deoptimizer.h 36 KB
Newer Older
1
// Copyright 2012 the V8 project authors. All rights reserved.
2 3
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
4

5 6
#ifndef V8_DEOPTIMIZER_DEOPTIMIZER_H_
#define V8_DEOPTIMIZER_DEOPTIMIZER_H_
7

8
#include <stack>
9 10
#include <vector>

11
#include "src/base/macros.h"
12 13 14
#include "src/codegen/label.h"
#include "src/codegen/register-arch.h"
#include "src/codegen/source-position.h"
15
#include "src/common/globals.h"
16
#include "src/deoptimizer/deoptimize-reason.h"
17
#include "src/diagnostics/code-tracer.h"
18 19
#include "src/execution/frame-constants.h"
#include "src/execution/isolate.h"
20
#include "src/heap/heap.h"
21
#include "src/objects/feedback-vector.h"
22
#include "src/objects/js-function.h"
23
#include "src/objects/shared-function-info.h"
24 25
#include "src/utils/allocation.h"
#include "src/utils/boxed-float.h"
26
#include "src/zone/zone-chunk-list.h"
27 28 29 30 31

namespace v8 {
namespace internal {

class FrameDescription;
32
class JavaScriptFrame;
33
class TranslationIterator;
34
class DeoptimizedFrameInfo;
35
class TranslatedFrame;
36 37
class TranslatedState;
class RegisterValues;
38
class MacroAssembler;
39
class StrongRootsEntry;
40

41 42
enum class BuiltinContinuationMode;

jarin's avatar
jarin committed
43
class TranslatedValue {
44
 public:
45
  // Allocation-free getter of the value.
46
  // Returns ReadOnlyRoots::arguments_marker() if allocation would be necessary
47
  // to get the value. In the case of numbers, returns a Smi if possible.
48
  Object GetRawValue() const;
49

50 51 52 53 54 55
  // Convenience wrapper around GetRawValue (checked).
  int GetSmiValue() const;

  // Returns the value, possibly materializing it first (and the whole subgraph
  // reachable from this value). In the case of numbers, returns a Smi if
  // possible.
56 57 58
  Handle<Object> GetValue();

  bool IsMaterializedObject() const;
59
  bool IsMaterializableByDebugger() const;
60 61 62 63 64

 private:
  friend class TranslatedState;
  friend class TranslatedFrame;

65
  enum Kind : uint8_t {
66 67 68
    kInvalid,
    kTagged,
    kInt32,
69
    kInt64,
70 71
    kUInt32,
    kBoolBit,
72
    kFloat,
73
    kDouble,
74 75 76 77 78 79
    kCapturedObject,   // Object captured by the escape analysis.
                       // The number of nested objects can be obtained
                       // with the DeferredObjectLength() method
                       // (the values of the nested objects follow
                       // this value in the depth-first order.)
    kDuplicatedObject  // Duplicated object of a deferred object.
80 81
  };

82 83 84 85 86 87 88 89
  enum MaterializationState : uint8_t {
    kUninitialized,
    kAllocated,  // Storage for the object has been allocated (or
                 // enqueued for allocation).
    kFinished,   // The object has been initialized (or enqueued for
                 // initialization).
  };

90 91 92
  TranslatedValue(TranslatedState* container, Kind kind)
      : kind_(kind), container_(container) {}
  Kind kind() const { return kind_; }
93 94 95
  MaterializationState materialization_state() const {
    return materialization_state_;
  }
96 97 98 99 100 101
  void Handlify();
  int GetChildrenCount() const;

  static TranslatedValue NewDeferredObject(TranslatedState* container,
                                           int length, int object_index);
  static TranslatedValue NewDuplicateObject(TranslatedState* container, int id);
102 103
  static TranslatedValue NewFloat(TranslatedState* container, Float32 value);
  static TranslatedValue NewDouble(TranslatedState* container, Float64 value);
104
  static TranslatedValue NewInt32(TranslatedState* container, int32_t value);
105
  static TranslatedValue NewInt64(TranslatedState* container, int64_t value);
106 107
  static TranslatedValue NewUInt32(TranslatedState* container, uint32_t value);
  static TranslatedValue NewBool(TranslatedState* container, uint32_t value);
108
  static TranslatedValue NewTagged(TranslatedState* container, Object literal);
109
  static TranslatedValue NewInvalid(TranslatedState* container);
110 111 112

  Isolate* isolate() const;

113
  void set_storage(Handle<HeapObject> storage) { storage_ = storage; }
114
  void set_initialized_storage(Handle<HeapObject> storage);
115 116 117
  void mark_finished() { materialization_state_ = kFinished; }
  void mark_allocated() { materialization_state_ = kAllocated; }

118 119
  Handle<HeapObject> storage() {
    DCHECK_NE(materialization_state(), kUninitialized);
120 121 122
    return storage_;
  }

123
  Kind kind_;
124
  MaterializationState materialization_state_ = kUninitialized;
125 126 127 128
  TranslatedState* container_;  // This is only needed for materialization of
                                // objects and constructing handles (to get
                                // to the isolate).

