csb/mozjs/mozjs38-fix-tracelogger.patch
Willy Sudiarto Raharjo c6a9b534c0
mozjs: Upgraded to 38.8.0.
Signed-off-by: Willy Sudiarto Raharjo <willysr@slackware-id.org>
2017-05-04 00:31:01 +07:00

604 lines
21 KiB
Diff

# === Fix the SM38 tracelogger ===
# This patch is a squashed version of several patches that were adapted
# to fix failing hunks.
#
# Applied in the following order, they are:
# * https://bugzilla.mozilla.org/show_bug.cgi?id=1223767
# Assertion failure: i < size_, at js/src/vm/TraceLoggingTypes.h:210
# Also fix stop-information to make reduce.py work correctly.
# * https://bugzilla.mozilla.org/show_bug.cgi?id=1227914
# Limit the memory tracelogger can take.
# This causes tracelogger to flush data to the disk regularly and prevents out of
# memory issues if a lot of data gets logged.
# * https://bugzilla.mozilla.org/show_bug.cgi?id=1155618
# Fix tracelogger destructor that touches possibly uninitialised hash table.
# * https://bugzilla.mozilla.org/show_bug.cgi?id=1223636
# Don't treat extraTextId as containing only extra ids.
# This fixes an assertion failure: id == nextTextId at js/src/vm/TraceLoggingGraph.cpp
# * https://bugzilla.mozilla.org/show_bug.cgi?id=1227028
# Fix when to keep the payload of a TraceLogger event.
# This fixes an assertion failure: textId < uint32_t(1 << 31) at js/src/vm/TraceLoggingGraph.h
# * https://bugzilla.mozilla.org/show_bug.cgi?id=1266649
# Handle failing to add to pointermap gracefully.
# * https://bugzilla.mozilla.org/show_bug.cgi?id=1280648
# Don't cache based on pointers to movable GC things.
# * https://bugzilla.mozilla.org/show_bug.cgi?id=1224123
# Fix the use of LastEntryId in tracelogger.h.
# * https://bugzilla.mozilla.org/show_bug.cgi?id=1231170
# Use size in debugger instead of the current id to track last logged item.
# * https://bugzilla.mozilla.org/show_bug.cgi?id=1221844
# Move TraceLogger_Invalidation to LOG_ITEM.
# Add some debug checks to logTimestamp.
# * https://bugzilla.mozilla.org/show_bug.cgi?id=1255766
# Also mark resizing of memory.
# * https://bugzilla.mozilla.org/show_bug.cgi?id=1259403
# Only increase capacity by multiples of 2.
# Always make sure there are 3 free slots for events.
# ===
diff --git a/js/src/jit-test/tests/tracelogger/bug1231170.js b/js/src/jit-test/tests/tracelogger/bug1231170.js
new file mode 100644
index 0000000..023e93e
--- /dev/null
+++ b/js/src/jit-test/tests/tracelogger/bug1231170.js
@@ -0,0 +1,3 @@
+var du = new Debugger();
+if (typeof du.drainTraceLogger === "function")
+ du.drainTraceLogger();
diff --git a/js/src/jit-test/tests/tracelogger/bug1266649.js b/js/src/jit-test/tests/tracelogger/bug1266649.js
new file mode 100644
index 0000000..81ae7ad
--- /dev/null
+++ b/js/src/jit-test/tests/tracelogger/bug1266649.js
@@ -0,0 +1,10 @@
+
+var du = new Debugger();
+if (typeof du.setupTraceLogger === "function" &&
+ typeof oomTest === 'function')
+{
+ du.setupTraceLogger({
+ Scripts: true
+ })
+ oomTest(() => function(){});
+}
diff --git a/js/src/jit/Ion.cpp b/js/src/jit/Ion.cpp
index 93e2fda..09049d6 100644
--- a/js/src/jit/Ion.cpp
+++ b/js/src/jit/Ion.cpp
@@ -1055,6 +1055,8 @@ IonScript::Destroy(FreeOp* fop, IonScript* script)
script->destroyCaches();
script->unlinkFromRuntime(fop);
+ // Frees the potential event we have set.
