deoptimizer.h

Go to the documentation of this file.

// Copyright 2012 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
 
#ifndef V8_DEOPTIMIZER_DEOPTIMIZER_H_
#define V8_DEOPTIMIZER_DEOPTIMIZER_H_
 
#include <optional>
#include <vector>
 
#include "src/builtins/builtins.h"
#include "src/codegen/source-position.h"
#include "src/deoptimizer/deoptimize-reason.h"
#include "src/deoptimizer/frame-description.h"
#include "src/deoptimizer/translated-state.h"
#include "src/diagnostics/code-tracer.h"
#include "src/objects/js-function.h"
 
#if V8_ENABLE_WEBASSEMBLY
#include "src/sandbox/hardware-support.h"
#include "src/wasm/value-type.h"
#endif  // V8_ENABLE_WEBASSEMBLY
 
namespace v8 {
namespace internal {
 
namespace wasm {
class WasmCode;
}
 
enum class BuiltinContinuationMode;
 
class DeoptimizedFrameInfo;
class Isolate;
 
class Deoptimizer : public Malloced {
 public:
  struct DeoptInfo {
    DeoptInfo(SourcePosition position, DeoptimizeReason deopt_reason,
              uint32_t node_id, int deopt_id)
        : position(position),
          deopt_reason(deopt_reason),
          node_id(node_id),
          deopt_id(deopt_id) {}
 
    const SourcePosition position;
    const DeoptimizeReason deopt_reason;
    const uint32_t node_id;
    const int deopt_id;
  };
 
  // Whether the deopt exit is contained by the outermost loop containing the
  // osr'd loop. For example:
  //
  //  for (;;) {
  //    for (;;) {
  //    }  // OSR is triggered on this backedge.
  //  }  // This is the outermost loop containing the osr'd loop.
  static bool DeoptExitIsInsideOsrLoop(Isolate* isolate,
                                       Tagged<JSFunction> function,
                                       BytecodeOffset deopt_exit_offset,
                                       BytecodeOffset osr_offset);
  static DeoptInfo GetDeoptInfo(Tagged<Code> code, Address from);
  DeoptInfo GetDeoptInfo() const {
    return Deoptimizer::GetDeoptInfo(compiled_code_, from_);
  }
 
  static const char* MessageFor(DeoptimizeKind kind);
 
  DirectHandle<JSFunction> function() const;
  DirectHandle<Code> compiled_code() const;
  DeoptimizeKind deopt_kind() const { return deopt_kind_; }
  int output_count() const { return output_count_; }
 
  // Where the deopt exit occurred *in the outermost frame*, i.e in the
  // function we generated OSR'd code for. If the deopt occurred in an inlined
  // function, this would point at the corresponding outermost Call bytecode.
  BytecodeOffset bytecode_offset_in_outermost_frame() const {
    return bytecode_offset_in_outermost_frame_;
  }
 
  static Deoptimizer* New(Address raw_function, DeoptimizeKind kind,
                          Address from, int fp_to_sp_delta, Isolate* isolate);
  static Deoptimizer* Grab(Isolate* isolate);
 
  // Delete and deregister the deoptimizer from the current isolate. Returns the
  // count of output (liftoff) frames that were constructed by the deoptimizer.
  static size_t DeleteForWasm(Isolate* isolate);
 
  // The returned object with information on the optimized frame needs to be
  // freed before another one can be generated.
  static DeoptimizedFrameInfo* DebuggerInspectableFrame(JavaScriptFrame* frame,
                                                        int jsframe_index,
                                                        Isolate* isolate);
 
  // Deoptimize the function now. Its current optimized code will never be run
  // again and any activations of the optimized code will get deoptimized when
  // execution returns. If {code} is specified then the given code is targeted
  // instead of the function code (e.g. OSR code not installed on function).
  static void DeoptimizeFunction(Tagged<JSFunction> function,
                                 LazyDeoptimizeReason reason,
                                 Tagged<Code> code = {});
 
  // Deoptimize all code in the given isolate.
  V8_EXPORT_PRIVATE static void DeoptimizeAll(Isolate* isolate);
 
  // Deoptimizes all optimized code that has been previously marked
  // (via code->set_marked_for_deoptimization) and unlinks all functions that
  // refer to that code.
  static void DeoptimizeMarkedCode(Isolate* isolate);
 
  // Deoptimizes all optimized code that implements the given function (whether
  // directly or inlined).
  static void DeoptimizeAllOptimizedCodeWithFunction(
      Isolate* isolate, DirectHandle<SharedFunctionInfo> function);
 
