context-serializer.cc 12.6 KB
Newer Older
1 2 3 4
// Copyright 2016 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

5
#include "src/snapshot/context-serializer.h"
6
#include "src/snapshot/startup-serializer.h"
7

8
#include "src/api/api-inl.h"
9
#include "src/execution/microtask-queue.h"
10
#include "src/heap/combined-heap.h"
11
#include "src/numbers/math-random.h"
12
#include "src/objects/objects-inl.h"
13
#include "src/objects/slots.h"
14 15 16 17

namespace v8 {
namespace internal {

18 19 20 21 22
namespace {

// During serialization, puts the native context into a state understood by the
// serializer (e.g. by clearing lists of Code objects).  After serialization,
// the original state is restored.
23
class V8_NODISCARD SanitizeNativeContextScope final {
24 25 26
 public:
  SanitizeNativeContextScope(Isolate* isolate, NativeContext native_context,
                             bool allow_active_isolate_for_testing,
27
                             const DisallowGarbageCollection& no_gc)
28 29
      : isolate_(isolate),
        native_context_(native_context),
30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45
        microtask_queue_(native_context.microtask_queue()),
        optimized_code_list_(native_context.OptimizedCodeListHead()),
        deoptimized_code_list_(native_context.DeoptimizedCodeListHead()) {
#ifdef DEBUG
    if (!allow_active_isolate_for_testing) {
      // Microtasks.
      DCHECK_EQ(0, microtask_queue_->size());
      DCHECK(!microtask_queue_->HasMicrotasksSuppressions());
      DCHECK_EQ(0, microtask_queue_->GetMicrotasksScopeDepth());
      DCHECK(microtask_queue_->DebugMicrotasksScopeDepthIsZero());
      // Code lists.
      DCHECK(optimized_code_list_.IsUndefined(isolate));
      DCHECK(deoptimized_code_list_.IsUndefined(isolate));
    }
#endif
    Object undefined = ReadOnlyRoots(isolate).undefined_value();
46
    native_context.set_microtask_queue(isolate, nullptr);
47 48 49 50 51 52 53 54
    native_context.SetOptimizedCodeListHead(undefined);
    native_context.SetDeoptimizedCodeListHead(undefined);
  }

  ~SanitizeNativeContextScope() {
    // Restore saved fields.
    native_context_.SetDeoptimizedCodeListHead(optimized_code_list_);
    native_context_.SetOptimizedCodeListHead(deoptimized_code_list_);
55
    native_context_.set_microtask_queue(isolate_, microtask_queue_);
56 57 58
  }

 private:
59
  Isolate* isolate_;
60 61 62 63 64 65 66 67
  NativeContext native_context_;
  MicrotaskQueue* const microtask_queue_;
  const Object optimized_code_list_;
  const Object deoptimized_code_list_;
};

}  // namespace

68
ContextSerializer::ContextSerializer(
69 70
    Isolate* isolate, Snapshot::SerializerFlags flags,
    StartupSerializer* startup_serializer,
71
    v8::SerializeEmbedderFieldsCallback callback)
72
    : Serializer(isolate, flags),
73
      startup_serializer_(startup_serializer),
74
      serialize_embedder_fields_(callback),
75
      can_be_rehashed_(true) {
76 77 78
  InitializeCodeAddressMap();
}

79 80
ContextSerializer::~ContextSerializer() {
  OutputStatistics("ContextSerializer");
81 82
}

83
void ContextSerializer::Serialize(Context* o,
84
                                  const DisallowGarbageCollection& no_gc) {
85
  context_ = *o;
86
  DCHECK(context_.IsNativeContext());
87 88 89

  // Upon deserialization, references to the global proxy and its map will be
  // replaced.
90 91
  reference_map()->AddAttachedReference(context_.global_proxy());
  reference_map()->AddAttachedReference(context_.global_proxy().map());
92

93
  // The bootstrap snapshot has a code-stub context. When serializing the
94
  // context snapshot, it is chained into the weak context list on the isolate
95 96 97
  // and it's next context pointer may point to the code-stub context.  Clear
  // it before serializing, it will get re-added to the context list
  // explicitly when it's loaded.
98 99
  // TODO(v8:10416): These mutations should not observably affect the running
  // context.
100 101 102
  context_.set(Context::NEXT_CONTEXT_LINK,
               ReadOnlyRoots(isolate()).undefined_value());
  DCHECK(!context_.global_object().IsUndefined());
103
  // Reset math random cache to get fresh random numbers.
104
  MathRandom::ResetContext(context_);
105

106 107 108
  SanitizeNativeContextScope sanitize_native_context(
      isolate(), context_.native_context(), allow_active_isolate_for_testing(),
      no_gc);
109

110
  VisitRootPointer(Root::kStartupObjectCache, nullptr, FullObjectSlot(o));
111
  SerializeDeferredObjects();
112 113 114 115 116 117 118 119