129 130 131
  Handle<HeapObject> storage_;  // Contains the materialized value or the
                                // byte-array that will be later morphed into
                                // the materialized object.
132 133 134

  struct MaterializedObjectInfo {
    int id_;
135
    int length_;  // Applies only to kCapturedObject kinds.
136 137 138 139
  };

  union {
    // kind kTagged. After handlification it is always nullptr.
140
    Object raw_literal_;
141 142 143 144
    // kind is kUInt32 or kBoolBit.
    uint32_t uint32_value_;
    // kind is kInt32.
    int32_t int32_value_;
145 146
    // kind is kInt64.
    int64_t int64_value_;
147
    // kind is kFloat
148
    Float32 float_value_;
149
    // kind is kDouble
150
    Float64 double_value_;
151
    // kind is kDuplicatedObject or kCapturedObject.
152 153 154 155
    MaterializedObjectInfo materialization_info_;
  };

  // Checked accessors for the union members.
156
  Object raw_literal() const;
157
  int32_t int32_value() const;
158
  int64_t int64_value() const;
159
  uint32_t uint32_value() const;
160 161
  Float32 float_value() const;
  Float64 double_value() const;
162 163 164 165 166 167 168
  int object_length() const;
  int object_index() const;
};

class TranslatedFrame {
 public:
  enum Kind {
169
    kInterpretedFunction,
170 171
    kArgumentsAdaptor,
    kConstructStub,
172 173
    kBuiltinContinuation,
    kJavaScriptBuiltinContinuation,
174
    kJavaScriptBuiltinContinuationWithCatch,
175 176 177 178 179 180
    kInvalid
  };

  int GetValueCount();

  Kind kind() const { return kind_; }
181
  BailoutId node_id() const { return node_id_; }
182
  Handle<SharedFunctionInfo> shared_info() const { return shared_info_; }
183 184 185 186 187 188

  // TODO(jgruber): Simplify/clarify the semantics of this field. The name
  // `height` is slightly misleading. Yes, this value is related to stack frame
  // height, but must undergo additional mutations to arrive at the real stack
  // frame height (e.g.: addition/subtraction of context, accumulator, fixed
  // frame sizes, padding).
189
  int height() const { return height_; }
190

191 192
  int return_value_offset() const { return return_value_offset_; }
  int return_value_count() const { return return_value_count_; }
193

194 195
  SharedFunctionInfo raw_shared_info() const {
    CHECK(!raw_shared_info_.is_null());
196 197 198
    return raw_shared_info_;
  }

199 200 201
  class iterator {
   public:
    iterator& operator++() {
202
      ++input_index_;
203 204 205 206 207
      AdvanceIterator(&position_);
      return *this;
    }

    iterator operator++(int) {
208
      iterator original(position_, input_index_);
209
      ++input_index_;
210 211 212 213 214
      AdvanceIterator(&position_);
      return original;
    }

    bool operator==(const iterator& other) const {
215
      // Ignore {input_index_} for equality.
216 217 218 219 220 221
      return position_ == other.position_;
    }
    bool operator!=(const iterator& other) const { return !(*this == other); }

    TranslatedValue& operator*() { return (*position_); }
    TranslatedValue* operator->() { return &(*position_); }
222 223
    const TranslatedValue& operator*() const { return (*position_); }
    const TranslatedValue* operator->() const { return &(*position_); }
224

225 226
    int input_index() const { return input_index_; }

227 228 229
   private:
    friend TranslatedFrame;

230 231 232
    explicit iterator(std::deque<TranslatedValue>::iterator position,
                      int input_index = 0)
        : position_(position), input_index_(input_index) {}
233 234

    std::deque<TranslatedValue>::iterator position_;
235
    int input_index_;
236 237
  };

238 239
  using reference = TranslatedValue&;
  using const_reference = TranslatedValue const&;
240

241 242
  iterator begin() { return iterator(values_.begin()); }
  iterator end() { return iterator(values_.end()); }
243

244 245
  reference front() { return values_.front(); }
  const_reference front() const { return values_.front(); }
246 247 248 249 250

 private:
  friend class TranslatedState;

  // Constructor static methods.
251
  static TranslatedFrame InterpretedFrame(BailoutId bytecode_offset,
252
                                          SharedFunctionInfo shared_info,
253 254
                                          int height, int return_value_offset,
                                          int return_value_count);
255
  static TranslatedFrame AccessorFrame(Kind kind,
256 257
                                       SharedFunctionInfo shared_info);
  static TranslatedFrame ArgumentsAdaptorFrame(SharedFunctionInfo shared_info,
258
                                               int height);
259
  static TranslatedFrame ConstructStubFrame(BailoutId bailout_id,
260
                                            SharedFunctionInfo shared_info,
261
                                            int height);
262
  static TranslatedFrame BuiltinContinuationFrame(
263
      BailoutId bailout_id, SharedFunctionInfo shared_info, int height);
264
  static TranslatedFrame JavaScriptBuiltinContinuationFrame(
265
      BailoutId bailout_id, SharedFunctionInfo shared_info, int height);
266
  static TranslatedFrame JavaScriptBuiltinContinuationWithCatchFrame(
267
      BailoutId bailout_id, SharedFunctionInfo shared_info, int height);
268
  static TranslatedFrame InvalidFrame() {
269
    return TranslatedFrame(kInvalid, SharedFunctionInfo());
270 271 272 273
  }

  static void AdvanceIterator(std::deque<TranslatedValue>::iterator* iter);

