V8 API Reference, 7.2.502.16 (for Deno 0.2.4)
deoptimizer.cc
1 // Copyright 2013 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "src/deoptimizer.h"
6 
7 #include <memory>
8 
9 #include "src/accessors.h"
10 #include "src/assembler-inl.h"
11 #include "src/ast/prettyprinter.h"
12 #include "src/callable.h"
13 #include "src/counters.h"
14 #include "src/disasm.h"
15 #include "src/frames-inl.h"
16 #include "src/global-handles.h"
17 #include "src/interpreter/interpreter.h"
18 #include "src/macro-assembler.h"
19 #include "src/objects/debug-objects-inl.h"
20 #include "src/objects/smi.h"
21 #include "src/register-configuration.h"
22 #include "src/tracing/trace-event.h"
23 #include "src/v8.h"
24 
25 // Has to be the last include (doesn't have include guards)
26 #include "src/objects/object-macros.h"
27 
28 namespace v8 {
29 namespace internal {
30 
31 // {FrameWriter} offers a stack writer abstraction for writing
32 // FrameDescriptions. The main service the class provides is managing
33 // {top_offset_}, i.e. the offset of the next slot to write to.
34 class FrameWriter {
35  public:
36  static const int NO_INPUT_INDEX = -1;
37  FrameWriter(Deoptimizer* deoptimizer, FrameDescription* frame,
38  CodeTracer::Scope* trace_scope)
39  : deoptimizer_(deoptimizer),
40  frame_(frame),
41  trace_scope_(trace_scope),
42  top_offset_(frame->GetFrameSize()) {}
43 
44  void PushRawValue(intptr_t value, const char* debug_hint) {
45  PushValue(value);
46 
47  if (trace_scope_ != nullptr) {
48  DebugPrintOutputValue(value, debug_hint);
49  }
50  }
51 
52  void PushRawObject(Object* obj, const char* debug_hint) {
53  intptr_t value = reinterpret_cast<intptr_t>(obj);
54  PushValue(value);
55  if (trace_scope_ != nullptr) {
56  DebugPrintOutputObject(obj, top_offset_, debug_hint);
57  }
58  }
59 
60  void PushCallerPc(intptr_t pc) {
61  top_offset_ -= kPCOnStackSize;
62  frame_->SetCallerPc(top_offset_, pc);
63  DebugPrintOutputValue(pc, "caller's pc\n");
64  }
65 
66  void PushCallerFp(intptr_t fp) {
67  top_offset_ -= kFPOnStackSize;
68  frame_->SetCallerFp(top_offset_, fp);
69  DebugPrintOutputValue(fp, "caller's fp\n");
70  }
71 
72  void PushCallerConstantPool(intptr_t cp) {
73  top_offset_ -= kPointerSize;
74  frame_->SetCallerConstantPool(top_offset_, cp);
75  DebugPrintOutputValue(cp, "caller's constant_pool\n");
76  }
77 
78  void PushTranslatedValue(const TranslatedFrame::iterator& iterator,
79  const char* debug_hint = "") {
80  Object* obj = iterator->GetRawValue();
81 
82  PushRawObject(obj, debug_hint);
83 
84  if (trace_scope_) {
85  PrintF(trace_scope_->file(), " (input #%d)\n", iterator.input_index());
86  }
87 
88  deoptimizer_->QueueValueForMaterialization(output_address(top_offset_), obj,
89  iterator);
90  }
91 
92  unsigned top_offset() const { return top_offset_; }
93 
94  private:
95  void PushValue(intptr_t value) {
96  CHECK_GE(top_offset_, 0);
97  top_offset_ -= kPointerSize;
98  frame_->SetFrameSlot(top_offset_, value);
99  }
100 
101  Address output_address(unsigned output_offset) {
102  Address output_address =
103  static_cast<Address>(frame_->GetTop()) + output_offset;
104  return output_address;
105  }
106 
107  void DebugPrintOutputValue(intptr_t value, const char* debug_hint = "") {
108  if (trace_scope_ != nullptr) {
109  PrintF(trace_scope_->file(),
110  " " V8PRIxPTR_FMT ": [top + %3d] <- " V8PRIxPTR_FMT " ; %s",
111  output_address(top_offset_), top_offset_, value, debug_hint);
112  }
113  }
114 
115  void DebugPrintOutputObject(Object* obj, unsigned output_offset,
116  const char* debug_hint = "") {
117  if (trace_scope_ != nullptr) {
118  PrintF(trace_scope_->file(), " " V8PRIxPTR_FMT ": [top + %3d] <- ",
119  output_address(output_offset), output_offset);
120  if (obj->IsSmi()) {
121  PrintF(V8PRIxPTR_FMT " <Smi %d>", reinterpret_cast<Address>(obj),
122  Smi::cast(obj)->value());
123  } else {
124  obj->ShortPrint(trace_scope_->file());
125  }
126  PrintF(trace_scope_->file(), " ; %s", debug_hint);
127  }
128  }
129 
130  Deoptimizer* deoptimizer_;
131  FrameDescription* frame_;
132  CodeTracer::Scope* trace_scope_;
133  unsigned top_offset_;
134 };
135 
136 DeoptimizerData::DeoptimizerData(Heap* heap) : heap_(heap), current_(nullptr) {
137  Code* start = &deopt_entry_code_[0];
138  Code* end = &deopt_entry_code_[DeoptimizerData::kLastDeoptimizeKind + 1];
139  heap_->RegisterStrongRoots(ObjectSlot(start), ObjectSlot(end));
140 }
141 
142 
143 DeoptimizerData::~DeoptimizerData() {
144  Code* start = &deopt_entry_code_[0];
145  heap_->UnregisterStrongRoots(ObjectSlot(start));
146 }
147 
148 Code DeoptimizerData::deopt_entry_code(DeoptimizeKind kind) {
149  return deopt_entry_code_[static_cast<int>(kind)];
150 }
151 
152 void DeoptimizerData::set_deopt_entry_code(DeoptimizeKind kind, Code code) {
153  deopt_entry_code_[static_cast<int>(kind)] = code;
154 }
155 
156 Code Deoptimizer::FindDeoptimizingCode(Address addr) {
157  if (function_->IsHeapObject()) {
158  // Search all deoptimizing code in the native context of the function.
159  Isolate* isolate = isolate_;
160  Context native_context = function_->context()->native_context();
161  Object* element = native_context->DeoptimizedCodeListHead();
162  while (!element->IsUndefined(isolate)) {
163  Code code = Code::cast(element);
164  CHECK(code->kind() == Code::OPTIMIZED_FUNCTION);
165  if (code->contains(addr)) return code;
166  element = code->next_code_link();
167  }
168  }
169  return Code();
170 }
171 
172 
173 // We rely on this function not causing a GC. It is called from generated code
174 // without having a real stack frame in place.
175 Deoptimizer* Deoptimizer::New(JSFunction* function, DeoptimizeKind kind,
176  unsigned bailout_id, Address from,
177  int fp_to_sp_delta, Isolate* isolate) {
178  Deoptimizer* deoptimizer = new Deoptimizer(isolate, function, kind,
179  bailout_id, from, fp_to_sp_delta);
180  CHECK_NULL(isolate->deoptimizer_data()->current_);
181  isolate->deoptimizer_data()->current_ = deoptimizer;
182  return deoptimizer;
183 }
184 
185 
186 Deoptimizer* Deoptimizer::Grab(Isolate* isolate) {
187  Deoptimizer* result = isolate->deoptimizer_data()->current_;
188  CHECK_NOT_NULL(result);
189  result->DeleteFrameDescriptions();
190  isolate->deoptimizer_data()->current_ = nullptr;
191  return result;
192 }
193 
194 DeoptimizedFrameInfo* Deoptimizer::DebuggerInspectableFrame(
195  JavaScriptFrame* frame,
196  int jsframe_index,
197  Isolate* isolate) {
198  CHECK(frame->is_optimized());
199 
200  TranslatedState translated_values(frame);
201  translated_values.Prepare(frame->fp());
202 
203  TranslatedState::iterator frame_it = translated_values.end();
204  int counter = jsframe_index;
205  for (auto it = translated_values.begin(); it != translated_values.end();
206  it++) {
207  if (it->kind() == TranslatedFrame::kInterpretedFunction ||
208  it->kind() == TranslatedFrame::kJavaScriptBuiltinContinuation ||
209  it->kind() ==
210  TranslatedFrame::kJavaScriptBuiltinContinuationWithCatch) {
211  if (counter == 0) {
212  frame_it = it;
213  break;
214  }
215  counter--;
216  }
217  }
218  CHECK(frame_it != translated_values.end());
219  // We only include kJavaScriptBuiltinContinuation frames above to get the
220  // counting right.
221  CHECK_EQ(frame_it->kind(), TranslatedFrame::kInterpretedFunction);
222 
223  DeoptimizedFrameInfo* info =
224  new DeoptimizedFrameInfo(&translated_values, frame_it, isolate);
225 
226  return info;
227 }
228 
229 void Deoptimizer::GenerateDeoptimizationEntries(MacroAssembler* masm, int count,
230  DeoptimizeKind kind) {
231  NoRootArrayScope no_root_array(masm);
232  TableEntryGenerator generator(masm, kind, count);
233  generator.Generate();
234 }
235 
236 namespace {
237 class ActivationsFinder : public ThreadVisitor {
238  public:
239  explicit ActivationsFinder(std::set<Code>* codes, Code topmost_optimized_code,
240  bool safe_to_deopt_topmost_optimized_code)
241  : codes_(codes) {
242 #ifdef DEBUG
243  topmost_ = topmost_optimized_code;
244  safe_to_deopt_ = safe_to_deopt_topmost_optimized_code;
245 #endif
246  }
247 
248  // Find the frames with activations of codes marked for deoptimization, search
249  // for the trampoline to the deoptimizer call respective to each code, and use
250  // it to replace the current pc on the stack.
251  void VisitThread(Isolate* isolate, ThreadLocalTop* top) override {
252  for (StackFrameIterator it(isolate, top); !it.done(); it.Advance()) {
253  if (it.frame()->type() == StackFrame::OPTIMIZED) {
254  Code code = it.frame()->LookupCode();
255  if (code->kind() == Code::OPTIMIZED_FUNCTION &&
256  code->marked_for_deoptimization()) {
257  codes_->erase(code);
258  // Obtain the trampoline to the deoptimizer call.
259  SafepointEntry safepoint = code->GetSafepointEntry(it.frame()->pc());
260  int trampoline_pc = safepoint.trampoline_pc();
261  DCHECK_IMPLIES(code == topmost_, safe_to_deopt_);
262  // Replace the current pc on the stack with the trampoline.
263  it.frame()->set_pc(code->raw_instruction_start() + trampoline_pc);
264  }
265  }
266  }
267  }
268 
269  private:
270  std::set<Code>* codes_;
271 
272 #ifdef DEBUG
273  Code topmost_;
274  bool safe_to_deopt_;
275 #endif
276 };
277 } // namespace
278 
279 // Move marked code from the optimized code list to the deoptimized code list,
280 // and replace pc on the stack for codes marked for deoptimization.
281 void Deoptimizer::DeoptimizeMarkedCodeForContext(Context context) {
282  DisallowHeapAllocation no_allocation;
283 
284  Isolate* isolate = context->GetHeap()->isolate();
285  Code topmost_optimized_code;
286  bool safe_to_deopt_topmost_optimized_code = false;
287 #ifdef DEBUG
288  // Make sure all activations of optimized code can deopt at their current PC.
289  // The topmost optimized code has special handling because it cannot be
290  // deoptimized due to weak object dependency.
291  for (StackFrameIterator it(isolate, isolate->thread_local_top());
292  !it.done(); it.Advance()) {
293  StackFrame::Type type = it.frame()->type();
294  if (type == StackFrame::OPTIMIZED) {
295  Code code = it.frame()->LookupCode();
296  JSFunction* function =
297  static_cast<OptimizedFrame*>(it.frame())->function();
298  if (FLAG_trace_deopt) {
299  CodeTracer::Scope scope(isolate->GetCodeTracer());
300  PrintF(scope.file(), "[deoptimizer found activation of function: ");
301  function->PrintName(scope.file());
302  PrintF(scope.file(),
303  " / %" V8PRIxPTR "]\n", reinterpret_cast<intptr_t>(function));
304  }
305  SafepointEntry safepoint = code->GetSafepointEntry(it.frame()->pc());
306  int deopt_index = safepoint.deoptimization_index();
307 
308  // Turbofan deopt is checked when we are patching addresses on stack.
309  bool safe_if_deopt_triggered =
310  deopt_index != Safepoint::kNoDeoptimizationIndex;
311  bool is_builtin_code = code->kind() == Code::BUILTIN;
312  DCHECK(topmost_optimized_code.is_null() || safe_if_deopt_triggered ||
313  is_builtin_code);
314  if (topmost_optimized_code.is_null()) {
315  topmost_optimized_code = code;
316  safe_to_deopt_topmost_optimized_code = safe_if_deopt_triggered;
317  }
318  }
319  }
320 #endif
321 
322  // We will use this set to mark those Code objects that are marked for
323  // deoptimization and have not been found in stack frames.
324  std::set<Code> codes;
325 
326  // Move marked code from the optimized code list to the deoptimized code list.
327  // Walk over all optimized code objects in this native context.
328  Code prev;
329  Object* element = context->OptimizedCodeListHead();
330  while (!element->IsUndefined(isolate)) {
331  Code code = Code::cast(element);
332  CHECK_EQ(code->kind(), Code::OPTIMIZED_FUNCTION);
333  Object* next = code->next_code_link();
334 
335  if (code->marked_for_deoptimization()) {
336  codes.insert(code);
337 
338  if (!prev.is_null()) {
339  // Skip this code in the optimized code list.
340  prev->set_next_code_link(next);
341  } else {
342  // There was no previous node, the next node is the new head.
343  context->SetOptimizedCodeListHead(next);
344  }
345 
346  // Move the code to the _deoptimized_ code list.
347  code->set_next_code_link(context->DeoptimizedCodeListHead());
348  context->SetDeoptimizedCodeListHead(code);
349  } else {
350  // Not marked; preserve this element.
351  prev = code;
352  }
353  element = next;
354  }
355 
356  ActivationsFinder visitor(&codes, topmost_optimized_code,
357  safe_to_deopt_topmost_optimized_code);
358  // Iterate over the stack of this thread.
359  visitor.VisitThread(isolate, isolate->thread_local_top());
360  // In addition to iterate over the stack of this thread, we also
361  // need to consider all the other threads as they may also use
362  // the code currently beings deoptimized.
363  isolate->thread_manager()->IterateArchivedThreads(&visitor);
364 
365  // If there's no activation of a code in any stack then we can remove its
366  // deoptimization data. We do this to ensure that code objects that are
367  // unlinked don't transitively keep objects alive unnecessarily.
368  for (Code code : codes) {
369  isolate->heap()->InvalidateCodeDeoptimizationData(code);
370  }
371 }
372 
373 
374 void Deoptimizer::DeoptimizeAll(Isolate* isolate) {
375  RuntimeCallTimerScope runtimeTimer(isolate,
376  RuntimeCallCounterId::kDeoptimizeCode);
377  TimerEventScope<TimerEventDeoptimizeCode> timer(isolate);
378  TRACE_EVENT0("v8", "V8.DeoptimizeCode");
379  if (FLAG_trace_deopt) {
380  CodeTracer::Scope scope(isolate->GetCodeTracer());
381  PrintF(scope.file(), "[deoptimize all code in all contexts]\n");
382  }
383  isolate->AbortConcurrentOptimization(BlockingBehavior::kBlock);
384  DisallowHeapAllocation no_allocation;
385  // For all contexts, mark all code, then deoptimize.
386  Object* context = isolate->heap()->native_contexts_list();
387  while (!context->IsUndefined(isolate)) {
388  Context native_context = Context::cast(context);
389  MarkAllCodeForContext(native_context);
390  DeoptimizeMarkedCodeForContext(native_context);
391  context = native_context->next_context_link();
392  }
393 }
394 
395 
396 void Deoptimizer::DeoptimizeMarkedCode(Isolate* isolate) {
397  RuntimeCallTimerScope runtimeTimer(isolate,
398  RuntimeCallCounterId::kDeoptimizeCode);
399  TimerEventScope<TimerEventDeoptimizeCode> timer(isolate);
400  TRACE_EVENT0("v8", "V8.DeoptimizeCode");
401  if (FLAG_trace_deopt) {
402  CodeTracer::Scope scope(isolate->GetCodeTracer());
403  PrintF(scope.file(), "[deoptimize marked code in all contexts]\n");
404  }
405  DisallowHeapAllocation no_allocation;
406  // For all contexts, deoptimize code already marked.
407  Object* context = isolate->heap()->native_contexts_list();
408  while (!context->IsUndefined(isolate)) {
409  Context native_context = Context::cast(context);
410  DeoptimizeMarkedCodeForContext(native_context);
411  context = native_context->next_context_link();
412  }
413 }
414 
415 void Deoptimizer::MarkAllCodeForContext(Context context) {
416  Object* element = context->OptimizedCodeListHead();
417  Isolate* isolate = context->GetIsolate();
418  while (!element->IsUndefined(isolate)) {
419  Code code = Code::cast(element);
420  CHECK_EQ(code->kind(), Code::OPTIMIZED_FUNCTION);
421  code->set_marked_for_deoptimization(true);
422  element = code->next_code_link();
423  }
424 }
425 
426 void Deoptimizer::DeoptimizeFunction(JSFunction* function, Code code) {
427  Isolate* isolate = function->GetIsolate();
428  RuntimeCallTimerScope runtimeTimer(isolate,
429  RuntimeCallCounterId::kDeoptimizeCode);
430  TimerEventScope<TimerEventDeoptimizeCode> timer(isolate);
431  TRACE_EVENT0("v8", "V8.DeoptimizeCode");
432  if (code.is_null()) code = function->code();
433 
434  if (code->kind() == Code::OPTIMIZED_FUNCTION) {
435  // Mark the code for deoptimization and unlink any functions that also
436  // refer to that code. The code cannot be shared across native contexts,
437  // so we only need to search one.
438  code->set_marked_for_deoptimization(true);
439  // The code in the function's optimized code feedback vector slot might
440  // be different from the code on the function - evict it if necessary.
441  function->feedback_vector()->EvictOptimizedCodeMarkedForDeoptimization(
442  function->shared(), "unlinking code marked for deopt");
443  if (!code->deopt_already_counted()) {
444  function->feedback_vector()->increment_deopt_count();
445  code->set_deopt_already_counted(true);
446  }
447  DeoptimizeMarkedCodeForContext(function->context()->native_context());
448  }
449 }
450 
451 
452 void Deoptimizer::ComputeOutputFrames(Deoptimizer* deoptimizer) {
453  deoptimizer->DoComputeOutputFrames();
454 }
455 
456 const char* Deoptimizer::MessageFor(DeoptimizeKind kind) {
457  switch (kind) {
458  case DeoptimizeKind::kEager:
459  return "eager";
460  case DeoptimizeKind::kSoft:
461  return "soft";
462  case DeoptimizeKind::kLazy:
463  return "lazy";
464  }
465  FATAL("Unsupported deopt kind");
466  return nullptr;
467 }
468 
469 Deoptimizer::Deoptimizer(Isolate* isolate, JSFunction* function,
470  DeoptimizeKind kind, unsigned bailout_id, Address from,
471  int fp_to_sp_delta)
472  : isolate_(isolate),
473  function_(function),
474  bailout_id_(bailout_id),
475  deopt_kind_(kind),
476  from_(from),
477  fp_to_sp_delta_(fp_to_sp_delta),
478  deoptimizing_throw_(false),
479  catch_handler_data_(-1),
480  catch_handler_pc_offset_(-1),
481  input_(nullptr),
482  output_count_(0),
483  jsframe_count_(0),
484  output_(nullptr),
485  caller_frame_top_(0),
486  caller_fp_(0),
487  caller_pc_(0),
488  caller_constant_pool_(0),
489  input_frame_context_(0),
490  stack_fp_(0),
491  trace_scope_(nullptr) {
492  if (isolate->deoptimizer_lazy_throw()) {
493  isolate->set_deoptimizer_lazy_throw(false);
494  deoptimizing_throw_ = true;
495  }
496 
497  DCHECK_NE(from, kNullAddress);
498  compiled_code_ = FindOptimizedCode();
499  DCHECK(!compiled_code_.is_null());
500 
501  DCHECK(function->IsJSFunction());
502  trace_scope_ = FLAG_trace_deopt
503  ? new CodeTracer::Scope(isolate->GetCodeTracer())
504  : nullptr;
505 #ifdef DEBUG
506  DCHECK(AllowHeapAllocation::IsAllowed());
507  disallow_heap_allocation_ = new DisallowHeapAllocation();
508 #endif // DEBUG
509  if (compiled_code_->kind() != Code::OPTIMIZED_FUNCTION ||
510  !compiled_code_->deopt_already_counted()) {
511  // If the function is optimized, and we haven't counted that deopt yet, then
512  // increment the function's deopt count so that we can avoid optimising
513  // functions that deopt too often.
514 
515  if (deopt_kind_ == DeoptimizeKind::kSoft) {
516  // Soft deopts shouldn't count against the overall deoptimization count
517  // that can eventually lead to disabling optimization for a function.
