void *
RunTracer(VMFrame &f)
#endif
{
JSContext *cx = f.cx;
StackFrame *entryFrame = f.fp();
TracePointAction tpa;
/* :TODO: nuke PIC? */
if (!cx->traceJitEnabled)
return NULL;
/*
* Force initialization of the entry frame's scope chain and return value,
* if necessary. The tracer can query the scope chain without needing to
* check the HAS_SCOPECHAIN flag, and the frame is guaranteed to have the
* correct return value stored if we trace/interpret through to the end
* of the frame.
*/
entryFrame->scopeChain();
entryFrame->returnValue();
bool blacklist;
void **traceData;
uintN *traceEpoch;
uint32 *loopCounter;
uint32 hits;
#if JS_MONOIC
traceData = &ic.traceData;
traceEpoch = &ic.traceEpoch;
loopCounter = &ic.loopCounter;
*loopCounter = 1;
hits = ic.loopCounterStart;
#else
traceData = NULL;
traceEpoch = NULL;
loopCounter = NULL;
hits = 1;
#endif
tpa = MonitorTracePoint(f.cx, &blacklist, traceData, traceEpoch,
loopCounter, hits);
JS_ASSERT(!TRACE_RECORDER(cx));
#if JS_MONOIC
ic.loopCounterStart = *loopCounter;
if (blacklist)
DisableTraceHint(entryFrame->jit(), ic);
#endif
// Even though ExecuteTree() bypasses the interpreter, it should propagate
// error failures correctly.
JS_ASSERT_IF(cx->isExceptionPending(), tpa == TPA_Error);
JS_ASSERT(f.fp() == cx->fp());
switch (tpa) {
case TPA_Nothing:
return NULL;
case TPA_Error:
if (!HandleErrorInExcessFrame(f, entryFrame, f.fp()->finishedInInterpreter()))
THROWV(NULL);
JS_ASSERT(!cx->fp()->hasImacropc());
break;
case TPA_RanStuff:
case TPA_Recorded:
break;
}
/*
* The tracer could have dropped us off on any frame at any position.
* Well, it could not have removed frames (recursion is disabled).
*
* Frames after the entryFrame cannot be entered via JaegerShotAtSafePoint()
* unless each is at a safe point. We can JaegerShotAtSafePoint these
* frames individually, but we must unwind to the entryFrame.
*
* Note carefully that JaegerShotAtSafePoint can resume methods at
* arbitrary safe points whereas JaegerShot cannot.
*
* If we land on entryFrame without a safe point in sight, we'll end up
* at the RETURN op. This is an edge case with two paths:
*
* 1) The entryFrame is the last inline frame. If it fell on a RETURN,
* move the return value down.
* 2) The entryFrame is NOT the last inline frame. Pop the frame.
*
* In both cases, we hijack the stub to return to the force-return
* trampoline. This trampoline simulates the frame-popping portion of
* emitReturn (except without the benefit of the FrameState) and will
* produce the necessary register state to return to the caller.
*/
restart:
/* Step 1. Finish frames created after the entry frame. */
if (!FinishExcessFrames(f, entryFrame))
THROWV(NULL);
/* IMacros are guaranteed to have been removed by now. */
JS_ASSERT(f.fp() == entryFrame);
JS_ASSERT(!entryFrame->hasImacropc());
/* Step 2. If entryFrame is done, use a special path to return to EnterMethodJIT(). */
if (FrameIsFinished(cx)) {
if (!HandleFinishedFrame(f, entryFrame))
THROWV(NULL);
*f.returnAddressLocation() = cx->jaegerCompartment()->forceReturnFromFastCall();
return NULL;
}
/* Step 3. If entryFrame is at a safe point, just leave. */
if (void *ncode = AtSafePoint(cx))
return ncode;
/* Step 4. Do a partial interp, then restart the whole process. */
if (!PartialInterpret(f)) {
if (!HandleErrorInExcessFrame(f, entryFrame))
THROWV(NULL);
}
goto restart;
}
extern "C" void *
js_InternalThrow(VMFrame &f)
{
JSContext *cx = f.cx;
ExpandInlineFrames(cx->compartment);
// The current frame may have an associated orphaned native, if the native
// or SplatApplyArgs threw an exception.
RemoveOrphanedNative(cx, f.fp());
JS_ASSERT(!f.fp()->finishedInInterpreter());
// Make sure sp is up to date.
JS_ASSERT(&cx->regs() == &f.regs);
jsbytecode *pc = NULL;
for (;;) {
if (cx->isExceptionPending()) {
// Call the throw hook if necessary
JSThrowHook handler = cx->runtime->debugHooks.throwHook;
if (handler || !cx->compartment->getDebuggees().empty()) {
Value rval;
JSTrapStatus st = Debugger::onExceptionUnwind(cx, &rval);
if (st == JSTRAP_CONTINUE && handler) {
st = handler(cx, cx->fp()->script(), cx->regs().pc, &rval,
cx->runtime->debugHooks.throwHookData);
}
switch (st) {
case JSTRAP_ERROR:
cx->clearPendingException();
break;
case JSTRAP_CONTINUE:
break;
case JSTRAP_RETURN:
cx->clearPendingException();
cx->fp()->setReturnValue(rval);
return cx->jaegerCompartment()->forceReturnFromExternC();
case JSTRAP_THROW:
cx->setPendingException(rval);
break;
default:
JS_NOT_REACHED("bad onExceptionUnwind status");
}
}
}
pc = FindExceptionHandler(cx);
if (pc)
break;
// The JIT guarantees that ScriptDebugEpilogue() and ScriptEpilogue()
// have always been run upon exiting to its caller. This is important
// for consistency, where execution modes make similar guarantees about
// prologues and epilogues. Interpret(), and Invoke() all rely on this
// property.