274 275
  TranslatedFrame(Kind kind,
                  SharedFunctionInfo shared_info = SharedFunctionInfo(),
276 277
                  int height = 0, int return_value_offset = 0,
                  int return_value_count = 0)
278 279
      : kind_(kind),
        node_id_(BailoutId::None()),
280
        raw_shared_info_(shared_info),
281 282 283
        height_(height),
        return_value_offset_(return_value_offset),
        return_value_count_(return_value_count) {}
284 285

  void Add(const TranslatedValue& value) { values_.push_back(value); }
286
  TranslatedValue* ValueAt(int index) { return &(values_[index]); }
287
  void Handlify();
288 289 290

  Kind kind_;
  BailoutId node_id_;
291
  SharedFunctionInfo raw_shared_info_;
292
  Handle<SharedFunctionInfo> shared_info_;
293
  int height_;
294 295
  int return_value_offset_;
  int return_value_count_;
296

297
  using ValuesContainer = std::deque<TranslatedValue>;
298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318

  ValuesContainer values_;
};

// Auxiliary class for translating deoptimization values.
// Typical usage sequence:
//
// 1. Construct the instance. This will involve reading out the translations
//    and resolving them to values using the supplied frame pointer and
//    machine state (registers). This phase is guaranteed not to allocate
//    and not to use any HandleScope. Any object pointers will be stored raw.
//
// 2. Handlify pointers. This will convert all the raw pointers to handles.
//
// 3. Reading out the frame values.
//
// Note: After the instance is constructed, it is possible to iterate over
// the values eagerly.

class TranslatedState {
 public:
319
  TranslatedState() = default;
320
  explicit TranslatedState(const JavaScriptFrame* frame);
321

322
  void Prepare(Address stack_frame_pointer);
323 324

  // Store newly materialized values into the isolate.
325
  void StoreMaterializedValuesAndDeopt(JavaScriptFrame* frame);
326

327
  using iterator = std::vector<TranslatedFrame>::iterator;
328 329 330
  iterator begin() { return frames_.begin(); }
  iterator end() { return frames_.end(); }

331
  using const_iterator = std::vector<TranslatedFrame>::const_iterator;
332 333 334
  const_iterator begin() const { return frames_.begin(); }
  const_iterator end() const { return frames_.end(); }

335 336
  std::vector<TranslatedFrame>& frames() { return frames_; }

337
  TranslatedFrame* GetFrameFromJSFrameIndex(int jsframe_index);
338 339 340 341 342
  TranslatedFrame* GetArgumentsInfoFromJSFrameIndex(int jsframe_index,
                                                    int* arguments_count);

  Isolate* isolate() { return isolate_; }

343
  void Init(Isolate* isolate, Address input_frame_pointer,
344
            TranslationIterator* iterator, FixedArray literal_array,
345
            RegisterValues* registers, FILE* trace_file, int parameter_count);
346

347
  void VerifyMaterializedObjects();
348
  bool DoUpdateFeedback();
349

350 351 352 353
 private:
  friend TranslatedValue;

  TranslatedFrame CreateNextTranslatedFrame(TranslationIterator* iterator,
354 355
                                            FixedArray literal_array,
                                            Address fp, FILE* trace_file);
356
  int CreateNextTranslatedValue(int frame_index, TranslationIterator* iterator,
357
                                FixedArray literal_array, Address fp,
358
                                RegisterValues* registers, FILE* trace_file);
359
  Address DecompressIfNeeded(intptr_t value);
360
  Address ComputeArgumentsPosition(Address input_frame_pointer, int* length);
361 362
  void CreateArgumentsElementsTranslatedValues(int frame_index,
                                               Address input_frame_pointer,
363 364
                                               CreateArgumentsType type,
                                               FILE* trace_file);
365 366

  void UpdateFromPreviouslyMaterializedObjects();
367 368
  void MaterializeFixedDoubleArray(TranslatedFrame* frame, int* value_index,
                                   TranslatedValue* slot, Handle<Map> map);
369 370
  void MaterializeHeapNumber(TranslatedFrame* frame, int* value_index,
                             TranslatedValue* slot);
371 372 373 374 375 376 377 378 379 380 381 382 383

  void EnsureObjectAllocatedAt(TranslatedValue* slot);

  void SkipSlots(int slots_to_skip, TranslatedFrame* frame, int* value_index);

  Handle<ByteArray> AllocateStorageFor(TranslatedValue* slot);
  void EnsureJSObjectAllocated(TranslatedValue* slot, Handle<Map> map);
  void EnsurePropertiesAllocatedAndMarked(TranslatedValue* properties_slot,
                                          Handle<Map> map);
  void EnsureChildrenAllocated(int count, TranslatedFrame* frame,
                               int* value_index, std::stack<int>* worklist);
  void EnsureCapturedObjectAllocatedAt(int object_index,
                                       std::stack<int>* worklist);
384
  Handle<HeapObject> InitializeObjectAt(TranslatedValue* slot);
385 386 387 388 389 390 391 392 393
  void InitializeCapturedObjectAt(int object_index, std::stack<int>* worklist,
                                  const DisallowHeapAllocation& no_allocation);
  void InitializeJSObjectAt(TranslatedFrame* frame, int* value_index,
                            TranslatedValue* slot, Handle<Map> map,
                            const DisallowHeapAllocation& no_allocation);
  void InitializeObjectWithTaggedFieldsAt(
      TranslatedFrame* frame, int* value_index, TranslatedValue* slot,
      Handle<Map> map, const DisallowHeapAllocation& no_allocation);

