1 // Copyright 2011 the V8 project authors. All rights reserved.
2 // Redistribution and use in source and binary forms, with or without
3 // modification, are permitted provided that the following conditions are
4 // met:
5 //
6 //     * Redistributions of source code must retain the above copyright
7 //       notice, this list of conditions and the following disclaimer.
8 //     * Redistributions in binary form must reproduce the above
9 //       copyright notice, this list of conditions and the following
10 //       disclaimer in the documentation and/or other materials provided
11 //       with the distribution.
12 //     * Neither the name of Google Inc. nor the names of its
13 //       contributors may be used to endorse or promote products derived
14 //       from this software without specific prior written permission.
15 //
16 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
17 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
18 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
19 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
20 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
23 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
24 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
25 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
26 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 //
28 // Tests of profiler-related functions from log.h
29 
30 #include <stdlib.h>
31 
32 #include "src/v8.h"
33 
34 #include "src/api.h"
35 #include "src/codegen.h"
36 #include "src/disassembler.h"
37 #include "src/isolate.h"
38 #include "src/log.h"
39 #include "src/profiler/sampler.h"
40 #include "src/vm-state-inl.h"
41 #include "test/cctest/cctest.h"
42 #include "test/cctest/trace-extension.h"
43 
44 using v8::Function;
45 using v8::Local;
46 using v8::Object;
47 using v8::Script;
48 using v8::String;
49 using v8::Value;
50 
51 using v8::internal::byte;
52 using v8::internal::Address;
53 using v8::internal::Handle;
54 using v8::internal::Isolate;
55 using v8::internal::JSFunction;
56 using v8::internal::TickSample;
57 
58 
IsAddressWithinFuncCode(JSFunction * function,Address addr)59 static bool IsAddressWithinFuncCode(JSFunction* function, Address addr) {
60   i::Code* code = function->code();
61   return code->contains(addr);
62 }
63 
64 
IsAddressWithinFuncCode(v8::Local<v8::Context> context,const char * func_name,Address addr)65 static bool IsAddressWithinFuncCode(v8::Local<v8::Context> context,
66                                     const char* func_name,
67                                     Address addr) {
68   v8::Local<v8::Value> func =
69       context->Global()->Get(context, v8_str(func_name)).ToLocalChecked();
70   CHECK(func->IsFunction());
71   JSFunction* js_func = JSFunction::cast(*v8::Utils::OpenHandle(*func));
72   return IsAddressWithinFuncCode(js_func, addr);
73 }
74 
75 
76 // This C++ function is called as a constructor, to grab the frame pointer
77 // from the calling function.  When this function runs, the stack contains
78 // a C_Entry frame and a Construct frame above the calling function's frame.
construct_call(const v8::FunctionCallbackInfo<v8::Value> & args)79 static void construct_call(const v8::FunctionCallbackInfo<v8::Value>& args) {
80   i::Isolate* isolate = reinterpret_cast<i::Isolate*>(args.GetIsolate());
81   i::StackFrameIterator frame_iterator(isolate);
82   CHECK(frame_iterator.frame()->is_exit());
83   frame_iterator.Advance();
84   CHECK(frame_iterator.frame()->is_construct());
85   frame_iterator.Advance();
86   i::StackFrame* calling_frame = frame_iterator.frame();
87   CHECK(calling_frame->is_java_script());
88 
89   v8::Local<v8::Context> context = args.GetIsolate()->GetCurrentContext();
90 #if defined(V8_HOST_ARCH_32_BIT)
91   int32_t low_bits = reinterpret_cast<int32_t>(calling_frame->fp());
92   args.This()
93       ->Set(context, v8_str("low_bits"), v8_num(low_bits >> 1))
94       .FromJust();
95 #elif defined(V8_HOST_ARCH_64_BIT)
96   uint64_t fp = reinterpret_cast<uint64_t>(calling_frame->fp());
97   int32_t low_bits = static_cast<int32_t>(fp & 0xffffffff);
98   int32_t high_bits = static_cast<int32_t>(fp >> 32);
99   args.This()->Set(context, v8_str("low_bits"), v8_num(low_bits)).FromJust();
100   args.This()->Set(context, v8_str("high_bits"), v8_num(high_bits)).FromJust();
101 #else
102 #error Host architecture is neither 32-bit nor 64-bit.