518  isolate->counters()->soft_deopts_executed()->Increment();
519  } else if (function != nullptr) {
520  function->feedback_vector()->increment_deopt_count();
521  }
522  }
523  if (compiled_code_->kind() == Code::OPTIMIZED_FUNCTION) {
524  compiled_code_->set_deopt_already_counted(true);
525  PROFILE(isolate_,
526  CodeDeoptEvent(compiled_code_, kind, from_, fp_to_sp_delta_));
527  }
528  unsigned size = ComputeInputFrameSize();
529  int parameter_count =
530  function->shared()->internal_formal_parameter_count() + 1;
531  input_ = new (size) FrameDescription(size, parameter_count);
532 }
533 
534 Code Deoptimizer::FindOptimizedCode() {
535  Code compiled_code = FindDeoptimizingCode(from_);
536  return !compiled_code.is_null() ? compiled_code
537  : isolate_->FindCodeObject(from_);
538 }
539 
540 
541 void Deoptimizer::PrintFunctionName() {
542  if (function_->IsHeapObject() && function_->IsJSFunction()) {
543  function_->ShortPrint(trace_scope_->file());
544  } else {
545  PrintF(trace_scope_->file(),
546  "%s", Code::Kind2String(compiled_code_->kind()));
547  }
548 }
549 
550 Handle<JSFunction> Deoptimizer::function() const {
551  return Handle<JSFunction>(function_, isolate());
552 }
553 Handle<Code> Deoptimizer::compiled_code() const {
554  return Handle<Code>(compiled_code_, isolate());
555 }
556 
557 Deoptimizer::~Deoptimizer() {
558  DCHECK(input_ == nullptr && output_ == nullptr);
559  DCHECK_NULL(disallow_heap_allocation_);
560  delete trace_scope_;
561 }
562 
563 
564 void Deoptimizer::DeleteFrameDescriptions() {
565  delete input_;
566  for (int i = 0; i < output_count_; ++i) {
567  if (output_[i] != input_) delete output_[i];
568  }
569  delete[] output_;
570  input_ = nullptr;
571  output_ = nullptr;
572 #ifdef DEBUG
573  DCHECK(!AllowHeapAllocation::IsAllowed());
574  DCHECK_NOT_NULL(disallow_heap_allocation_);
575  delete disallow_heap_allocation_;
576  disallow_heap_allocation_ = nullptr;
577 #endif // DEBUG
578 }
579 
580 Address Deoptimizer::GetDeoptimizationEntry(Isolate* isolate, int id,
581  DeoptimizeKind kind) {
582  CHECK_GE(id, 0);
583  if (id >= kMaxNumberOfEntries) return kNullAddress;
584  DeoptimizerData* data = isolate->deoptimizer_data();
585  CHECK_LE(kind, DeoptimizerData::kLastDeoptimizeKind);
586  CHECK(!data->deopt_entry_code(kind).is_null());
587  Code code = data->deopt_entry_code(kind);
588  return code->raw_instruction_start() + (id * table_entry_size_);
589 }
590 
591 int Deoptimizer::GetDeoptimizationId(Isolate* isolate, Address addr,
592  DeoptimizeKind kind) {
593  DeoptimizerData* data = isolate->deoptimizer_data();
594  CHECK_LE(kind, DeoptimizerData::kLastDeoptimizeKind);
595  DCHECK(IsInDeoptimizationTable(isolate, addr, kind));
596  Code code = data->deopt_entry_code(kind);
597  Address start = code->raw_instruction_start();
598  DCHECK_EQ(0,
599  static_cast<int>(addr - start) % table_entry_size_);
600  return static_cast<int>(addr - start) / table_entry_size_;
601 }
602 
603 bool Deoptimizer::IsInDeoptimizationTable(Isolate* isolate, Address addr,
604  DeoptimizeKind type) {
605  DeoptimizerData* data = isolate->deoptimizer_data();
606  CHECK_LE(type, DeoptimizerData::kLastDeoptimizeKind);
607  Code code = data->deopt_entry_code(type);
608  if (code.is_null()) return false;
609  Address start = code->raw_instruction_start();
610  return ((table_entry_size_ == 0 && addr == start) ||
611  (addr >= start &&
612  addr < start + (kMaxNumberOfEntries * table_entry_size_)));
613 }
614 
615 bool Deoptimizer::IsDeoptimizationEntry(Isolate* isolate, Address addr,
616  DeoptimizeKind* type) {
617  if (IsInDeoptimizationTable(isolate, addr, DeoptimizeKind::kEager)) {
618  *type = DeoptimizeKind::kEager;
619  return true;
620  }
621  if (IsInDeoptimizationTable(isolate, addr, DeoptimizeKind::kSoft)) {
622  *type = DeoptimizeKind::kSoft;
623  return true;
624  }
625  if (IsInDeoptimizationTable(isolate, addr, DeoptimizeKind::kLazy)) {
626  *type = DeoptimizeKind::kLazy;
627  return true;
628  }
629  return false;
630 }
631 
632 int Deoptimizer::GetDeoptimizedCodeCount(Isolate* isolate) {
633  int length = 0;
634  // Count all entries in the deoptimizing code list of every context.
635  Object* context = isolate->heap()->native_contexts_list();
636  while (!context->IsUndefined(isolate)) {
637  Context native_context = Context::cast(context);
638  Object* element = native_context->DeoptimizedCodeListHead();
639  while (!element->IsUndefined(isolate)) {
640  Code code = Code::cast(element);
641  DCHECK(code->kind() == Code::OPTIMIZED_FUNCTION);
642  if (!code->marked_for_deoptimization()) {
643  length++;
644  }
645  element = code->next_code_link();
646  }
647  context = Context::cast(context)->next_context_link();
648  }
649  return length;
650 }
651 
652 namespace {
653 
654 int LookupCatchHandler(TranslatedFrame* translated_frame, int* data_out) {
655  switch (translated_frame->kind()) {
656  case TranslatedFrame::kInterpretedFunction: {
657  int bytecode_offset = translated_frame->node_id().ToInt();
658  HandlerTable table(
659  translated_frame->raw_shared_info()->GetBytecodeArray());
660  return table.LookupRange(bytecode_offset, data_out, nullptr);
661  }
662  case TranslatedFrame::kJavaScriptBuiltinContinuationWithCatch: {
663  return 0;
664  }
665  default:
666  break;
667  }
668  return -1;
669 }
670 
671 bool ShouldPadArguments(int arg_count) {
672  return kPadArguments && (arg_count % 2 != 0);
673 }
674 
675 } // namespace
676 
677 // We rely on this function not causing a GC. It is called from generated code
678 // without having a real stack frame in place.
679 void Deoptimizer::DoComputeOutputFrames() {
680  base::ElapsedTimer timer;
681 
682  // Determine basic deoptimization information. The optimized frame is
683  // described by the input data.
684  DeoptimizationData input_data =
685  DeoptimizationData::cast(compiled_code_->deoptimization_data());
686 
687  {
688  // Read caller's PC, caller's FP and caller's constant pool values
689  // from input frame. Compute caller's frame top address.
690 
691  Register fp_reg = JavaScriptFrame::fp_register();
692  stack_fp_ = input_->GetRegister(fp_reg.code());
693 
694  caller_frame_top_ = stack_fp_ + ComputeInputFrameAboveFpFixedSize();
695 
696  Address fp_address = input_->GetFramePointerAddress();
697  caller_fp_ = Memory<intptr_t>(fp_address);
698  caller_pc_ =
699  Memory<intptr_t>(fp_address + CommonFrameConstants::kCallerPCOffset);
700  input_frame_context_ = Memory<intptr_t>(
701  fp_address + CommonFrameConstants::kContextOrFrameTypeOffset);
702 
703  if (FLAG_enable_embedded_constant_pool) {
704  caller_constant_pool_ = Memory<intptr_t>(
705  fp_address + CommonFrameConstants::kConstantPoolOffset);
706  }
707  }
708 
709  if (trace_scope_ != nullptr) {
710  timer.Start();
711  PrintF(trace_scope_->file(), "[deoptimizing (DEOPT %s): begin ",
712  MessageFor(deopt_kind_));
713  PrintFunctionName();
714  PrintF(trace_scope_->file(),
715  " (opt #%d) @%d, FP to SP delta: %d, caller sp: " V8PRIxPTR_FMT
716  "]\n",
717  input_data->OptimizationId()->value(), bailout_id_, fp_to_sp_delta_,
718  caller_frame_top_);
719  if (deopt_kind_ == DeoptimizeKind::kEager ||
720  deopt_kind_ == DeoptimizeKind::kSoft) {
721  compiled_code_->PrintDeoptLocation(
722  trace_scope_->file(), " ;;; deoptimize at ", from_);
723  }
724  }
725 
726  BailoutId node_id = input_data->BytecodeOffset(bailout_id_);
727  ByteArray translations = input_data->TranslationByteArray();
728  unsigned translation_index =
729  input_data->TranslationIndex(bailout_id_)->value();
730 
731  TranslationIterator state_iterator(translations, translation_index);
732  translated_state_.Init(
733  isolate_, input_->GetFramePointerAddress(), &state_iterator,
734  input_data->LiteralArray(), input_->GetRegisterValues(),
735  trace_scope_ == nullptr ? nullptr : trace_scope_->file(),
736  function_->IsHeapObject()
737  ? function_->shared()->internal_formal_parameter_count()
738  : 0);
739 
740  // Do the input frame to output frame(s) translation.
741  size_t count = translated_state_.frames().size();
742  // If we are supposed to go to the catch handler, find the catching frame
743  // for the catch and make sure we only deoptimize upto that frame.
744  if (deoptimizing_throw_) {
745  size_t catch_handler_frame_index = count;
746  for (size_t i = count; i-- > 0;) {
747  catch_handler_pc_offset_ = LookupCatchHandler(
748  &(translated_state_.frames()[i]), &catch_handler_data_);
749  if (catch_handler_pc_offset_ >= 0) {
750  catch_handler_frame_index = i;
751  break;
752  }
753  }
754  CHECK_LT(catch_handler_frame_index, count);
755  count = catch_handler_frame_index + 1;
756  }
757 
758  DCHECK_NULL(output_);
759  output_ = new FrameDescription*[count];
760  for (size_t i = 0; i < count; ++i) {
761  output_[i] = nullptr;
762  }
763  output_count_ = static_cast<int>(count);
764 
765  // Translate each output frame.
766  int frame_index = 0; // output_frame_index
767  for (size_t i = 0; i < count; ++i, ++frame_index) {
768  // Read the ast node id, function, and frame height for this output frame.
769  TranslatedFrame* translated_frame = &(translated_state_.frames()[i]);
770  bool handle_exception = deoptimizing_throw_ && i == count - 1;
771  switch (translated_frame->kind()) {
772  case TranslatedFrame::kInterpretedFunction:
773  DoComputeInterpretedFrame(translated_frame, frame_index,
774  handle_exception);
775  jsframe_count_++;
776  break;
777  case TranslatedFrame::kArgumentsAdaptor:
778  DoComputeArgumentsAdaptorFrame(translated_frame, frame_index);
779  break;
780  case TranslatedFrame::kConstructStub:
781  DoComputeConstructStubFrame(translated_frame, frame_index);
782  break;
783  case TranslatedFrame::kBuiltinContinuation:
784  DoComputeBuiltinContinuation(translated_frame, frame_index,
785  BuiltinContinuationMode::STUB);
786  break;
787  case TranslatedFrame::kJavaScriptBuiltinContinuation:
788  DoComputeBuiltinContinuation(translated_frame, frame_index,
789  BuiltinContinuationMode::JAVASCRIPT);
790  break;
791  case TranslatedFrame::kJavaScriptBuiltinContinuationWithCatch:
792  DoComputeBuiltinContinuation(
793  translated_frame, frame_index,
794  handle_exception
795  ? BuiltinContinuationMode::JAVASCRIPT_HANDLE_EXCEPTION
796  : BuiltinContinuationMode::JAVASCRIPT_WITH_CATCH);
797  break;
798  case TranslatedFrame::kInvalid:
799  FATAL("invalid frame");
800  break;
801  }
802  }
803 
804  FrameDescription* topmost = output_[count - 1];
805  topmost->GetRegisterValues()->SetRegister(kRootRegister.code(),
806  isolate()->isolate_root());
807 
808  // Print some helpful diagnostic information.
809  if (trace_scope_ != nullptr) {
810  double ms = timer.Elapsed().InMillisecondsF();
811  int index = output_count_ - 1; // Index of the topmost frame.
812  PrintF(trace_scope_->file(), "[deoptimizing (%s): end ",
813  MessageFor(deopt_kind_));
814  PrintFunctionName();
815  PrintF(trace_scope_->file(),
816  " @%d => node=%d, pc=" V8PRIxPTR_FMT ", caller sp=" V8PRIxPTR_FMT
817  ", took %0.3f ms]\n",
818  bailout_id_, node_id.ToInt(), output_[index]->GetPc(),
819  caller_frame_top_, ms);
820  }
821 }
822 
823 void Deoptimizer::DoComputeInterpretedFrame(TranslatedFrame* translated_frame,
824  int frame_index,
825  bool goto_catch_handler) {
826  SharedFunctionInfo* shared = translated_frame->raw_shared_info();
827 
828  TranslatedFrame::iterator value_iterator = translated_frame->begin();
829  bool is_bottommost = (0 == frame_index);
830  bool is_topmost = (output_count_ - 1 == frame_index);
831 
832  int bytecode_offset = translated_frame->node_id().ToInt();
833  int height = translated_frame->height();
834  int register_count = height - 1; // Exclude accumulator.
835  int register_stack_slot_count =
836  InterpreterFrameConstants::RegisterStackSlotCount(register_count);
837  int height_in_bytes = register_stack_slot_count * kPointerSize;
838 
839  // The topmost frame will contain the accumulator.
840  if (is_topmost) {
841  height_in_bytes += kPointerSize;
842  if (PadTopOfStackRegister()) height_in_bytes += kPointerSize;
843  }
844 
845  TranslatedFrame::iterator function_iterator = value_iterator++;
846  if (trace_scope_ != nullptr) {
847  PrintF(trace_scope_->file(), " translating interpreted frame ");
848  std::unique_ptr<char[]> name = shared->DebugName()->ToCString();
849  PrintF(trace_scope_->file(), "%s", name.get());
850  PrintF(trace_scope_->file(), " => bytecode_offset=%d, height=%d%s\n",
851  bytecode_offset, height_in_bytes,
852  goto_catch_handler ? " (throw)" : "");
853  }
854  if (goto_catch_handler) {
855  bytecode_offset = catch_handler_pc_offset_;
856  }
857 
858  // The 'fixed' part of the frame consists of the incoming parameters and
859  // the part described by InterpreterFrameConstants. This will include
860  // argument padding, when needed.
861  unsigned fixed_frame_size = ComputeInterpretedFixedSize(shared);
862  unsigned output_frame_size = height_in_bytes + fixed_frame_size;
863 
864  // Allocate and store the output frame description.
865  int parameter_count = shared->internal_formal_parameter_count() + 1;
866  FrameDescription* output_frame = new (output_frame_size)
867  FrameDescription(output_frame_size, parameter_count);
868  FrameWriter frame_writer(this, output_frame, trace_scope_);
869 
870  CHECK(frame_index >= 0 && frame_index < output_count_);
871  CHECK_NULL(output_[frame_index]);
872  output_[frame_index] = output_frame;
873 
874  // The top address of the frame is computed from the previous frame's top and
875  // this frame's size.
876  intptr_t top_address;
877  if (is_bottommost) {
878  top_address = caller_frame_top_ - output_frame_size;
879  } else {
880  top_address = output_[frame_index - 1]->GetTop() - output_frame_size;
881  }
882  output_frame->SetTop(top_address);
883 
884  // Compute the incoming parameter translation.
885 
886  ReadOnlyRoots roots(isolate());
887  if (ShouldPadArguments(parameter_count)) {
888  frame_writer.PushRawObject(roots.the_hole_value(), "padding\n");
889  }
890 
891  for (int i = 0; i < parameter_count; ++i, ++value_iterator) {
892  frame_writer.PushTranslatedValue(value_iterator, "stack parameter");
893  }
894 
895  DCHECK_EQ(output_frame->GetLastArgumentSlotOffset(),
896  frame_writer.top_offset());
897  if (trace_scope_ != nullptr) {
898  PrintF(trace_scope_->file(), " -------------------------\n");
899  }
900 
901  // There are no translation commands for the caller's pc and fp, the
902  // context, the function and the bytecode offset. Synthesize
903  // their values and set them up
904  // explicitly.
905  //
906  // The caller's pc for the bottommost output frame is the same as in the
907  // input frame. For all subsequent output frames, it can be read from the
908  // previous one. This frame's pc can be computed from the non-optimized
909  // function code and AST id of the bailout.
910  const intptr_t caller_pc =
911  is_bottommost ? caller_pc_ : output_[frame_index - 1]->GetPc();
912  frame_writer.PushCallerPc(caller_pc);
913 
914  // The caller's frame pointer for the bottommost output frame is the same
915  // as in the input frame. For all subsequent output frames, it can be
916  // read from the previous one. Also compute and set this frame's frame
917  // pointer.
918  const intptr_t caller_fp =
919  is_bottommost ? caller_fp_ : output_[frame_index - 1]->GetFp();
920  frame_writer.PushCallerFp(caller_fp);
921 
922  intptr_t fp_value = top_address + frame_writer.top_offset();
923  output_frame->SetFp(fp_value);
924  if (is_topmost) {
925  Register fp_reg = InterpretedFrame::fp_register();
926  output_frame->SetRegister(fp_reg.code(), fp_value);
927  }
928 
929  if (FLAG_enable_embedded_constant_pool) {
930  // For the bottommost output frame the constant pool pointer can be gotten
931  // from the input frame. For subsequent output frames, it can be read from
932  // the previous frame.
933  const intptr_t caller_cp =
934  is_bottommost ? caller_constant_pool_
935  : output_[frame_index - 1]->GetConstantPool();
936  frame_writer.PushCallerConstantPool(caller_cp);
937  }
938 
939  // For the bottommost output frame the context can be gotten from the input
940  // frame. For all subsequent output frames it can be gotten from the function
941  // so long as we don't inline functions that need local contexts.
942 
943  // When deoptimizing into a catch block, we need to take the context
944  // from a register that was specified in the handler table.
945  TranslatedFrame::iterator context_pos = value_iterator++;
946  if (goto_catch_handler) {
947  // Skip to the translated value of the register specified
948  // in the handler table.
949  for (int i = 0; i < catch_handler_data_ + 1; ++i) {
950  context_pos++;
951  }
952  }
953  // Read the context from the translations.
954  Object* context = context_pos->GetRawValue();
955  output_frame->SetContext(reinterpret_cast<intptr_t>(context));
956  frame_writer.PushTranslatedValue(context_pos, "context");
957 
958  // The function was mentioned explicitly in the BEGIN_FRAME.
959  frame_writer.PushTranslatedValue(function_iterator, "function");
960 
961  // Set the bytecode array pointer.
962  Object* bytecode_array = shared->HasBreakInfo()
963  ? shared->GetDebugInfo()->DebugBytecodeArray()
964  : shared->GetBytecodeArray();
965  frame_writer.PushRawObject(bytecode_array, "bytecode array\n");
966 
967  // The bytecode offset was mentioned explicitly in the BEGIN_FRAME.
968  int raw_bytecode_offset =
969  BytecodeArray::kHeaderSize - kHeapObjectTag + bytecode_offset;
970  Smi smi_bytecode_offset = Smi::FromInt(raw_bytecode_offset);
971  frame_writer.PushRawObject(smi_bytecode_offset, "bytecode offset\n");
972 
973  if (trace_scope_ != nullptr) {
974  PrintF(trace_scope_->file(), " -------------------------\n");
975  }
976 
977  // Translate the rest of the interpreter registers in the frame.
978  // The return_value_offset is counted from the top. Here, we compute the
979  // register index (counted from the start).
980  int return_value_first_reg =
981  register_count - translated_frame->return_value_offset();
982  int return_value_count = translated_frame->return_value_count();
983  for (int i = 0; i < register_count; ++i, ++value_iterator) {
984  // Ensure we write the return value if we have one and we are returning
985  // normally to a lazy deopt point.
986  if (is_topmost && !goto_catch_handler &&
987  deopt_kind_ == DeoptimizeKind::kLazy && i >= return_value_first_reg &&
988  i < return_value_first_reg + return_value_count) {
989  int return_index = i - return_value_first_reg;
990  if (return_index == 0) {
991  frame_writer.PushRawValue(input_->GetRegister(kReturnRegister0.code()),
992  "return value 0\n");
993  // We do not handle the situation when one return value should go into
994  // the accumulator and another one into an ordinary register. Since
995  // the interpreter should never create such situation, just assert
996  // this does not happen.
997  CHECK_LE(return_value_first_reg + return_value_count, register_count);
998  } else {
999  CHECK_EQ(return_index, 1);
1000  frame_writer.PushRawValue(input_->GetRegister(kReturnRegister1.code()),
1001  "return value 1\n");
1002  }
1003  } else {
1004  // This is not return value, just write the value from the translations.
1005  frame_writer.PushTranslatedValue(value_iterator, "stack parameter");
1006  }
1007  }
1008 
1009  int register_slots_written = register_count;
1010  DCHECK_LE(register_slots_written, register_stack_slot_count);
1011  // Some architectures must pad the stack frame with extra stack slots
1012  // to ensure the stack frame is aligned. Do this now.
1013  while (register_slots_written < register_stack_slot_count) {
1014  register_slots_written++;
1015  frame_writer.PushRawObject(roots.the_hole_value(), "padding\n");
1016  }
1017 
1018  // Translate the accumulator register (depending on frame position).
