1 // Copyright 2016 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "src/snapshot/context-serializer.h"
6 #include "src/snapshot/startup-serializer.h"
7
8 #include "src/api/api-inl.h"
9 #include "src/execution/microtask-queue.h"
10 #include "src/heap/combined-heap.h"
11 #include "src/numbers/math-random.h"
12 #include "src/objects/objects-inl.h"
13 #include "src/objects/slots.h"
14
15 namespace v8 {
16 namespace internal {
17
18 namespace {
19
20 // During serialization, puts the native context into a state understood by the
21 // serializer (e.g. by clearing lists of Code objects). After serialization,
22 // the original state is restored.
23 class SanitizeNativeContextScope final {
24 public:
SanitizeNativeContextScope(Isolate * isolate,NativeContext native_context,bool allow_active_isolate_for_testing,const DisallowGarbageCollection & no_gc)25 SanitizeNativeContextScope(Isolate* isolate, NativeContext native_context,
26 bool allow_active_isolate_for_testing,
27 const DisallowGarbageCollection& no_gc)
28 : isolate_(isolate),
29 native_context_(native_context),
30 microtask_queue_(native_context.microtask_queue()),
31 optimized_code_list_(native_context.OptimizedCodeListHead()),
32 deoptimized_code_list_(native_context.DeoptimizedCodeListHead()) {
33 #ifdef DEBUG
34 if (!allow_active_isolate_for_testing) {
35 // Microtasks.
36 DCHECK_EQ(0, microtask_queue_->size());
37 DCHECK(!microtask_queue_->HasMicrotasksSuppressions());
38 DCHECK_EQ(0, microtask_queue_->GetMicrotasksScopeDepth());
39 DCHECK(microtask_queue_->DebugMicrotasksScopeDepthIsZero());
40 // Code lists.
41 DCHECK(optimized_code_list_.IsUndefined(isolate));
42 DCHECK(deoptimized_code_list_.IsUndefined(isolate));
43 }
44 #endif
45 Object undefined = ReadOnlyRoots(isolate).undefined_value();
46 native_context.set_microtask_queue(isolate, nullptr);
47 native_context.SetOptimizedCodeListHead(undefined);
48 native_context.SetDeoptimizedCodeListHead(undefined);
49 }
50
~SanitizeNativeContextScope()51 ~SanitizeNativeContextScope() {
52 // Restore saved fields.
53 native_context_.SetDeoptimizedCodeListHead(optimized_code_list_);
54 native_context_.SetOptimizedCodeListHead(deoptimized_code_list_);
55 native_context_.set_microtask_queue(isolate_, microtask_queue_);
56 }
57
58 private:
59 Isolate* isolate_;
60 NativeContext native_context_;
61 MicrotaskQueue* const microtask_queue_;
62 const Object optimized_code_list_;
63 const Object deoptimized_code_list_;
64 };
65
66 } // namespace
67
ContextSerializer(Isolate * isolate,Snapshot::SerializerFlags flags,StartupSerializer * startup_serializer,v8::SerializeEmbedderFieldsCallback callback)68 ContextSerializer::ContextSerializer(
69 Isolate* isolate, Snapshot::SerializerFlags flags,
70 StartupSerializer* startup_serializer,
71 v8::SerializeEmbedderFieldsCallback callback)
72 : Serializer(isolate, flags),
73 startup_serializer_(startup_serializer),
74 serialize_embedder_fields_(callback),
75 can_be_rehashed_(true) {
76 InitializeCodeAddressMap();
77 }
78
~ContextSerializer()79 ContextSerializer::~ContextSerializer() {
80 OutputStatistics("ContextSerializer");
81 }
82
Serialize(Context * o,const DisallowGarbageCollection & no_gc)83 void ContextSerializer::Serialize(Context* o,
84 const DisallowGarbageCollection& no_gc) {
85 context_ = *o;
86 DCHECK(context_.IsNativeContext());
87
88 // Upon deserialization, references to the global proxy and its map will be
89 // replaced.
90 reference_map()->AddAttachedReference(context_.global_proxy());
91 reference_map()->AddAttachedReference(context_.global_proxy().map());
92
93 // The bootstrap snapshot has a code-stub context. When serializing the
94 // context snapshot, it is chained into the weak context list on the isolate
95 // and it's next context pointer may point to the code-stub context. Clear
96 // it before serializing, it will get re-added to the context list
97 // explicitly when it's loaded.
98 // TODO(v8:10416): These mutations should not observably affect the running
99 // context.
100 context_.set(Context::NEXT_CONTEXT_LINK,
101 ReadOnlyRoots(isolate()).undefined_value());
102 DCHECK(!context_.global_object().IsUndefined());
103 // Reset math random cache to get fresh random numbers.
