on, thanks to a JS_SetDebugMode* call; OR
* JSD2 wants debug mode on, because a live Debug object has a debuggee
global in that compartment.
Since this patch only adds the second half of the rule, JSD1 should be
unaffected.
The new rule has three issues:
1. When removeDebuggee is called, it can cause debug mode to be turned
off for a compartment. If any scripts from that compartment are on
the stack, and the methodjit is enabled, returning to those stack
frames will crash.
2. When a Debug object is GC'd, it can cause debug mode to be turned off
for one or more compartments. This causes the same problem with
returning to deleted methodjit code, but the fix is different: such
Debug objects simply should not be GC'd.
3. Setting .enabled to false still does not turn off debug mode
anywhere, so it does not reduce overhead as much as it should.
A possible fix for issue #1 would be to make such removeDebuggee calls
throw; a different possibility is to turn off debug mode but leave all
the scripts alone, accepting the performance loss (as we do for JSD1 in
JSCompartment::setDebugModeFromC). The fix to issues #2 and #3 is to
tweak the rule--and to tweak the rule for Debug object GC-reachability.
--HG--
rename : js/src/jit-test/tests/debug/Debug-ctor.js => js/src/jit-test/tests/debug/Debug-ctor-01.js
2011-06-02 19:58:46 -07:00
|
|
|
|
|
|
|
|
// Discard JIT code for any scripts that change debugMode. This assumes
|
|
|
|
|
// that 'comp' is in the same thread as 'cx'.
|
|
|
|
|
for (JSScript *script = (JSScript *) scripts.next;
|
|
|
|
|
&script->links != &scripts;
|
|
|
|
|
script = (JSScript *) script->links.next)
|
|
|
|
|
{
|
2011-06-23 10:25:48 -07:00
|
|
|
if (script->debugMode != enabled) {
|
Automatically turn debug mode on/off when adding/removing debuggees.
This allows most of the tests to run without the -d command-line flag.
Now a compartment is in debug mode if
* JSD1 wants debug mode on, thanks to a JS_SetDebugMode* call; OR
* JSD2 wants debug mode on, because a live Debug object has a debuggee
global in that compartment.
Since this patch only adds the second half of the rule, JSD1 should be
unaffected.
The new rule has three issues:
1. When removeDebuggee is called, it can cause debug mode to be turned
off for a compartment. If any scripts from that compartment are on
the stack, and the methodjit is enabled, returning to those stack
frames will crash.
2. When a Debug object is GC'd, it can cause debug mode to be turned off
for one or more compartments. This causes the same problem with
returning to deleted methodjit code, but the fix is different: such
Debug objects simply should not be GC'd.
3. Setting .enabled to false still does not turn off debug mode
anywhere, so it does not reduce overhead as much as it should.
A possible fix for issue #1 would be to make such removeDebuggee calls
throw; a different possibility is to turn off debug mode but leave all
the scripts alone, accepting the performance loss (as we do for JSD1 in
JSCompartment::setDebugModeFromC). The fix to issues #2 and #3 is to
tweak the rule--and to tweak the rule for Debug object GC-reachability.
--HG--
rename : js/src/jit-test/tests/debug/Debug-ctor.js => js/src/jit-test/tests/debug/Debug-ctor-01.js
2011-06-02 19:58:46 -07:00
|
|
|
mjit::ReleaseScriptCode(cx, script);
|
2011-06-23 10:25:48 -07:00
|
|
|
script->debugMode = enabled;
|
Automatically turn debug mode on/off when adding/removing debuggees.
This allows most of the tests to run without the -d command-line flag.
Now a compartment is in debug mode if
* JSD1 wants debug mode on, thanks to a JS_SetDebugMode* call; OR
* JSD2 wants debug mode on, because a live Debug object has a debuggee
global in that compartment.
Since this patch only adds the second half of the rule, JSD1 should be
unaffected.