103 #endif
104   args.GetReturnValue().Set(args.This());
105 }
106 
107 
108 // Use the API to create a JSFunction object that calls the above C++ function.
CreateFramePointerGrabberConstructor(v8::Local<v8::Context> context,const char * constructor_name)109 void CreateFramePointerGrabberConstructor(v8::Local<v8::Context> context,
110                                           const char* constructor_name) {
111     Local<v8::FunctionTemplate> constructor_template =
112         v8::FunctionTemplate::New(context->GetIsolate(), construct_call);
113     constructor_template->SetClassName(v8_str("FPGrabber"));
114     Local<Function> fun =
115         constructor_template->GetFunction(context).ToLocalChecked();
116     context->Global()->Set(context, v8_str(constructor_name), fun).FromJust();
117 }
118 
119 
120 // Creates a global function named 'func_name' that calls the tracing
121 // function 'trace_func_name' with an actual EBP register value,
122 // encoded as one or two Smis.
CreateTraceCallerFunction(v8::Local<v8::Context> context,const char * func_name,const char * trace_func_name)123 static void CreateTraceCallerFunction(v8::Local<v8::Context> context,
124                                       const char* func_name,
125                                       const char* trace_func_name) {
126   i::EmbeddedVector<char, 256> trace_call_buf;
127   i::SNPrintF(trace_call_buf,
128               "function %s() {"
129               "  fp = new FPGrabber();"
130               "  %s(fp.low_bits, fp.high_bits);"
131               "}",
132               func_name, trace_func_name);
133 
134   // Create the FPGrabber function, which grabs the caller's frame pointer
135   // when called as a constructor.
136   CreateFramePointerGrabberConstructor(context, "FPGrabber");
137 
138   // Compile the script.
139   CompileRun(trace_call_buf.start());
140 }
141 
142 
143 // This test verifies that stack tracing works when called during
144 // execution of a native function called from JS code. In this case,
145 // TickSample::Trace uses Isolate::c_entry_fp as a starting point for stack
146 // walking.
TEST(CFromJSStackTrace)147 TEST(CFromJSStackTrace) {
148   // BUG(1303) Inlining of JSFuncDoTrace() in JSTrace below breaks this test.
149   i::FLAG_turbo_inlining = false;
150   i::FLAG_use_inlining = false;
151 
152   TickSample sample;
153   i::TraceExtension::InitTraceEnv(&sample);
154 
155   v8::HandleScope scope(CcTest::isolate());
156   v8::Local<v8::Context> context = CcTest::NewContext(TRACE_EXTENSION);
157   v8::Context::Scope context_scope(context);
158 
159   // Create global function JSFuncDoTrace which calls
160   // extension function trace() with the current frame pointer value.
161   CreateTraceCallerFunction(context, "JSFuncDoTrace", "trace");
162   Local<Value> result = CompileRun(
163       "function JSTrace() {"
164       "         JSFuncDoTrace();"
165       "};\n"
166       "JSTrace();\n"
167       "true;");
168   CHECK(!result.IsEmpty());
169   // When stack tracer is invoked, the stack should look as follows:
170   // script [JS]
171   //   JSTrace() [JS]
172   //     JSFuncDoTrace() [JS] [captures EBP value and encodes it as Smi]
173   //       trace(EBP) [native (extension)]
174   //         DoTrace(EBP) [native]
175   //           TickSample::Trace
176 
177   CHECK(sample.has_external_callback);
178   CHECK_EQ(FUNCTION_ADDR(i::TraceExtension::Trace), sample.external_callback);
179 
180   // Stack tracing will start from the first JS function, i.e. "JSFuncDoTrace"
181   unsigned base = 0;
182   CHECK_GT(sample.frames_count, base + 1);
183 
184   CHECK(IsAddressWithinFuncCode(
185       context, "JSFuncDoTrace", sample.stack[base + 0]));
186   CHECK(IsAddressWithinFuncCode(context, "JSTrace", sample.stack[base + 1]));
187 }
188 
189 
190 // This test verifies that stack tracing works when called during
191 // execution of JS code. However, as calling TickSample::Trace requires
192 // entering native code, we can only emulate pure JS by erasing
193 // Isolate::c_entry_fp value. In this case, TickSample::Trace uses passed frame
194 // pointer value as a starting point for stack walking.