+ script->traceLoggerScriptEvent_ = TraceLoggerEvent();
fop->free_(script);
}
diff --git a/js/src/vm/Debugger.cpp b/js/src/vm/Debugger.cpp
index 26262fd..af7f313 100644
--- a/js/src/vm/Debugger.cpp
+++ b/js/src/vm/Debugger.cpp
@@ -369,10 +369,10 @@ Debugger::Debugger(JSContext* cx, NativeObject* dbg)
objects(cx),
environments(cx),
#ifdef NIGHTLY_BUILD
- traceLoggerLastDrainedId(0),
+ traceLoggerLastDrainedSize(0),
traceLoggerLastDrainedIteration(0),
#endif
- traceLoggerScriptedCallsLastDrainedId(0),
+ traceLoggerScriptedCallsLastDrainedSize(0),
traceLoggerScriptedCallsLastDrainedIteration(0)
{
assertSameCompartment(cx, dbg);
@@ -3907,9 +3907,9 @@ Debugger::drainTraceLogger(JSContext* cx, unsigned argc, Value* vp)
size_t num;
TraceLoggerThread* logger = TraceLoggerForMainThread(cx->runtime());
bool lostEvents = logger->lostEvents(dbg->traceLoggerLastDrainedIteration,
- dbg->traceLoggerLastDrainedId);
+ dbg->traceLoggerLastDrainedSize);
EventEntry* events = logger->getEventsStartingAt(&dbg->traceLoggerLastDrainedIteration,
- &dbg->traceLoggerLastDrainedId,
+ &dbg->traceLoggerLastDrainedSize,
&num);
RootedObject array(cx, NewDenseEmptyArray(cx));
@@ -4002,10 +4002,10 @@ Debugger::drainTraceLoggerScriptCalls(JSContext* cx, unsigned argc, Value* vp)
size_t num;
TraceLoggerThread* logger = TraceLoggerForMainThread(cx->runtime());
bool lostEvents = logger->lostEvents(dbg->traceLoggerScriptedCallsLastDrainedIteration,
- dbg->traceLoggerScriptedCallsLastDrainedId);
+ dbg->traceLoggerScriptedCallsLastDrainedSize);
EventEntry* events = logger->getEventsStartingAt(
&dbg->traceLoggerScriptedCallsLastDrainedIteration,
- &dbg->traceLoggerScriptedCallsLastDrainedId,
+ &dbg->traceLoggerScriptedCallsLastDrainedSize,
&num);
RootedObject array(cx, NewDenseEmptyArray(cx));
diff --git a/js/src/vm/Debugger.h b/js/src/vm/Debugger.h
index 8cac36a..c92d685 100644
--- a/js/src/vm/Debugger.h
+++ b/js/src/vm/Debugger.h
@@ -314,10 +314,10 @@ class Debugger : private mozilla::LinkedListElement<Debugger>
* lost events.