JS_ASSERT(!f.fp()->finishedInInterpreter());
UnwindScope(cx, 0);
f.regs.sp = f.fp()->base();
if (cx->compartment->debugMode()) {
// This can turn a throw or error into a healthy return. Note that
// we will run ScriptDebugEpilogue again (from AnyFrameEpilogue);
// ScriptDebugEpilogue is prepared for this eventuality.
if (js::ScriptDebugEpilogue(cx, f.fp(), false))
return cx->jaegerCompartment()->forceReturnFromExternC();
}
ScriptEpilogue(f.cx, f.fp(), false);
// Don't remove the last frame, this is the responsibility of
// JaegerShot()'s caller. We only guarantee that ScriptEpilogue()
// has been run.
if (f.entryfp == f.fp())
break;
JS_ASSERT(&cx->regs() == &f.regs);
InlineReturn(f);
}
JS_ASSERT(&cx->regs() == &f.regs);
if (!pc)
return NULL;
StackFrame *fp = cx->fp();
JSScript *script = fp->script();
/*
* Fall back to EnterMethodJIT and finish the frame in the interpreter.
* With type inference enabled, we may wipe out all JIT code on the
* stack without patching ncode values to jump to the interpreter, and
* thus can only enter JIT code via EnterMethodJIT (which overwrites
* its entry frame's ncode). See ClearAllFrames.
*/
cx->compartment->jaegerCompartment()->setLastUnfinished(Jaeger_Unfinished);
if (!script->ensureRanAnalysis(cx, NULL)) {
js_ReportOutOfMemory(cx);
return NULL;
}
analyze::AutoEnterAnalysis enter(cx);
/*
* Interpret the ENTERBLOCK and EXCEPTION opcodes, so that we don't go
* back into the interpreter with a pending exception. This will cause
* it to immediately rethrow.
*/
if (cx->isExceptionPending()) {
JS_ASSERT(JSOp(*pc) == JSOP_ENTERBLOCK);
StaticBlockObject &blockObj = script->getObject(GET_UINT32_INDEX(pc))->asStaticBlock();
Value *vp = cx->regs().sp + blockObj.slotCount();
SetValueRangeToUndefined(cx->regs().sp, vp);
cx->regs().sp = vp;
JS_ASSERT(JSOp(pc[JSOP_ENTERBLOCK_LENGTH]) == JSOP_EXCEPTION);
cx->regs().sp[0] = cx->getPendingException();
cx->clearPendingException();
cx->regs().sp++;
cx->regs().pc = pc + JSOP_ENTERBLOCK_LENGTH + JSOP_EXCEPTION_LENGTH;
cx->regs().fp()->setBlockChain(&blockObj);
}
*f.oldregs = f.regs;
return NULL;
}
extern "C" void *
js_InternalThrow(VMFrame &f)
{
JSContext *cx = f.cx;
// It's possible that from within RunTracer(), Interpret() returned with
// an error and finished the frame (i.e., called ScriptEpilogue), but has
// not yet performed an inline return.
//
// In this case, RunTracer() has no choice but to propagate the error
// up to the method JIT, and thus to this function. But ScriptEpilogue()
// has already been called. Detect this, and avoid double-finishing the
// frame. See HandleErrorInExcessFrame() and bug 624100.
if (f.fp()->finishedInInterpreter()) {
// If it's the last frame, just propagate the failure up again.
if (f.fp() == f.entryfp)
return NULL;
InlineReturn(f);
}
// Make sure sp is up to date.
JS_ASSERT(&cx->regs() == &f.regs);
jsbytecode *pc = NULL;
for (;;) {
if (cx->isExceptionPending()) {
// Call the throw hook if necessary
JSThrowHook handler = cx->debugHooks->throwHook;
if (handler || !cx->compartment->getDebuggees().empty()) {
Value rval;
JSTrapStatus st = Debugger::onExceptionUnwind(cx, &rval);
if (st == JSTRAP_CONTINUE && handler) {
st = handler(cx, cx->fp()->script(), cx->regs().pc, Jsvalify(&rval),
cx->debugHooks->throwHookData);
}
switch (st) {
case JSTRAP_ERROR:
cx->clearPendingException();
return NULL;
case JSTRAP_RETURN:
cx->clearPendingException();
cx->fp()->setReturnValue(rval);
return cx->jaegerCompartment()->forceReturnFromExternC();
case JSTRAP_THROW:
cx->setPendingException(rval);
break;
default:
break;
}
}
}
pc = FindExceptionHandler(cx);
if (pc)
break;
// The JIT guarantees that ScriptEpilogue() has always been run
// upon exiting to its caller. This is important for consistency,
// where execution modes make similar guarantees about prologues
// and epilogues. RunTracer(), Interpret(), and Invoke() all
// rely on this property.
JS_ASSERT(!f.fp()->finishedInInterpreter());
js_UnwindScope(cx, 0, cx->isExceptionPending());
ScriptEpilogue(f.cx, f.fp(), false);
// Don't remove the last frame, this is the responsibility of
// JaegerShot()'s caller. We only guarantee that ScriptEpilogue()
// has been run.
if (f.entryfp == f.fp())
break;
JS_ASSERT(f.regs.sp == cx->regs().sp);
InlineReturn(f);
}
JS_ASSERT(f.regs.sp == cx->regs().sp);
if (!pc)
return NULL;
StackFrame *fp = cx->fp();
JSScript *script = fp->script();
return script->nativeCodeForPC(fp->isConstructing(), pc);
}