1019  if (is_topmost) {
1020  if (PadTopOfStackRegister()) {
1021  frame_writer.PushRawObject(roots.the_hole_value(), "padding\n");
1022  }
1023  // For topmost frame, put the accumulator on the stack. The
1024  // {NotifyDeoptimized} builtin pops it off the topmost frame (possibly
1025  // after materialization).
1026  if (goto_catch_handler) {
1027  // If we are lazy deopting to a catch handler, we set the accumulator to
1028  // the exception (which lives in the result register).
1029  intptr_t accumulator_value =
1030  input_->GetRegister(kInterpreterAccumulatorRegister.code());
1031  frame_writer.PushRawObject(reinterpret_cast<Object*>(accumulator_value),
1032  "accumulator\n");
1033  } else {
1034  // If we are lazily deoptimizing make sure we store the deopt
1035  // return value into the appropriate slot.
1036  if (deopt_kind_ == DeoptimizeKind::kLazy &&
1037  translated_frame->return_value_offset() == 0 &&
1038  translated_frame->return_value_count() > 0) {
1039  CHECK_EQ(translated_frame->return_value_count(), 1);
1040  frame_writer.PushRawValue(input_->GetRegister(kReturnRegister0.code()),
1041  "return value 0\n");
1042  } else {
1043  frame_writer.PushTranslatedValue(value_iterator, "accumulator");
1044  }
1045  }
1046  ++value_iterator; // Move over the accumulator.
1047  } else {
1048  // For non-topmost frames, skip the accumulator translation. For those
1049  // frames, the return value from the callee will become the accumulator.
1050  ++value_iterator;
1051  }
1052  CHECK_EQ(translated_frame->end(), value_iterator);
1053  CHECK_EQ(0u, frame_writer.top_offset());
1054 
1055  // Compute this frame's PC and state. The PC will be a special builtin that
1056  // continues the bytecode dispatch. Note that non-topmost and lazy-style
1057  // bailout handlers also advance the bytecode offset before dispatch, hence
1058  // simulating what normal handlers do upon completion of the operation.
1059  Builtins* builtins = isolate_->builtins();
1060  Code dispatch_builtin =
1061  (!is_topmost || (deopt_kind_ == DeoptimizeKind::kLazy)) &&
1062  !goto_catch_handler
1063  ? builtins->builtin(Builtins::kInterpreterEnterBytecodeAdvance)
1064  : builtins->builtin(Builtins::kInterpreterEnterBytecodeDispatch);
1065  output_frame->SetPc(
1066  static_cast<intptr_t>(dispatch_builtin->InstructionStart()));
1067 
1068  // Update constant pool.
1069  if (FLAG_enable_embedded_constant_pool) {
1070  intptr_t constant_pool_value =
1071  static_cast<intptr_t>(dispatch_builtin->constant_pool());
1072  output_frame->SetConstantPool(constant_pool_value);
1073  if (is_topmost) {
1074  Register constant_pool_reg =
1075  InterpretedFrame::constant_pool_pointer_register();
1076  output_frame->SetRegister(constant_pool_reg.code(), constant_pool_value);
1077  }
1078  }
1079 
1080  // Clear the context register. The context might be a de-materialized object
1081  // and will be materialized by {Runtime_NotifyDeoptimized}. For additional
1082  // safety we use Smi(0) instead of the potential {arguments_marker} here.
1083  if (is_topmost) {
1084  intptr_t context_value = static_cast<intptr_t>(Smi::zero().ptr());
1085  Register context_reg = JavaScriptFrame::context_register();
1086  output_frame->SetRegister(context_reg.code(), context_value);
1087  // Set the continuation for the topmost frame.
1088  Code continuation = builtins->builtin(Builtins::kNotifyDeoptimized);
1089  output_frame->SetContinuation(
1090  static_cast<intptr_t>(continuation->InstructionStart()));
1091  }
1092 }
1093 
1094 void Deoptimizer::DoComputeArgumentsAdaptorFrame(
1095  TranslatedFrame* translated_frame, int frame_index) {
1096  TranslatedFrame::iterator value_iterator = translated_frame->begin();
1097  bool is_bottommost = (0 == frame_index);
1098 
1099  unsigned height = translated_frame->height();
1100  unsigned height_in_bytes = height * kPointerSize;
1101  int parameter_count = height;
1102  if (ShouldPadArguments(parameter_count)) height_in_bytes += kPointerSize;
1103 
1104  TranslatedFrame::iterator function_iterator = value_iterator++;
1105  if (trace_scope_ != nullptr) {
1106  PrintF(trace_scope_->file(),
1107  " translating arguments adaptor => height=%d\n", height_in_bytes);
1108  }
1109 
1110  unsigned fixed_frame_size = ArgumentsAdaptorFrameConstants::kFixedFrameSize;
1111  unsigned output_frame_size = height_in_bytes + fixed_frame_size;
1112 
1113  // Allocate and store the output frame description.
1114  FrameDescription* output_frame = new (output_frame_size)
1115  FrameDescription(output_frame_size, parameter_count);
1116  FrameWriter frame_writer(this, output_frame, trace_scope_);
1117 
1118  // Arguments adaptor can not be topmost.
1119  CHECK(frame_index < output_count_ - 1);
1120  CHECK_NULL(output_[frame_index]);
1121  output_[frame_index] = output_frame;
1122 
1123  // The top address of the frame is computed from the previous frame's top and
1124  // this frame's size.
1125  intptr_t top_address;
1126  if (is_bottommost) {
1127  top_address = caller_frame_top_ - output_frame_size;
1128  } else {
1129  top_address = output_[frame_index - 1]->GetTop() - output_frame_size;
1130  }
1131  output_frame->SetTop(top_address);
1132 
1133  ReadOnlyRoots roots(isolate());
1134  if (ShouldPadArguments(parameter_count)) {
1135  frame_writer.PushRawObject(roots.the_hole_value(), "padding\n");
1136  }
1137 
1138  // Compute the incoming parameter translation.
1139  for (int i = 0; i < parameter_count; ++i, ++value_iterator) {
1140  frame_writer.PushTranslatedValue(value_iterator, "stack parameter");
1141  }
1142 
1143  DCHECK_EQ(output_frame->GetLastArgumentSlotOffset(),
1144  frame_writer.top_offset());
1145 
1146  // Read caller's PC from the previous frame.
1147  const intptr_t caller_pc =
1148  is_bottommost ? caller_pc_ : output_[frame_index - 1]->GetPc();
1149  frame_writer.PushCallerPc(caller_pc);
1150 
1151  // Read caller's FP from the previous frame, and set this frame's FP.
1152  const intptr_t caller_fp =
1153  is_bottommost ? caller_fp_ : output_[frame_index - 1]->GetFp();
1154  frame_writer.PushCallerFp(caller_fp);
1155 
1156  intptr_t fp_value = top_address + frame_writer.top_offset();
1157  output_frame->SetFp(fp_value);
1158 
1159  if (FLAG_enable_embedded_constant_pool) {
1160  // Read the caller's constant pool from the previous frame.
1161  const intptr_t caller_cp =
1162  is_bottommost ? caller_constant_pool_
1163  : output_[frame_index - 1]->GetConstantPool();
1164  frame_writer.PushCallerConstantPool(caller_cp);
1165  }
1166 
1167  // A marker value is used in place of the context.
1168  intptr_t marker = StackFrame::TypeToMarker(StackFrame::ARGUMENTS_ADAPTOR);
1169  frame_writer.PushRawValue(marker, "context (adaptor sentinel)\n");
1170 
1171  // The function was mentioned explicitly in the ARGUMENTS_ADAPTOR_FRAME.
1172  frame_writer.PushTranslatedValue(function_iterator, "function\n");
1173 
1174  // Number of incoming arguments.
1175  frame_writer.PushRawObject(Smi::FromInt(height - 1), "argc\n");
1176 
1177  frame_writer.PushRawObject(roots.the_hole_value(), "padding\n");
1178 
1179  CHECK_EQ(translated_frame->end(), value_iterator);
1180  DCHECK_EQ(0, frame_writer.top_offset());
1181 
1182  Builtins* builtins = isolate_->builtins();
1183  Code adaptor_trampoline =
1184  builtins->builtin(Builtins::kArgumentsAdaptorTrampoline);
1185  intptr_t pc_value = static_cast<intptr_t>(
1186  adaptor_trampoline->InstructionStart() +
1187  isolate_->heap()->arguments_adaptor_deopt_pc_offset()->value());
1188  output_frame->SetPc(pc_value);
1189  if (FLAG_enable_embedded_constant_pool) {
1190  intptr_t constant_pool_value =
1191  static_cast<intptr_t>(adaptor_trampoline->constant_pool());
1192  output_frame->SetConstantPool(constant_pool_value);
1193  }
1194 }
1195 
1196 void Deoptimizer::DoComputeConstructStubFrame(TranslatedFrame* translated_frame,
1197  int frame_index) {
1198  TranslatedFrame::iterator value_iterator = translated_frame->begin();
1199  bool is_topmost = (output_count_ - 1 == frame_index);
1200  // The construct frame could become topmost only if we inlined a constructor
1201  // call which does a tail call (otherwise the tail callee's frame would be
1202  // the topmost one). So it could only be the DeoptimizeKind::kLazy case.
1203  CHECK(!is_topmost || deopt_kind_ == DeoptimizeKind::kLazy);
1204 
1205  Builtins* builtins = isolate_->builtins();
1206  Code construct_stub = builtins->builtin(Builtins::kJSConstructStubGeneric);
1207  BailoutId bailout_id = translated_frame->node_id();
1208  unsigned height = translated_frame->height();
1209  unsigned parameter_count = height - 1; // Exclude the context.
1210  unsigned height_in_bytes = parameter_count * kPointerSize;
1211 
1212  // If the construct frame appears to be topmost we should ensure that the
1213  // value of result register is preserved during continuation execution.
1214  // We do this here by "pushing" the result of the constructor function to the
1215  // top of the reconstructed stack and popping it in
1216  // {Builtins::kNotifyDeoptimized}.
1217  if (is_topmost) {
1218  height_in_bytes += kPointerSize;
1219  if (PadTopOfStackRegister()) height_in_bytes += kPointerSize;
1220  }
1221 
1222  if (ShouldPadArguments(parameter_count)) height_in_bytes += kPointerSize;
1223 
1224  TranslatedFrame::iterator function_iterator = value_iterator++;
1225  if (trace_scope_ != nullptr) {
1226  PrintF(trace_scope_->file(),
1227  " translating construct stub => bailout_id=%d (%s), height=%d\n",
1228  bailout_id.ToInt(),
1229  bailout_id == BailoutId::ConstructStubCreate() ? "create" : "invoke",
1230  height_in_bytes);
1231  }
1232 
1233  unsigned fixed_frame_size = ConstructFrameConstants::kFixedFrameSize;
1234  unsigned output_frame_size = height_in_bytes + fixed_frame_size;
1235 
1236  // Allocate and store the output frame description.
1237  FrameDescription* output_frame = new (output_frame_size)
1238  FrameDescription(output_frame_size, parameter_count);
1239  FrameWriter frame_writer(this, output_frame, trace_scope_);
1240 
1241  // Construct stub can not be topmost.
1242  DCHECK(frame_index > 0 && frame_index < output_count_);
1243  DCHECK_NULL(output_[frame_index]);
1244  output_[frame_index] = output_frame;
1245 
1246  // The top address of the frame is computed from the previous frame's top and
1247  // this frame's size.
1248  intptr_t top_address;
1249  top_address = output_[frame_index - 1]->GetTop() - output_frame_size;
1250  output_frame->SetTop(top_address);
1251 
1252  ReadOnlyRoots roots(isolate());
1253  if (ShouldPadArguments(parameter_count)) {
1254  frame_writer.PushRawObject(roots.the_hole_value(), "padding\n");
1255  }
1256 
1257  // The allocated receiver of a construct stub frame is passed as the
1258  // receiver parameter through the translation. It might be encoding
1259  // a captured object, so we need save it for later.
1260  TranslatedFrame::iterator receiver_iterator = value_iterator;
1261 
1262  // Compute the incoming parameter translation.
1263  for (unsigned i = 0; i < parameter_count; ++i, ++value_iterator) {
1264  frame_writer.PushTranslatedValue(value_iterator, "stack parameter");
1265  }
1266 
1267  DCHECK_EQ(output_frame->GetLastArgumentSlotOffset(),
1268  frame_writer.top_offset());
1269 
1270  // Read caller's PC from the previous frame.
1271  const intptr_t caller_pc = output_[frame_index - 1]->GetPc();
1272  frame_writer.PushCallerPc(caller_pc);
1273 
1274  // Read caller's FP from the previous frame, and set this frame's FP.
1275  const intptr_t caller_fp = output_[frame_index - 1]->GetFp();
1276  frame_writer.PushCallerFp(caller_fp);
1277 
1278  intptr_t fp_value = top_address + frame_writer.top_offset();
1279  output_frame->SetFp(fp_value);
1280  if (is_topmost) {
1281  Register fp_reg = JavaScriptFrame::fp_register();
1282  output_frame->SetRegister(fp_reg.code(), fp_value);
1283  }
1284 
1285  if (FLAG_enable_embedded_constant_pool) {
1286  // Read the caller's constant pool from the previous frame.
1287  const intptr_t caller_cp = output_[frame_index - 1]->GetConstantPool();
1288  frame_writer.PushCallerConstantPool(caller_cp);
1289  }
1290 
1291  // A marker value is used to mark the frame.
1292  intptr_t marker = StackFrame::TypeToMarker(StackFrame::CONSTRUCT);
1293  frame_writer.PushRawValue(marker, "context (construct stub sentinel)\n");
1294 
1295  frame_writer.PushTranslatedValue(value_iterator++, "context");
1296 
1297  // Number of incoming arguments.
1298  frame_writer.PushRawObject(Smi::FromInt(parameter_count - 1), "argc\n");
1299 
1300  // The constructor function was mentioned explicitly in the
1301  // CONSTRUCT_STUB_FRAME.
1302  frame_writer.PushTranslatedValue(function_iterator, "constuctor function\n");
1303 
1304  // The deopt info contains the implicit receiver or the new target at the
1305  // position of the receiver. Copy it to the top of stack, with the hole value
1306  // as padding to maintain alignment.
1307 
1308  frame_writer.PushRawObject(roots.the_hole_value(), "padding\n");
1309 
1310  CHECK(bailout_id == BailoutId::ConstructStubCreate() ||
1311  bailout_id == BailoutId::ConstructStubInvoke());
1312  const char* debug_hint = bailout_id == BailoutId::ConstructStubCreate()
1313  ? "new target\n"
1314  : "allocated receiver\n";
1315  frame_writer.PushTranslatedValue(receiver_iterator, debug_hint);
1316 
1317  if (is_topmost) {
1318  if (PadTopOfStackRegister()) {
1319  frame_writer.PushRawObject(roots.the_hole_value(), "padding\n");
1320  }
1321  // Ensure the result is restored back when we return to the stub.
1322  Register result_reg = kReturnRegister0;
1323  intptr_t result = input_->GetRegister(result_reg.code());
1324  frame_writer.PushRawValue(result, "subcall result\n");
1325  }
1326 
1327  CHECK_EQ(translated_frame->end(), value_iterator);
1328  CHECK_EQ(0u, frame_writer.top_offset());
1329 
1330  // Compute this frame's PC.
1331  DCHECK(bailout_id.IsValidForConstructStub());
1332  Address start = construct_stub->InstructionStart();
1333  int pc_offset =
1334  bailout_id == BailoutId::ConstructStubCreate()
1335  ? isolate_->heap()->construct_stub_create_deopt_pc_offset()->value()
1336  : isolate_->heap()->construct_stub_invoke_deopt_pc_offset()->value();
1337  intptr_t pc_value = static_cast<intptr_t>(start + pc_offset);
1338  output_frame->SetPc(pc_value);
1339 
1340  // Update constant pool.
1341  if (FLAG_enable_embedded_constant_pool) {
1342  intptr_t constant_pool_value =
1343  static_cast<intptr_t>(construct_stub->constant_pool());
1344  output_frame->SetConstantPool(constant_pool_value);
1345  if (is_topmost) {
1346  Register constant_pool_reg =
1347  JavaScriptFrame::constant_pool_pointer_register();
1348  output_frame->SetRegister(constant_pool_reg.code(), constant_pool_value);
1349  }
1350  }
1351 
1352  // Clear the context register. The context might be a de-materialized object
1353  // and will be materialized by {Runtime_NotifyDeoptimized}. For additional
1354  // safety we use Smi(0) instead of the potential {arguments_marker} here.
1355  if (is_topmost) {
1356  intptr_t context_value = static_cast<intptr_t>(Smi::zero().ptr());
1357  Register context_reg = JavaScriptFrame::context_register();
1358  output_frame->SetRegister(context_reg.code(), context_value);
1359  }
1360 
1361  // Set the continuation for the topmost frame.
1362  if (is_topmost) {
1363  Builtins* builtins = isolate_->builtins();
1364  DCHECK_EQ(DeoptimizeKind::kLazy, deopt_kind_);
1365  Code continuation = builtins->builtin(Builtins::kNotifyDeoptimized);
1366  output_frame->SetContinuation(
1367  static_cast<intptr_t>(continuation->InstructionStart()));
1368  }
1369 }
1370 
1371 bool Deoptimizer::BuiltinContinuationModeIsJavaScript(
1372  BuiltinContinuationMode mode) {
1373  switch (mode) {
1374  case BuiltinContinuationMode::STUB:
1375  return false;
1376  case BuiltinContinuationMode::JAVASCRIPT:
1377  case BuiltinContinuationMode::JAVASCRIPT_WITH_CATCH:
1378  case BuiltinContinuationMode::JAVASCRIPT_HANDLE_EXCEPTION:
1379  return true;
1380  }
1381  UNREACHABLE();
1382 }
1383 
1384 bool Deoptimizer::BuiltinContinuationModeIsWithCatch(
1385  BuiltinContinuationMode mode) {
1386  switch (mode) {
1387  case BuiltinContinuationMode::STUB:
1388  case BuiltinContinuationMode::JAVASCRIPT:
1389  return false;
1390  case BuiltinContinuationMode::JAVASCRIPT_WITH_CATCH:
1391  case BuiltinContinuationMode::JAVASCRIPT_HANDLE_EXCEPTION:
1392  return true;
1393  }
1394  UNREACHABLE();
1395 }
1396 
1397 StackFrame::Type Deoptimizer::BuiltinContinuationModeToFrameType(
1398  BuiltinContinuationMode mode) {
1399  switch (mode) {
1400  case BuiltinContinuationMode::STUB:
1401  return StackFrame::BUILTIN_CONTINUATION;
1402  case BuiltinContinuationMode::JAVASCRIPT:
1403  return StackFrame::JAVA_SCRIPT_BUILTIN_CONTINUATION;
1404  case BuiltinContinuationMode::JAVASCRIPT_WITH_CATCH:
1405  return StackFrame::JAVA_SCRIPT_BUILTIN_CONTINUATION_WITH_CATCH;
1406  case BuiltinContinuationMode::JAVASCRIPT_HANDLE_EXCEPTION:
1407  return StackFrame::JAVA_SCRIPT_BUILTIN_CONTINUATION_WITH_CATCH;
1408  }
1409  UNREACHABLE();
1410 }
1411 
1412 Builtins::Name Deoptimizer::TrampolineForBuiltinContinuation(
1413  BuiltinContinuationMode mode, bool must_handle_result) {
1414  switch (mode) {
1415  case BuiltinContinuationMode::STUB:
1416  return must_handle_result ? Builtins::kContinueToCodeStubBuiltinWithResult
1417  : Builtins::kContinueToCodeStubBuiltin;
1418  case BuiltinContinuationMode::JAVASCRIPT:
1419  case BuiltinContinuationMode::JAVASCRIPT_WITH_CATCH:
1420  case BuiltinContinuationMode::JAVASCRIPT_HANDLE_EXCEPTION:
1421  return must_handle_result
1422  ? Builtins::kContinueToJavaScriptBuiltinWithResult
1423  : Builtins::kContinueToJavaScriptBuiltin;
1424  }
1425  UNREACHABLE();
1426 }
1427 
1428 // BuiltinContinuationFrames capture the machine state that is expected as input
1429 // to a builtin, including both input register values and stack parameters. When
1430 // the frame is reactivated (i.e. the frame below it returns), a
1431 // ContinueToBuiltin stub restores the register state from the frame and tail
1432 // calls to the actual target builtin, making it appear that the stub had been
1433 // directly called by the frame above it. The input values to populate the frame
1434 // are taken from the deopt's FrameState.
1435 //
1436 // Frame translation happens in two modes, EAGER and LAZY. In EAGER mode, all of
1437 // the parameters to the Builtin are explicitly specified in the TurboFan
1438 // FrameState node. In LAZY mode, there is always one fewer parameters specified
1439 // in the FrameState than expected by the Builtin. In that case, construction of
1440 // BuiltinContinuationFrame adds the final missing parameter during
1441 // deoptimization, and that parameter is always on the stack and contains the
1442 // value returned from the callee of the call site triggering the LAZY deopt
1443 // (e.g. rax on x64). This requires that continuation Builtins for LAZY deopts
1444 // must have at least one stack parameter.
