[webkit-changes] [WebKit/WebKit] 90eb20: Improve VMInspector::dumpRegisters().

Thu Jan 19 01:03:56 PST 2023

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 90eb20a4e7fa6453033196cd5bb0f36ce2fab5d2
      https://github.com/WebKit/WebKit/commit/90eb20a4e7fa6453033196cd5bb0f36ce2fab5d2
  Author: Mark Lam <mark.lam at apple.com>
  Date:   2023-01-19 (Thu, 19 Jan 2023)

  Changed paths:
    M Source/JavaScriptCore/bytecode/CodeBlock.cpp
    M Source/JavaScriptCore/interpreter/CallFrame.h
    M Source/JavaScriptCore/interpreter/StackVisitor.h
    M Source/JavaScriptCore/tools/VMInspector.cpp
    M Source/JavaScriptCore/tools/VMInspector.h

  Log Message:
  -----------
  Improve VMInspector::dumpRegisters().
https://bugs.webkit.org/show_bug.cgi?id=250823
<rdar://problem/104410526>

Reviewed by Yusuke Suzuki.

1. Change the order of the dump to go from low memory to high memory.  This makes the dump more intuitive to read because:
   a. C++ structures are dumped that way in debuggers, and
   b. Dumping this way allows us to dump the caller frame next, and the memory dumps just stitches together naturally.

2. Add VMInspector::vmForCallFrame() to find the VM for a CallFrame instead of relying on a CodeBlock being present.
   This allows us to ...

3. Add rudimentary support for dumping EntryFrame, as well as Wasm and native frames.

4. Also changed the layout of the dumped CallFrame registers to have more useful info while being easier to read.

For example, an old dump looks like this:
```
-----------------------------------------------------------------------------
            use            |   address  |                value
-----------------------------------------------------------------------------
[r 10 arguments[  5]]      | 0x16fdfbfb0 | 0xa                Undefined
[r  9 arguments[  4]]      | 0x16fdfbfa8 | 0xfffe000000000000 Int32: 0
[r  8 arguments[  3]]      | 0x16fdfbfa0 | 0x10409c240        Object: 0x10409c240 with butterfly 0x0(base=0xfffffffffffffff8) (Structure 0x30000afd0:[0xafd0/45008, Object, (2/6, 0/0){module:0, instance:1}, NonArray, Proto:0x103011968, Leaf]), StructureID: 45008
[r  7 arguments[  2]]      | 0x16fdfbf98 | 0xfffe000000000001 Int32: 1
[r  6 arguments[  1]]      | 0x16fdfbf90 | 0x103038de8        Object: 0x103038de8 with butterfly 0x0(base=0xfffffffffffffff8) (Structure 0x3000077b0:[0x77b0/30640, Generator, (0/0, 0/0){}, NonArray, Proto:0x103012ae8, Leaf]), StructureID: 30640
[r  5           this]      | 0x16fdfbf88 | 0x10300e268        Object: 0x10300e268 with butterfly 0x0(base=0xfffffffffffffff8) (Structure 0x300008720:[0x8720/34592, JSProxy, (0/0, 0/0){}, NonArray, Proto:0x103011968, Leaf]), StructureID: 34592
-----------------------------------------------------------------------------
[ArgumentCount]            | 0x16fdfbf80 | 5
[ReturnVPC]                | 0x16fdfbf80 | 399 (line 20)
[Callee]                   | 0x16fdfbf78 | 0x10408e100        Object: 0x10408e100 with butterfly 0x0(base=0xfffffffffffffff8) (Structure 0x3000057c0:[0x57c0/22464, Function, (0/0, 0/0){}, NonArray, Proto:0x1030305a8, Leaf]), StructureID: 22464
[CodeBlock]                | 0x16fdfbf70 | 0x1040d8580        #Bhpb2b:[0x1040d8580->0x104099980, LLIntFunctionCall, 412]
[ReturnPC]                 | 0x16fdfbf68 | 0x11a470248
[CallerFrame]              | 0x16fdfbf60 | 0x16fdfc020
-----------------------------------------------------------------------------
[r -1  CalleeSaveReg]      | 0x16fdfbf58 | 0xfffe000000000002 Int32: 2
[r -2  CalleeSaveReg]      | 0x16fdfbf50 | 0xfffe000000000000 Int32: 0
[r -3  CalleeSaveReg]      | 0x16fdfbf48 | 0x103030f40
[r -4  CalleeSaveReg]      | 0x16fdfbf40 | 0x103059770
[r -5               ]      | 0x16fdfbf38 | 0xa                Undefined
[r -6               ]      | 0x16fdfbf30 | 0xa                Undefined
-----------------------------------------------------------------------------
-----------------------------------------------------------------------------
```