394
  void ReadUpdateFeedback(TranslationIterator* iterator,
395
                          FixedArray literal_array, FILE* trace_file);
396

397 398 399
  TranslatedValue* ResolveCapturedObject(TranslatedValue* slot);
  TranslatedValue* GetValueByObjectIndex(int object_index);
  Handle<Object> GetValueAndAdvance(TranslatedFrame* frame, int* value_index);
400 401 402
  TranslatedValue* GetResolvedSlot(TranslatedFrame* frame, int value_index);
  TranslatedValue* GetResolvedSlotAndAdvance(TranslatedFrame* frame,
                                             int* value_index);
403 404

  static uint32_t GetUInt32Slot(Address fp, int slot_index);
405
  static uint64_t GetUInt64Slot(Address fp, int slot_index);
406 407
  static Float32 GetFloatSlot(Address fp, int slot_index);
  static Float64 GetDoubleSlot(Address fp, int slot_index);
408 409

  std::vector<TranslatedFrame> frames_;
410
  Isolate* isolate_ = nullptr;
411
  Address stack_frame_pointer_ = kNullAddress;
412
  int formal_parameter_count_;
413 414 415 416 417 418

  struct ObjectPosition {
    int frame_index_;
    int value_index_;
  };
  std::deque<ObjectPosition> object_positions_;
419
  Handle<FeedbackVector> feedback_vector_handle_;
420
  FeedbackVector feedback_vector_;
421
  FeedbackSlot feedback_slot_;
422
};
423

424
class OptimizedFunctionVisitor {
425
 public:
426
  virtual ~OptimizedFunctionVisitor() = default;
427
  virtual void VisitFunction(JSFunction function) = 0;
428 429 430 431
};

class Deoptimizer : public Malloced {
 public:
432
  struct DeoptInfo {
433 434
    DeoptInfo(SourcePosition position, DeoptimizeReason deopt_reason,
              int deopt_id)
435
        : position(position), deopt_reason(deopt_reason), deopt_id(deopt_id) {}
436

437
    SourcePosition position;
438
    DeoptimizeReason deopt_reason;
439 440 441
    int deopt_id;

    static const int kNoDeoptId = -1;
442 443
  };

444
  static DeoptInfo GetDeoptInfo(Code code, Address from);
445

446
  static int ComputeSourcePositionFromBytecodeArray(SharedFunctionInfo shared,
447
                                                    BailoutId node_id);
448

449
  static const char* MessageFor(DeoptimizeKind kind, bool reuse_code);
450

451 452
  int output_count() const { return output_count_; }

453 454
  Handle<JSFunction> function() const;
  Handle<Code> compiled_code() const;
455
  DeoptimizeKind deopt_kind() const { return deopt_kind_; }
456

457 458 459
  // Number of created JS frames. Not all created frames are necessarily JS.
  int jsframe_count() const { return jsframe_count_; }

460 461
  bool should_reuse_code() const;

462
  static Deoptimizer* New(Address raw_function, DeoptimizeKind kind,
463
                          unsigned bailout_id, Address from, int fp_to_sp_delta,
464 465
                          Isolate* isolate);
  static Deoptimizer* Grab(Isolate* isolate);
466

467 468 469
  // The returned object with information on the optimized frame needs to be
  // freed before another one can be generated.
  static DeoptimizedFrameInfo* DebuggerInspectableFrame(JavaScriptFrame* frame,
470
                                                        int jsframe_index,
471 472
                                                        Isolate* isolate);

473 474
  // Deoptimize the function now. Its current optimized code will never be run
  // again and any activations of the optimized code will get deoptimized when
475 476
  // execution returns. If {code} is specified then the given code is targeted
  // instead of the function code (e.g. OSR code not installed on function).
477
  static void DeoptimizeFunction(JSFunction function, Code code = Code());
478

479
  // Deoptimize all code in the given isolate.
480
  V8_EXPORT_PRIVATE static void DeoptimizeAll(Isolate* isolate);
481

482 483 484 485
  // Deoptimizes all optimized code that has been previously marked
  // (via code->set_marked_for_deoptimization) and unlinks all functions that
  // refer to that code.
  static void DeoptimizeMarkedCode(Isolate* isolate);
486

487 488 489 490 491 492 493
  // Check the given address against a list of allowed addresses, to prevent a
  // potential attacker from using the frame creation process in the
  // deoptimizer, in particular the signing process, to gain control over the
  // program.
  // When building mksnapshot, always return false.
  static bool IsValidReturnAddress(Address address);

494 495
  ~Deoptimizer();

496
  void MaterializeHeapObjects();
497

498
  static void ComputeOutputFrames(Deoptimizer* deoptimizer);
499

500
  static Address GetDeoptimizationEntry(Isolate* isolate, DeoptimizeKind kind);
501

502 503 504 505 506
  // Returns true if {addr} is a deoptimization entry and stores its type in
  // {type}. Returns false if {addr} is not a deoptimization entry.
  static bool IsDeoptimizationEntry(Isolate* isolate, Address addr,
                                    DeoptimizeKind* type);

507
  // Code generation support.
508
  static int input_offset() { return offsetof(Deoptimizer, input_); }
509
  static int output_count_offset() {
510
    return offsetof(Deoptimizer, output_count_);
511
  }
512
  static int output_offset() { return offsetof(Deoptimizer, output_); }
513