1445 //
1446 // TO
1447 // | .... |
1448 // +-------------------------+
1449 // | arg padding (arch dept) |<- at most 1*kPointerSize
1450 // +-------------------------+
1451 // | builtin param 0 |<- FrameState input value n becomes
1452 // +-------------------------+
1453 // | ... |
1454 // +-------------------------+
1455 // | builtin param m |<- FrameState input value n+m-1, or in
1456 // +-----needs-alignment-----+ the LAZY case, return LAZY result value
1457 // | ContinueToBuiltin entry |
1458 // +-------------------------+
1459 // | | saved frame (FP) |
1460 // | +=====needs=alignment=====+<- fpreg
1461 // | |constant pool (if ool_cp)|
1462 // v +-------------------------+
1463 // |BUILTIN_CONTINUATION mark|
1464 // +-------------------------+
1465 // | JSFunction (or zero) |<- only if JavaScript builtin
1466 // +-------------------------+
1467 // | frame height above FP |
1468 // +-------------------------+
1469 // | context |<- this non-standard context slot contains
1470 // +-------------------------+ the context, even for non-JS builtins.
1471 // | builtin address |
1472 // +-------------------------+
1473 // | builtin input GPR reg0 |<- populated from deopt FrameState using
1474 // +-------------------------+ the builtin's CallInterfaceDescriptor
1475 // | ... | to map a FrameState's 0..n-1 inputs to
1476 // +-------------------------+ the builtin's n input register params.
1477 // | builtin input GPR regn |
1478 // +-------------------------+
1479 // | reg padding (arch dept) |
1480 // +-----needs--alignment----+
1481 // | res padding (arch dept) |<- only if {is_topmost}; result is pop'd by
1482 // +-------------------------+<- kNotifyDeopt ASM stub and moved to acc
1483 // | result value |<- reg, as ContinueToBuiltin stub expects.
1484 // +-----needs-alignment-----+<- spreg
1485 //
1486 void Deoptimizer::DoComputeBuiltinContinuation(
1487  TranslatedFrame* translated_frame, int frame_index,
1488  BuiltinContinuationMode mode) {
1489  TranslatedFrame::iterator value_iterator = translated_frame->begin();
1490 
1491  // The output frame must have room for all of the parameters that need to be
1492  // passed to the builtin continuation.
1493  const int height_in_words = translated_frame->height();
1494 
1495  BailoutId bailout_id = translated_frame->node_id();
1496  Builtins::Name builtin_name = Builtins::GetBuiltinFromBailoutId(bailout_id);
1497  Code builtin = isolate()->builtins()->builtin(builtin_name);
1498  Callable continuation_callable =
1499  Builtins::CallableFor(isolate(), builtin_name);
1500  CallInterfaceDescriptor continuation_descriptor =
1501  continuation_callable.descriptor();
1502 
1503  const bool is_bottommost = (0 == frame_index);
1504  const bool is_topmost = (output_count_ - 1 == frame_index);
1505  const bool must_handle_result =
1506  !is_topmost || deopt_kind_ == DeoptimizeKind::kLazy;
1507 
1508  const RegisterConfiguration* config(RegisterConfiguration::Default());
1509  const int allocatable_register_count =
1510  config->num_allocatable_general_registers();
1511  const int padding_slot_count =
1512  BuiltinContinuationFrameConstants::PaddingSlotCount(
1513  allocatable_register_count);
1514 
1515  const int register_parameter_count =
1516  continuation_descriptor.GetRegisterParameterCount();
1517  // Make sure to account for the context by removing it from the register
1518  // parameter count.
1519  const int translated_stack_parameters =
1520  height_in_words - register_parameter_count - 1;
1521  const int stack_param_count =
1522  translated_stack_parameters + (must_handle_result ? 1 : 0) +
1523  (BuiltinContinuationModeIsWithCatch(mode) ? 1 : 0);
1524  const int stack_param_pad_count =
1525  ShouldPadArguments(stack_param_count) ? 1 : 0;
1526 
1527  // If the builtins frame appears to be topmost we should ensure that the
1528  // value of result register is preserved during continuation execution.
1529  // We do this here by "pushing" the result of callback function to the
1530  // top of the reconstructed stack and popping it in
1531  // {Builtins::kNotifyDeoptimized}.
1532  const int push_result_count =
1533  is_topmost ? (PadTopOfStackRegister() ? 2 : 1) : 0;
1534 
1535  const unsigned output_frame_size =
1536  kPointerSize * (stack_param_count + stack_param_pad_count +
1537  allocatable_register_count + padding_slot_count +
1538  push_result_count) +
1539  BuiltinContinuationFrameConstants::kFixedFrameSize;
1540 
1541  const unsigned output_frame_size_above_fp =
1542  kPointerSize * (allocatable_register_count + padding_slot_count +
1543  push_result_count) +
1544  (BuiltinContinuationFrameConstants::kFixedFrameSize -
1545  BuiltinContinuationFrameConstants::kFixedFrameSizeAboveFp);
1546 
1547  // Validate types of parameters. They must all be tagged except for argc for
1548  // JS builtins.
1549  bool has_argc = false;
1550  for (int i = 0; i < register_parameter_count; ++i) {
1551  MachineType type = continuation_descriptor.GetParameterType(i);
1552  int code = continuation_descriptor.GetRegisterParameter(i).code();
1553  // Only tagged and int32 arguments are supported, and int32 only for the
1554  // arguments count on JavaScript builtins.
1555  if (type == MachineType::Int32()) {
1556  CHECK_EQ(code, kJavaScriptCallArgCountRegister.code());
1557  has_argc = true;
1558  } else {
1559  // Any other argument must be a tagged value.
1560  CHECK(IsAnyTagged(type.representation()));
1561  }
1562  }
1563  CHECK_EQ(BuiltinContinuationModeIsJavaScript(mode), has_argc);
1564 
1565  if (trace_scope_ != nullptr) {
1566  PrintF(trace_scope_->file(),
1567  " translating BuiltinContinuation to %s,"
1568  " register param count %d,"
1569  " stack param count %d\n",
1570  Builtins::name(builtin_name), register_parameter_count,
1571  stack_param_count);
1572  }
1573 
1574  FrameDescription* output_frame = new (output_frame_size)
1575  FrameDescription(output_frame_size, stack_param_count);
1576  output_[frame_index] = output_frame;
1577  FrameWriter frame_writer(this, output_frame, trace_scope_);
1578 
1579  // The top address of the frame is computed from the previous frame's top and
1580  // this frame's size.
1581  intptr_t top_address;
1582  if (is_bottommost) {
1583  top_address = caller_frame_top_ - output_frame_size;
1584  } else {
1585  top_address = output_[frame_index - 1]->GetTop() - output_frame_size;
1586  }
1587  output_frame->SetTop(top_address);
1588 
1589  // Get the possible JSFunction for the case that this is a
1590  // JavaScriptBuiltinContinuationFrame, which needs the JSFunction pointer
1591  // like a normal JavaScriptFrame.
1592  const intptr_t maybe_function =
1593  reinterpret_cast<intptr_t>(value_iterator->GetRawValue());
1594  ++value_iterator;
1595 
1596  ReadOnlyRoots roots(isolate());
1597  if (ShouldPadArguments(stack_param_count)) {
1598  frame_writer.PushRawObject(roots.the_hole_value(), "padding\n");
1599  }
1600 
1601  for (int i = 0; i < translated_stack_parameters; ++i, ++value_iterator) {
1602  frame_writer.PushTranslatedValue(value_iterator, "stack parameter");
1603  }
1604 
1605  switch (mode) {
1606  case BuiltinContinuationMode::STUB:
1607  break;
1608  case BuiltinContinuationMode::JAVASCRIPT:
1609  break;
1610  case BuiltinContinuationMode::JAVASCRIPT_WITH_CATCH: {
1611  frame_writer.PushRawObject(roots.the_hole_value(),
1612  "placeholder for exception on lazy deopt\n");
1613  } break;
1614  case BuiltinContinuationMode::JAVASCRIPT_HANDLE_EXCEPTION: {
1615  intptr_t accumulator_value =
1616  input_->GetRegister(kInterpreterAccumulatorRegister.code());
1617  frame_writer.PushRawObject(reinterpret_cast<Object*>(accumulator_value),
1618  "exception (from accumulator)\n");
1619  } break;
1620  }
1621 
1622  if (must_handle_result) {
1623  frame_writer.PushRawObject(roots.the_hole_value(),
1624  "placeholder for return result on lazy deopt\n");
1625  }
1626 
1627  DCHECK_EQ(output_frame->GetLastArgumentSlotOffset(),
1628  frame_writer.top_offset());
1629 
1630  std::vector<TranslatedFrame::iterator> register_values;
1631  int total_registers = config->num_general_registers();
1632  register_values.resize(total_registers, {value_iterator});
1633 
1634  for (int i = 0; i < register_parameter_count; ++i, ++value_iterator) {
1635  int code = continuation_descriptor.GetRegisterParameter(i).code();
1636  register_values[code] = value_iterator;
1637  }
1638 
1639  // The context register is always implicit in the CallInterfaceDescriptor but
1640  // its register must be explicitly set when continuing to the builtin. Make
1641  // sure that it's harvested from the translation and copied into the register
1642  // set (it was automatically added at the end of the FrameState by the
1643  // instruction selector).
1644  Object* context = value_iterator->GetRawValue();
1645  const intptr_t value = reinterpret_cast<intptr_t>(context);
1646  TranslatedFrame::iterator context_register_value = value_iterator++;
1647  register_values[kContextRegister.code()] = context_register_value;
1648  output_frame->SetContext(value);
1649  output_frame->SetRegister(kContextRegister.code(), value);
1650 
1651  // Set caller's PC (JSFunction continuation).
1652  const intptr_t caller_pc =
1653  is_bottommost ? caller_pc_ : output_[frame_index - 1]->GetPc();
1654  frame_writer.PushCallerPc(caller_pc);
1655 
1656  // Read caller's FP from the previous frame, and set this frame's FP.
1657  const intptr_t caller_fp =
1658  is_bottommost ? caller_fp_ : output_[frame_index - 1]->GetFp();
1659  frame_writer.PushCallerFp(caller_fp);
1660 
1661  const intptr_t fp_value = top_address + frame_writer.top_offset();
1662  output_frame->SetFp(fp_value);
1663 
1664  DCHECK_EQ(output_frame_size_above_fp, frame_writer.top_offset());
1665 
1666  if (FLAG_enable_embedded_constant_pool) {
1667  // Read the caller's constant pool from the previous frame.
1668  const intptr_t caller_cp =
1669  is_bottommost ? caller_constant_pool_
1670  : output_[frame_index - 1]->GetConstantPool();
1671  frame_writer.PushCallerConstantPool(caller_cp);
1672  }
1673 
1674  // A marker value is used in place of the context.
1675  const intptr_t marker =
1676  StackFrame::TypeToMarker(BuiltinContinuationModeToFrameType(mode));
1677  frame_writer.PushRawValue(marker,
1678  "context (builtin continuation sentinel)\n");
1679 
1680  if (BuiltinContinuationModeIsJavaScript(mode)) {
1681  frame_writer.PushRawValue(maybe_function, "JSFunction\n");
1682  } else {
1683  frame_writer.PushRawValue(0, "unused\n");
1684  }
1685 
1686  // The delta from the SP to the FP; used to reconstruct SP in
1687  // Isolate::UnwindAndFindHandler.
1688  frame_writer.PushRawObject(Smi::FromInt(output_frame_size_above_fp),
1689  "frame height at deoptimization\n");
1690 
1691  // The context even if this is a stub contininuation frame. We can't use the
1692  // usual context slot, because we must store the frame marker there.
1693  frame_writer.PushTranslatedValue(context_register_value,
1694  "builtin JavaScript context\n");
1695 
1696  // The builtin to continue to.
1697  frame_writer.PushRawObject(builtin, "builtin address\n");
1698 
1699  for (int i = 0; i < allocatable_register_count; ++i) {
1700  int code = config->GetAllocatableGeneralCode(i);
1701  ScopedVector<char> str(128);
1702  if (trace_scope_ != nullptr) {
1703  if (BuiltinContinuationModeIsJavaScript(mode) &&
1704  code == kJavaScriptCallArgCountRegister.code()) {
1705  SNPrintF(
1706  str,
1707  "tagged argument count %s (will be untagged by continuation)\n",
1708  RegisterName(Register::from_code(code)));
1709  } else {
1710  SNPrintF(str, "builtin register argument %s\n",
1711  RegisterName(Register::from_code(code)));
1712  }
1713  }
1714  frame_writer.PushTranslatedValue(
1715  register_values[code], trace_scope_ != nullptr ? str.start() : "");
1716  }
1717 
1718  // Some architectures must pad the stack frame with extra stack slots
1719  // to ensure the stack frame is aligned.
1720  for (int i = 0; i < padding_slot_count; ++i) {
1721  frame_writer.PushRawObject(roots.the_hole_value(), "padding\n");
1722  }
1723 
1724  if (is_topmost) {
1725  if (PadTopOfStackRegister()) {
1726  frame_writer.PushRawObject(roots.the_hole_value(), "padding\n");
1727  }
1728  // Ensure the result is restored back when we return to the stub.
1729 
1730  if (must_handle_result) {
1731  Register result_reg = kReturnRegister0;
1732  frame_writer.PushRawValue(input_->GetRegister(result_reg.code()),
1733  "callback result\n");
1734  } else {
1735  frame_writer.PushRawObject(roots.undefined_value(), "callback result\n");
1736  }
1737  }
1738 
1739  CHECK_EQ(translated_frame->end(), value_iterator);
1740  CHECK_EQ(0u, frame_writer.top_offset());
1741 
1742  // Clear the context register. The context might be a de-materialized object
1743  // and will be materialized by {Runtime_NotifyDeoptimized}. For additional
1744  // safety we use Smi(0) instead of the potential {arguments_marker} here.
1745  if (is_topmost) {
1746  intptr_t context_value = static_cast<intptr_t>(Smi::zero().ptr());
1747  Register context_reg = JavaScriptFrame::context_register();
1748  output_frame->SetRegister(context_reg.code(), context_value);
1749  }
1750 
1751  // Ensure the frame pointer register points to the callee's frame. The builtin
1752  // will build its own frame once we continue to it.
1753  Register fp_reg = JavaScriptFrame::fp_register();
1754  output_frame->SetRegister(fp_reg.code(), fp_value);
1755 
1756  Code continue_to_builtin = isolate()->builtins()->builtin(
1757  TrampolineForBuiltinContinuation(mode, must_handle_result));
1758  output_frame->SetPc(
1759  static_cast<intptr_t>(continue_to_builtin->InstructionStart()));
1760 
1761  Code continuation =
1762  isolate()->builtins()->builtin(Builtins::kNotifyDeoptimized);
1763  output_frame->SetContinuation(
1764  static_cast<intptr_t>(continuation->InstructionStart()));
1765 }
1766 
1767 void Deoptimizer::MaterializeHeapObjects() {
1768  translated_state_.Prepare(static_cast<Address>(stack_fp_));
1769  if (FLAG_deopt_every_n_times > 0) {
1770  // Doing a GC here will find problems with the deoptimized frames.
1771  isolate_->heap()->CollectAllGarbage(Heap::kNoGCFlags,
1772  GarbageCollectionReason::kTesting);
1773  }
1774 
1775  for (auto& materialization : values_to_materialize_) {
1776  Handle<Object> value = materialization.value_->GetValue();
1777 
1778  if (trace_scope_ != nullptr) {
1779  PrintF("Materialization [" V8PRIxPTR_FMT "] <- " V8PRIxPTR_FMT " ; ",
1780  static_cast<intptr_t>(materialization.output_slot_address_),
1781  reinterpret_cast<intptr_t>(*value));
1782  value->ShortPrint(trace_scope_->file());
1783  PrintF(trace_scope_->file(), "\n");
1784  }
1785 
1786  *(reinterpret_cast<intptr_t*>(materialization.output_slot_address_)) =
1787  reinterpret_cast<intptr_t>(*value);
1788  }
1789 
1790  translated_state_.VerifyMaterializedObjects();
1791 
1792  bool feedback_updated = translated_state_.DoUpdateFeedback();
1793  if (trace_scope_ != nullptr && feedback_updated) {
1794  PrintF(trace_scope_->file(), "Feedback updated");
1795  compiled_code_->PrintDeoptLocation(trace_scope_->file(),
1796  " from deoptimization at ", from_);
1797  }
1798 
1799  isolate_->materialized_object_store()->Remove(
1800  static_cast<Address>(stack_fp_));
1801 }
1802 
1803 void Deoptimizer::QueueValueForMaterialization(
1804  Address output_address, Object* obj,
1805  const TranslatedFrame::iterator& iterator) {
1806  if (obj == ReadOnlyRoots(isolate_).arguments_marker()) {
1807  values_to_materialize_.push_back({output_address, iterator});
1808  }
1809 }
1810 
1811 unsigned Deoptimizer::ComputeInputFrameAboveFpFixedSize() const {
1812  unsigned fixed_size = CommonFrameConstants::kFixedFrameSizeAboveFp;
1813  if (!function_->IsSmi()) {
1814  fixed_size += ComputeIncomingArgumentSize(function_->shared());
1815  }
1816  return fixed_size;
1817 }
1818 
1819 unsigned Deoptimizer::ComputeInputFrameSize() const {
1820  // The fp-to-sp delta already takes the context, constant pool pointer and the
1821  // function into account so we have to avoid double counting them.
1822  unsigned fixed_size_above_fp = ComputeInputFrameAboveFpFixedSize();
1823  unsigned result = fixed_size_above_fp + fp_to_sp_delta_;
1824  if (compiled_code_->kind() == Code::OPTIMIZED_FUNCTION) {
1825  unsigned stack_slots = compiled_code_->stack_slots();
1826  unsigned outgoing_size = 0;
1827  // ComputeOutgoingArgumentSize(compiled_code_, bailout_id_);
1828  CHECK_EQ(fixed_size_above_fp + (stack_slots * kPointerSize) -
1829  CommonFrameConstants::kFixedFrameSizeAboveFp + outgoing_size,
1830  result);
1831  }
1832  return result;
1833 }
1834 
1835 // static
1836 unsigned Deoptimizer::ComputeInterpretedFixedSize(SharedFunctionInfo* shared) {
1837  // The fixed part of the frame consists of the return address, frame
1838  // pointer, function, context, bytecode offset and all the incoming arguments.
1839  return ComputeIncomingArgumentSize(shared) +
1840  InterpreterFrameConstants::kFixedFrameSize;
1841 }
1842 
1843 // static
1844 unsigned Deoptimizer::ComputeIncomingArgumentSize(SharedFunctionInfo* shared) {
1845  int parameter_slots = shared->internal_formal_parameter_count() + 1;
1846  if (kPadArguments) parameter_slots = RoundUp(parameter_slots, 2);
1847  return parameter_slots * kPointerSize;
1848 }
1849 
1850 void Deoptimizer::EnsureCodeForDeoptimizationEntry(Isolate* isolate,
1851  DeoptimizeKind kind) {
1852  CHECK(kind == DeoptimizeKind::kEager || kind == DeoptimizeKind::kSoft ||
1853  kind == DeoptimizeKind::kLazy);
1854  DeoptimizerData* data = isolate->deoptimizer_data();
1855  if (!data->deopt_entry_code(kind).is_null()) return;
1856 
1857  MacroAssembler masm(isolate, nullptr, 16 * KB, CodeObjectRequired::kYes);
1858  masm.set_emit_debug_code(false);
1859  GenerateDeoptimizationEntries(&masm, kMaxNumberOfEntries, kind);
1860  CodeDesc desc;
1861  masm.GetCode(isolate, &desc);
1862  DCHECK(!RelocInfo::RequiresRelocationAfterCodegen(desc));
1863 
1864  // Allocate the code as immovable since the entry addresses will be used
1865  // directly and there is no support for relocating them.
1866  Handle<Code> code = isolate->factory()->NewCode(
1867  desc, Code::STUB, Handle<Object>(), Builtins::kNoBuiltinId,
1868  MaybeHandle<ByteArray>(), MaybeHandle<DeoptimizationData>(), kImmovable);
1869  CHECK(isolate->heap()->IsImmovable(*code));
1870 
1871  CHECK(data->deopt_entry_code(kind).is_null());
1872  data->set_deopt_entry_code(kind, *code);
1873 }
1874 
1875 void Deoptimizer::EnsureCodeForMaxDeoptimizationEntries(Isolate* isolate) {
1876  EnsureCodeForDeoptimizationEntry(isolate, DeoptimizeKind::kEager);
1877  EnsureCodeForDeoptimizationEntry(isolate, DeoptimizeKind::kLazy);
1878  EnsureCodeForDeoptimizationEntry(isolate, DeoptimizeKind::kSoft);
1879 }
1880 
1881 FrameDescription::FrameDescription(uint32_t frame_size, int parameter_count)
1882  : frame_size_(frame_size),
1883  parameter_count_(parameter_count),
1884  top_(kZapUint32),
1885  pc_(kZapUint32),
1886  fp_(kZapUint32),
1887  context_(kZapUint32),
1888  constant_pool_(kZapUint32) {
1889  // Zap all the registers.
1890  for (int r = 0; r < Register::kNumRegisters; r++) {
1891  // TODO(jbramley): It isn't safe to use kZapUint32 here. If the register
1892  // isn't used before the next safepoint, the GC will try to scan it as a
1893  // tagged value. kZapUint32 looks like a valid tagged pointer, but it isn't.
1894 #if defined(V8_OS_WIN) && defined(V8_TARGET_ARCH_ARM64)
1895  // x18 is reserved as platform register on Windows arm64 platform
1896  const int kPlatformRegister = 18;
1897  if (r != kPlatformRegister) {
1898  SetRegister(r, kZapUint32);
1899  }
1900 #else
1901  SetRegister(r, kZapUint32);
1902 #endif
1903  }
1904 
1905  // Zap all the slots.