*/
#ifdef NIGHTLY_BUILD
- uint32_t traceLoggerLastDrainedId;
+ uint32_t traceLoggerLastDrainedSize;
uint32_t traceLoggerLastDrainedIteration;
#endif
- uint32_t traceLoggerScriptedCallsLastDrainedId;
+ uint32_t traceLoggerScriptedCallsLastDrainedSize;
uint32_t traceLoggerScriptedCallsLastDrainedIteration;
class FrameRange;
diff --git a/js/src/vm/TraceLogging.cpp b/js/src/vm/TraceLogging.cpp
index 6715b36..9766a6f 100644
--- a/js/src/vm/TraceLogging.cpp
+++ b/js/src/vm/TraceLogging.cpp
@@ -131,7 +131,7 @@ TraceLoggerThread::init()
{
if (!pointerMap.init())
return false;
- if (!extraTextId.init())
+ if (!textIdPayloads.init())
return false;
if (!events.init())
return false;
@@ -185,10 +185,10 @@ TraceLoggerThread::~TraceLoggerThread()
graph = nullptr;
}
- for (TextIdHashMap::Range r = extraTextId.all(); !r.empty(); r.popFront())
- js_delete(r.front().value());
- extraTextId.finish();
- pointerMap.finish();
+ if (textIdPayloads.initialized()) {
+ for (TextIdHashMap::Range r = textIdPayloads.all(); !r.empty(); r.popFront())
+ js_delete(r.front().value());
+ }
}
bool
@@ -287,7 +287,7 @@ TraceLoggerThread::eventText(uint32_t id)
if (id < TraceLogger_Last)
return TLTextIdString(static_cast<TraceLoggerTextId>(id));
- TextIdHashMap::Ptr p = extraTextId.lookup(id);
+ TextIdHashMap::Ptr p = textIdPayloads.lookup(id);
MOZ_ASSERT(p);
return p->value()->string();
@@ -341,13 +341,15 @@ TraceLoggerThread::extractScriptDetails(uint32_t textId, const char** filename,
TraceLoggerEventPayload*
TraceLoggerThread::getOrCreateEventPayload(TraceLoggerTextId textId)
{
- TextIdHashMap::AddPtr p = extraTextId.lookupForAdd(textId);
- if (p)
+ TextIdHashMap::AddPtr p = textIdPayloads.lookupForAdd(textId);
+ if (p) {
+ MOZ_ASSERT(p->value()->textId() == textId); // Sanity check.
return p->value();
+ }
TraceLoggerEventPayload* payload = js_new<TraceLoggerEventPayload>(textId, (char*)nullptr);
- if (!extraTextId.add(p, textId, payload))
+ if (!textIdPayloads.add(p, textId, payload))
return nullptr;
return payload;
@@ -357,8 +359,10 @@ TraceLoggerEventPayload*
TraceLoggerThread::getOrCreateEventPayload(const char* text)
{
PointerHashMap::AddPtr p = pointerMap.lookupForAdd((const void*)text);
- if (p)
+ if (p) {
+ MOZ_ASSERT(p->value()->textId() < nextTextId); // Sanity check.
return p->value();
+ }
size_t len = strlen(text);
char* str = js_pod_malloc<char>(len + 1);
@@ -369,7 +373,7 @@ TraceLoggerThread::getOrCreateEventPayload(const char* text)
MOZ_ASSERT(ret == len);
MOZ_ASSERT(strlen(str) == len);
- uint32_t textId = extraTextId.count() + TraceLogger_Last;
+ uint32_t textId = nextTextId;
TraceLoggerEventPayload* payload = js_new<TraceLoggerEventPayload>(textId, str);
if (!payload) {
@@ -377,17 +381,19 @@ TraceLoggerThread::getOrCreateEventPayload(const char* text)
return nullptr;
}
- if (!extraTextId.putNew(textId, payload)) {
+ if (!textIdPayloads.putNew(textId, payload)) {
js_delete(payload);
return nullptr;
}
- if (!pointerMap.add(p, text, payload))
- return nullptr;
-
if (graph.get())
graph->addTextId(textId, str);
+ nextTextId++;
+
+ if (!pointerMap.add(p, text, payload))
+ return nullptr;
+
return payload;
}
@@ -407,9 +413,14 @@ TraceLoggerThread::getOrCreateEventPayload(TraceLoggerTextId type, const char* f
if (!traceLoggerState->isTextIdEnabled(type))
return getOrCreateEventPayload(type);
- PointerHashMap::AddPtr p = pointerMap.lookupForAdd(ptr);
- if (p)
- return p->value();
+ PointerHashMap::AddPtr p;
+ if (ptr) {
+ p = pointerMap.lookupForAdd(ptr);
+ if (p) {
+ MOZ_ASSERT(p->value()->textId() < nextTextId); // Sanity check.