514
  static int caller_frame_top_offset() {
515
    return offsetof(Deoptimizer, caller_frame_top_);
516 517
  }

518
  V8_EXPORT_PRIVATE static int GetDeoptimizedCodeCount(Isolate* isolate);
519 520 521

  static const int kNotDeoptimizationEntry = -1;

522
  static void EnsureCodeForDeoptimizationEntry(Isolate* isolate,
523
                                               DeoptimizeKind kind);
524
  static void EnsureCodeForDeoptimizationEntries(Isolate* isolate);
525

526 527
  Isolate* isolate() const { return isolate_; }

528 529
  static const int kMaxNumberOfEntries = 16384;

530 531 532
  // Set to true when the architecture supports deoptimization exit sequences
  // of a fixed size, that can be sorted so that the deoptimization index is
  // deduced from the address of the deoptimization exit.
533
  static const bool kSupportsFixedDeoptExitSizes;
534 535

  // Size of deoptimization exit sequence. This is only meaningful when
536 537 538
  // kSupportsFixedDeoptExitSizes is true.
  static const int kNonLazyDeoptExitSize;
  static const int kLazyDeoptExitSize;
539

540
 private:
541
  friend class FrameWriter;
542
  void QueueValueForMaterialization(Address output_address, Object obj,
543
                                    const TranslatedFrame::iterator& iterator);
544

545
  Deoptimizer(Isolate* isolate, JSFunction function, DeoptimizeKind kind,
546
              unsigned bailout_id, Address from, int fp_to_sp_delta);
547
  Code FindOptimizedCode();
548
  void PrintFunctionName();
549 550
  void DeleteFrameDescriptions();

551 552
  static bool IsDeoptimizationEntry(Isolate* isolate, Address addr,
                                    DeoptimizeKind type);
553

554
  void DoComputeOutputFrames();
555 556 557 558 559 560
  void DoComputeInterpretedFrame(TranslatedFrame* translated_frame,
                                 int frame_index, bool goto_catch_handler);
  void DoComputeArgumentsAdaptorFrame(TranslatedFrame* translated_frame,
                                      int frame_index);
  void DoComputeConstructStubFrame(TranslatedFrame* translated_frame,
                                   int frame_index);
561 562 563 564

  static Builtins::Name TrampolineForBuiltinContinuation(
      BuiltinContinuationMode mode, bool must_handle_result);

565
  void DoComputeBuiltinContinuation(TranslatedFrame* translated_frame,
566 567
                                    int frame_index,
                                    BuiltinContinuationMode mode);
568

569
  unsigned ComputeInputFrameAboveFpFixedSize() const;
570 571
  unsigned ComputeInputFrameSize() const;

572
  static unsigned ComputeIncomingArgumentSize(SharedFunctionInfo shared);
573
  static unsigned ComputeOutgoingArgumentSize(Code code, unsigned bailout_id);
574

575
  static void GenerateDeoptimizationEntries(MacroAssembler* masm,
576
                                            Isolate* isolate,
577
                                            DeoptimizeKind kind);
578

579 580
  static void MarkAllCodeForContext(NativeContext native_context);
  static void DeoptimizeMarkedCodeForContext(NativeContext native_context);
581 582 583
  // Searches the list of known deoptimizing code for a Code object
  // containing the given address (which is supposedly faster than
  // searching all code objects).
584
  Code FindDeoptimizingCode(Address addr);
585

586
  Isolate* isolate_;
587
  JSFunction function_;
588
  Code compiled_code_;
589
  unsigned bailout_id_;
590
  DeoptimizeKind deopt_kind_;
591 592
  Address from_;
  int fp_to_sp_delta_;
593 594 595
  bool deoptimizing_throw_;
  int catch_handler_data_;
  int catch_handler_pc_offset_;
596 597 598 599 600

  // Input frame description.
  FrameDescription* input_;
  // Number of output frames.
  int output_count_;
601 602
  // Number of output js frames.
  int jsframe_count_;
603 604 605
  // Array of output frame descriptions.
  FrameDescription** output_;

606 607 608 609 610 611
  // Caller frame details computed from input frame.
  intptr_t caller_frame_top_;
  intptr_t caller_fp_;
  intptr_t caller_pc_;
  intptr_t caller_constant_pool_;
  intptr_t input_frame_context_;
612
  intptr_t actual_argument_count_;
613

jarin@chromium.org's avatar
jarin@chromium.org committed
614
  // Key for lookup of previously materialized objects
615
  intptr_t stack_fp_;
jarin@chromium.org's avatar
jarin@chromium.org committed
616

617 618 619 620 621 622
  TranslatedState translated_state_;
  struct ValueToMaterialize {
    Address output_slot_address_;
    TranslatedFrame::iterator value_;
  };
  std::vector<ValueToMaterialize> values_to_materialize_;
623

624 625 626
#ifdef DEBUG
  DisallowHeapAllocation* disallow_heap_allocation_;
#endif  // DEBUG
627

628
  CodeTracer::Scope* trace_scope_;
629

630
  static const int table_entry_size_;
631 632

  friend class FrameDescription;
633
  friend class DeoptimizedFrameInfo;
634 635
};

636 637 638 639 640 641 642 643 644 645 646 647 648 649 650
class RegisterValues {
 public:
  intptr_t GetRegister(unsigned n) const {
#if DEBUG
    // This convoluted DCHECK is needed to work around a gcc problem that
    // improperly detects an array bounds overflow in optimized debug builds
    // when using a plain DCHECK.
    if (n >= arraysize(registers_)) {
      DCHECK(false);
      return 0;
    }
#endif
    return registers_[n];
  }