1906  for (unsigned o = 0; o < frame_size; o += kPointerSize) {
1907  SetFrameSlot(o, kZapUint32);
1908  }
1909 }
1910 
1911 void TranslationBuffer::Add(int32_t value) {
1912  // This wouldn't handle kMinInt correctly if it ever encountered it.
1913  DCHECK_NE(value, kMinInt);
1914  // Encode the sign bit in the least significant bit.
1915  bool is_negative = (value < 0);
1916  uint32_t bits = (static_cast<uint32_t>(is_negative ? -value : value) << 1) |
1917  static_cast<uint32_t>(is_negative);
1918  // Encode the individual bytes using the least significant bit of
1919  // each byte to indicate whether or not more bytes follow.
1920  do {
1921  uint32_t next = bits >> 7;
1922  contents_.push_back(((bits << 1) & 0xFF) | (next != 0));
1923  bits = next;
1924  } while (bits != 0);
1925 }
1926 
1927 TranslationIterator::TranslationIterator(ByteArray buffer, int index)
1928  : buffer_(buffer), index_(index) {
1929  DCHECK(index >= 0 && index < buffer->length());
1930 }
1931 
1932 int32_t TranslationIterator::Next() {
1933  // Run through the bytes until we reach one with a least significant
1934  // bit of zero (marks the end).
1935  uint32_t bits = 0;
1936  for (int i = 0; true; i += 7) {
1937  DCHECK(HasNext());
1938  uint8_t next = buffer_->get(index_++);
1939  bits |= (next >> 1) << i;
1940  if ((next & 1) == 0) break;
1941  }
1942  // The bits encode the sign in the least significant bit.
1943  bool is_negative = (bits & 1) == 1;
1944  int32_t result = bits >> 1;
1945  return is_negative ? -result : result;
1946 }
1947 
1948 bool TranslationIterator::HasNext() const { return index_ < buffer_->length(); }
1949 
1950 Handle<ByteArray> TranslationBuffer::CreateByteArray(Factory* factory) {
1951  Handle<ByteArray> result = factory->NewByteArray(CurrentIndex(), TENURED);
1952  contents_.CopyTo(result->GetDataStartAddress());
1953  return result;
1954 }
1955 
1956 void Translation::BeginBuiltinContinuationFrame(BailoutId bailout_id,
1957  int literal_id,
1958  unsigned height) {
1959  buffer_->Add(BUILTIN_CONTINUATION_FRAME);
1960  buffer_->Add(bailout_id.ToInt());
1961  buffer_->Add(literal_id);
1962  buffer_->Add(height);
1963 }
1964 
1965 void Translation::BeginJavaScriptBuiltinContinuationFrame(BailoutId bailout_id,
1966  int literal_id,
1967  unsigned height) {
1968  buffer_->Add(JAVA_SCRIPT_BUILTIN_CONTINUATION_FRAME);
1969  buffer_->Add(bailout_id.ToInt());
1970  buffer_->Add(literal_id);
1971  buffer_->Add(height);
1972 }
1973 
1974 void Translation::BeginJavaScriptBuiltinContinuationWithCatchFrame(
1975  BailoutId bailout_id, int literal_id, unsigned height) {
1976  buffer_->Add(JAVA_SCRIPT_BUILTIN_CONTINUATION_WITH_CATCH_FRAME);
1977  buffer_->Add(bailout_id.ToInt());
1978  buffer_->Add(literal_id);
1979  buffer_->Add(height);
1980 }
1981 
1982 void Translation::BeginConstructStubFrame(BailoutId bailout_id, int literal_id,
1983  unsigned height) {
1984  buffer_->Add(CONSTRUCT_STUB_FRAME);
1985  buffer_->Add(bailout_id.ToInt());
1986  buffer_->Add(literal_id);
1987  buffer_->Add(height);
1988 }
1989 
1990 
1991 void Translation::BeginArgumentsAdaptorFrame(int literal_id, unsigned height) {
1992  buffer_->Add(ARGUMENTS_ADAPTOR_FRAME);
1993  buffer_->Add(literal_id);
1994  buffer_->Add(height);
1995 }
1996 
1997 void Translation::BeginInterpretedFrame(BailoutId bytecode_offset,
1998  int literal_id, unsigned height,
1999  int return_value_offset,
2000  int return_value_count) {
2001  buffer_->Add(INTERPRETED_FRAME);
2002  buffer_->Add(bytecode_offset.ToInt());
2003  buffer_->Add(literal_id);
2004  buffer_->Add(height);
2005  buffer_->Add(return_value_offset);
2006  buffer_->Add(return_value_count);
2007 }
2008 
2009 void Translation::ArgumentsElements(CreateArgumentsType type) {
2010  buffer_->Add(ARGUMENTS_ELEMENTS);
2011  buffer_->Add(static_cast<uint8_t>(type));
2012 }
2013 
2014 void Translation::ArgumentsLength(CreateArgumentsType type) {
2015  buffer_->Add(ARGUMENTS_LENGTH);
2016  buffer_->Add(static_cast<uint8_t>(type));
2017 }
2018 
2019 void Translation::BeginCapturedObject(int length) {
2020  buffer_->Add(CAPTURED_OBJECT);
2021  buffer_->Add(length);
2022 }
2023 
2024 
2025 void Translation::DuplicateObject(int object_index) {
2026  buffer_->Add(DUPLICATED_OBJECT);
2027  buffer_->Add(object_index);
2028 }
2029 
2030 
2031 void Translation::StoreRegister(Register reg) {
2032  buffer_->Add(REGISTER);
2033  buffer_->Add(reg.code());
2034 }
2035 
2036 
2037 void Translation::StoreInt32Register(Register reg) {
2038  buffer_->Add(INT32_REGISTER);
2039  buffer_->Add(reg.code());
2040 }
2041 
2042 void Translation::StoreInt64Register(Register reg) {
2043  buffer_->Add(INT64_REGISTER);
2044  buffer_->Add(reg.code());
2045 }
2046 
2047 void Translation::StoreUint32Register(Register reg) {
2048  buffer_->Add(UINT32_REGISTER);
2049  buffer_->Add(reg.code());
2050 }
2051 
2052 
2053 void Translation::StoreBoolRegister(Register reg) {
2054  buffer_->Add(BOOL_REGISTER);
2055  buffer_->Add(reg.code());
2056 }
2057 
2058 void Translation::StoreFloatRegister(FloatRegister reg) {
2059  buffer_->Add(FLOAT_REGISTER);
2060  buffer_->Add(reg.code());
2061 }
2062 
2063 void Translation::StoreDoubleRegister(DoubleRegister reg) {
2064  buffer_->Add(DOUBLE_REGISTER);
2065  buffer_->Add(reg.code());
2066 }
2067 
2068 
2069 void Translation::StoreStackSlot(int index) {
2070  buffer_->Add(STACK_SLOT);
2071  buffer_->Add(index);
2072 }
2073 
2074 
2075 void Translation::StoreInt32StackSlot(int index) {
2076  buffer_->Add(INT32_STACK_SLOT);
2077  buffer_->Add(index);
2078 }
2079 
2080 void Translation::StoreInt64StackSlot(int index) {
2081  buffer_->Add(INT64_STACK_SLOT);
2082  buffer_->Add(index);
2083 }
2084 
2085 void Translation::StoreUint32StackSlot(int index) {
2086  buffer_->Add(UINT32_STACK_SLOT);
2087  buffer_->Add(index);
2088 }
2089 
2090 
2091 void Translation::StoreBoolStackSlot(int index) {
2092  buffer_->Add(BOOL_STACK_SLOT);
2093  buffer_->Add(index);
2094 }
2095 
2096 void Translation::StoreFloatStackSlot(int index) {
2097  buffer_->Add(FLOAT_STACK_SLOT);
2098  buffer_->Add(index);
2099 }
2100 
2101 void Translation::StoreDoubleStackSlot(int index) {
2102  buffer_->Add(DOUBLE_STACK_SLOT);
2103  buffer_->Add(index);
2104 }
2105 
2106 
2107 void Translation::StoreLiteral(int literal_id) {
2108  buffer_->Add(LITERAL);
2109  buffer_->Add(literal_id);
2110 }
2111 
2112 void Translation::AddUpdateFeedback(int vector_literal, int slot) {
2113  buffer_->Add(UPDATE_FEEDBACK);
2114  buffer_->Add(vector_literal);
2115  buffer_->Add(slot);
2116 }
2117 
2118 void Translation::StoreJSFrameFunction() {
2119  StoreStackSlot((StandardFrameConstants::kCallerPCOffset -
2120  StandardFrameConstants::kFunctionOffset) /
2121  kPointerSize);
2122 }
2123 
2124 int Translation::NumberOfOperandsFor(Opcode opcode) {
2125  switch (opcode) {
2126  case DUPLICATED_OBJECT:
2127  case ARGUMENTS_ELEMENTS:
2128  case ARGUMENTS_LENGTH:
2129  case CAPTURED_OBJECT:
2130  case REGISTER:
2131  case INT32_REGISTER:
2132  case INT64_REGISTER:
2133  case UINT32_REGISTER:
2134  case BOOL_REGISTER:
2135  case FLOAT_REGISTER:
2136  case DOUBLE_REGISTER:
2137  case STACK_SLOT:
2138  case INT32_STACK_SLOT:
2139  case INT64_STACK_SLOT:
2140  case UINT32_STACK_SLOT:
2141  case BOOL_STACK_SLOT:
2142  case FLOAT_STACK_SLOT:
2143  case DOUBLE_STACK_SLOT:
2144  case LITERAL:
2145  return 1;
2146  case ARGUMENTS_ADAPTOR_FRAME:
2147  case UPDATE_FEEDBACK:
2148  return 2;
2149  case BEGIN:
2150  case CONSTRUCT_STUB_FRAME:
2151  case BUILTIN_CONTINUATION_FRAME:
2152  case JAVA_SCRIPT_BUILTIN_CONTINUATION_FRAME:
2153  case JAVA_SCRIPT_BUILTIN_CONTINUATION_WITH_CATCH_FRAME:
2154  return 3;
2155  case INTERPRETED_FRAME:
2156  return 5;
2157  }
2158  FATAL("Unexpected translation type");
2159  return -1;
2160 }
2161 
2162 
2163 #if defined(OBJECT_PRINT) || defined(ENABLE_DISASSEMBLER)
2164 
2165 const char* Translation::StringFor(Opcode opcode) {
2166 #define TRANSLATION_OPCODE_CASE(item) case item: return #item;
2167  switch (opcode) {
2168  TRANSLATION_OPCODE_LIST(TRANSLATION_OPCODE_CASE)
2169  }
2170 #undef TRANSLATION_OPCODE_CASE
2171  UNREACHABLE();
2172 }
2173 
2174 #endif
2175 
2176 
2177 Handle<FixedArray> MaterializedObjectStore::Get(Address fp) {
2178  int index = StackIdToIndex(fp);
2179  if (index == -1) {
2180  return Handle<FixedArray>::null();
2181  }
2182  Handle<FixedArray> array = GetStackEntries();
2183  CHECK_GT(array->length(), index);
2184  return Handle<FixedArray>::cast(Handle<Object>(array->get(index), isolate()));
2185 }
2186 
2187 
2188 void MaterializedObjectStore::Set(Address fp,
2189  Handle<FixedArray> materialized_objects) {
2190  int index = StackIdToIndex(fp);
2191  if (index == -1) {
2192  index = static_cast<int>(frame_fps_.size());
2193  frame_fps_.push_back(fp);
2194  }
2195 
2196  Handle<FixedArray> array = EnsureStackEntries(index + 1);
2197  array->set(index, *materialized_objects);
2198 }
2199 
2200 
2201 bool MaterializedObjectStore::Remove(Address fp) {
2202  auto it = std::find(frame_fps_.begin(), frame_fps_.end(), fp);
2203  if (it == frame_fps_.end()) return false;
2204  int index = static_cast<int>(std::distance(frame_fps_.begin(), it));
2205 
2206  frame_fps_.erase(it);
2207  FixedArray array = isolate()->heap()->materialized_objects();
2208 
2209  CHECK_LT(index, array->length());
2210  int fps_size = static_cast<int>(frame_fps_.size());
2211  for (int i = index; i < fps_size; i++) {
2212  array->set(i, array->get(i + 1));
2213  }
2214  array->set(fps_size, ReadOnlyRoots(isolate()).undefined_value());
2215  return true;
2216 }
2217 
2218 
2219 int MaterializedObjectStore::StackIdToIndex(Address fp) {
2220  auto it = std::find(frame_fps_.begin(), frame_fps_.end(), fp);
2221  return it == frame_fps_.end()
2222  ? -1
2223  : static_cast<int>(std::distance(frame_fps_.begin(), it));
2224 }
2225 
2226 
2227 Handle<FixedArray> MaterializedObjectStore::GetStackEntries() {
2228  return Handle<FixedArray>(isolate()->heap()->materialized_objects(),
2229  isolate());
2230 }
2231 
2232 
2233 Handle<FixedArray> MaterializedObjectStore::EnsureStackEntries(int length) {
2234  Handle<FixedArray> array = GetStackEntries();
2235  if (array->length() >= length) {
2236  return array;
2237  }
2238 
2239  int new_length = length > 10 ? length : 10;
2240  if (new_length < 2 * array->length()) {
2241  new_length = 2 * array->length();
2242  }
2243 
2244  Handle<FixedArray> new_array =
2245  isolate()->factory()->NewFixedArray(new_length, TENURED);
2246  for (int i = 0; i < array->length(); i++) {
2247  new_array->set(i, array->get(i));
2248  }
2249  HeapObject* undefined_value = ReadOnlyRoots(isolate()).undefined_value();
2250  for (int i = array->length(); i < length; i++) {
2251  new_array->set(i, undefined_value);
2252  }
2253  isolate()->heap()->SetRootMaterializedObjects(*new_array);
2254  return new_array;
2255 }
2256 
2257 namespace {
2258 
2259 Handle<Object> GetValueForDebugger(TranslatedFrame::iterator it,
2260  Isolate* isolate) {
2261  if (it->GetRawValue() == ReadOnlyRoots(isolate).arguments_marker()) {
2262  if (!it->IsMaterializableByDebugger()) {
2263  return isolate->factory()->optimized_out();
2264  }
2265  }
2266  return it->GetValue();
2267 }
2268 
2269 } // namespace
2270 
2271 DeoptimizedFrameInfo::DeoptimizedFrameInfo(TranslatedState* state,
2272  TranslatedState::iterator frame_it,
2273  Isolate* isolate) {
2274  int parameter_count =
2275  frame_it->shared_info()->internal_formal_parameter_count();
2276  TranslatedFrame::iterator stack_it = frame_it->begin();
2277 
2278  // Get the function. Note that this might materialize the function.
2279  // In case the debugger mutates this value, we should deoptimize
2280  // the function and remember the value in the materialized value store.
2281  function_ = Handle<JSFunction>::cast(stack_it->GetValue());
2282  stack_it++; // Skip the function.
2283  stack_it++; // Skip the receiver.
2284 
2285  DCHECK_EQ(TranslatedFrame::kInterpretedFunction, frame_it->kind());
2286  source_position_ = Deoptimizer::ComputeSourcePositionFromBytecodeArray(
2287  *frame_it->shared_info(), frame_it->node_id());
2288 
2289  DCHECK_EQ(parameter_count,
2290  function_->shared()->internal_formal_parameter_count());
2291 
2292  parameters_.resize(static_cast<size_t>(parameter_count));
2293  for (int i = 0; i < parameter_count; i++) {
2294  Handle<Object> parameter = GetValueForDebugger(stack_it, isolate);
2295  SetParameter(i, parameter);
2296  stack_it++;
2297  }
2298 
2299  // Get the context.
2300  context_ = GetValueForDebugger(stack_it, isolate);
2301  stack_it++;
2302 
2303  // Get the expression stack.
2304  int stack_height = frame_it->height();
2305  if (frame_it->kind() == TranslatedFrame::kInterpretedFunction) {
2306  // For interpreter frames, we should not count the accumulator.
2307  // TODO(jarin): Clean up the indexing in translated frames.
2308  stack_height--;
2309  }
2310  expression_stack_.resize(static_cast<size_t>(stack_height));
2311  for (int i = 0; i < stack_height; i++) {
2312  Handle<Object> expression = GetValueForDebugger(stack_it, isolate);
2313  SetExpression(i, expression);
2314  stack_it++;
2315  }
2316 
2317  // For interpreter frame, skip the accumulator.
2318  if (frame_it->kind() == TranslatedFrame::kInterpretedFunction) {
2319  stack_it++;
2320  }
2321  CHECK(stack_it == frame_it->end());
2322 }
2323 
2324 Deoptimizer::DeoptInfo Deoptimizer::GetDeoptInfo(Code code, Address pc) {
2325  CHECK(code->InstructionStart() <= pc && pc <= code->InstructionEnd());
2326  SourcePosition last_position = SourcePosition::Unknown();
2327  DeoptimizeReason last_reason = DeoptimizeReason::kUnknown;
2328  int last_deopt_id = kNoDeoptimizationId;
2329  int mask = RelocInfo::ModeMask(RelocInfo::DEOPT_REASON) |
2330  RelocInfo::ModeMask(RelocInfo::DEOPT_ID) |
2331  RelocInfo::ModeMask(RelocInfo::DEOPT_SCRIPT_OFFSET) |
2332  RelocInfo::ModeMask(RelocInfo::DEOPT_INLINING_ID);
2333  for (RelocIterator it(code, mask); !it.done(); it.next()) {
2334  RelocInfo* info = it.rinfo();
2335  if (info->pc() >= pc) break;
2336  if (info->rmode() == RelocInfo::DEOPT_SCRIPT_OFFSET) {
2337  int script_offset = static_cast<int>(info->data());
2338  it.next();
2339  DCHECK(it.rinfo()->rmode() == RelocInfo::DEOPT_INLINING_ID);
2340  int inlining_id = static_cast<int>(it.rinfo()->data());
2341  last_position = SourcePosition(script_offset, inlining_id);
2342  } else if (info->rmode() == RelocInfo::DEOPT_ID) {
2343  last_deopt_id = static_cast<int>(info->data());
2344  } else if (info->rmode() == RelocInfo::DEOPT_REASON) {
2345  last_reason = static_cast<DeoptimizeReason>(info->data());
2346  }
2347  }
2348  return DeoptInfo(last_position, last_reason, last_deopt_id);
2349 }
2350 
2351 
2352 // static
2353 int Deoptimizer::ComputeSourcePositionFromBytecodeArray(
2354  SharedFunctionInfo* shared, BailoutId node_id) {
2355  DCHECK(shared->HasBytecodeArray());
2356  return AbstractCode::cast(shared->GetBytecodeArray())
2357  ->SourcePosition(node_id.ToInt());
2358 }
2359 
2360 // static
2361 TranslatedValue TranslatedValue::NewDeferredObject(TranslatedState* container,
2362  int length,
2363  int object_index) {
2364  TranslatedValue slot(container, kCapturedObject);
2365  slot.materialization_info_ = {object_index, length};
2366  return slot;
2367 }
2368 
2369 
2370 // static
2371 TranslatedValue TranslatedValue::NewDuplicateObject(TranslatedState* container,
2372  int id) {
2373  TranslatedValue slot(container, kDuplicatedObject);
2374  slot.materialization_info_ = {id, -1};
2375  return slot;
2376 }
2377 
2378 
2379 // static
2380 TranslatedValue TranslatedValue::NewFloat(TranslatedState* container,
2381  Float32 value) {
2382  TranslatedValue slot(container, kFloat);
2383  slot.float_value_ = value;
2384  return slot;
2385 }
2386 
2387 // static
2388 TranslatedValue TranslatedValue::NewDouble(TranslatedState* container,
2389  Float64 value) {
2390  TranslatedValue slot(container, kDouble);
2391  slot.double_value_ = value;
2392  return slot;
2393 }
2394 
2395 
2396 // static
2397 TranslatedValue TranslatedValue::NewInt32(TranslatedState* container,
2398  int32_t value) {
2399  TranslatedValue slot(container, kInt32);
2400  slot.int32_value_ = value;
2401  return slot;
2402 }
2403 
2404 // static
2405 TranslatedValue TranslatedValue::NewInt64(TranslatedState* container,
2406  int64_t value) {
2407  TranslatedValue slot(container, kInt64);
2408  slot.int64_value_ = value;
2409  return slot;
2410 }
2411 
2412 // static
2413 TranslatedValue TranslatedValue::NewUInt32(TranslatedState* container,
2414  uint32_t value) {
2415  TranslatedValue slot(container, kUInt32);
2416  slot.uint32_value_ = value;
2417  return slot;
2418 }
2419 
2420 
2421 // static
2422 TranslatedValue TranslatedValue::NewBool(TranslatedState* container,
2423  uint32_t value) {
2424  TranslatedValue slot(container, kBoolBit);
2425  slot.uint32_value_ = value;
2426  return slot;
2427 }
2428 
2429 
2430 // static
2431 TranslatedValue TranslatedValue::NewTagged(TranslatedState* container,
2432  Object* literal) {
2433  TranslatedValue slot(container, kTagged);
2434  slot.raw_literal_ = literal;
2435  return slot;
2436 }
2437 
2438 
2439 // static
2440 TranslatedValue TranslatedValue::NewInvalid(TranslatedState* container) {
2441  return TranslatedValue(container, kInvalid);
2442 }
2443 
2444 
2445 Isolate* TranslatedValue::isolate() const { return container_->isolate(); }
2446 
2447 
2448 Object* TranslatedValue::raw_literal() const {
2449  DCHECK_EQ(kTagged, kind());
2450  return raw_literal_;
2451 }
2452 
2453 
2454 int32_t TranslatedValue::int32_value() const {
2455  DCHECK_EQ(kInt32, kind());
2456  return int32_value_;
2457 }
2458 
2459 int64_t TranslatedValue::int64_value() const {
2460  DCHECK_EQ(kInt64, kind());
2461  return int64_value_;
2462 }
2463 
2464 uint32_t TranslatedValue::uint32_value() const {
2465  DCHECK(kind() == kUInt32 || kind() == kBoolBit);
2466  return uint32_value_;
2467 }
2468 
2469 Float32 TranslatedValue::float_value() const {
2470  DCHECK_EQ(kFloat, kind());
2471  return float_value_;
2472 }
2473 
2474 Float64 TranslatedValue::double_value() const {
2475  DCHECK_EQ(kDouble, kind());
2476  return double_value_;
2477 }
2478 
2479 
2480 int TranslatedValue::object_length() const {
2481  DCHECK_EQ(kind(), kCapturedObject);
2482  return materialization_info_.length_;
2483 }
2484 
2485 
2486 int TranslatedValue::object_index() const {
2487  DCHECK(kind() == kCapturedObject || kind() == kDuplicatedObject);
2488  return materialization_info_.id_;
2489 }
2490 
2491 
2492 Object* TranslatedValue::GetRawValue() const {
2493  // If we have a value, return it.