+ return p->value();
+ }
+ }
// Compute the length of the string to create.
size_t lenFilename = strlen(filename);
@@ -428,24 +439,28 @@ TraceLoggerThread::getOrCreateEventPayload(TraceLoggerTextId type, const char* f
MOZ_ASSERT(ret == len);
MOZ_ASSERT(strlen(str) == len);
- uint32_t textId = extraTextId.count() + TraceLogger_Last;
+ uint32_t textId = nextTextId;
TraceLoggerEventPayload* payload = js_new<TraceLoggerEventPayload>(textId, str);
if (!payload) {
js_free(str);
return nullptr;
}
- if (!extraTextId.putNew(textId, payload)) {
+ if (!textIdPayloads.putNew(textId, payload)) {
js_delete(payload);
return nullptr;
}
- if (!pointerMap.add(p, ptr, payload))
- return nullptr;
-
if (graph.get())
graph->addTextId(textId, str);
+ nextTextId++;
+
+ if (ptr) {
+ if (!pointerMap.add(p, ptr, payload))
+ return nullptr;
+ }
+
return payload;
}
@@ -453,14 +468,14 @@ TraceLoggerEventPayload*
TraceLoggerThread::getOrCreateEventPayload(TraceLoggerTextId type, JSScript* script)
{
return getOrCreateEventPayload(type, script->filename(), script->lineno(), script->column(),
- script);
+ nullptr);
}
TraceLoggerEventPayload*
TraceLoggerThread::getOrCreateEventPayload(TraceLoggerTextId type,
const JS::ReadOnlyCompileOptions& script)
{
- return getOrCreateEventPayload(type, script.filename(), script.lineno, script.column, &script);
+ return getOrCreateEventPayload(type, script.filename(), script.lineno, script.column, nullptr);
}
void
@@ -485,7 +500,7 @@ TraceLoggerThread::startEvent(uint32_t id)
if (!traceLoggerState->isTextIdEnabled(id))
return;
- logTimestamp(id);
+ log(id);
}
void
@@ -510,7 +525,7 @@ TraceLoggerThread::stopEvent(uint32_t id)
if (!traceLoggerState->isTextIdEnabled(id))
return;
- logTimestamp(TraceLogger_Stop);
+ log(TraceLogger_Stop);
}
void
@@ -522,23 +537,57 @@ TraceLoggerThread::logTimestamp(TraceLoggerTextId id)
void
TraceLoggerThread::logTimestamp(uint32_t id)
{
+ MOZ_ASSERT(id > TraceLogger_LastTreeItem && id < TraceLogger_Last);
+ log(id);
+}
+
+void
+TraceLoggerThread::log(uint32_t id)
+{
if (enabled == 0)
return;
MOZ_ASSERT(traceLoggerState);
- if (!events.ensureSpaceBeforeAdd()) {
+
+ // We request for 3 items to add, since if we don't have enough room
+ // we record the time it took to make more place. To log this information
+ // we need 2 extra free entries.
+ if (!events.hasSpaceForAdd(3)) {
uint64_t start = rdtsc() - traceLoggerState->startupTime;
- if (graph.get())
- graph->log(events);
+ if (!events.ensureSpaceBeforeAdd(3)) {
+ if (graph.get())
+ graph->log(events);
+
+ iteration_++;
+ events.clear();
+
+ // Remove the item in the pointerMap for which the payloads
+ // have no uses anymore
+ for (PointerHashMap::Enum e(pointerMap); !e.empty(); e.popFront()) {
+ if (e.front().value()->uses() != 0)
+ continue;
+
+ TextIdHashMap::Ptr p = textIdPayloads.lookup(e.front().value()->textId());
+ MOZ_ASSERT(p);
+ textIdPayloads.remove(p);
+
+ e.removeFront();
+ }
- iteration_++;
- events.clear();
+ // Free all payloads that have no uses anymore.