The new rule has three issues:
1. When removeDebuggee is called, it can cause debug mode to be turned
off for a compartment. If any scripts from that compartment are on
the stack, and the methodjit is enabled, returning to those stack
frames will crash.
2. When a Debug object is GC'd, it can cause debug mode to be turned off
for one or more compartments. This causes the same problem with
returning to deleted methodjit code, but the fix is different: such
Debug objects simply should not be GC'd.
3. Setting .enabled to false still does not turn off debug mode
anywhere, so it does not reduce overhead as much as it should.
A possible fix for issue #1 would be to make such removeDebuggee calls
throw; a different possibility is to turn off debug mode but leave all
the scripts alone, accepting the performance loss (as we do for JSD1 in
JSCompartment::setDebugModeFromC). The fix to issues #2 and #3 is to
tweak the rule--and to tweak the rule for Debug object GC-reachability.
--HG--
rename : js/src/jit-test/tests/debug/Debug-ctor.js => js/src/jit-test/tests/debug/Debug-ctor-01.js
2011-06-02 19:58:46 -07:00
|
|
|
}
|
|
|
|
|
}
|
2011-06-23 10:25:48 -07:00
|
|
|
hasDebugModeCodeToDrop = false;
|
Automatically turn debug mode on/off when adding/removing debuggees.
This allows most of the tests to run without the -d command-line flag.
Now a compartment is in debug mode if
* JSD1 wants debug mode on, thanks to a JS_SetDebugMode* call; OR
* JSD2 wants debug mode on, because a live Debug object has a debuggee
global in that compartment.
Since this patch only adds the second half of the rule, JSD1 should be
unaffected.
The new rule has three issues:
1. When removeDebuggee is called, it can cause debug mode to be turned
off for a compartment. If any scripts from that compartment are on
the stack, and the methodjit is enabled, returning to those stack
frames will crash.
2. When a Debug object is GC'd, it can cause debug mode to be turned off
for one or more compartments. This causes the same problem with
returning to deleted methodjit code, but the fix is different: such
Debug objects simply should not be GC'd.
3. Setting .enabled to false still does not turn off debug mode
anywhere, so it does not reduce overhead as much as it should.
A possible fix for issue #1 would be to make such removeDebuggee calls
throw; a different possibility is to turn off debug mode but leave all
the scripts alone, accepting the performance loss (as we do for JSD1 in
JSCompartment::setDebugModeFromC). The fix to issues #2 and #3 is to
tweak the rule--and to tweak the rule for Debug object GC-reachability.
--HG--
rename : js/src/jit-test/tests/debug/Debug-ctor.js => js/src/jit-test/tests/debug/Debug-ctor-01.js
2011-06-02 19:58:46 -07:00
|
|
|
#endif
|
|
|
|
|
}
|
2011-06-23 10:25:48 -07:00
|
|
|
|
|
|
|
|
bool
|
|
|
|
|
JSCompartment::addDebuggee(JSContext *cx, js::GlobalObject *global)
|
|
|
|
|
{
|
|
|
|
|
bool wasEnabled = debugMode();
|
|
|
|
|
if (!debuggees.put(global)) {
|
|
|
|
|
js_ReportOutOfMemory(cx);
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
debugModeBits |= DebugFromJS;
|
|
|
|
|
if (!wasEnabled)
|
|
|
|
|
updateForDebugMode(cx);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
JSCompartment::removeDebuggee(JSContext *cx,
|
|
|
|
|
js::GlobalObject *global,
|
|
|
|
|
js::GlobalObjectSet::Enum *debuggeesEnum)
|
|
|
|
|
{
|
|
|
|
|
bool wasEnabled = debugMode();
|
|
|
|
|
JS_ASSERT(debuggees.has(global));