651
  Float32 GetFloatRegister(unsigned n) const;
652

653
  Float64 GetDoubleRegister(unsigned n) const {
654 655 656 657 658 659 660 661 662 663
    DCHECK(n < arraysize(double_registers_));
    return double_registers_[n];
  }

  void SetRegister(unsigned n, intptr_t value) {
    DCHECK(n < arraysize(registers_));
    registers_[n] = value;
  }

  intptr_t registers_[Register::kNumRegisters];
664 665 666
  // Generated code writes directly into the following array, make sure the
  // element size matches what the machine instructions expect.
  static_assert(sizeof(Float64) == kDoubleSize, "size mismatch");
667
  Float64 double_registers_[DoubleRegister::kNumRegisters];
668 669
};

670 671
class FrameDescription {
 public:
672
  explicit FrameDescription(uint32_t frame_size, int parameter_count = 0);
673 674

  void* operator new(size_t size, uint32_t frame_size) {
675 676 677
    // Subtracts kSystemPointerSize, as the member frame_content_ already
    // supplies the first element of the area to store the frame.
    return malloc(size + frame_size - kSystemPointerSize);
678 679
  }

680
  void operator delete(void* pointer, uint32_t frame_size) { free(pointer); }
681

682
  void operator delete(void* description) { free(description); }
683

684
  uint32_t GetFrameSize() const {
685
    USE(frame_content_);
686
    DCHECK(static_cast<uint32_t>(frame_size_) == frame_size_);
687 688
    return static_cast<uint32_t>(frame_size_);
  }
689

690
  intptr_t GetFrameSlot(unsigned offset) {
691 692 693
    return *GetFrameSlotPointer(offset);
  }

694 695
  unsigned GetLastArgumentSlotOffset() {
    int parameter_slots = parameter_count();
696
    if (ShouldPadArguments(parameter_slots)) parameter_slots++;
697
    return GetFrameSize() - parameter_slots * kSystemPointerSize;
698 699
  }

700
  Address GetFramePointerAddress() {
701 702
    int fp_offset =
        GetLastArgumentSlotOffset() - StandardFrameConstants::kCallerSPOffset;
703
    return reinterpret_cast<Address>(GetFrameSlotPointer(fp_offset));
704 705
  }

706 707
  RegisterValues* GetRegisterValues() { return &register_values_; }

708
  void SetFrameSlot(unsigned offset, intptr_t value) {
709 710 711
    *GetFrameSlotPointer(offset) = value;
  }

712 713 714 715
  void SetCallerPc(unsigned offset, intptr_t value);

  void SetCallerFp(unsigned offset, intptr_t value);

716 717
  void SetCallerConstantPool(unsigned offset, intptr_t value);

718
  intptr_t GetRegister(unsigned n) const {
719
    return register_values_.GetRegister(n);
720 721
  }

722
  Float64 GetDoubleRegister(unsigned n) const {
723
    return register_values_.GetDoubleRegister(n);
724 725
  }

726
  void SetRegister(unsigned n, intptr_t value) {
727
    register_values_.SetRegister(n, value);
728 729
  }

730 731
  intptr_t GetTop() const { return top_; }
  void SetTop(intptr_t top) { top_ = top; }
732

733
  intptr_t GetPc() const { return pc_; }
734
  void SetPc(intptr_t pc);
735

736 737
  intptr_t GetFp() const { return fp_; }
  void SetFp(intptr_t fp) { fp_ = fp; }
738

739 740 741
  intptr_t GetContext() const { return context_; }
  void SetContext(intptr_t context) { context_ = context; }

742 743 744 745 746
  intptr_t GetConstantPool() const { return constant_pool_; }
  void SetConstantPool(intptr_t constant_pool) {
    constant_pool_ = constant_pool;
  }

747
  void SetContinuation(intptr_t pc) { continuation_ = pc; }
748

749 750
  // Argument count, including receiver.
  int parameter_count() { return parameter_count_; }
751

752
  static int registers_offset() {
753
    return offsetof(FrameDescription, register_values_.registers_);
754 755 756
  }

  static int double_registers_offset() {
757
    return offsetof(FrameDescription, register_values_.double_registers_);
758 759 760
  }

  static int frame_size_offset() {
761
    return offsetof(FrameDescription, frame_size_);
762 763
  }

764
  static int pc_offset() { return offsetof(FrameDescription, pc_); }
765 766

  static int continuation_offset() {
767
    return offsetof(FrameDescription, continuation_);
768 769 770
  }

  static int frame_content_offset() {
771
    return offsetof(FrameDescription, frame_content_);
772 773 774 775 776
  }

 private:
  static const uint32_t kZapUint32 = 0xbeeddead;

777 778 779
  // Frame_size_ must hold a uint32_t value.  It is only a uintptr_t to
  // keep the variable-size array frame_content_ of type intptr_t at
  // the end of the structure aligned.
780
  uintptr_t frame_size_;  // Number of bytes.
781
  int parameter_count_;
782
  RegisterValues register_values_;
783 784 785
  intptr_t top_;
  intptr_t pc_;
  intptr_t fp_;
786
  intptr_t context_;
787
  intptr_t constant_pool_;
788 789 790