2494  if (materialization_state() == kFinished) {
2495  return *storage_;
2496  }
2497 
2498  // Otherwise, do a best effort to get the value without allocation.
2499  switch (kind()) {
2500  case kTagged:
2501  return raw_literal();
2502 
2503  case kInt32: {
2504  bool is_smi = Smi::IsValid(int32_value());
2505  if (is_smi) {
2506  return Smi::FromInt(int32_value());
2507  }
2508  break;
2509  }
2510 
2511  case kInt64: {
2512  bool is_smi = (int64_value() >= static_cast<int64_t>(Smi::kMinValue) &&
2513  int64_value() <= static_cast<int64_t>(Smi::kMaxValue));
2514  if (is_smi) {
2515  return Smi::FromIntptr(static_cast<intptr_t>(int64_value()));
2516  }
2517  break;
2518  }
2519 
2520  case kUInt32: {
2521  bool is_smi = (uint32_value() <= static_cast<uintptr_t>(Smi::kMaxValue));
2522  if (is_smi) {
2523  return Smi::FromInt(static_cast<int32_t>(uint32_value()));
2524  }
2525  break;
2526  }
2527 
2528  case kBoolBit: {
2529  if (uint32_value() == 0) {
2530  return ReadOnlyRoots(isolate()).false_value();
2531  } else {
2532  CHECK_EQ(1U, uint32_value());
2533  return ReadOnlyRoots(isolate()).true_value();
2534  }
2535  }
2536 
2537  default:
2538  break;
2539  }
2540 
2541  // If we could not get the value without allocation, return the arguments
2542  // marker.
2543  return ReadOnlyRoots(isolate()).arguments_marker();
2544 }
2545 
2546 void TranslatedValue::set_initialized_storage(Handle<Object> storage) {
2547  DCHECK_EQ(kUninitialized, materialization_state());
2548  storage_ = storage;
2549  materialization_state_ = kFinished;
2550 }
2551 
2552 Handle<Object> TranslatedValue::GetValue() {
2553  // If we already have a value, then get it.
2554  if (materialization_state() == kFinished) return storage_;
2555 
2556  // Otherwise we have to materialize.
2557  switch (kind()) {
2558  case TranslatedValue::kTagged:
2559  case TranslatedValue::kInt32:
2560  case TranslatedValue::kInt64:
2561  case TranslatedValue::kUInt32:
2562  case TranslatedValue::kBoolBit:
2563  case TranslatedValue::kFloat:
2564  case TranslatedValue::kDouble: {
2565  MaterializeSimple();
2566  return storage_;
2567  }
2568 
2569  case TranslatedValue::kCapturedObject:
2570  case TranslatedValue::kDuplicatedObject: {
2571  // We need to materialize the object (or possibly even object graphs).
2572  // To make the object verifier happy, we materialize in two steps.
2573 
2574  // 1. Allocate storage for reachable objects. This makes sure that for
2575  // each object we have allocated space on heap. The space will be
2576  // a byte array that will be later initialized, or a fully
2577  // initialized object if it is safe to allocate one that will
2578  // pass the verifier.
2579  container_->EnsureObjectAllocatedAt(this);
2580 
2581  // 2. Initialize the objects. If we have allocated only byte arrays
2582  // for some objects, we now overwrite the byte arrays with the
2583  // correct object fields. Note that this phase does not allocate
2584  // any new objects, so it does not trigger the object verifier.
2585  return container_->InitializeObjectAt(this);
2586  }
2587 
2588  case TranslatedValue::kInvalid:
2589  FATAL("unexpected case");
2590  return Handle<Object>::null();
2591  }
2592 
2593  FATAL("internal error: value missing");
2594  return Handle<Object>::null();
2595 }
2596 
2597 void TranslatedValue::MaterializeSimple() {
2598  // If we already have materialized, return.
2599  if (materialization_state() == kFinished) return;
2600 
2601  Object* raw_value = GetRawValue();
2602  if (raw_value != ReadOnlyRoots(isolate()).arguments_marker()) {
2603  // We can get the value without allocation, just return it here.
2604  set_initialized_storage(Handle<Object>(raw_value, isolate()));
2605  return;
2606  }
2607 
2608  switch (kind()) {
2609  case kInt32:
2610  set_initialized_storage(
2611  Handle<Object>(isolate()->factory()->NewNumber(int32_value())));
2612  return;
2613 
2614  case kInt64:
2615  set_initialized_storage(Handle<Object>(
2616  isolate()->factory()->NewNumber(static_cast<double>(int64_value()))));
2617  return;
2618 
2619  case kUInt32:
2620  set_initialized_storage(
2621  Handle<Object>(isolate()->factory()->NewNumber(uint32_value())));
2622  return;
2623 
2624  case kFloat: {
2625  double scalar_value = float_value().get_scalar();
2626  set_initialized_storage(
2627  Handle<Object>(isolate()->factory()->NewNumber(scalar_value)));
2628  return;
2629  }
2630 
2631  case kDouble: {
2632  double scalar_value = double_value().get_scalar();
2633  set_initialized_storage(
2634  Handle<Object>(isolate()->factory()->NewNumber(scalar_value)));
2635  return;
2636  }
2637 
2638  case kCapturedObject:
2639  case kDuplicatedObject:
2640  case kInvalid:
2641  case kTagged:
2642  case kBoolBit:
2643  FATAL("internal error: unexpected materialization.");
2644  break;
2645  }
2646 }
2647 
2648 
2649 bool TranslatedValue::IsMaterializedObject() const {
2650  switch (kind()) {
2651  case kCapturedObject:
2652  case kDuplicatedObject:
2653  return true;
2654  default:
2655  return false;
2656  }
2657 }
2658 
2659 bool TranslatedValue::IsMaterializableByDebugger() const {
2660  // At the moment, we only allow materialization of doubles.
2661  return (kind() == kDouble);
2662 }
2663 
2664 int TranslatedValue::GetChildrenCount() const {
2665  if (kind() == kCapturedObject) {
2666  return object_length();
2667  } else {
2668  return 0;
2669  }
2670 }
2671 
2672 uint64_t TranslatedState::GetUInt64Slot(Address fp, int slot_offset) {
2673  return Memory<uint64_t>(fp + slot_offset);
2674 }
2675 
2676 uint32_t TranslatedState::GetUInt32Slot(Address fp, int slot_offset) {
2677  Address address = fp + slot_offset;
2678 #if V8_TARGET_BIG_ENDIAN && V8_HOST_ARCH_64_BIT
2679  return Memory<uint32_t>(address + kIntSize);
2680 #else
2681  return Memory<uint32_t>(address);
2682 #endif
2683 }
2684 
2685 Float32 TranslatedState::GetFloatSlot(Address fp, int slot_offset) {
2686 #if !V8_TARGET_ARCH_S390X && !V8_TARGET_ARCH_PPC64
2687  return Float32::FromBits(GetUInt32Slot(fp, slot_offset));
2688 #else
2689  return Float32::FromBits(Memory<uint32_t>(fp + slot_offset));
2690 #endif
2691 }
2692 
2693 Float64 TranslatedState::GetDoubleSlot(Address fp, int slot_offset) {
2694  return Float64::FromBits(GetUInt64Slot(fp, slot_offset));
2695 }
2696 
2697 void TranslatedValue::Handlify() {
2698  if (kind() == kTagged) {
2699  set_initialized_storage(Handle<Object>(raw_literal(), isolate()));
2700  raw_literal_ = nullptr;
2701  }
2702 }
2703 
2704 TranslatedFrame TranslatedFrame::InterpretedFrame(
2705  BailoutId bytecode_offset, SharedFunctionInfo* shared_info, int height,
2706  int return_value_offset, int return_value_count) {
2707  TranslatedFrame frame(kInterpretedFunction, shared_info, height,
2708  return_value_offset, return_value_count);
2709  frame.node_id_ = bytecode_offset;
2710  return frame;
2711 }
2712 
2713 
2714 TranslatedFrame TranslatedFrame::ArgumentsAdaptorFrame(
2715  SharedFunctionInfo* shared_info, int height) {
2716  return TranslatedFrame(kArgumentsAdaptor, shared_info, height);
2717 }
2718 
2719 TranslatedFrame TranslatedFrame::ConstructStubFrame(
2720  BailoutId bailout_id, SharedFunctionInfo* shared_info, int height) {
2721  TranslatedFrame frame(kConstructStub, shared_info, height);
2722  frame.node_id_ = bailout_id;
2723  return frame;
2724 }
2725 
2726 TranslatedFrame TranslatedFrame::BuiltinContinuationFrame(
2727  BailoutId bailout_id, SharedFunctionInfo* shared_info, int height) {
2728  TranslatedFrame frame(kBuiltinContinuation, shared_info, height);
2729  frame.node_id_ = bailout_id;
2730  return frame;
2731 }
2732 
2733 TranslatedFrame TranslatedFrame::JavaScriptBuiltinContinuationFrame(
2734  BailoutId bailout_id, SharedFunctionInfo* shared_info, int height) {
2735  TranslatedFrame frame(kJavaScriptBuiltinContinuation, shared_info, height);
2736  frame.node_id_ = bailout_id;
2737  return frame;
2738 }
2739 
2740 TranslatedFrame TranslatedFrame::JavaScriptBuiltinContinuationWithCatchFrame(
2741  BailoutId bailout_id, SharedFunctionInfo* shared_info, int height) {
2742  TranslatedFrame frame(kJavaScriptBuiltinContinuationWithCatch, shared_info,
2743  height);
2744  frame.node_id_ = bailout_id;
2745  return frame;
2746 }
2747 
2748 int TranslatedFrame::GetValueCount() {
2749  switch (kind()) {
2750  case kInterpretedFunction: {
2751  int parameter_count =
2752  raw_shared_info_->internal_formal_parameter_count() + 1;
2753  // + 2 for function and context.
2754  return height_ + parameter_count + 2;
2755  }
2756 
2757  case kArgumentsAdaptor:
2758  case kConstructStub:
2759  case kBuiltinContinuation:
2760  case kJavaScriptBuiltinContinuation:
2761  case kJavaScriptBuiltinContinuationWithCatch:
2762  return 1 + height_;
2763 
2764  case kInvalid:
2765  UNREACHABLE();
2766  break;
2767  }
2768  UNREACHABLE();
2769 }
2770 
2771 
2772 void TranslatedFrame::Handlify() {
2773  if (raw_shared_info_ != nullptr) {
2774  shared_info_ = Handle<SharedFunctionInfo>(raw_shared_info_,
2775  raw_shared_info_->GetIsolate());
2776  raw_shared_info_ = nullptr;
2777  }
2778  for (auto& value : values_) {
2779  value.Handlify();
2780  }
2781 }
2782 
2783 TranslatedFrame TranslatedState::CreateNextTranslatedFrame(
2784  TranslationIterator* iterator, FixedArray literal_array, Address fp,
2785  FILE* trace_file) {
2786  Translation::Opcode opcode =
2787  static_cast<Translation::Opcode>(iterator->Next());
2788  switch (opcode) {
2789  case Translation::INTERPRETED_FRAME: {
2790  BailoutId bytecode_offset = BailoutId(iterator->Next());
2791  SharedFunctionInfo* shared_info =
2792  SharedFunctionInfo::cast(literal_array->get(iterator->Next()));
2793  int height = iterator->Next();
2794  int return_value_offset = iterator->Next();
2795  int return_value_count = iterator->Next();
2796  if (trace_file != nullptr) {
2797  std::unique_ptr<char[]> name = shared_info->DebugName()->ToCString();
2798  PrintF(trace_file, " reading input frame %s", name.get());
2799  int arg_count = shared_info->internal_formal_parameter_count() + 1;
2800  PrintF(trace_file,
2801  " => bytecode_offset=%d, args=%d, height=%d, retval=%i(#%i); "
2802  "inputs:\n",
2803  bytecode_offset.ToInt(), arg_count, height, return_value_offset,
2804  return_value_count);
2805  }
2806  return TranslatedFrame::InterpretedFrame(bytecode_offset, shared_info,
2807  height, return_value_offset,
2808  return_value_count);
2809  }
2810 
2811  case Translation::ARGUMENTS_ADAPTOR_FRAME: {
2812  SharedFunctionInfo* shared_info =
2813  SharedFunctionInfo::cast(literal_array->get(iterator->Next()));
2814  int height = iterator->Next();
2815  if (trace_file != nullptr) {
2816  std::unique_ptr<char[]> name = shared_info->DebugName()->ToCString();
2817  PrintF(trace_file, " reading arguments adaptor frame %s", name.get());
2818  PrintF(trace_file, " => height=%d; inputs:\n", height);
2819  }
2820  return TranslatedFrame::ArgumentsAdaptorFrame(shared_info, height);
2821  }
2822 
2823  case Translation::CONSTRUCT_STUB_FRAME: {
2824  BailoutId bailout_id = BailoutId(iterator->Next());
2825  SharedFunctionInfo* shared_info =
2826  SharedFunctionInfo::cast(literal_array->get(iterator->Next()));
2827  int height = iterator->Next();
2828  if (trace_file != nullptr) {
2829  std::unique_ptr<char[]> name = shared_info->DebugName()->ToCString();
2830  PrintF(trace_file, " reading construct stub frame %s", name.get());
2831  PrintF(trace_file, " => bailout_id=%d, height=%d; inputs:\n",
2832  bailout_id.ToInt(), height);
2833  }
2834  return TranslatedFrame::ConstructStubFrame(bailout_id, shared_info,
2835  height);
2836  }
2837 
2838  case Translation::BUILTIN_CONTINUATION_FRAME: {
2839  BailoutId bailout_id = BailoutId(iterator->Next());
2840  SharedFunctionInfo* shared_info =
2841  SharedFunctionInfo::cast(literal_array->get(iterator->Next()));
2842  int height = iterator->Next();
2843  if (trace_file != nullptr) {
2844  std::unique_ptr<char[]> name = shared_info->DebugName()->ToCString();
2845  PrintF(trace_file, " reading builtin continuation frame %s",
2846  name.get());
2847  PrintF(trace_file, " => bailout_id=%d, height=%d; inputs:\n",
2848  bailout_id.ToInt(), height);
2849  }
2850  // Add one to the height to account for the context which was implicitly
2851  // added to the translation during code generation.
2852  int height_with_context = height + 1;
2853  return TranslatedFrame::BuiltinContinuationFrame(bailout_id, shared_info,
2854  height_with_context);
2855  }
2856 
2857  case Translation::JAVA_SCRIPT_BUILTIN_CONTINUATION_FRAME: {
2858  BailoutId bailout_id = BailoutId(iterator->Next());
2859  SharedFunctionInfo* shared_info =
2860  SharedFunctionInfo::cast(literal_array->get(iterator->Next()));
2861  int height = iterator->Next();
2862  if (trace_file != nullptr) {
2863  std::unique_ptr<char[]> name = shared_info->DebugName()->ToCString();
2864  PrintF(trace_file, " reading JavaScript builtin continuation frame %s",
2865  name.get());
2866  PrintF(trace_file, " => bailout_id=%d, height=%d; inputs:\n",
2867  bailout_id.ToInt(), height);
2868  }
2869  // Add one to the height to account for the context which was implicitly
2870  // added to the translation during code generation.
2871  int height_with_context = height + 1;
2872  return TranslatedFrame::JavaScriptBuiltinContinuationFrame(
2873  bailout_id, shared_info, height_with_context);
2874  }
2875  case Translation::JAVA_SCRIPT_BUILTIN_CONTINUATION_WITH_CATCH_FRAME: {
2876  BailoutId bailout_id = BailoutId(iterator->Next());
2877  SharedFunctionInfo* shared_info =
2878  SharedFunctionInfo::cast(literal_array->get(iterator->Next()));
2879  int height = iterator->Next();
2880  if (trace_file != nullptr) {
2881  std::unique_ptr<char[]> name = shared_info->DebugName()->ToCString();
2882  PrintF(trace_file,
2883  " reading JavaScript builtin continuation frame with catch %s",
2884  name.get());
2885  PrintF(trace_file, " => bailout_id=%d, height=%d; inputs:\n",
2886  bailout_id.ToInt(), height);
2887  }
2888  // Add one to the height to account for the context which was implicitly
2889  // added to the translation during code generation.
2890  int height_with_context = height + 1;
2891  return TranslatedFrame::JavaScriptBuiltinContinuationWithCatchFrame(
2892  bailout_id, shared_info, height_with_context);
2893  }
2894  case Translation::UPDATE_FEEDBACK:
2895  case Translation::BEGIN:
2896  case Translation::DUPLICATED_OBJECT:
2897  case Translation::ARGUMENTS_ELEMENTS:
2898  case Translation::ARGUMENTS_LENGTH:
2899  case Translation::CAPTURED_OBJECT:
2900  case Translation::REGISTER:
2901  case Translation::INT32_REGISTER:
2902  case Translation::INT64_REGISTER:
2903  case Translation::UINT32_REGISTER:
2904  case Translation::BOOL_REGISTER:
2905  case Translation::FLOAT_REGISTER:
2906  case Translation::DOUBLE_REGISTER:
2907  case Translation::STACK_SLOT:
2908  case Translation::INT32_STACK_SLOT:
2909  case Translation::INT64_STACK_SLOT:
2910  case Translation::UINT32_STACK_SLOT:
2911  case Translation::BOOL_STACK_SLOT:
2912  case Translation::FLOAT_STACK_SLOT:
2913  case Translation::DOUBLE_STACK_SLOT:
2914  case Translation::LITERAL:
2915  break;
2916  }
2917  FATAL("We should never get here - unexpected deopt info.");
2918  return TranslatedFrame::InvalidFrame();
2919 }
2920 
2921 // static
2922 void TranslatedFrame::AdvanceIterator(
2923  std::deque<TranslatedValue>::iterator* iter) {
2924  int values_to_skip = 1;
2925  while (values_to_skip > 0) {
2926  // Consume the current element.
2927  values_to_skip--;
2928  // Add all the children.
2929  values_to_skip += (*iter)->GetChildrenCount();
2930 
2931  (*iter)++;
2932  }
2933 }
2934 
2935 Address TranslatedState::ComputeArgumentsPosition(Address input_frame_pointer,
2936  CreateArgumentsType type,
2937  int* length) {
2938  Address parent_frame_pointer = *reinterpret_cast<Address*>(
2939  input_frame_pointer + StandardFrameConstants::kCallerFPOffset);
2940  intptr_t parent_frame_type = Memory<intptr_t>(
2941  parent_frame_pointer + CommonFrameConstants::kContextOrFrameTypeOffset);
2942 
2943  Address arguments_frame;
2944  if (parent_frame_type ==
2945  StackFrame::TypeToMarker(StackFrame::ARGUMENTS_ADAPTOR)) {
2946  if (length)
2947  *length = Smi::cast(*reinterpret_cast<Object**>(
2948  parent_frame_pointer +
2949  ArgumentsAdaptorFrameConstants::kLengthOffset))
2950  ->value();
2951  arguments_frame = parent_frame_pointer;
2952  } else {
2953  if (length) *length = formal_parameter_count_;
2954  arguments_frame = input_frame_pointer;
2955  }
2956 
2957  if (type == CreateArgumentsType::kRestParameter) {
2958  // If the actual number of arguments is less than the number of formal
2959  // parameters, we have zero rest parameters.
2960  if (length) *length = std::max(0, *length - formal_parameter_count_);
2961  }
2962 
2963  return arguments_frame;
2964 }
2965 
2966 // Creates translated values for an arguments backing store, or the backing
2967 // store for rest parameters depending on the given {type}. The TranslatedValue
2968 // objects for the fields are not read from the TranslationIterator, but instead
2969 // created on-the-fly based on dynamic information in the optimized frame.