|
|
|
|
|
if (debuggeesEnum)
|
|
|
|
|
debuggeesEnum->removeFront();
|
|
|
|
|
else
|
|
|
|
|
debuggees.remove(global);
|
|
|
|
|
|
|
|
|
|
if (debuggees.empty()) {
|
|
|
|
|
debugModeBits &= ~DebugFromJS;
|
|
|
|
|
if (wasEnabled && !debugMode())
|
|
|
|
|
updateForDebugMode(cx);
|
|
|
|
|
}
|
|
|
|
|
}
|
2011-06-28 14:06:34 -07:00
|
|
|
|
|
|
|
|
BreakpointSite *
|
|
|
|
|
JSCompartment::getBreakpointSite(jsbytecode *pc)
|
|
|
|
|
{
|
|
|
|
|
BreakpointSiteMap::Ptr p = breakpointSites.lookup(pc);
|
|
|
|
|
return p ? p->value : NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
BreakpointSite *
|
|
|
|
|
JSCompartment::getOrCreateBreakpointSite(JSContext *cx, JSScript *script, jsbytecode *pc, JSObject *scriptObject)
|
|
|
|
|
{
|
|
|
|
|
JS_ASSERT(script->code <= pc);
|
|
|
|
|
JS_ASSERT(pc < script->code + script->length);
|
2011-07-22 08:54:36 -07:00
|
|
|
JS_ASSERT_IF(scriptObject, scriptObject->isScript() || scriptObject->isFunction());
|
|
|
|
|
JS_ASSERT_IF(scriptObject && scriptObject->isFunction(),
|
|
|
|
|
scriptObject->getFunctionPrivate()->script() == script);
|
|
|
|
|
JS_ASSERT_IF(scriptObject && scriptObject->isScript(), scriptObject->getScript() == script);
|
|
|
|
|
|
2011-06-28 14:06:34 -07:00
|
|
|
BreakpointSiteMap::AddPtr p = breakpointSites.lookupForAdd(pc);
|
|
|
|
|
if (!p) {
|
|
|
|
|
BreakpointSite *site = cx->runtime->new_<BreakpointSite>(script, pc);
|
|
|
|
|
if (!site || !breakpointSites.add(p, pc, site)) {
|
|
|
|
|
js_ReportOutOfMemory(cx);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
BreakpointSite *site = p->value;
|
|
|
|
|
if (site->scriptObject)
|
|
|
|
|
JS_ASSERT_IF(scriptObject, site->scriptObject == scriptObject);
|
|
|
|
|
else
|
|
|
|
|
site->scriptObject = scriptObject;
|
|
|
|
|
|
|
|
|
|
return site;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
2011-07-05 05:48:26 -07:00
|
|
|
JSCompartment::clearBreakpointsIn(JSContext *cx, js::Debugger *dbg, JSScript *script,
|
2011-06-28 14:06:34 -07:00
|
|
|
JSObject *handler)
|
|
|
|
|
{
|
|
|
|
|
JS_ASSERT_IF(script, script->compartment == this);
|
|
|
|
|
|
|
|
|
|
for (BreakpointSiteMap::Enum e(breakpointSites); !e.empty(); e.popFront()) {
|
|
|
|
|
BreakpointSite *site = e.front().value;
|
|
|
|
|
if (!script || site->script == script) {
|
2011-07-22 08:54:36 -07:00
|
|
|
Breakpoint *nextbp;
|
|
|
|
|
for (Breakpoint *bp = site->firstBreakpoint(); bp; bp = nextbp) {
|
|
|
|
|
nextbp = bp->nextInSite();
|
2011-06-28 14:06:34 -07:00
|
|
|
if ((!dbg || bp->debugger == dbg) && (!handler || bp->getHandler() == handler))
|
|
|
|
|
bp->destroy(cx, &e);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
JSCompartment::clearTraps(JSContext *cx, JSScript *script)
|
|
|
|
|
{
|
|
|
|
|
for (BreakpointSiteMap::Enum e(breakpointSites); !e.empty(); e.popFront()) {
|
|
|
|
|
BreakpointSite *site = e.front().value;
|
|
|
|
|
if (!script || site->script == script)
|
|
|
|
|
site->clearTrap(cx, &e);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
bool
|
|
|
|
|
JSCompartment::markBreakpointsIteratively(JSTracer *trc)
|
|
|
|
|
{
|
|
|
|
|
bool markedAny = false;
|
|
|
|
|
for (BreakpointSiteMap::Range r = breakpointSites.all(); !r.empty(); r.popFront()) {
|
|
|
|
|
BreakpointSite *site = r.front().value;
|
|
|
|
|
|
|
|
|
|
// Mark jsdbgapi state if any. But if we know the scriptObject, put off
|
|
|
|
|
// marking trap state until we know the scriptObject is live.