TEST(PureJSStackTrace)195 TEST(PureJSStackTrace) {
196   // This test does not pass with inlining enabled since inlined functions
197   // don't appear in the stack trace.
198   i::FLAG_turbo_inlining = false;
199   i::FLAG_use_inlining = false;
200 
201   TickSample sample;
202   i::TraceExtension::InitTraceEnv(&sample);
203 
204   v8::HandleScope scope(CcTest::isolate());
205   v8::Local<v8::Context> context = CcTest::NewContext(TRACE_EXTENSION);
206   v8::Context::Scope context_scope(context);
207 
208   // Create global function JSFuncDoTrace which calls
209   // extension function js_trace() with the current frame pointer value.
210   CreateTraceCallerFunction(context, "JSFuncDoTrace", "js_trace");
211   Local<Value> result = CompileRun(
212       "function JSTrace() {"
213       "         JSFuncDoTrace();"
214       "};\n"
215       "function OuterJSTrace() {"
216       "         JSTrace();"
217       "};\n"
218       "OuterJSTrace();\n"
219       "true;");
220   CHECK(!result.IsEmpty());
221   // When stack tracer is invoked, the stack should look as follows:
222   // script [JS]
223   //   OuterJSTrace() [JS]
224   //     JSTrace() [JS]
225   //       JSFuncDoTrace() [JS]
226   //         js_trace(EBP) [native (extension)]
227   //           DoTraceHideCEntryFPAddress(EBP) [native]
228   //             TickSample::Trace
229   //
230 
231   CHECK(sample.has_external_callback);
232   CHECK_EQ(FUNCTION_ADDR(i::TraceExtension::JSTrace), sample.external_callback);
233 
234   // Stack sampling will start from the caller of JSFuncDoTrace, i.e. "JSTrace"
235   unsigned base = 0;
236   CHECK_GT(sample.frames_count, base + 1);
237   CHECK(IsAddressWithinFuncCode(context, "JSTrace", sample.stack[base + 0]));
238   CHECK(IsAddressWithinFuncCode(
239       context, "OuterJSTrace", sample.stack[base + 1]));
240 }
241 
242 
CFuncDoTrace(byte dummy_parameter)243 static void CFuncDoTrace(byte dummy_parameter) {
244   Address fp;
245 #if V8_HAS_BUILTIN_FRAME_ADDRESS
246   fp = reinterpret_cast<Address>(__builtin_frame_address(0));
247 #elif V8_CC_MSVC
248   // Approximate a frame pointer address. We compile without base pointers,
249   // so we can't trust ebp/rbp.
250   fp = &dummy_parameter - 2 * sizeof(void*);  // NOLINT
251 #else
252 #error Unexpected platform.
253 #endif
254   i::TraceExtension::DoTrace(fp);
255 }
256 
257 
CFunc(int depth)258 static int CFunc(int depth) {
259   if (depth <= 0) {
260     CFuncDoTrace(0);
261     return 0;
262   } else {
263     return CFunc(depth - 1) + 1;
264   }
265 }
266 
267 
268 // This test verifies that stack tracing doesn't crash when called on
269 // pure native code. TickSample::Trace only unrolls JS code, so we can't
270 // get any meaningful info here.
TEST(PureCStackTrace)271 TEST(PureCStackTrace) {
272   TickSample sample;
273   i::TraceExtension::InitTraceEnv(&sample);
274   v8::HandleScope scope(CcTest::isolate());
275   v8::Local<v8::Context> context = CcTest::NewContext(TRACE_EXTENSION);
276   v8::Context::Scope context_scope(context);
277   // Check that sampler doesn't crash
278   CHECK_EQ(10, CFunc(10));
279 }
280 
281 
TEST(JsEntrySp)282 TEST(JsEntrySp) {
283   v8::HandleScope scope(CcTest::isolate());
284   v8::Local<v8::Context> context = CcTest::NewContext(TRACE_EXTENSION);
285   v8::Context::Scope context_scope(context);
286   CHECK(!i::TraceExtension::GetJsEntrySp());
287   CompileRun("a = 1; b = a + 1;");
288   CHECK(!i::TraceExtension::GetJsEntrySp());
289   CompileRun("js_entry_sp();");
290   CHECK(!i::TraceExtension::GetJsEntrySp());
291   CompileRun("js_entry_sp_level2();");
292   CHECK(!i::TraceExtension::GetJsEntrySp());
293 }
294