2970 void TranslatedState::CreateArgumentsElementsTranslatedValues(
2971  int frame_index, Address input_frame_pointer, CreateArgumentsType type,
2972  FILE* trace_file) {
2973  TranslatedFrame& frame = frames_[frame_index];
2974 
2975  int length;
2976  Address arguments_frame =
2977  ComputeArgumentsPosition(input_frame_pointer, type, &length);
2978 
2979  int object_index = static_cast<int>(object_positions_.size());
2980  int value_index = static_cast<int>(frame.values_.size());
2981  if (trace_file != nullptr) {
2982  PrintF(trace_file, "arguments elements object #%d (type = %d, length = %d)",
2983  object_index, static_cast<uint8_t>(type), length);
2984  }
2985 
2986  object_positions_.push_back({frame_index, value_index});
2987  frame.Add(TranslatedValue::NewDeferredObject(
2988  this, length + FixedArray::kHeaderSize / kPointerSize, object_index));
2989 
2990  ReadOnlyRoots roots(isolate_);
2991  frame.Add(TranslatedValue::NewTagged(this, roots.fixed_array_map()));
2992  frame.Add(TranslatedValue::NewInt32(this, length));
2993 
2994  int number_of_holes = 0;
2995  if (type == CreateArgumentsType::kMappedArguments) {
2996  // If the actual number of arguments is less than the number of formal
2997  // parameters, we have fewer holes to fill to not overshoot the length.
2998  number_of_holes = Min(formal_parameter_count_, length);
2999  }
3000  for (int i = 0; i < number_of_holes; ++i) {
3001  frame.Add(TranslatedValue::NewTagged(this, roots.the_hole_value()));
3002  }
3003  for (int i = length - number_of_holes - 1; i >= 0; --i) {
3004  Address argument_slot = arguments_frame +
3005  CommonFrameConstants::kFixedFrameSizeAboveFp +
3006  i * kPointerSize;
3007  frame.Add(TranslatedValue::NewTagged(
3008  this, *reinterpret_cast<Object**>(argument_slot)));
3009  }
3010 }
3011 
3012 // We can't intermix stack decoding and allocations because the deoptimization
3013 // infrastracture is not GC safe.
3014 // Thus we build a temporary structure in malloced space.
3015 // The TranslatedValue objects created correspond to the static translation
3016 // instructions from the TranslationIterator, except for
3017 // Translation::ARGUMENTS_ELEMENTS, where the number and values of the
3018 // FixedArray elements depend on dynamic information from the optimized frame.
3019 // Returns the number of expected nested translations from the
3020 // TranslationIterator.
3021 int TranslatedState::CreateNextTranslatedValue(
3022  int frame_index, TranslationIterator* iterator, FixedArray literal_array,
3023  Address fp, RegisterValues* registers, FILE* trace_file) {
3024  disasm::NameConverter converter;
3025 
3026  TranslatedFrame& frame = frames_[frame_index];
3027  int value_index = static_cast<int>(frame.values_.size());
3028 
3029  Translation::Opcode opcode =
3030  static_cast<Translation::Opcode>(iterator->Next());
3031  switch (opcode) {
3032  case Translation::BEGIN:
3033  case Translation::INTERPRETED_FRAME:
3034  case Translation::ARGUMENTS_ADAPTOR_FRAME:
3035  case Translation::CONSTRUCT_STUB_FRAME:
3036  case Translation::JAVA_SCRIPT_BUILTIN_CONTINUATION_FRAME:
3037  case Translation::JAVA_SCRIPT_BUILTIN_CONTINUATION_WITH_CATCH_FRAME:
3038  case Translation::BUILTIN_CONTINUATION_FRAME:
3039  case Translation::UPDATE_FEEDBACK:
3040  // Peeled off before getting here.
3041  break;
3042 
3043  case Translation::DUPLICATED_OBJECT: {
3044  int object_id = iterator->Next();
3045  if (trace_file != nullptr) {
3046  PrintF(trace_file, "duplicated object #%d", object_id);
3047  }
3048  object_positions_.push_back(object_positions_[object_id]);
3049  TranslatedValue translated_value =
3050  TranslatedValue::NewDuplicateObject(this, object_id);
3051  frame.Add(translated_value);
3052  return translated_value.GetChildrenCount();
3053  }
3054 
3055  case Translation::ARGUMENTS_ELEMENTS: {
3056  CreateArgumentsType arguments_type =
3057  static_cast<CreateArgumentsType>(iterator->Next());
3058  CreateArgumentsElementsTranslatedValues(frame_index, fp, arguments_type,
3059  trace_file);
3060  return 0;
3061  }
3062 
3063  case Translation::ARGUMENTS_LENGTH: {
3064  CreateArgumentsType arguments_type =
3065  static_cast<CreateArgumentsType>(iterator->Next());
3066  int length;
3067  ComputeArgumentsPosition(fp, arguments_type, &length);
3068  if (trace_file != nullptr) {
3069  PrintF(trace_file, "arguments length field (type = %d, length = %d)",
3070  static_cast<uint8_t>(arguments_type), length);
3071  }
3072  frame.Add(TranslatedValue::NewInt32(this, length));
3073  return 0;
3074  }
3075 
3076  case Translation::CAPTURED_OBJECT: {
3077  int field_count = iterator->Next();
3078  int object_index = static_cast<int>(object_positions_.size());
3079  if (trace_file != nullptr) {
3080  PrintF(trace_file, "captured object #%d (length = %d)", object_index,
3081  field_count);
3082  }
3083  object_positions_.push_back({frame_index, value_index});
3084  TranslatedValue translated_value =
3085  TranslatedValue::NewDeferredObject(this, field_count, object_index);
3086  frame.Add(translated_value);
3087  return translated_value.GetChildrenCount();
3088  }
3089 
3090  case Translation::REGISTER: {
3091  int input_reg = iterator->Next();
3092  if (registers == nullptr) {
3093  TranslatedValue translated_value = TranslatedValue::NewInvalid(this);
3094  frame.Add(translated_value);
3095  return translated_value.GetChildrenCount();
3096  }
3097  intptr_t value = registers->GetRegister(input_reg);
3098  if (trace_file != nullptr) {
3099  PrintF(trace_file, V8PRIxPTR_FMT " ; %s ", value,
3100  converter.NameOfCPURegister(input_reg));
3101  reinterpret_cast<Object*>(value)->ShortPrint(trace_file);
3102  }
3103  TranslatedValue translated_value =
3104  TranslatedValue::NewTagged(this, reinterpret_cast<Object*>(value));
3105  frame.Add(translated_value);
3106  return translated_value.GetChildrenCount();
3107  }
3108 
3109  case Translation::INT32_REGISTER: {
3110  int input_reg = iterator->Next();
3111  if (registers == nullptr) {
3112  TranslatedValue translated_value = TranslatedValue::NewInvalid(this);
3113  frame.Add(translated_value);
3114  return translated_value.GetChildrenCount();
3115  }
3116  intptr_t value = registers->GetRegister(input_reg);
3117  if (trace_file != nullptr) {
3118  PrintF(trace_file, "%" V8PRIdPTR " ; %s (int32)", value,
3119  converter.NameOfCPURegister(input_reg));
3120  }
3121  TranslatedValue translated_value =
3122  TranslatedValue::NewInt32(this, static_cast<int32_t>(value));
3123  frame.Add(translated_value);
3124  return translated_value.GetChildrenCount();
3125  }
3126 
3127  case Translation::INT64_REGISTER: {
3128  int input_reg = iterator->Next();
3129  if (registers == nullptr) {
3130  TranslatedValue translated_value = TranslatedValue::NewInvalid(this);
3131  frame.Add(translated_value);
3132  return translated_value.GetChildrenCount();
3133  }
3134  intptr_t value = registers->GetRegister(input_reg);
3135  if (trace_file != nullptr) {
3136  PrintF(trace_file, "%" V8PRIdPTR " ; %s (int64)", value,
3137  converter.NameOfCPURegister(input_reg));
3138  }
3139  TranslatedValue translated_value =
3140  TranslatedValue::NewInt64(this, static_cast<int64_t>(value));
3141  frame.Add(translated_value);
3142  return translated_value.GetChildrenCount();
3143  }
3144 
3145  case Translation::UINT32_REGISTER: {
3146  int input_reg = iterator->Next();
3147  if (registers == nullptr) {
3148  TranslatedValue translated_value = TranslatedValue::NewInvalid(this);
3149  frame.Add(translated_value);
3150  return translated_value.GetChildrenCount();
3151  }
3152  intptr_t value = registers->GetRegister(input_reg);
3153  if (trace_file != nullptr) {
3154  PrintF(trace_file, "%" V8PRIuPTR " ; %s (uint32)", value,
3155  converter.NameOfCPURegister(input_reg));
3156  }
3157  TranslatedValue translated_value =
3158  TranslatedValue::NewUInt32(this, static_cast<uint32_t>(value));
3159  frame.Add(translated_value);
3160  return translated_value.GetChildrenCount();
3161  }
3162 
3163  case Translation::BOOL_REGISTER: {
3164  int input_reg = iterator->Next();
3165  if (registers == nullptr) {
3166  TranslatedValue translated_value = TranslatedValue::NewInvalid(this);
3167  frame.Add(translated_value);
3168  return translated_value.GetChildrenCount();
3169  }
3170  intptr_t value = registers->GetRegister(input_reg);
3171  if (trace_file != nullptr) {
3172  PrintF(trace_file, "%" V8PRIdPTR " ; %s (bool)", value,
3173  converter.NameOfCPURegister(input_reg));
3174  }
3175  TranslatedValue translated_value =
3176  TranslatedValue::NewBool(this, static_cast<uint32_t>(value));
3177  frame.Add(translated_value);
3178  return translated_value.GetChildrenCount();
3179  }
3180 
3181  case Translation::FLOAT_REGISTER: {
3182  int input_reg = iterator->Next();
3183  if (registers == nullptr) {
3184  TranslatedValue translated_value = TranslatedValue::NewInvalid(this);
3185  frame.Add(translated_value);
3186  return translated_value.GetChildrenCount();
3187  }
3188  Float32 value = registers->GetFloatRegister(input_reg);
3189  if (trace_file != nullptr) {
3190  PrintF(trace_file, "%e ; %s (float)", value.get_scalar(),
3191  RegisterName(FloatRegister::from_code(input_reg)));
3192  }
3193  TranslatedValue translated_value = TranslatedValue::NewFloat(this, value);
3194  frame.Add(translated_value);
3195  return translated_value.GetChildrenCount();
3196  }
3197 
3198  case Translation::DOUBLE_REGISTER: {
3199  int input_reg = iterator->Next();
3200  if (registers == nullptr) {
3201  TranslatedValue translated_value = TranslatedValue::NewInvalid(this);
3202  frame.Add(translated_value);
3203  return translated_value.GetChildrenCount();
3204  }
3205  Float64 value = registers->GetDoubleRegister(input_reg);
3206  if (trace_file != nullptr) {
3207  PrintF(trace_file, "%e ; %s (double)", value.get_scalar(),
3208  RegisterName(DoubleRegister::from_code(input_reg)));
3209  }
3210  TranslatedValue translated_value =
3211  TranslatedValue::NewDouble(this, value);
3212  frame.Add(translated_value);
3213  return translated_value.GetChildrenCount();
3214  }
3215 
3216  case Translation::STACK_SLOT: {
3217  int slot_offset =
3218  OptimizedFrame::StackSlotOffsetRelativeToFp(iterator->Next());
3219  intptr_t value = *(reinterpret_cast<intptr_t*>(fp + slot_offset));
3220  if (trace_file != nullptr) {
3221  PrintF(trace_file, V8PRIxPTR_FMT " ; [fp %c %3d] ", value,
3222  slot_offset < 0 ? '-' : '+', std::abs(slot_offset));
3223  reinterpret_cast<Object*>(value)->ShortPrint(trace_file);
3224  }
3225  TranslatedValue translated_value =
3226  TranslatedValue::NewTagged(this, reinterpret_cast<Object*>(value));
3227  frame.Add(translated_value);
3228  return translated_value.GetChildrenCount();
3229  }
3230 
3231  case Translation::INT32_STACK_SLOT: {
3232  int slot_offset =
3233  OptimizedFrame::StackSlotOffsetRelativeToFp(iterator->Next());
3234  uint32_t value = GetUInt32Slot(fp, slot_offset);
3235  if (trace_file != nullptr) {
3236  PrintF(trace_file, "%d ; (int32) [fp %c %3d] ",
3237  static_cast<int32_t>(value), slot_offset < 0 ? '-' : '+',
3238  std::abs(slot_offset));
3239  }
3240  TranslatedValue translated_value = TranslatedValue::NewInt32(this, value);
3241  frame.Add(translated_value);
3242  return translated_value.GetChildrenCount();
3243  }
3244 
3245  case Translation::INT64_STACK_SLOT: {
3246  int slot_offset =
3247  OptimizedFrame::StackSlotOffsetRelativeToFp(iterator->Next());
3248  uint64_t value = GetUInt64Slot(fp, slot_offset);
3249  if (trace_file != nullptr) {
3250  PrintF(trace_file, "%" V8PRIdPTR " ; (int64) [fp %c %3d] ",
3251  static_cast<intptr_t>(value), slot_offset < 0 ? '-' : '+',
3252  std::abs(slot_offset));
3253  }
3254  TranslatedValue translated_value = TranslatedValue::NewInt64(this, value);
3255  frame.Add(translated_value);
3256  return translated_value.GetChildrenCount();
3257  }
3258 
3259  case Translation::UINT32_STACK_SLOT: {
3260  int slot_offset =
3261  OptimizedFrame::StackSlotOffsetRelativeToFp(iterator->Next());
3262  uint32_t value = GetUInt32Slot(fp, slot_offset);
3263  if (trace_file != nullptr) {
3264  PrintF(trace_file, "%u ; (uint32) [fp %c %3d] ", value,
3265  slot_offset < 0 ? '-' : '+', std::abs(slot_offset));
3266  }
3267  TranslatedValue translated_value =
3268  TranslatedValue::NewUInt32(this, value);
3269  frame.Add(translated_value);
3270  return translated_value.GetChildrenCount();
3271  }
3272 
3273  case Translation::BOOL_STACK_SLOT: {
3274  int slot_offset =
3275  OptimizedFrame::StackSlotOffsetRelativeToFp(iterator->Next());
3276  uint32_t value = GetUInt32Slot(fp, slot_offset);
3277  if (trace_file != nullptr) {
3278  PrintF(trace_file, "%u ; (bool) [fp %c %3d] ", value,
3279  slot_offset < 0 ? '-' : '+', std::abs(slot_offset));
3280  }
3281  TranslatedValue translated_value = TranslatedValue::NewBool(this, value);
3282  frame.Add(translated_value);
3283  return translated_value.GetChildrenCount();
3284  }
3285 
3286  case Translation::FLOAT_STACK_SLOT: {
3287  int slot_offset =
3288  OptimizedFrame::StackSlotOffsetRelativeToFp(iterator->Next());
3289  Float32 value = GetFloatSlot(fp, slot_offset);
3290  if (trace_file != nullptr) {
3291  PrintF(trace_file, "%e ; (float) [fp %c %3d] ", value.get_scalar(),
3292  slot_offset < 0 ? '-' : '+', std::abs(slot_offset));
3293  }
3294  TranslatedValue translated_value = TranslatedValue::NewFloat(this, value);
3295  frame.Add(translated_value);
3296  return translated_value.GetChildrenCount();
3297  }
3298 
3299  case Translation::DOUBLE_STACK_SLOT: {
3300  int slot_offset =
3301  OptimizedFrame::StackSlotOffsetRelativeToFp(iterator->Next());
3302  Float64 value = GetDoubleSlot(fp, slot_offset);
3303  if (trace_file != nullptr) {
3304  PrintF(trace_file, "%e ; (double) [fp %c %d] ", value.get_scalar(),
3305  slot_offset < 0 ? '-' : '+', std::abs(slot_offset));
3306  }
3307  TranslatedValue translated_value =
3308  TranslatedValue::NewDouble(this, value);
3309  frame.Add(translated_value);
3310  return translated_value.GetChildrenCount();
3311  }
3312 
3313  case Translation::LITERAL: {
3314  int literal_index = iterator->Next();
3315  Object* value = literal_array->get(literal_index);
3316  if (trace_file != nullptr) {
3317  PrintF(trace_file, V8PRIxPTR_FMT " ; (literal %2d) ",
3318  reinterpret_cast<intptr_t>(value), literal_index);
3319  reinterpret_cast<Object*>(value)->ShortPrint(trace_file);
3320  }
3321 
3322  TranslatedValue translated_value =
3323  TranslatedValue::NewTagged(this, value);
3324  frame.Add(translated_value);
3325  return translated_value.GetChildrenCount();
3326  }
3327  }
3328 
3329  FATAL("We should never get here - unexpected deopt info.");
3330 }
3331 
3332 TranslatedState::TranslatedState(const JavaScriptFrame* frame) {
3333  int deopt_index = Safepoint::kNoDeoptimizationIndex;
3334  DeoptimizationData data =
3335  static_cast<const OptimizedFrame*>(frame)->GetDeoptimizationData(
3336  &deopt_index);
3337  DCHECK(!data.is_null() && deopt_index != Safepoint::kNoDeoptimizationIndex);
3338  TranslationIterator it(data->TranslationByteArray(),
3339  data->TranslationIndex(deopt_index)->value());
3340  Init(frame->isolate(), frame->fp(), &it, data->LiteralArray(),
3341  nullptr /* registers */, nullptr /* trace file */,
3342  frame->function()->shared()->internal_formal_parameter_count());
3343 }
3344 
3345 void TranslatedState::Init(Isolate* isolate, Address input_frame_pointer,
3346  TranslationIterator* iterator,
3347  FixedArray literal_array, RegisterValues* registers,
3348  FILE* trace_file, int formal_parameter_count) {
3349  DCHECK(frames_.empty());
3350 
3351  formal_parameter_count_ = formal_parameter_count;
3352  isolate_ = isolate;
3353 
3354  // Read out the 'header' translation.
3355  Translation::Opcode opcode =
3356  static_cast<Translation::Opcode>(iterator->Next());
3357  CHECK(opcode == Translation::BEGIN);
3358 
3359  int count = iterator->Next();
3360  frames_.reserve(count);
3361  iterator->Next(); // Drop JS frames count.
3362  int update_feedback_count = iterator->Next();
3363  CHECK_GE(update_feedback_count, 0);
3364  CHECK_LE(update_feedback_count, 1);
3365 
3366  if (update_feedback_count == 1) {
3367  ReadUpdateFeedback(iterator, literal_array, trace_file);
3368  }
3369 
3370  std::stack<int> nested_counts;
3371 
3372  // Read the frames
3373  for (int frame_index = 0; frame_index < count; frame_index++) {
3374  // Read the frame descriptor.
3375  frames_.push_back(CreateNextTranslatedFrame(
3376  iterator, literal_array, input_frame_pointer, trace_file));
3377  TranslatedFrame& frame = frames_.back();
3378 
3379  // Read the values.
3380  int values_to_process = frame.GetValueCount();
3381  while (values_to_process > 0 || !nested_counts.empty()) {
3382  if (trace_file != nullptr) {
3383  if (nested_counts.empty()) {
3384  // For top level values, print the value number.
3385  PrintF(trace_file, " %3i: ",
3386  frame.GetValueCount() - values_to_process);
3387  } else {
3388  // Take care of indenting for nested values.
3389  PrintF(trace_file, " ");
3390  for (size_t j = 0; j < nested_counts.size(); j++) {
3391  PrintF(trace_file, " ");
3392  }
3393  }
3394  }
3395 
3396  int nested_count =
3397  CreateNextTranslatedValue(frame_index, iterator, literal_array,
3398  input_frame_pointer, registers, trace_file);
3399 
3400  if (trace_file != nullptr) {
3401  PrintF(trace_file, "\n");
3402  }
3403 
3404  // Update the value count and resolve the nesting.
3405  values_to_process--;
3406  if (nested_count > 0) {
3407  nested_counts.push(values_to_process);
3408  values_to_process = nested_count;
3409  } else {
3410  while (values_to_process == 0 && !nested_counts.empty()) {
3411  values_to_process = nested_counts.top();
3412  nested_counts.pop();
3413  }
3414  }
3415  }
3416  }
3417 
3418  CHECK(!iterator->HasNext() ||
3419  static_cast<Translation::Opcode>(iterator->Next()) ==
3420  Translation::BEGIN);
3421 }
3422 
3423 void TranslatedState::Prepare(Address stack_frame_pointer) {
3424  for (auto& frame : frames_) frame.Handlify();
3425 
3426  if (feedback_vector_ != nullptr) {
3427  feedback_vector_handle_ =
3428  Handle<FeedbackVector>(feedback_vector_, isolate());
3429  feedback_vector_ = nullptr;
3430  }
3431  stack_frame_pointer_ = stack_frame_pointer;
3432 
3433  UpdateFromPreviouslyMaterializedObjects();
3434 }
3435 
3436 TranslatedValue* TranslatedState::GetValueByObjectIndex(int object_index) {
3437  CHECK_LT(static_cast<size_t>(object_index), object_positions_.size());
3438  TranslatedState::ObjectPosition pos = object_positions_[object_index];
3439  return &(frames_[pos.frame_index_].values_[pos.value_index_]);
3440 }
3441 
3442 Handle<Object> TranslatedState::InitializeObjectAt(TranslatedValue* slot) {
3443  slot = ResolveCapturedObject(slot);
3444 
3445  DisallowHeapAllocation no_allocation;
3446  if (slot->materialization_state() != TranslatedValue::kFinished) {
3447  std::stack<int> worklist;
3448  worklist.push(slot->object_index());
3449  slot->mark_finished();
3450 
3451  while (!worklist.empty()) {
3452  int index = worklist.top();
3453  worklist.pop();
3454  InitializeCapturedObjectAt(index, &worklist, no_allocation);
3455  }
3456  }
3457  return slot->GetStorage();
3458 }
3459 
3460 void TranslatedState::InitializeCapturedObjectAt(
3461  int object_index, std::stack<int>* worklist,
3462  const DisallowHeapAllocation& no_allocation) {
3463  CHECK_LT(static_cast<size_t>(object_index), object_positions_.size());
3464  TranslatedState::ObjectPosition pos = object_positions_[object_index];
3465  int value_index = pos.value_index_;
3466 
3467  TranslatedFrame* frame = &(frames_[pos.frame_index_]);
3468  TranslatedValue* slot = &(frame->values_[value_index]);
3469  value_index++;
3470 
3471  CHECK_EQ(TranslatedValue::kFinished, slot->materialization_state());
3472  CHECK_EQ(TranslatedValue::kCapturedObject, slot->kind());
3473 
3474  // Ensure all fields are initialized.
