1357777 - LUL on x86_64-linux: recover frames by following the frame pointer chain

Status: RESOLVED FIXED

(Core :: Gecko Profiler, enhancement)

Description

[Julian Seward [:jseward]]

On x86_64-Linux, LUL currently can only unwind frames for which CFI unwind data
is available.  This causes a noticeable number of junk samples in the profiler,
characterised by failures at transition points between JIT and native frame
sequences.  This patch allows LUL to try recovering the previous frame using
frame pointer chasing in the case where CFI isn't present.  This allows LUL to
unwind through or jump over interleaved JIT frames, because, respectively:

* The baseline JIT produces frame-pointerised code.

* IonMonkey doesn't produce frame-pointerised code, but also doesn't
  change the frame pointer register value.

The patch also adds counts of FP-recovered frames to LUL's statistics printing,
to make it possible to assess how often this feature is used.

Comment 1

[Julian Seward [:jseward]]

Attachment: LUL on x86_64-linux: recover frames by following the frame pointer chain

On x86_64-Linux, LUL currently can only unwind frames for which CFI unwind data
is available.  This causes a noticeable number of junk samples in the profiler,
characterised by failures at transition points between JIT and native frame
sequences.  This patch allows LUL to try recovering the previous frame using
frame pointer chasing in the case where CFI isn't present.  This allows LUL to
unwind through or jump over interleaved JIT frames, because, respectively:

* The baseline JIT produces frame-pointerised code.

* IonMonkey doesn't produce frame-pointerised code, but also doesn't
  change the frame pointer register value.

The patch also adds counts of FP-recovered frames to LUL's statistics printing,
to make it possible to assess how often this feature is used.

Comment 2

[Julian Seward [:jseward]]

Jan, requesting review just of the commit comment re JIT generated
code and unwinding.  Nathan, requesting review of the whole thing.

Comment 3

[Jan de Mooij [:jandem]]

Comment on attachment 8859670 [details] [diff] [review]
LUL on x86_64-linux: recover frames by following the frame pointer chain

Review of attachment 8859670 [details] [diff] [review]:
-----------------------------------------------------------------

Commit message makes sense, one nit: IonMonkey doesn't change the frame pointer register value *if the profiler is enabled*. It *can* use the FP register as arbitrary register if profiling is disabled.

Comment 4

[Nathan Froyd [:froydnj]]

Comment on attachment 8859670 [details] [diff] [review]
LUL on x86_64-linux: recover frames by following the frame pointer chain

Review of attachment 8859670 [details] [diff] [review]:
-----------------------------------------------------------------

Sure, let's try this.

::: tools/profiler/lul/LulMain.cpp
@@ +1572,5 @@
> +      TaggedUWord old_xbp       = regs.xbp; // points at new_BP ?
> +      TaggedUWord old_xbp_plus1 = regs.xbp; // points at new_IP ?
> +      TaggedUWord old_xbp_plus2 = regs.xbp; // is the new_SP ?
> +      old_xbp_plus1 = old_xbp_plus1 + TaggedUWord(1 * wordSzB);
> +      old_xbp_plus2 = old_xbp_plus2 + TaggedUWord(2 * wordSzB);

I think it'd be slightly clearer to just initialize `old_xbp_plus1` (`old_xbp_plus2`, respectively) with the expressions here.

Comment 5

[Pulsebot]

Pushed by jseward@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/0ca381bda5cb
LUL on x86_64-linux: recover frames by following the frame pointer chain.  r=froydnj,jandem.

Comment 6

[Carsten Book [:Tomcat]]

https://hg.mozilla.org/mozilla-central/rev/0ca381bda5cb