  // Check the given address against a list of allowed addresses, to prevent a
  // potential attacker from using the frame creation process in the
  // deoptimizer, in particular the signing process, to gain control over the
  // program.
  // This function makes a crash if the address is not valid. If it's valid,
  // it returns the given address.
  static Address EnsureValidReturnAddress(Isolate* isolate, Address address);
 
  ~Deoptimizer();
 
  void MaterializeHeapObjects();
 
  static void ComputeOutputFrames(Deoptimizer* deoptimizer);
 
  V8_EXPORT_PRIVATE static Builtin GetDeoptimizationEntry(DeoptimizeKind kind);
 
  // InstructionStream generation support.
  static int input_offset() { return offsetof(Deoptimizer, input_); }
  static int output_count_offset() {
    return offsetof(Deoptimizer, output_count_);
  }
  static int output_offset() { return offsetof(Deoptimizer, output_); }
 
  static int caller_frame_top_offset() {
    return offsetof(Deoptimizer, caller_frame_top_);
  }
 
#ifdef V8_ENABLE_CET_SHADOW_STACK
  static constexpr int shadow_stack_offset() {
    return offsetof(Deoptimizer, shadow_stack_);
  }
 
  static constexpr int shadow_stack_count_offset() {
    return offsetof(Deoptimizer, shadow_stack_count_);
  }
#endif  // V8_ENABLE_CET_SHADOW_STACK
 
  Isolate* isolate() const { return isolate_; }
 
  static constexpr int kMaxNumberOfEntries = 16384;
 
  // This marker is passed to Deoptimizer::New as {deopt_exit_index} on
  // platforms that have fixed deopt sizes. The actual deoptimization id is then
  // calculated from the return address.
  static constexpr unsigned kFixedExitSizeMarker = kMaxUInt32;
 
  // Size of deoptimization exit sequence.
  V8_EXPORT_PRIVATE static const int kEagerDeoptExitSize;
  V8_EXPORT_PRIVATE static const int kLazyDeoptExitSize;
 
  // The size of the call instruction to Builtins::kAdaptShadowStackForDeopt.
  V8_EXPORT_PRIVATE static const int kAdaptShadowStackOffsetToSubtract;
 
  // Tracing.
  static void TraceMarkForDeoptimization(Isolate* isolate, Tagged<Code> code,
                                         LazyDeoptimizeReason reason);
  static void TraceEvictFromOptimizedCodeCache(Isolate* isolate,
                                               Tagged<SharedFunctionInfo> sfi,
                                               const char* reason);
 
  // Patch the generated code to jump to a safepoint entry. This is used only
  // when Shadow Stack is enabled.
  static void PatchToJump(Address pc, Address new_pc);
 
 private:
  void QueueValueForMaterialization(Address output_address, Tagged<Object> obj,
                                    const TranslatedFrame::iterator& iterator);
  void QueueFeedbackVectorForMaterialization(
      Address output_address, const TranslatedFrame::iterator& iterator);
 
  Deoptimizer(Isolate* isolate, Tagged<JSFunction> function,
              DeoptimizeKind kind, Address from, int fp_to_sp_delta);
  void DeleteFrameDescriptions();
 
  void DoComputeOutputFrames();
 
#if V8_ENABLE_WEBASSEMBLY
  void DoComputeOutputFramesWasmImpl();
  FrameDescription* DoComputeWasmLiftoffFrame(
      TranslatedFrame& frame, wasm::NativeModule* native_module,
      Tagged<WasmTrustedInstanceData> wasm_trusted_instance, int frame_index,
      std::stack<intptr_t>& shadow_stack);
 
  void GetWasmStackSlotsCounts(const wasm::FunctionSig* sig,
                               int* parameter_stack_slots,
                               int* return_stack_slots);
#endif
 
  void DoComputeUnoptimizedFrame(TranslatedFrame* translated_frame,
                                 int frame_index, bool goto_catch_handler);
  void DoComputeInlinedExtraArguments(TranslatedFrame* translated_frame,
                                      int frame_index);
  void DoComputeConstructCreateStubFrame(TranslatedFrame* translated_frame,
                                         int frame_index);
  void DoComputeConstructInvokeStubFrame(TranslatedFrame* translated_frame,
                                         int frame_index);
 
  static Builtin TrampolineForBuiltinContinuation(BuiltinContinuationMode mode,
                                                  bool must_handle_result);
 