  // Continuation is the PC where the execution continues after
  // deoptimizing.
791
  intptr_t continuation_;
792

793
  // This must be at the end of the object as the object is allocated larger
794
  // than its definition indicates to extend this array.
795 796
  intptr_t frame_content_[1];

797
  intptr_t* GetFrameSlotPointer(unsigned offset) {
798
    DCHECK(offset < frame_size_);
799 800
    return reinterpret_cast<intptr_t*>(reinterpret_cast<Address>(this) +
                                       frame_content_offset() + offset);
801 802 803
  }
};

804 805
class DeoptimizerData {
 public:
806
  explicit DeoptimizerData(Heap* heap);
807 808
  ~DeoptimizerData();

809 810 811 812 813 814 815 816 817
#ifdef DEBUG
  bool IsDeoptEntryCode(Code code) const {
    for (int i = 0; i < kLastDeoptimizeKind + 1; i++) {
      if (code == deopt_entry_code_[i]) return true;
    }
    return false;
  }
#endif  // DEBUG

818
 private:
819
  Heap* heap_;
820 821
  static const int kLastDeoptimizeKind =
      static_cast<int>(DeoptimizeKind::kLastDeoptimizeKind);
822 823 824
  Code deopt_entry_code_[kLastDeoptimizeKind + 1];
  Code deopt_entry_code(DeoptimizeKind kind);
  void set_deopt_entry_code(DeoptimizeKind kind, Code code);
825

826
  Deoptimizer* current_;
827
  StrongRootsEntry* strong_roots_entry_;
828 829 830 831 832 833

  friend class Deoptimizer;

  DISALLOW_COPY_AND_ASSIGN(DeoptimizerData);
};

834
class TranslationBuffer {
835
 public:
836
  explicit TranslationBuffer(Zone* zone) : contents_(zone) {}
837

838 839
  int CurrentIndex() const { return static_cast<int>(contents_.size()); }
  void Add(int32_t value);
840

841
  Handle<ByteArray> CreateByteArray(Factory* factory);
842 843

 private:
844
  ZoneChunkList<uint8_t> contents_;
845 846
};

847
class TranslationIterator {
848
 public:
849
  TranslationIterator(ByteArray buffer, int index);
850 851 852

  int32_t Next();

853
  bool HasNext() const;
854 855 856 857 858 859

  void Skip(int n) {
    for (int i = 0; i < n; i++) Next();
  }

 private:
860
  ByteArray buffer_;
861 862 863
  int index_;
};

864 865 866 867 868 869 870 871 872 873 874 875 876 877
#define TRANSLATION_OPCODE_LIST(V)                     \
  V(BEGIN)                                             \
  V(INTERPRETED_FRAME)                                 \
  V(BUILTIN_CONTINUATION_FRAME)                        \
  V(JAVA_SCRIPT_BUILTIN_CONTINUATION_FRAME)            \
  V(JAVA_SCRIPT_BUILTIN_CONTINUATION_WITH_CATCH_FRAME) \
  V(CONSTRUCT_STUB_FRAME)                              \
  V(ARGUMENTS_ADAPTOR_FRAME)                           \
  V(DUPLICATED_OBJECT)                                 \
  V(ARGUMENTS_ELEMENTS)                                \
  V(ARGUMENTS_LENGTH)                                  \
  V(CAPTURED_OBJECT)                                   \
  V(REGISTER)                                          \
  V(INT32_REGISTER)                                    \
878
  V(INT64_REGISTER)                                    \
879 880 881 882 883 884
  V(UINT32_REGISTER)                                   \
  V(BOOL_REGISTER)                                     \
  V(FLOAT_REGISTER)                                    \
  V(DOUBLE_REGISTER)                                   \
  V(STACK_SLOT)                                        \
  V(INT32_STACK_SLOT)                                  \
885
  V(INT64_STACK_SLOT)                                  \
886 887 888 889 890
  V(UINT32_STACK_SLOT)                                 \
  V(BOOL_STACK_SLOT)                                   \
  V(FLOAT_STACK_SLOT)                                  \
  V(DOUBLE_STACK_SLOT)                                 \
  V(LITERAL)                                           \
891
  V(UPDATE_FEEDBACK)
892

893
class Translation {
894
 public:
895
#define DECLARE_TRANSLATION_OPCODE_ENUM(item) item,
896
  enum Opcode {
897
    TRANSLATION_OPCODE_LIST(DECLARE_TRANSLATION_OPCODE_ENUM) LAST = LITERAL
898
  };
899
#undef DECLARE_TRANSLATION_OPCODE_ENUM
900