+ for (TextIdHashMap::Enum e(textIdPayloads); !e.empty(); e.popFront()) {
+ if (e.front().value()->uses() == 0) {
+ js_delete(e.front().value());
+ e.removeFront();
+ }
+ }
+ }
// Log the time it took to flush the events as being from the
// Tracelogger.
if (graph.get()) {
- MOZ_ASSERT(events.capacity() > 2);
+ MOZ_ASSERT(events.hasSpaceForAdd(2));
EventEntry& entryStart = events.pushUninitialized();
entryStart.time = start;
entryStart.textId = TraceLogger_Internal;
@@ -548,13 +597,6 @@ TraceLoggerThread::logTimestamp(uint32_t id)
entryStop.textId = TraceLogger_Stop;
}
- // Free all TextEvents that have no uses anymore.
- for (TextIdHashMap::Enum e(extraTextId); !e.empty(); e.popFront()) {
- if (e.front().value()->uses() == 0) {
- js_delete(e.front().value());
- e.removeFront();
- }
- }
}
uint64_t time = rdtsc() - traceLoggerState->startupTime;
@@ -956,3 +998,16 @@ TraceLoggerEvent::~TraceLoggerEvent()
if (payload_)
payload_->release();
}
+
+TraceLoggerEvent&
+TraceLoggerEvent::operator=(const TraceLoggerEvent& other)
+{
+ if (hasPayload())
+ payload()->release();
+ if (other.hasPayload())
+ other.payload()->use();
+
+ payload_ = other.payload_;
+
+ return *this;
+}
diff --git a/js/src/vm/TraceLogging.h b/js/src/vm/TraceLogging.h
index a124dcb..91a1eb0 100644
--- a/js/src/vm/TraceLogging.h
+++ b/js/src/vm/TraceLogging.h
@@ -110,6 +110,9 @@ class TraceLoggerEvent {
bool hasPayload() const {
return !!payload_;
}
+
+ TraceLoggerEvent& operator=(const TraceLoggerEvent& other);
+ TraceLoggerEvent(const TraceLoggerEvent& event) = delete;
};
/**
@@ -130,6 +133,10 @@ class TraceLoggerEventPayload {
uses_(0)
{ }
+ ~TraceLoggerEventPayload() {
+ MOZ_ASSERT(uses_ == 0);
+ }
+
uint32_t textId() {
return textId_;
}
@@ -166,7 +173,8 @@ class TraceLoggerThread
mozilla::UniquePtr<TraceLoggerGraph> graph;
PointerHashMap pointerMap;
- TextIdHashMap extraTextId;
+ TextIdHashMap textIdPayloads;
+ uint32_t nextTextId;
ContinuousSpace<EventEntry> events;
@@ -181,6 +189,7 @@ class TraceLoggerThread
: enabled(0),
failed(false),
graph(),
+ nextTextId(TraceLogger_Last),
iteration_(0),
top(nullptr)
{ }
@@ -195,22 +204,22 @@ class TraceLoggerThread
bool enable(JSContext* cx);
bool disable();
- // Given the previous iteration and lastEntryId, return an array of events
+ // Given the previous iteration and size, return an array of events
// (there could be lost events). At the same time update the iteration and
- // lastEntry and gives back how many events there are.
- EventEntry* getEventsStartingAt(uint32_t* lastIteration, uint32_t* lastEntryId, size_t* num) {
+ // size and gives back how many events there are.
+ EventEntry* getEventsStartingAt(uint32_t* lastIteration, uint32_t* lastSize, size_t* num) {
EventEntry* start;
if (iteration_ == *lastIteration) {
- MOZ_ASSERT(events.lastEntryId() >= *lastEntryId);
- *num = events.lastEntryId() - *lastEntryId;
- start = events.data() + *lastEntryId + 1;
+ MOZ_ASSERT(*lastSize <= events.size());
+ *num = events.size() - *lastSize;
+ start = events.data() + *lastSize;
} else {
- *num = events.lastEntryId() + 1;
+ *num = events.size();
start = events.data();
}
*lastIteration = iteration_;
- *lastEntryId = events.lastEntryId();
+ *lastSize = events.size();
return start;
}
@@ -220,16 +229,16 @@ class TraceLoggerThread
const char** lineno, size_t* lineno_len, const char** colno,
size_t* colno_len);
- bool lostEvents(uint32_t lastIteration, uint32_t lastEntryId) {
+ bool lostEvents(uint32_t lastIteration, uint32_t lastSize) {
// If still logging in the same iteration, there are no lost events.
if (lastIteration == iteration_) {
- MOZ_ASSERT(lastEntryId <= events.lastEntryId());
+ MOZ_ASSERT(lastSize <= events.size());
return false;
}
- // When proceeded to the next iteration and lastEntryId points to
- // the maximum capacity there are no logs that are lost.