#if V8_ENABLE_WEBASSEMBLY
  TranslatedValue TranslatedValueForWasmReturnKind(
      std::optional<wasm::ValueKind> wasm_call_return_kind);
#endif  // V8_ENABLE_WEBASSEMBLY
 
  void DoComputeBuiltinContinuation(TranslatedFrame* translated_frame,
                                    int frame_index,
                                    BuiltinContinuationMode mode);
 
  unsigned ComputeInputFrameAboveFpFixedSize() const;
  unsigned ComputeInputFrameSize() const;
 
  static unsigned ComputeIncomingArgumentSize(Tagged<Code> code);
 
  // Tracing.
  bool tracing_enabled() const { return trace_scope_ != nullptr; }
  bool verbose_tracing_enabled() const {
    return v8_flags.trace_deopt_verbose && tracing_enabled();
  }
  CodeTracer::Scope* trace_scope() const { return trace_scope_; }
  CodeTracer::Scope* verbose_trace_scope() const {
    return v8_flags.trace_deopt_verbose ? trace_scope() : nullptr;
  }
  void TraceDeoptBegin(int optimization_id, BytecodeOffset bytecode_offset);
  void TraceDeoptEnd(double deopt_duration);
#ifdef DEBUG
  static void TraceFoundActivation(Isolate* isolate,
                                   Tagged<JSFunction> function);
#endif
  static void TraceDeoptAll(Isolate* isolate);
 
  bool is_restart_frame() const { return restart_frame_index_ >= 0; }
 
  Isolate* isolate_;
  Tagged<JSFunction> function_;
  Tagged<Code> compiled_code_;
#if V8_ENABLE_WEBASSEMBLY
  wasm::WasmCode* compiled_optimized_wasm_code_ = nullptr;
#endif
  unsigned deopt_exit_index_;
  BytecodeOffset bytecode_offset_in_outermost_frame_ = BytecodeOffset::None();
  DeoptimizeKind deopt_kind_;
  Address from_;
  int fp_to_sp_delta_;
  bool deoptimizing_throw_;
  int catch_handler_data_;
  int catch_handler_pc_offset_;
  int restart_frame_index_;
 
  // Input frame description.
  FrameDescription* input_;
  // Number of output frames.
  int output_count_;
  // Array of output frame descriptions.
  FrameDescription** output_;
 
  // Caller frame details computed from input frame.
  intptr_t caller_frame_top_;
  intptr_t caller_fp_;
  intptr_t caller_pc_;
  intptr_t caller_constant_pool_;
 
  // The argument count of the bottom most frame.
  int actual_argument_count_;
 
  // Key for lookup of previously materialized objects.
  intptr_t stack_fp_;
 
  TranslatedState translated_state_;
  struct ValueToMaterialize {
    Address output_slot_address_;
    TranslatedFrame::iterator value_;
  };
  std::vector<ValueToMaterialize> values_to_materialize_;
  std::vector<ValueToMaterialize> feedback_vector_to_materialize_;
 
#ifdef V8_ENABLE_CET_SHADOW_STACK
  intptr_t* shadow_stack_ = nullptr;
  size_t shadow_stack_count_ = 0;
#endif  // V8_ENABLE_CET_SHADOW_STACK
 
#ifdef DEBUG
  DisallowGarbageCollection* disallow_garbage_collection_;
#endif  // DEBUG
 
  // Note: This is intentionally not a unique_ptr s.t. the Deoptimizer
  // satisfies is_standard_layout, needed for offsetof().
  CodeTracer::Scope* const trace_scope_;
 
#if V8_ENABLE_WEBASSEMBLY && V8_TARGET_ARCH_32_BIT
  // Needed by webassembly for lowering signatures containing i64 types. Stored
  // as members for reuse for multiple signatures during one de-optimization.
  std::optional<AccountingAllocator> alloc_;
  std::optional<Zone> zone_;
#endif
#if V8_ENABLE_WEBASSEMBLY && V8_ENABLE_SANDBOX
  // Wasm deoptimizations should not access the heap at all. All deopt data is
  // stored off-heap.
  std::optional<SandboxHardwareSupport::BlockAccessScope>
      no_heap_access_during_wasm_deopt_;
#endif
 
  friend class DeoptimizedFrameInfo;
  friend class FrameDescription;
  friend class FrameWriter;
};
 
}  // namespace internal
}  // namespace v8
 
#endif  // V8_DEOPTIMIZER_DEOPTIMIZER_H_