Bug 1006205 - Only process scripts during debug mode OSR that have been recompiled. (r=jandem)

2024-09-13 09:24:08 -07:00 · 2014-05-06 19:20:48 -07:00 · 2014-05-06 19:20:48 -07:00 · 5f2882b16e
commit 5f2882b16e
parent e42acc314b
2 changed files with 44 additions and 8 deletions
--- a/js/src/jit-test/tests/debug/bug1006205.js
+++ b/js/src/jit-test/tests/debug/bug1006205.js
@ -0,0 +1,20 @@
+var lfcode = new Array();
+lfcode.push = loadFile;
+lfcode.push("\
+var g = newGlobal();\
+g.debuggeeGlobal = this;\
+g.eval(\"(\" + function () {\
+        dbg = new Debugger(debuggeeGlobal);\
+    } + \")();\");\
+");
+lfcode.push("gc();");
+lfcode.push("\
+var g = newGlobal();\
+g.debuggeeGlobal = this;\
+g.eval(\"(\" + function () {\
+  dbg = new Debugger(debuggeeGlobal);\
+} + \")();\");\
+");
+function loadFile(lfVarx) {
+function newFunc(x) { new Function(x)(); }; newFunc(lfVarx);
+}
--- a/js/src/jit/BaselineDebugModeOSR.cpp
+++ b/js/src/jit/BaselineDebugModeOSR.cpp
@ -93,6 +93,10 @@ struct DebugModeOSREntry
                frameKind == ICEntry::Kind_DebugEpilogue);
    }

+    bool recompiled() const {
+        return oldBaselineScript != script->baselineScript();
+    }
+
    BaselineDebugModeOSRInfo *takeRecompInfo() {
        MOZ_ASSERT(recompInfo);
        BaselineDebugModeOSRInfo *tmp = recompInfo;
@ -208,9 +212,8 @@ SpewPatchBaselineFrame(uint8_t *oldReturnAddress, uint8_t *newReturnAddress,
                       JSScript *script, ICEntry::Kind frameKind, jsbytecode *pc)
 {
    IonSpew(IonSpew_BaselineDebugModeOSR,
-            "Patch return %#016llx -> %#016llx to BaselineJS (%s:%d) from %s at %s",
-            uintptr_t(oldReturnAddress), uintptr_t(newReturnAddress),
-            script->filename(), script->lineno(),
+            "Patch return %p -> %p on BaselineJS frame (%s:%d) from %s at %s",
+            oldReturnAddress, newReturnAddress, script->filename(), script->lineno(),
            ICEntryKindToString(frameKind), js_CodeName[(JSOp)*pc]);
 }

@ -218,8 +221,8 @@ static void
 SpewPatchStubFrame(ICStub *oldStub, ICStub *newStub)
 {
    IonSpew(IonSpew_BaselineDebugModeOSR,
-            "Patch   stub %#016llx -> %#016llx to BaselineStub (%s)",
-            uintptr_t(oldStub), uintptr_t(newStub), ICStub::KindString(newStub->kind()));
+            "Patch   stub %p -> %p on BaselineStub frame (%s)",
+            oldStub, newStub, ICStub::KindString(newStub->kind()));
 }

 static void
@ -254,8 +257,15 @@ PatchBaselineFramesForDebugMode(JSContext *cx, const JitActivationIterator &acti

    for (JitFrameIterator iter(activation); !iter.done(); ++iter) {
        DebugModeOSREntry &entry = entries[entryIndex];
+
        switch (iter.type()) {
          case JitFrame_BaselineJS: {
+            // If the script wasn't recompiled, there's nothing to patch.
+            if (!entry.recompiled()) {
+                entryIndex++;
+                break;
+            }
+
            JSScript *script = entry.script;
            uint32_t pcOffset = entry.pcOffset;
            jsbytecode *pc = script->offsetToPC(pcOffset);
@ -351,6 +361,10 @@ PatchBaselineFramesForDebugMode(JSContext *cx, const JitActivationIterator &acti
          }

          case JitFrame_BaselineStub: {
+            // If the script wasn't recompiled, there's nothing to patch.
+            if (!entry.recompiled())
+                break;
+
            IonBaselineStubFrameLayout *layout =
                reinterpret_cast<IonBaselineStubFrameLayout *>(iter.fp());
            MOZ_ASSERT(entry.script->baselineScript()->debugMode() == expectedDebugMode);
@ -539,7 +553,7 @@ UndoRecompileBaselineScriptsForDebugMode(JSContext *cx,
    for (size_t i = 0; i < entries.length(); i++) {
        JSScript *script = entries[i].script;
        BaselineScript *baselineScript = script->baselineScript();
-        if (baselineScript != entries[i].oldBaselineScript) {
+        if (entries[i].recompiled()) {
            script->setBaselineScript(cx, entries[i].oldBaselineScript);
            BaselineScript::Destroy(cx->runtime()->defaultFreeOp(), baselineScript);
        }
@ -587,8 +601,10 @@ jit::RecompileOnStackBaselineScriptsForDebugMode(JSContext *cx, JSCompartment *c
    //
    // After this point the function must be infallible.

-    for (size_t i = 0; i < entries.length(); i++)
-        BaselineScript::Destroy(cx->runtime()->defaultFreeOp(), entries[i].oldBaselineScript);
+    for (size_t i = 0; i < entries.length(); i++) {
+        if (entries[i].recompiled())
+            BaselineScript::Destroy(cx->runtime()->defaultFreeOp(), entries[i].oldBaselineScript);
+    }

    size_t processed = 0;
    for (JitActivationIterator iter(cx->runtime()); !iter.done(); ++iter) {