void * RunTracer(VMFrame &f) #endif { JSContext *cx = f.cx; StackFrame *entryFrame = f.fp(); TracePointAction tpa; /* :TODO: nuke PIC? */ if (!cx->traceJitEnabled) return NULL; /* * Force initialization of the entry frame's scope chain and return value, * if necessary. The tracer can query the scope chain without needing to * check the HAS_SCOPECHAIN flag, and the frame is guaranteed to have the * correct return value stored if we trace/interpret through to the end * of the frame. */ entryFrame->scopeChain(); entryFrame->returnValue(); bool blacklist; void **traceData; uintN *traceEpoch; uint32 *loopCounter; uint32 hits; #if JS_MONOIC traceData = &ic.traceData; traceEpoch = &ic.traceEpoch; loopCounter = &ic.loopCounter; *loopCounter = 1; hits = ic.loopCounterStart; #else traceData = NULL; traceEpoch = NULL; loopCounter = NULL; hits = 1; #endif tpa = MonitorTracePoint(f.cx, &blacklist, traceData, traceEpoch, loopCounter, hits); JS_ASSERT(!TRACE_RECORDER(cx)); #if JS_MONOIC ic.loopCounterStart = *loopCounter; if (blacklist) DisableTraceHint(entryFrame->jit(), ic); #endif // Even though ExecuteTree() bypasses the interpreter, it should propagate // error failures correctly. JS_ASSERT_IF(cx->isExceptionPending(), tpa == TPA_Error); JS_ASSERT(f.fp() == cx->fp()); switch (tpa) { case TPA_Nothing: return NULL; case TPA_Error: if (!HandleErrorInExcessFrame(f, entryFrame, f.fp()->finishedInInterpreter())) THROWV(NULL); JS_ASSERT(!cx->fp()->hasImacropc()); break; case TPA_RanStuff: case TPA_Recorded: break; } /* * The tracer could have dropped us off on any frame at any position. * Well, it could not have removed frames (recursion is disabled). * * Frames after the entryFrame cannot be entered via JaegerShotAtSafePoint() * unless each is at a safe point. We can JaegerShotAtSafePoint these * frames individually, but we must unwind to the entryFrame. * * Note carefully that JaegerShotAtSafePoint can resume methods at * arbitrary safe points whereas JaegerShot cannot. * * If we land on entryFrame without a safe point in sight, we'll end up * at the RETURN op. This is an edge case with two paths: * * 1) The entryFrame is the last inline frame. If it fell on a RETURN, * move the return value down. * 2) The entryFrame is NOT the last inline frame. Pop the frame. * * In both cases, we hijack the stub to return to the force-return * trampoline. This trampoline simulates the frame-popping portion of * emitReturn (except without the benefit of the FrameState) and will * produce the necessary register state to return to the caller. */ restart: /* Step 1. Finish frames created after the entry frame. */ if (!FinishExcessFrames(f, entryFrame)) THROWV(NULL); /* IMacros are guaranteed to have been removed by now. */ JS_ASSERT(f.fp() == entryFrame); JS_ASSERT(!entryFrame->hasImacropc()); /* Step 2. If entryFrame is done, use a special path to return to EnterMethodJIT(). */ if (FrameIsFinished(cx)) { if (!HandleFinishedFrame(f, entryFrame)) THROWV(NULL); *f.returnAddressLocation() = cx->jaegerCompartment()->forceReturnFromFastCall(); return NULL; } /* Step 3. If entryFrame is at a safe point, just leave. */ if (void *ncode = AtSafePoint(cx)) return ncode; /* Step 4. Do a partial interp, then restart the whole process. */ if (!PartialInterpret(f)) { if (!HandleErrorInExcessFrame(f, entryFrame)) THROWV(NULL); } goto restart; }
extern "C" void * js_InternalThrow(VMFrame &f) { JSContext *cx = f.cx; ExpandInlineFrames(cx->compartment); // The current frame may have an associated orphaned native, if the native // or SplatApplyArgs threw an exception. RemoveOrphanedNative(cx, f.fp()); JS_ASSERT(!f.fp()->finishedInInterpreter()); // Make sure sp is up to date. JS_ASSERT(&cx->regs() == &f.regs); jsbytecode *pc = NULL; for (;;) { if (cx->isExceptionPending()) { // Call the throw hook if necessary JSThrowHook handler = cx->runtime->debugHooks.throwHook; if (handler || !cx->compartment->getDebuggees().empty()) { Value rval; JSTrapStatus st = Debugger::onExceptionUnwind(cx, &rval); if (st == JSTRAP_CONTINUE && handler) { st = handler(cx, cx->fp()->script(), cx->regs().pc, &rval, cx->runtime->debugHooks.throwHookData); } switch (st) { case JSTRAP_ERROR: cx->clearPendingException(); break; case JSTRAP_CONTINUE: break; case JSTRAP_RETURN: cx->clearPendingException(); cx->fp()->setReturnValue(rval); return cx->jaegerCompartment()->forceReturnFromExternC(); case JSTRAP_THROW: cx->setPendingException(rval); break; default: JS_NOT_REACHED("bad onExceptionUnwind status"); } } } pc = FindExceptionHandler(cx); if (pc) break; // The JIT guarantees that ScriptDebugEpilogue() and ScriptEpilogue() // have always been