The new dump now looks like this:
```
Registers for JS frame 0x16fdfbfe0 (entryFrame 0x16fdfc2d0):
-----------------------------------------------------------------------------
   VirtualRegister     : address      value
---------------------------------------------------- Outgoing Args + Misc ---
------------------------------------------------------------------ Locals ---
  -6                   : 0x16fdfbfb0  0x102038428 Object: 0x102038428 with butterfly 0x0(base=0xfffffffffffffff8) (Structure 0x300005520:[0x5520/21792, JSGlobalLexicalEnvironment, (0/0, 0/0){}, NonArray, Leaf]), StructureID: 21792
  -5                   : 0x16fdfbfb8  0x102038428 Object: 0x102038428 with butterfly 0x0(base=0xfffffffffffffff8) (Structure 0x300005520:[0x5520/21792, JSGlobalLexicalEnvironment, (0/0, 0/0){}, NonArray, Leaf]), StructureID: 21792
------------------------------------------------------------ Callee Saves ---
  -4  CalleeSaveReg    : 0x16fdfbfc0  0x102059130
  -3  CalleeSaveReg    : 0x16fdfbfc8  0x102030f40
  -2  CalleeSaveReg    : 0x16fdfbfd0  0xfffe000000000000 Int32: 0
  -1  CalleeSaveReg    : 0x16fdfbfd8  0xfffe000000000002 Int32: 2
-------------------------------------------------------- CallFrame Header ---
   0  CallerFrame      : 0x16fdfbfe0  0x16fdfc0a0
   1  ReturnPC         : 0x16fdfbfe8  0x11a470248 (pac signed 0xff1c00011a470248)
   2  CodeBlock        : 0x16fdfbff0  0x1050d8580 #D6UySe:[0x1050d8580->0x105099980, LLIntFunctionCall, 644]
   3  Callee           : 0x16fdfbff8  0x10508e100 Object: 0x10508e100 with butterfly 0x0(base=0xfffffffffffffff8) (Structure 0x3000057c0:[0x57c0/22464, Function, (0/0, 0/0){}, NonArray, Proto:0x1020305a8]), StructureID: 22464
 4.1  ReturnVPC        : 0x16fdfc000  632 (line 20)
 4.2  ArgumentCount    : 0x16fdfc000  5
--------------------------------------------------------------- Arguments ---
   5  this             : 0x16fdfc008  0x10200e1c8 Object: 0x10200e1c8 with butterfly 0x0(base=0xfffffffffffffff8) (Structure 0x300008720:[0x8720/34592, JSProxy, (0/0, 0/0){}, NonArray, Proto:0x102011968, Leaf]), StructureID: 34592
   6  arguments[1]     : 0x16fdfc010  0x102038de8 Object: 0x102038de8 with butterfly 0x0(base=0xfffffffffffffff8) (Structure 0x3000077b0:[0x77b0/30640, Generator, (0/0, 0/0){}, NonArray, Proto:0x102012ae8, Leaf]), StructureID: 30640
   7  arguments[2]     : 0x16fdfc018  0xfffe000000000001 Int32: 1
   8  arguments[3]     : 0x16fdfc020  0x10509c240 Object: 0x10509c240 with butterfly 0x0(base=0xfffffffffffffff8) (Structure 0x30000b740:[0xb740/46912, Object, (2/6, 0/0){module:0, instance:1}, NonArray, Proto:0x102011968, Leaf]), StructureID: 46912
   9  arguments[4]     : 0x16fdfc028  0xfffe000000000000 Int32: 0
  10  arguments[5]     : 0x16fdfc030  0x1050e0130 Object: 0x1050e0130 with butterfly 0x0(base=0xfffffffffffffff8) (Structure 0x300005c20:[0x5c20/23584, JSLexicalEnvironment, (0/0, 0/0){}, NonArray, Leaf]), StructureID: 23584
--------------------------------------------------------------------- End ---
```

* Source/JavaScriptCore/bytecode/CodeBlock.cpp:
(JSC::CodeBlock::nameForRegister):
* Source/JavaScriptCore/interpreter/CallFrame.h:
(JSC::CallFrame::rawReturnPCForInspection const):
* Source/JavaScriptCore/interpreter/StackVisitor.h:
(JSC::StackVisitor::Frame::entryFrame const):
* Source/JavaScriptCore/tools/VMInspector.cpp:
(JSC::VMInspector::vmForCallFrame):
(JSC::VMInspector::dumpRegisters):
* Source/JavaScriptCore/tools/VMInspector.h:

Canonical link: https://commits.webkit.org/259072@main