- if (lastIteration + 1 == iteration_ && lastEntryId == events.capacity())
+ // If we are in a consecutive iteration we are only sure we didn't lose any events,
+ // when the lastSize equals the maximum size 'events' can get.
+ if (lastIteration == iteration_ - 1 && lastSize == events.maxSize())
return false;
return true;
@@ -268,6 +277,7 @@ class TraceLoggerThread
void stopEvent(uint32_t id);
private:
void stopEvent();
+ void log(uint32_t id);
public:
static unsigned offsetOfEnabled() {
diff --git a/js/src/vm/TraceLoggingGraph.cpp b/js/src/vm/TraceLoggingGraph.cpp
index d1b7f2e..a4eb273 100644
--- a/js/src/vm/TraceLoggingGraph.cpp
+++ b/js/src/vm/TraceLoggingGraph.cpp
@@ -276,7 +276,7 @@ TraceLoggerGraph::flush()
if (bytesWritten < tree.size())
return false;
- treeOffset += tree.lastEntryId();
+ treeOffset += tree.size();
tree.clear();
}
@@ -359,7 +359,7 @@ TraceLoggerGraph::startEventInternal(uint32_t id, uint64_t timestamp)
if (parent.lastChildId() == 0) {
MOZ_ASSERT(!entry.hasChildren());
- MOZ_ASSERT(parent.treeId() == tree.lastEntryId() + treeOffset);
+ MOZ_ASSERT(parent.treeId() == treeOffset + tree.size() - 1);
if (!updateHasChildren(parent.treeId()))
return false;
diff --git a/js/src/vm/TraceLoggingTypes.h b/js/src/vm/TraceLoggingTypes.h
index f1c9d0c..10b76d6 100644
--- a/js/src/vm/TraceLoggingTypes.h
+++ b/js/src/vm/TraceLoggingTypes.h
@@ -21,7 +21,6 @@
_(Internal) \
_(Interpreter) \
_(InlinedScripts) \
- _(Invalidation) \
_(IonCompilation) \
_(IonCompilationPaused) \
_(IonLinking) \
@@ -60,6 +59,7 @@
#define TRACELOGGER_LOG_ITEMS(_) \
_(Bailout) \
+ _(Invalidation) \
_(Disable) \
_(Enable) \
_(Stop)
@@ -130,6 +130,9 @@ class ContinuousSpace {
uint32_t size_;
uint32_t capacity_;
+ // The maximum amount of ram memory a continuous space structure can take (in bytes).
+ static const uint32_t LIMIT = 200 * 1024 * 1024;
+
public:
ContinuousSpace ()
: data_(nullptr)
@@ -151,6 +154,10 @@ class ContinuousSpace {
data_ = nullptr;
}
+ static uint32_t maxSize() {
+ return LIMIT / sizeof(T);
+ }
+
T* data() {
return data_;
}
@@ -187,11 +194,14 @@ class ContinuousSpace {
if (hasSpaceForAdd(count))
return true;
+ // Limit the size of a continuous buffer.
+ if (size_ + count > maxSize())
+ return false;
+
uint32_t nCapacity = capacity_ * 2;
- if (size_ + count > nCapacity)
- nCapacity = size_ + count;
- T* entries = (T*) js_realloc(data_, nCapacity * sizeof(T));
+ nCapacity = (nCapacity < maxSize()) ? nCapacity : maxSize();
+ T* entries = (T*) js_realloc(data_, nCapacity * sizeof(T));
if (!entries)
return false;