104 MathRandom::ResetContext(context_);
105
106 SanitizeNativeContextScope sanitize_native_context(
107 isolate(), context_.native_context(), allow_active_isolate_for_testing(),
108 no_gc);
109
110 VisitRootPointer(Root::kStartupObjectCache, nullptr, FullObjectSlot(o));
111 SerializeDeferredObjects();
112
113 // Add section for embedder-serialized embedder fields.
114 if (!embedder_fields_sink_.data()->empty()) {
115 sink_.Put(kEmbedderFieldsData, "embedder fields data");
116 sink_.Append(embedder_fields_sink_);
117 sink_.Put(kSynchronize, "Finished with embedder fields data");
118 }
119
120 Pad();
121 }
122
SerializeObjectImpl(Handle<HeapObject> obj)123 void ContextSerializer::SerializeObjectImpl(Handle<HeapObject> obj) {
124 DCHECK(!ObjectIsBytecodeHandler(obj)); // Only referenced in dispatch table.
125
126 if (!allow_active_isolate_for_testing()) {
127 // When serializing a snapshot intended for real use, we should not end up
128 // at another native context.
129 // But in test scenarios there is no way to avoid this. Since we only
130 // serialize a single context in these cases, and this context does not
131 // have to be executable, we can simply ignore this.
132 DCHECK_IMPLIES(obj->IsNativeContext(), *obj == context_);
133 }
134
135 if (SerializeHotObject(obj)) return;
136
137 if (SerializeRoot(obj)) return;
138
139 if (SerializeBackReference(obj)) return;
140
141 if (startup_serializer_->SerializeUsingReadOnlyObjectCache(&sink_, obj)) {
142 return;
143 }
144
145 if (ShouldBeInTheStartupObjectCache(*obj)) {
146 startup_serializer_->SerializeUsingStartupObjectCache(&sink_, obj);
147 return;
148 }
149
150 // Pointers from the context snapshot to the objects in the startup snapshot
151 // should go through the root array or through the startup object cache.
152 // If this is not the case you may have to add something to the root array.
153 DCHECK(!startup_serializer_->ReferenceMapContains(obj));
154 // All the internalized strings that the context snapshot needs should be
155 // either in the root table or in the startup object cache.
156 DCHECK(!obj->IsInternalizedString());
157 // Function and object templates are not context specific.
158 DCHECK(!obj->IsTemplateInfo());
159
160 // Clear literal boilerplates and feedback.
161 if (obj->IsFeedbackVector()) {
162 Handle<FeedbackVector>::cast(obj)->ClearSlots(isolate());
163 }
164
165 // Clear InterruptBudget when serializing FeedbackCell.
166 if (obj->IsFeedbackCell()) {
167 Handle<FeedbackCell>::cast(obj)->SetInitialInterruptBudget();
168 }
169
170 if (SerializeJSObjectWithEmbedderFields(obj)) {
171 return;
172 }
173
174 if (obj->IsJSFunction()) {
175 // Unconditionally reset the JSFunction to its SFI's code, since we can't
176 // serialize optimized code anyway.
177 Handle<JSFunction> closure = Handle<JSFunction>::cast(obj);
178 closure->ResetIfBytecodeFlushed();
179 if (closure->is_compiled()) closure->set_code(closure->shared().GetCode());
180 }
181
182 CheckRehashability(*obj);
183
184 // Object has not yet been serialized. Serialize it here.
185 ObjectSerializer serializer(this, obj, &sink_);
186 serializer.Serialize();
187 }
188
ShouldBeInTheStartupObjectCache(HeapObject o)189 bool ContextSerializer::ShouldBeInTheStartupObjectCache(HeapObject o) {
190 // Scripts should be referred only through shared function infos. We can't
191 // allow them to be part of the context snapshot because they contain a
192 // unique ID, and deserializing several context snapshots containing script
193 // would cause dupes.