901
  Translation(TranslationBuffer* buffer, int frame_count, int jsframe_count,
902 903
              int update_feedback_count, Zone* zone)
      : buffer_(buffer), index_(buffer->CurrentIndex()), zone_(zone) {
904 905 906
    buffer_->Add(BEGIN);
    buffer_->Add(frame_count);
    buffer_->Add(jsframe_count);
907
    buffer_->Add(update_feedback_count);
908 909 910 911 912
  }

  int index() const { return index_; }

  // Commands.
913
  void BeginInterpretedFrame(BailoutId bytecode_offset, int literal_id,
914 915
                             unsigned height, int return_value_offset,
                             int return_value_count);
916
  void BeginArgumentsAdaptorFrame(int literal_id, unsigned height);
917 918
  void BeginConstructStubFrame(BailoutId bailout_id, int literal_id,
                               unsigned height);
919 920 921 922
  void BeginBuiltinContinuationFrame(BailoutId bailout_id, int literal_id,
                                     unsigned height);
  void BeginJavaScriptBuiltinContinuationFrame(BailoutId bailout_id,
                                               int literal_id, unsigned height);
923 924 925
  void BeginJavaScriptBuiltinContinuationWithCatchFrame(BailoutId bailout_id,
                                                        int literal_id,
                                                        unsigned height);
926
  void ArgumentsElements(CreateArgumentsType type);
927
  void ArgumentsLength();
928
  void BeginCapturedObject(int length);
929
  void AddUpdateFeedback(int vector_literal, int slot);
930
  void DuplicateObject(int object_index);
931 932
  void StoreRegister(Register reg);
  void StoreInt32Register(Register reg);
933
  void StoreInt64Register(Register reg);
934
  void StoreUint32Register(Register reg);
935
  void StoreBoolRegister(Register reg);
936
  void StoreFloatRegister(FloatRegister reg);
937 938 939
  void StoreDoubleRegister(DoubleRegister reg);
  void StoreStackSlot(int index);
  void StoreInt32StackSlot(int index);
940
  void StoreInt64StackSlot(int index);
941
  void StoreUint32StackSlot(int index);
942
  void StoreBoolStackSlot(int index);
943
  void StoreFloatStackSlot(int index);
944 945
  void StoreDoubleStackSlot(int index);
  void StoreLiteral(int literal_id);
946
  void StoreJSFrameFunction();
947

948
  Zone* zone() const { return zone_; }
949

950 951
  static int NumberOfOperandsFor(Opcode opcode);

952
#if defined(OBJECT_PRINT) || defined(ENABLE_DISASSEMBLER)
953 954 955 956 957 958
  static const char* StringFor(Opcode opcode);
#endif

 private:
  TranslationBuffer* buffer_;
  int index_;
959
  Zone* zone_;
960 961
};

jarin@chromium.org's avatar
jarin@chromium.org committed
962 963
class MaterializedObjectStore {
 public:
964
  explicit MaterializedObjectStore(Isolate* isolate) : isolate_(isolate) {}
jarin@chromium.org's avatar
jarin@chromium.org committed
965 966 967

  Handle<FixedArray> Get(Address fp);
  void Set(Address fp, Handle<FixedArray> materialized_objects);
968
  bool Remove(Address fp);
jarin@chromium.org's avatar
jarin@chromium.org committed
969 970

 private:
971
  Isolate* isolate() const { return isolate_; }
jarin@chromium.org's avatar
jarin@chromium.org committed
972 973 974 975 976 977
  Handle<FixedArray> GetStackEntries();
  Handle<FixedArray> EnsureStackEntries(int size);

  int StackIdToIndex(Address fp);

  Isolate* isolate_;
978
  std::vector<Address> frame_fps_;
979 980
};

981 982 983 984
// Class used to represent an unoptimized frame when the debugger
// needs to inspect a frame that is part of an optimized frame. The
// internally used FrameDescription objects are not GC safe so for use
// by the debugger frame information is copied to an object of this type.
985 986
// Represents parameters in unadapted form so their number might mismatch
// formal parameter count.
987 988
class DeoptimizedFrameInfo : public Malloced {
 public:
989 990 991
  DeoptimizedFrameInfo(TranslatedState* state,
                       TranslatedState::iterator frame_it, Isolate* isolate);

992
  // Return the number of incoming arguments.
993
  int parameters_count() { return static_cast<int>(parameters_.size()); }
994

995
  // Return the height of the expression stack.
996
  int expression_count() { return static_cast<int>(expression_stack_.size()); }
997

998
  // Get the frame function.
999
  Handle<JSFunction> GetFunction() { return function_; }
1000

1001
  // Get the frame context.
1002
  Handle<Object> GetContext() { return context_; }
1003

1004
  // Get an incoming argument.
1005
  Handle<Object> GetParameter(int index) {
1006
    DCHECK(0 <= index && index < parameters_count());
1007 1008 1009
    return parameters_[index];
  }

1010
  // Get an expression from the expression stack.
1011
  Handle<Object> GetExpression(int index) {
1012
    DCHECK(0 <= index && index < expression_count());
1013 1014 1015
    return expression_stack_[index];
  }

1016
  int GetSourcePosition() { return source_position_; }
1017

1018
 private:
1019
  // Set an incoming argument.
1020
  void SetParameter(int index, Handle<Object> obj) {
1021
    DCHECK(0 <= index && index < parameters_count());
1022 1023 1024
    parameters_[index] = obj;
  }

1025
  // Set an expression on the expression stack.
1026
  void SetExpression(int index, Handle<Object> obj) {
1027
    DCHECK(0 <= index && index < expression_count());
1028 1029 1030
    expression_stack_[index] = obj;
  }

1031 1032 1033 1034
  Handle<JSFunction> function_;
  Handle<Object> context_;
  std::vector<Handle<Object> > parameters_;
  std::vector<Handle<Object> > expression_stack_;
1035
  int source_position_;
1036 1037 1038 1039

  friend class Deoptimizer;
};

1040 1041
}  // namespace internal
}  // namespace v8
1042

1043
#endif  // V8_DEOPTIMIZER_DEOPTIMIZER_H_