  // Add section for embedder-serialized embedder fields.
  if (!embedder_fields_sink_.data()->empty()) {
    sink_.Put(kEmbedderFieldsData, "embedder fields data");
    sink_.Append(embedder_fields_sink_);
    sink_.Put(kSynchronize, "Finished with embedder fields data");
  }

120 121 122
  Pad();
}

123
void ContextSerializer::SerializeObjectImpl(Handle<HeapObject> obj) {
124
  DCHECK(!ObjectIsBytecodeHandler(*obj));  // Only referenced in dispatch table.
125

126 127 128 129 130 131
  if (!allow_active_isolate_for_testing()) {
    // When serializing a snapshot intended for real use, we should not end up
    // at another native context.
    // But in test scenarios there is no way to avoid this. Since we only
    // serialize a single context in these cases, and this context does not
    // have to be executable, we can simply ignore this.
132
    DCHECK_IMPLIES(obj->IsNativeContext(), *obj == context_);
133 134
  }

135 136 137 138 139 140 141
  {
    DisallowGarbageCollection no_gc;
    HeapObject raw = *obj;
    if (SerializeHotObject(raw)) return;
    if (SerializeRoot(raw)) return;
    if (SerializeBackReference(raw)) return;
  }
142

143
  if (startup_serializer_->SerializeUsingReadOnlyObjectCache(&sink_, obj)) {
144 145
    return;
  }
146

147 148 149 150
  if (startup_serializer_->SerializeUsingSharedHeapObjectCache(&sink_, obj)) {
    return;
  }

151
  if (ShouldBeInTheStartupObjectCache(*obj)) {
152
    startup_serializer_->SerializeUsingStartupObjectCache(&sink_, obj);
153 154 155
    return;
  }

156 157
  // Pointers from the context snapshot to the objects in the startup snapshot
  // should go through the root array or through the startup object cache.
158
  // If this is not the case you may have to add something to the root array.
159
  DCHECK(!startup_serializer_->ReferenceMapContains(obj));
160
  // All the internalized strings that the context snapshot needs should be
161
  // either in the root table or in the shared heap object cache.
162
  DCHECK(!obj->IsInternalizedString());
163
  // Function and object templates are not context specific.
164
  DCHECK(!obj->IsTemplateInfo());
165

166 167 168
  InstanceType instance_type = obj->map().instance_type();
  if (InstanceTypeChecker::IsFeedbackVector(instance_type)) {
    // Clear literal boilerplates and feedback.
169
    Handle<FeedbackVector>::cast(obj)->ClearSlots(isolate());
170 171
  } else if (InstanceTypeChecker::IsFeedbackCell(instance_type)) {
    // Clear InterruptBudget when serializing FeedbackCell.
172
    Handle<FeedbackCell>::cast(obj)->SetInitialInterruptBudget();
173 174 175 176 177 178 179 180 181 182 183 184 185 186 187
  } else if (InstanceTypeChecker::IsJSObject(instance_type)) {
    if (SerializeJSObjectWithEmbedderFields(Handle<JSObject>::cast(obj))) {
      return;
    }
    if (InstanceTypeChecker::IsJSFunction(instance_type)) {
      DisallowGarbageCollection no_gc;
      // Unconditionally reset the JSFunction to its SFI's code, since we can't
      // serialize optimized code anyway.
      JSFunction closure = JSFunction::cast(*obj);
      closure.ResetIfCodeFlushed();
      if (closure.is_compiled()) {
        if (closure.shared().HasBaselineCode()) {
          closure.shared().FlushBaselineCode();
        }
        closure.set_code(closure.shared().GetCode(), kReleaseStore);
188
      }
189
    }
190 191
  }

192
  CheckRehashability(*obj);
193

194
  // Object has not yet been serialized.  Serialize it here.
195
  ObjectSerializer serializer(this, obj, &sink_);
196 197 198
  serializer.Serialize();
}

199
bool ContextSerializer::ShouldBeInTheStartupObjectCache(HeapObject o) {
200
  // Scripts should be referred only through shared function infos.  We can't
201 202
  // allow them to be part of the context snapshot because they contain a
  // unique ID, and deserializing several context snapshots containing script
203
  // would cause dupes.
204 205
  DCHECK(!o.IsScript());
  return o.IsName() || o.IsSharedFunctionInfo() || o.IsHeapNumber() ||
206
         (V8_EXTERNAL_CODE_SPACE_BOOL && o.IsCodeDataContainer()) ||
207 208
         o.IsCode() || o.IsScopeInfo() || o.IsAccessorInfo() ||
         o.IsTemplateInfo() || o.IsClassPositions() ||
209
         o.map() == ReadOnlyRoots(isolate()).fixed_cow_array_map();
210 211
}

212 213 214 215 216 217
bool ContextSerializer::ShouldBeInTheSharedObjectCache(HeapObject o) {
  // FLAG_shared_string_table may be true during deserialization, so put
  // internalized strings into the shared object snapshot.
  return o.IsInternalizedString();
}

218 219 220 221
namespace {
bool DataIsEmpty(const StartupData& data) { return data.raw_size == 0; }
}  // anonymous namespace