run upon exiting to its caller. This is important // for consistency, where execution modes make similar guarantees about // prologues and epilogues. Interpret(), and Invoke() all rely on this // property. JS_ASSERT(!f.fp()->finishedInInterpreter()); UnwindScope(cx, 0); f.regs.sp = f.fp()->base(); if (cx->compartment->debugMode()) { // This can turn a throw or error into a healthy return. Note that // we will run ScriptDebugEpilogue again (from AnyFrameEpilogue); // ScriptDebugEpilogue is prepared for this eventuality. if (js::ScriptDebugEpilogue(cx, f.fp(), false)) return cx->jaegerCompartment()->forceReturnFromExternC(); } ScriptEpilogue(f.cx, f.fp(), false); // Don't remove the last frame, this is the responsibility of // JaegerShot()'s caller. We only guarantee that ScriptEpilogue() // has been run. if (f.entryfp == f.fp()) break; JS_ASSERT(&cx->regs() == &f.regs); InlineReturn(f); } JS_ASSERT(&cx->regs() == &f.regs); if (!pc) return NULL; StackFrame *fp = cx->fp(); JSScript *script = fp->script(); /* * Fall back to EnterMethodJIT and finish the frame in the interpreter. * With type inference enabled, we may wipe out all JIT code on the * stack without patching ncode values to jump to the interpreter, and * thus can only enter JIT code via EnterMethodJIT (which overwrites * its entry frame's ncode). See ClearAllFrames. */ cx->compartment->jaegerCompartment()->setLastUnfinished(Jaeger_Unfinished); if (!script->ensureRanAnalysis(cx, NULL)) { js_ReportOutOfMemory(cx); return NULL; } analyze::AutoEnterAnalysis enter(cx); /* * Interpret the ENTERBLOCK and EXCEPTION opcodes, so that we don't go * back into the interpreter with a pending exception. This will cause * it to immediately rethrow. */ if (cx->isExceptionPending()) { JS_ASSERT(JSOp(*pc) == JSOP_ENTERBLOCK); StaticBlockObject &blockObj = script->getObject(GET_UINT32_INDEX(pc))->asStaticBlock(); Value *vp = cx->regs().sp + blockObj.slotCount(); SetValueRangeToUndefined(cx->regs().sp, vp); cx->regs().sp = vp; JS_ASSERT(JSOp(pc[JSOP_ENTERBLOCK_LENGTH]) == JSOP_EXCEPTION); cx->regs().sp[0] = cx->getPendingException(); cx->clearPendingException(); cx->regs().sp++; cx->regs().pc = pc + JSOP_ENTERBLOCK_LENGTH + JSOP_EXCEPTION_LENGTH; cx->regs().fp()->setBlockChain(&blockObj); } *f.oldregs = f.regs; return NULL; }
extern "C" void * js_InternalThrow(VMFrame &f) { JSContext *cx = f.cx; // It's possible that from within RunTracer(), Interpret() returned with // an error and finished the frame (i.e., called ScriptEpilogue), but has // not yet performed an inline return. // // In this case, RunTracer() has no choice but to propagate the error // up to the method JIT, and thus to this function. But ScriptEpilogue() // has already been called. Detect this, and avoid double-finishing the // frame. See HandleErrorInExcessFrame() and bug 624100. if (f.fp()->finishedInInterpreter()) { // If it's the last frame, just propagate the failure up again. if (f.fp() == f.entryfp) return NULL; InlineReturn(f); } // Make sure sp is up to date. JS_ASSERT(&cx->regs() == &f.regs); jsbytecode *pc = NULL; for (;;) { if (cx->isExceptionPending()) { // Call the throw hook if necessary JSThrowHook handler = cx->debugHooks->throwHook; if (handler || !cx->compartment->getDebuggees().empty()) { Value rval; JSTrapStatus st = Debugger::onExceptionUnwind(cx, &rval); if (st == JSTRAP_CONTINUE && handler) { st = handler(cx, cx->fp()->script(), cx->regs().pc, Jsvalify(&rval), cx->debugHooks->throwHookData); } switch (st) { case JSTRAP_ERROR: cx->clearPendingException(); return NULL; case JSTRAP_RETURN: cx->clearPendingException(); cx->fp()->setReturnValue(rval); return cx->jaegerCompartment()->forceReturnFromExternC(); case JSTRAP_THROW: cx->setPendingException(rval); break; default: break; } } } pc = FindExceptionHandler(cx); if (pc) break; // The JIT guarantees that ScriptEpilogue() has always been run // upon exiting to its caller. This is important for consistency, // where execution modes make similar guarantees about prologues // and epilogues. RunTracer(), Interpret(), and Invoke() all // rely on this property. JS_ASSERT(!f.fp()->finishedInInterpreter()); js_UnwindScope(cx, 0, cx->isExceptionPending()); ScriptEpilogue(f.cx, f.fp(), false); // Don't remove the last frame, this is the responsibility of // JaegerShot()'s caller. We only guarantee that ScriptEpilogue() // has been run. if (f.entryfp == f.fp()) break; JS_ASSERT(f.regs.sp == cx->regs().sp); InlineReturn(f); } JS_ASSERT(f.regs.sp == cx->regs().sp); if (!pc) return NULL; StackFrame *fp = cx->fp(); JSScript *script = fp->script(); return script->nativeCodeForPC(fp->isConstructing(), pc); }