194 DCHECK(!o.IsScript());
195 return o.IsName() || o.IsSharedFunctionInfo() || o.IsHeapNumber() ||
196 o.IsCode() || o.IsScopeInfo() || o.IsAccessorInfo() ||
197 o.IsTemplateInfo() || o.IsClassPositions() ||
198 o.map() == ReadOnlyRoots(isolate()).fixed_cow_array_map();
199 }
200
201 namespace {
DataIsEmpty(const StartupData & data)202 bool DataIsEmpty(const StartupData& data) { return data.raw_size == 0; }
203 } // anonymous namespace
204
SerializeJSObjectWithEmbedderFields(Handle<HeapObject> obj)205 bool ContextSerializer::SerializeJSObjectWithEmbedderFields(
206 Handle<HeapObject> obj) {
207 if (!obj->IsJSObject()) return false;
208 Handle<JSObject> js_obj = Handle<JSObject>::cast(obj);
209 int embedder_fields_count = js_obj->GetEmbedderFieldCount();
210 if (embedder_fields_count == 0) return false;
211 CHECK_GT(embedder_fields_count, 0);
212 DCHECK(!js_obj->NeedsRehashing());
213
214 DisallowGarbageCollection no_gc;
215 DisallowJavascriptExecution no_js(isolate());
216 DisallowCompilation no_compile(isolate());
217
218 v8::Local<v8::Object> api_obj = v8::Utils::ToLocal(js_obj);
219
220 std::vector<EmbedderDataSlot::RawData> original_embedder_values;
221 std::vector<StartupData> serialized_data;
222
223 // 1) Iterate embedder fields. Hold onto the original value of the fields.
224 // Ignore references to heap objects since these are to be handled by the
225 // serializer. For aligned pointers, call the serialize callback. Hold
226 // onto the result.
227 for (int i = 0; i < embedder_fields_count; i++) {
228 EmbedderDataSlot embedder_data_slot(*js_obj, i);
229 original_embedder_values.emplace_back(
230 embedder_data_slot.load_raw(isolate(), no_gc));
231 Object object = embedder_data_slot.load_tagged();
232 if (object.IsHeapObject()) {
233 DCHECK(IsValidHeapObject(isolate()->heap(), HeapObject::cast(object)));
234 serialized_data.push_back({nullptr, 0});
235 } else {
236 // If no serializer is provided and the field was empty, we serialize it
237 // by default to nullptr.
238 if (serialize_embedder_fields_.callback == nullptr &&
239 object == Smi::zero()) {
240 serialized_data.push_back({nullptr, 0});
241 } else {
242 DCHECK_NOT_NULL(serialize_embedder_fields_.callback);
243 StartupData data = serialize_embedder_fields_.callback(
244 api_obj, i, serialize_embedder_fields_.data);
245 serialized_data.push_back(data);
246 }
247 }
248 }
249
250 // 2) Embedder fields for which the embedder callback produced non-zero
251 // serialized data should be considered aligned pointers to objects owned
252 // by the embedder. Clear these memory addresses to avoid non-determism
253 // in the snapshot. This is done separately to step 1 to no not interleave
254 // with embedder callbacks.
255 for (int i = 0; i < embedder_fields_count; i++) {
256 if (!DataIsEmpty(serialized_data[i])) {
257 EmbedderDataSlot(*js_obj, i).store_raw(isolate(), kNullAddress, no_gc);
258 }
259 }
260
261 // 3) Serialize the object. References from embedder fields to heap objects or
262 // smis are serialized regularly.
263 ObjectSerializer(this, js_obj, &sink_).Serialize();
264
265 // 4) Obtain back reference for the serialized object.
266 const SerializerReference* reference =
267 reference_map()->LookupReference(js_obj);
268 DCHECK_NOT_NULL(reference);
269 DCHECK(reference->is_back_reference());
270
271 // 5) Write data returned by the embedder callbacks into a separate sink,
272 // headed by the back reference. Restore the original embedder fields.
273 for (int i = 0; i < embedder_fields_count; i++) {
274 StartupData data = serialized_data[i];
275 if (DataIsEmpty(data)) continue;
276 // Restore original values from cleared fields.
277 EmbedderDataSlot(*js_obj, i)
278 .store_raw(isolate(), original_embedder_values[i], no_gc);
279 embedder_fields_sink_.Put(kNewObject, "embedder field holder");
280 embedder_fields_sink_.PutInt(reference->back_ref_index(), "BackRefIndex");
281 embedder_fields_sink_.PutInt(i, "embedder field index");
282 embedder_fields_sink_.PutInt(data.raw_size, "embedder fields data size");
283 embedder_fields_sink_.PutRaw(reinterpret_cast<const byte*>(data.data),
284 data.raw_size, "embedder fields data");
285 delete[] data.data;
286 }
287
288 // 6) The content of the separate sink is appended eventually to the default
289 // sink. The ensures that during deserialization, we call the deserializer
290 // callback at the end, and can guarantee that the deserialized objects are
291 // in a consistent state. See ContextSerializer::Serialize.
292 return true;
293 }
294
CheckRehashability(HeapObject obj)295 void ContextSerializer::CheckRehashability(HeapObject obj) {
296 if (!can_be_rehashed_) return;
297 if (!obj.NeedsRehashing()) return;
298 if (obj.CanBeRehashed()) return;
299 can_be_rehashed_ = false;
300 }
301
302 } // namespace internal
303 } // namespace v8
304