222
bool ContextSerializer::SerializeJSObjectWithEmbedderFields(
223 224 225 226
    Handle<JSObject> obj) {
  DisallowGarbageCollection no_gc;
  JSObject js_obj = *obj;
  int embedder_fields_count = js_obj.GetEmbedderFieldCount();
227 228
  if (embedder_fields_count == 0) return false;
  CHECK_GT(embedder_fields_count, 0);
229
  DCHECK(!js_obj.NeedsRehashing(cage_base()));
230

231 232
  DisallowJavascriptExecution no_js(isolate());
  DisallowCompilation no_compile(isolate());
233

234
  v8::Local<v8::Object> api_obj = v8::Utils::ToLocal(obj);
235

236
  std::vector<EmbedderDataSlot::RawData> original_embedder_values;
237 238 239 240 241 242 243
  std::vector<StartupData> serialized_data;

  // 1) Iterate embedder fields. Hold onto the original value of the fields.
  //    Ignore references to heap objects since these are to be handled by the
  //    serializer. For aligned pointers, call the serialize callback. Hold
  //    onto the result.
  for (int i = 0; i < embedder_fields_count; i++) {
244
    EmbedderDataSlot embedder_data_slot(js_obj, i);
245 246
    original_embedder_values.emplace_back(
        embedder_data_slot.load_raw(isolate(), no_gc));
247
    Object object = embedder_data_slot.load_tagged();
248
    if (object.IsHeapObject()) {
249
      DCHECK(IsValidHeapObject(isolate()->heap(), HeapObject::cast(object)));
250 251
      serialized_data.push_back({nullptr, 0});
    } else {
252 253
      // If no serializer is provided and the field was empty, we serialize it
      // by default to nullptr.
254 255
      if (serialize_embedder_fields_.callback == nullptr &&
          object == Smi::zero()) {
256 257 258 259 260 261 262
        serialized_data.push_back({nullptr, 0});
      } else {
        DCHECK_NOT_NULL(serialize_embedder_fields_.callback);
        StartupData data = serialize_embedder_fields_.callback(
            api_obj, i, serialize_embedder_fields_.data);
        serialized_data.push_back(data);
      }
263 264 265 266 267 268 269 270 271 272
    }
  }

  // 2) Embedder fields for which the embedder callback produced non-zero
  //    serialized data should be considered aligned pointers to objects owned
  //    by the embedder. Clear these memory addresses to avoid non-determism
  //    in the snapshot. This is done separately to step 1 to no not interleave
  //    with embedder callbacks.
  for (int i = 0; i < embedder_fields_count; i++) {
    if (!DataIsEmpty(serialized_data[i])) {
273
      EmbedderDataSlot(js_obj, i).store_raw(isolate(), kNullAddress, no_gc);
274 275
    }
  }
276 277 278

  // 3) Serialize the object. References from embedder fields to heap objects or
  //    smis are serialized regularly.
279 280 281 282 283 284
  {
    AllowGarbageCollection allow_gc;
    ObjectSerializer(this, obj, &sink_).Serialize();
    // Reload raw pointer.
    js_obj = *obj;
  }
285 286

  // 4) Obtain back reference for the serialized object.
287 288 289 290
  const SerializerReference* reference =
      reference_map()->LookupReference(js_obj);
  DCHECK_NOT_NULL(reference);
  DCHECK(reference->is_back_reference());
291 292 293 294 295 296

  // 5) Write data returned by the embedder callbacks into a separate sink,
  //    headed by the back reference. Restore the original embedder fields.
  for (int i = 0; i < embedder_fields_count; i++) {
    StartupData data = serialized_data[i];
    if (DataIsEmpty(data)) continue;
297
    // Restore original values from cleared fields.
298 299
    EmbedderDataSlot(js_obj, i).store_raw(isolate(),
                                          original_embedder_values[i], no_gc);
300 301
    embedder_fields_sink_.Put(kNewObject, "embedder field holder");
    embedder_fields_sink_.PutInt(reference->back_ref_index(), "BackRefIndex");
302 303 304 305 306 307 308 309 310 311
    embedder_fields_sink_.PutInt(i, "embedder field index");
    embedder_fields_sink_.PutInt(data.raw_size, "embedder fields data size");
    embedder_fields_sink_.PutRaw(reinterpret_cast<const byte*>(data.data),
                                 data.raw_size, "embedder fields data");
    delete[] data.data;
  }

  // 6) The content of the separate sink is appended eventually to the default
  //    sink. The ensures that during deserialization, we call the deserializer
  //    callback at the end, and can guarantee that the deserialized objects are
312
  //    in a consistent state. See ContextSerializer::Serialize.
313
  return true;
314 315
}

316
void ContextSerializer::CheckRehashability(HeapObject obj) {
317
  if (!can_be_rehashed_) return;
318 319
  if (!obj.NeedsRehashing(cage_base())) return;
  if (obj.CanBeRehashed(cage_base())) return;
320 321 322
  can_be_rehashed_ = false;
}

323 324
}  // namespace internal
}  // namespace v8