|
|
|
|
|
if (site->trapHandler && (!site->scriptObject || site->scriptObject->isMarked())) {
|
|
|
|
|
if (site->trapClosure.isObject() && !site->trapClosure.toObject().isMarked())
|
|
|
|
|
markedAny = true;
|
|
|
|
|
MarkValue(trc, site->trapClosure, "trap closure");
|
|
|
|
|
}
|
|
|
|
|
|
2011-07-27 16:03:34 -07:00
|
|
|
// Mark js::Debugger breakpoints. If either the debugger or the script is
|
2011-06-28 14:06:34 -07:00
|
|
|
// collected, then the breakpoint is collected along with it. So do not
|
|
|
|
|
// mark the handler in that case.
|
|
|
|
|
//
|
2011-07-22 08:54:36 -07:00
|
|
|
// If scriptObject is non-null, examine it to see if the script will be
|
2011-06-28 14:06:34 -07:00
|
|
|
// collected. If scriptObject is null, then site->script is an eval
|
|
|
|
|
// script on the stack, so it is definitely live.
|
|
|
|
|
//
|
|
|
|
|
if (!site->scriptObject || site->scriptObject->isMarked()) {
|
|
|
|
|
for (Breakpoint *bp = site->firstBreakpoint(); bp; bp = bp->nextInSite()) {
|
|
|
|
|
if (bp->debugger->toJSObject()->isMarked() &&
|
|
|
|
|
bp->handler &&
|
|
|
|
|
!bp->handler->isMarked())
|
|
|
|
|
{
|
|
|
|
|
MarkObject(trc, *bp->handler, "breakpoint handler");
|
|
|
|
|
markedAny = true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return markedAny;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
JSCompartment::sweepBreakpoints(JSContext *cx)
|
|
|
|
|
{
|
|
|
|
|
for (BreakpointSiteMap::Enum e(breakpointSites); !e.empty(); e.popFront()) {
|
|
|
|
|
BreakpointSite *site = e.front().value;
|
|
|
|
|
if (site->scriptObject) {
|
2011-07-22 08:54:36 -07:00
|
|
|
// clearTrap and nextbp are necessary here to avoid possibly
|
|
|
|
|
// reading *site or *bp after destroying it.
|
2011-06-28 14:06:34 -07:00
|
|
|
bool scriptGone = IsAboutToBeFinalized(cx, site->scriptObject);
|
2011-07-22 08:54:36 -07:00
|
|
|
bool clearTrap = scriptGone && site->hasTrap();
|
|
|
|
|
|
2011-07-18 14:57:39 -07:00
|
|
|
Breakpoint *nextbp;
|
|
|
|
|
for (Breakpoint *bp = site->firstBreakpoint(); bp; bp = nextbp) {
|
|
|
|
|
nextbp = bp->nextInSite();
|
2011-06-28 14:06:34 -07:00
|
|
|
if (scriptGone || IsAboutToBeFinalized(cx, bp->debugger->toJSObject()))
|
|
|
|
|
bp->destroy(cx, &e);
|
|
|
|
|
}
|
2011-07-22 08:54:36 -07:00
|
|
|
|
|
|
|
|
if (clearTrap)
|
|
|
|
|
site->clearTrap(cx, &e);
|
2011-06-28 14:06:34 -07:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
