Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-24 18:55:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 874687 - Fix bug with SPS being enabled when non-SPS-instrumented ion frames are on stack. r=jandem

Browse Source
This commit is contained in:
Kannan Vijayan 2013-05-23 12:22:36 -04:00
parent abb1708367
commit 799c4bc97c
5 changed files with 26 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
js/src/ion/Bailouts.cpp
View File

@ -295,6 +295,10 @@ ConvertFrames(JSContext *cx, IonActivation *activation, IonBailoutIterator &it)
while (true) {
IonSpew(IonSpew_Bailouts, " restoring frame");
fp->initFromBailout(cx, iter);
// If the IonScript wasn't compiled with SPS enabled, make sure that the StackFrame
// frame isn't marked as having a pushed SPS frame.
if (!it.ionScript()->hasSPSInstrumentation())
fp->unsetPushedSPSFrame();
if (!iter.moreFrames())
break;

10
js/src/ion/BaselineBailouts.cpp
View File

@ -443,8 +443,8 @@ struct BaselineStackBuilder
//
static bool
InitFromBailout(JSContext *cx, HandleScript caller, jsbytecode *callerPC,
HandleFunction fun, HandleScript script, SnapshotIterator &iter,
bool invalidate, BaselineStackBuilder &builder,
HandleFunction fun, HandleScript script, IonScript *ionScript,
SnapshotIterator &iter, bool invalidate, BaselineStackBuilder &builder,
MutableHandleFunction nextCallee, jsbytecode **callPC)
{
uint32_t exprStackSlots = iter.slots() - (script->nfixed + CountArgSlots(script, fun));
@ -503,7 +503,7 @@ InitFromBailout(JSContext *cx, HandleScript caller, jsbytecode *callerPC,
// If SPS Profiler is enabled, mark the frame as having pushed an SPS entry.
// This may be wrong for the last frame of ArgumentCheck bailout, but
// that will be fixed later.
if (cx->runtime->spsProfiler.enabled()) {
if (cx->runtime->spsProfiler.enabled() && ionScript->hasSPSInstrumentation()) {
IonSpew(IonSpew_BaselineBailouts, " Setting SPS flag on frame!");
flags |= BaselineFrame::HAS_PUSHED_SPS_FRAME;
}
@ -1080,8 +1080,8 @@ ion::BailoutIonToBaseline(JSContext *cx, IonActivation *activation, IonBailoutIt
IonSpew(IonSpew_BaselineBailouts, " FrameNo %d", frameNo);
jsbytecode *callPC = NULL;
RootedFunction nextCallee(cx, NULL);
if (!InitFromBailout(cx, caller, callerPC, fun, scr, snapIter, invalidate, builder,
&nextCallee, &callPC))
if (!InitFromBailout(cx, caller, callerPC, fun, scr, iter.ionScript(),
snapIter, invalidate, builder, &nextCallee, &callPC))
{
return BAILOUT_RETURN_FATAL_ERROR;
}

4
js/src/ion/CodeGenerator.cpp
View File

@ -5233,6 +5233,10 @@ CodeGenerator::link()
ionScript->setMethod(code);
ionScript->setSkipArgCheckEntryOffset(getSkipArgCheckEntryOffset());
// If SPS is enabled, mark IonScript as having been instrumented with SPS
if (sps_.enabled())
ionScript->setHasSPSInstrumentation();
SetIonScript(script, executionMode, ionScript);
if (!ionScript)

1
js/src/ion/Ion.cpp
View File

@ -560,6 +560,7 @@ IonScript::IonScript()
invalidateEpilogueDataOffset_(0),
numBailouts_(0),
hasInvalidatedCallTarget_(false),
hasSPSInstrumentation_(false),
runtimeData_(0),
runtimeSize_(0),
cacheIndex_(0),

12
js/src/ion/IonCode.h
View File

@ -180,6 +180,9 @@ struct IonScript
// call targets are compiled.
bool hasInvalidatedCallTarget_;
// Flag set if IonScript was compiled with SPS profiling enabled.
bool hasSPSInstrumentation_;
// Any kind of data needed by the runtime, these can be either cache
// information or profiling info.
uint32_t runtimeData_;
@ -382,6 +385,15 @@ struct IonScript
bool hasInvalidatedCallTarget() const {
return hasInvalidatedCallTarget_;
}
void setHasSPSInstrumentation() {
hasSPSInstrumentation_ = true;
}
void clearHasSPSInstrumentation() {
hasSPSInstrumentation_ = false;
}
bool hasSPSInstrumentation() const {
return hasSPSInstrumentation_;
}
const uint8_t *snapshots() const {
return reinterpret_cast<const uint8_t *>(this) + snapshots_;
}