3475  int children_init_index = value_index;
3476  for (int i = 0; i < slot->GetChildrenCount(); i++) {
3477  // If the field is an object that has not been initialized yet, queue it
3478  // for initialization (and mark it as such).
3479  TranslatedValue* child_slot = frame->ValueAt(children_init_index);
3480  if (child_slot->kind() == TranslatedValue::kCapturedObject ||
3481  child_slot->kind() == TranslatedValue::kDuplicatedObject) {
3482  child_slot = ResolveCapturedObject(child_slot);
3483  if (child_slot->materialization_state() != TranslatedValue::kFinished) {
3484  DCHECK_EQ(TranslatedValue::kAllocated,
3485  child_slot->materialization_state());
3486  worklist->push(child_slot->object_index());
3487  child_slot->mark_finished();
3488  }
3489  }
3490  SkipSlots(1, frame, &children_init_index);
3491  }
3492 
3493  // Read the map.
3494  // The map should never be materialized, so let us check we already have
3495  // an existing object here.
3496  CHECK_EQ(frame->values_[value_index].kind(), TranslatedValue::kTagged);
3497  Handle<Map> map = Handle<Map>::cast(frame->values_[value_index].GetValue());
3498  CHECK(map->IsMap());
3499  value_index++;
3500 
3501  // Handle the special cases.
3502  switch (map->instance_type()) {
3503  case MUTABLE_HEAP_NUMBER_TYPE:
3504  case FIXED_DOUBLE_ARRAY_TYPE:
3505  return;
3506 
3507  case FIXED_ARRAY_TYPE:
3508  case AWAIT_CONTEXT_TYPE:
3509  case BLOCK_CONTEXT_TYPE:
3510  case CATCH_CONTEXT_TYPE:
3511  case DEBUG_EVALUATE_CONTEXT_TYPE:
3512  case EVAL_CONTEXT_TYPE:
3513  case FUNCTION_CONTEXT_TYPE:
3514  case MODULE_CONTEXT_TYPE:
3515  case NATIVE_CONTEXT_TYPE:
3516  case SCRIPT_CONTEXT_TYPE:
3517  case WITH_CONTEXT_TYPE:
3518  case OBJECT_BOILERPLATE_DESCRIPTION_TYPE:
3519  case HASH_TABLE_TYPE:
3520  case ORDERED_HASH_MAP_TYPE:
3521  case ORDERED_HASH_SET_TYPE:
3522  case NAME_DICTIONARY_TYPE:
3523  case GLOBAL_DICTIONARY_TYPE:
3524  case NUMBER_DICTIONARY_TYPE:
3525  case SIMPLE_NUMBER_DICTIONARY_TYPE:
3526  case STRING_TABLE_TYPE:
3527  case PROPERTY_ARRAY_TYPE:
3528  case SCRIPT_CONTEXT_TABLE_TYPE:
3529  InitializeObjectWithTaggedFieldsAt(frame, &value_index, slot, map,
3530  no_allocation);
3531  break;
3532 
3533  default:
3534  CHECK(map->IsJSObjectMap());
3535  InitializeJSObjectAt(frame, &value_index, slot, map, no_allocation);
3536  break;
3537  }
3538  CHECK_EQ(value_index, children_init_index);
3539 }
3540 
3541 void TranslatedState::EnsureObjectAllocatedAt(TranslatedValue* slot) {
3542  slot = ResolveCapturedObject(slot);
3543 
3544  if (slot->materialization_state() == TranslatedValue::kUninitialized) {
3545  std::stack<int> worklist;
3546  worklist.push(slot->object_index());
3547  slot->mark_allocated();
3548 
3549  while (!worklist.empty()) {
3550  int index = worklist.top();
3551  worklist.pop();
3552  EnsureCapturedObjectAllocatedAt(index, &worklist);
3553  }
3554  }
3555 }
3556 
3557 void TranslatedState::MaterializeFixedDoubleArray(TranslatedFrame* frame,
3558  int* value_index,
3559  TranslatedValue* slot,
3560  Handle<Map> map) {
3561  int length = Smi::cast(frame->values_[*value_index].GetRawValue())->value();
3562  (*value_index)++;
3563  Handle<FixedDoubleArray> array = Handle<FixedDoubleArray>::cast(
3564  isolate()->factory()->NewFixedDoubleArray(length));
3565  CHECK_GT(length, 0);
3566  for (int i = 0; i < length; i++) {
3567  CHECK_NE(TranslatedValue::kCapturedObject,
3568  frame->values_[*value_index].kind());
3569  Handle<Object> value = frame->values_[*value_index].GetValue();
3570  if (value->IsNumber()) {
3571  array->set(i, value->Number());
3572  } else {
3573  CHECK(value.is_identical_to(isolate()->factory()->the_hole_value()));
3574  array->set_the_hole(isolate(), i);
3575  }
3576  (*value_index)++;
3577  }
3578  slot->set_storage(array);
3579 }
3580 
3581 void TranslatedState::MaterializeMutableHeapNumber(TranslatedFrame* frame,
3582  int* value_index,
3583  TranslatedValue* slot) {
3584  CHECK_NE(TranslatedValue::kCapturedObject,
3585  frame->values_[*value_index].kind());
3586  Handle<Object> value = frame->values_[*value_index].GetValue();
3587  CHECK(value->IsNumber());
3588  Handle<MutableHeapNumber> box =
3589  isolate()->factory()->NewMutableHeapNumber(value->Number());
3590  (*value_index)++;
3591  slot->set_storage(box);
3592 }
3593 
3594 namespace {
3595 
3596 enum DoubleStorageKind : uint8_t {
3597  kStoreTagged,
3598  kStoreUnboxedDouble,
3599  kStoreMutableHeapNumber,
3600 };
3601 
3602 } // namespace
3603 
3604 void TranslatedState::SkipSlots(int slots_to_skip, TranslatedFrame* frame,
3605  int* value_index) {
3606  while (slots_to_skip > 0) {
3607  TranslatedValue* slot = &(frame->values_[*value_index]);
3608  (*value_index)++;
3609  slots_to_skip--;
3610 
3611  if (slot->kind() == TranslatedValue::kCapturedObject) {
3612  slots_to_skip += slot->GetChildrenCount();
3613  }
3614  }
3615 }
3616 
3617 void TranslatedState::EnsureCapturedObjectAllocatedAt(
3618  int object_index, std::stack<int>* worklist) {
3619  CHECK_LT(static_cast<size_t>(object_index), object_positions_.size());
3620  TranslatedState::ObjectPosition pos = object_positions_[object_index];
3621  int value_index = pos.value_index_;
3622 
3623  TranslatedFrame* frame = &(frames_[pos.frame_index_]);
3624  TranslatedValue* slot = &(frame->values_[value_index]);
3625  value_index++;
3626 
3627  CHECK_EQ(TranslatedValue::kAllocated, slot->materialization_state());
3628  CHECK_EQ(TranslatedValue::kCapturedObject, slot->kind());
3629 
3630  // Read the map.
3631  // The map should never be materialized, so let us check we already have
3632  // an existing object here.
3633  CHECK_EQ(frame->values_[value_index].kind(), TranslatedValue::kTagged);
3634  Handle<Map> map = Handle<Map>::cast(frame->values_[value_index].GetValue());
3635  CHECK(map->IsMap());
3636  value_index++;
3637 
3638  // Handle the special cases.
3639  switch (map->instance_type()) {
3640  case FIXED_DOUBLE_ARRAY_TYPE:
3641  // Materialize (i.e. allocate&initialize) the array and return since
3642  // there is no need to process the children.
3643  return MaterializeFixedDoubleArray(frame, &value_index, slot, map);
3644 
3645  case MUTABLE_HEAP_NUMBER_TYPE:
3646  // Materialize (i.e. allocate&initialize) the heap number and return.
3647  // There is no need to process the children.
3648  return MaterializeMutableHeapNumber(frame, &value_index, slot);
3649 
3650  case FIXED_ARRAY_TYPE:
3651  case SCRIPT_CONTEXT_TABLE_TYPE:
3652  case AWAIT_CONTEXT_TYPE:
3653  case BLOCK_CONTEXT_TYPE:
3654  case CATCH_CONTEXT_TYPE:
3655  case DEBUG_EVALUATE_CONTEXT_TYPE:
3656  case EVAL_CONTEXT_TYPE:
3657  case FUNCTION_CONTEXT_TYPE:
3658  case MODULE_CONTEXT_TYPE:
3659  case NATIVE_CONTEXT_TYPE:
3660  case SCRIPT_CONTEXT_TYPE:
3661  case WITH_CONTEXT_TYPE:
3662  case HASH_TABLE_TYPE:
3663  case ORDERED_HASH_MAP_TYPE:
3664  case ORDERED_HASH_SET_TYPE:
3665  case NAME_DICTIONARY_TYPE:
3666  case GLOBAL_DICTIONARY_TYPE:
3667  case NUMBER_DICTIONARY_TYPE:
3668  case SIMPLE_NUMBER_DICTIONARY_TYPE:
3669  case STRING_TABLE_TYPE: {
3670  // Check we have the right size.
3671  int array_length =
3672  Smi::cast(frame->values_[value_index].GetRawValue())->value();
3673 
3674  int instance_size = FixedArray::SizeFor(array_length);
3675  CHECK_EQ(instance_size, slot->GetChildrenCount() * kPointerSize);
3676 
3677  // Canonicalize empty fixed array.
3678  if (*map == ReadOnlyRoots(isolate()).empty_fixed_array()->map() &&
3679  array_length == 0) {
3680  slot->set_storage(isolate()->factory()->empty_fixed_array());
3681  } else {
3682  slot->set_storage(AllocateStorageFor(slot));
3683  }
3684 
3685  // Make sure all the remaining children (after the map) are allocated.
3686  return EnsureChildrenAllocated(slot->GetChildrenCount() - 1, frame,
3687  &value_index, worklist);
3688  }
3689 
3690  case PROPERTY_ARRAY_TYPE: {
3691  // Check we have the right size.
3692  int length_or_hash =
3693  Smi::cast(frame->values_[value_index].GetRawValue())->value();
3694  int array_length = PropertyArray::LengthField::decode(length_or_hash);
3695  int instance_size = PropertyArray::SizeFor(array_length);
3696  CHECK_EQ(instance_size, slot->GetChildrenCount() * kPointerSize);
3697 
3698  slot->set_storage(AllocateStorageFor(slot));
3699  // Make sure all the remaining children (after the map) are allocated.
3700  return EnsureChildrenAllocated(slot->GetChildrenCount() - 1, frame,
3701  &value_index, worklist);
3702  }
3703 
3704  default:
3705  CHECK(map->IsJSObjectMap());
3706  EnsureJSObjectAllocated(slot, map);
3707  TranslatedValue* properties_slot = &(frame->values_[value_index]);
3708  value_index++;
3709  if (properties_slot->kind() == TranslatedValue::kCapturedObject) {
3710  // If we are materializing the property array, make sure we put
3711  // the mutable heap numbers at the right places.
3712  EnsurePropertiesAllocatedAndMarked(properties_slot, map);
3713  EnsureChildrenAllocated(properties_slot->GetChildrenCount(), frame,
3714  &value_index, worklist);
3715  }
3716  // Make sure all the remaining children (after the map and properties) are
3717  // allocated.
3718  return EnsureChildrenAllocated(slot->GetChildrenCount() - 2, frame,
3719  &value_index, worklist);
3720  }
3721  UNREACHABLE();
3722 }
3723 
3724 void TranslatedState::EnsureChildrenAllocated(int count, TranslatedFrame* frame,
3725  int* value_index,
3726  std::stack<int>* worklist) {
3727  // Ensure all children are allocated.
3728  for (int i = 0; i < count; i++) {
3729  // If the field is an object that has not been allocated yet, queue it
3730  // for initialization (and mark it as such).
3731  TranslatedValue* child_slot = frame->ValueAt(*value_index);
3732  if (child_slot->kind() == TranslatedValue::kCapturedObject ||
3733  child_slot->kind() == TranslatedValue::kDuplicatedObject) {
3734  child_slot = ResolveCapturedObject(child_slot);
3735  if (child_slot->materialization_state() ==
3736  TranslatedValue::kUninitialized) {
3737  worklist->push(child_slot->object_index());
3738  child_slot->mark_allocated();
3739  }
3740  } else {
3741  // Make sure the simple values (heap numbers, etc.) are properly
3742  // initialized.
3743  child_slot->MaterializeSimple();
3744  }
3745  SkipSlots(1, frame, value_index);
3746  }
3747 }
3748 
3749 void TranslatedState::EnsurePropertiesAllocatedAndMarked(
3750  TranslatedValue* properties_slot, Handle<Map> map) {
3751  CHECK_EQ(TranslatedValue::kUninitialized,
3752  properties_slot->materialization_state());
3753 
3754  Handle<ByteArray> object_storage = AllocateStorageFor(properties_slot);
3755  properties_slot->mark_allocated();
3756  properties_slot->set_storage(object_storage);
3757 
3758  // Set markers for the double properties.
3759  Handle<DescriptorArray> descriptors(map->instance_descriptors(), isolate());
3760  int field_count = map->NumberOfOwnDescriptors();
3761  for (int i = 0; i < field_count; i++) {
3762  FieldIndex index = FieldIndex::ForDescriptor(*map, i);
3763  if (descriptors->GetDetails(i).representation().IsDouble() &&
3764  !index.is_inobject()) {
3765  CHECK(!map->IsUnboxedDoubleField(index));
3766  int outobject_index = index.outobject_array_index();
3767  int array_index = outobject_index * kPointerSize;
3768  object_storage->set(array_index, kStoreMutableHeapNumber);
3769  }
3770  }
3771 }
3772 
3773 Handle<ByteArray> TranslatedState::AllocateStorageFor(TranslatedValue* slot) {
3774  int allocate_size =
3775  ByteArray::LengthFor(slot->GetChildrenCount() * kPointerSize);
3776  // It is important to allocate all the objects tenured so that the marker
3777  // does not visit them.
3778  Handle<ByteArray> object_storage =
3779  isolate()->factory()->NewByteArray(allocate_size, TENURED);
3780  for (int i = 0; i < object_storage->length(); i++) {
3781  object_storage->set(i, kStoreTagged);
3782  }
3783  return object_storage;
3784 }
3785 
3786 void TranslatedState::EnsureJSObjectAllocated(TranslatedValue* slot,
3787  Handle<Map> map) {
3788  CHECK_EQ(map->instance_size(), slot->GetChildrenCount() * kPointerSize);
3789 
3790  Handle<ByteArray> object_storage = AllocateStorageFor(slot);
3791  // Now we handle the interesting (JSObject) case.
3792  Handle<DescriptorArray> descriptors(map->instance_descriptors(), isolate());
3793  int field_count = map->NumberOfOwnDescriptors();
3794 
3795  // Set markers for the double properties.
3796  for (int i = 0; i < field_count; i++) {
3797  FieldIndex index = FieldIndex::ForDescriptor(*map, i);
3798  if (descriptors->GetDetails(i).representation().IsDouble() &&
3799  index.is_inobject()) {
3800  CHECK_GE(index.index(), FixedArray::kHeaderSize / kPointerSize);
3801  int array_index = index.index() * kPointerSize - FixedArray::kHeaderSize;
3802  uint8_t marker = map->IsUnboxedDoubleField(index)
3803  ? kStoreUnboxedDouble
3804  : kStoreMutableHeapNumber;
3805  object_storage->set(array_index, marker);
3806  }
3807  }
3808  slot->set_storage(object_storage);
3809 }
3810 
3811 Handle<Object> TranslatedState::GetValueAndAdvance(TranslatedFrame* frame,
3812  int* value_index) {
3813  TranslatedValue* slot = frame->ValueAt(*value_index);
3814  SkipSlots(1, frame, value_index);
3815  if (slot->kind() == TranslatedValue::kDuplicatedObject) {
3816  slot = ResolveCapturedObject(slot);
3817  }
3818  CHECK_NE(TranslatedValue::kUninitialized, slot->materialization_state());
3819  return slot->GetStorage();
3820 }
3821 
3822 void TranslatedState::InitializeJSObjectAt(
3823  TranslatedFrame* frame, int* value_index, TranslatedValue* slot,
3824  Handle<Map> map, const DisallowHeapAllocation& no_allocation) {
3825  Handle<HeapObject> object_storage = Handle<HeapObject>::cast(slot->storage_);
3826  DCHECK_EQ(TranslatedValue::kCapturedObject, slot->kind());
3827 
3828  // The object should have at least a map and some payload.
3829  CHECK_GE(slot->GetChildrenCount(), 2);
3830 
3831  // Notify the concurrent marker about the layout change.
3832  isolate()->heap()->NotifyObjectLayoutChange(
3833  *object_storage, slot->GetChildrenCount() * kPointerSize, no_allocation);
3834 
3835  // Fill the property array field.
3836  {
3837  Handle<Object> properties = GetValueAndAdvance(frame, value_index);
3838  WRITE_FIELD(*object_storage, JSObject::kPropertiesOrHashOffset,
3839  *properties);
3840  WRITE_BARRIER(*object_storage, JSObject::kPropertiesOrHashOffset,
3841  *properties);
3842  }
3843 
3844  // For all the other fields we first look at the fixed array and check the
3845  // marker to see if we store an unboxed double.
3846  DCHECK_EQ(kPointerSize, JSObject::kPropertiesOrHashOffset);
3847  for (int i = 2; i < slot->GetChildrenCount(); i++) {
3848  // Initialize and extract the value from its slot.
3849  Handle<Object> field_value = GetValueAndAdvance(frame, value_index);
3850 
3851  // Read out the marker and ensure the field is consistent with
3852  // what the markers in the storage say (note that all heap numbers
3853  // should be fully initialized by now).
3854  int offset = i * kPointerSize;
3855  uint8_t marker = READ_UINT8_FIELD(*object_storage, offset);
3856  if (marker == kStoreUnboxedDouble) {
3857  double double_field_value;
3858  if (field_value->IsSmi()) {
3859  double_field_value = Smi::cast(*field_value)->value();
3860  } else {
3861  CHECK(field_value->IsHeapNumber());
3862  double_field_value = HeapNumber::cast(*field_value)->value();
3863  }
3864  WRITE_DOUBLE_FIELD(*object_storage, offset, double_field_value);
3865  } else if (marker == kStoreMutableHeapNumber) {
3866  CHECK(field_value->IsMutableHeapNumber());
3867  WRITE_FIELD(*object_storage, offset, *field_value);
3868  WRITE_BARRIER(*object_storage, offset, *field_value);
3869  } else {
3870  CHECK_EQ(kStoreTagged, marker);
3871  WRITE_FIELD(*object_storage, offset, *field_value);
3872  WRITE_BARRIER(*object_storage, offset, *field_value);
3873  }
3874  }
3875  object_storage->synchronized_set_map(*map);
3876 }
3877 
3878 void TranslatedState::InitializeObjectWithTaggedFieldsAt(
3879  TranslatedFrame* frame, int* value_index, TranslatedValue* slot,
3880  Handle<Map> map, const DisallowHeapAllocation& no_allocation) {
3881  Handle<HeapObject> object_storage = Handle<HeapObject>::cast(slot->storage_);
3882 
3883  // Skip the writes if we already have the canonical empty fixed array.
3884  if (*object_storage == ReadOnlyRoots(isolate()).empty_fixed_array()) {
3885  CHECK_EQ(2, slot->GetChildrenCount());
3886  Handle<Object> length_value = GetValueAndAdvance(frame, value_index);
3887  CHECK_EQ(*length_value, Smi::FromInt(0));
3888  return;
3889  }
3890 
3891  // Notify the concurrent marker about the layout change.
3892  isolate()->heap()->NotifyObjectLayoutChange(
3893  *object_storage, slot->GetChildrenCount() * kPointerSize, no_allocation);
3894 
3895  // Write the fields to the object.
3896  for (int i = 1; i < slot->GetChildrenCount(); i++) {
3897  Handle<Object> field_value = GetValueAndAdvance(frame, value_index);
3898  int offset = i * kPointerSize;
3899  uint8_t marker = READ_UINT8_FIELD(*object_storage, offset);
3900  if (i > 1 && marker == kStoreMutableHeapNumber) {
3901  CHECK(field_value->IsMutableHeapNumber());
3902  } else {
3903  CHECK(marker == kStoreTagged || i == 1);
3904  CHECK(!field_value->IsMutableHeapNumber());
3905  }
3906 
3907  WRITE_FIELD(*object_storage, offset, *field_value);
3908  WRITE_BARRIER(*object_storage, offset, *field_value);
3909  }
3910 
3911  object_storage->synchronized_set_map(*map);
3912 }
3913 
3914 TranslatedValue* TranslatedState::ResolveCapturedObject(TranslatedValue* slot) {
3915  while (slot->kind() == TranslatedValue::kDuplicatedObject) {
3916  slot = GetValueByObjectIndex(slot->object_index());
3917  }
3918  CHECK_EQ(TranslatedValue::kCapturedObject, slot->kind());
3919  return slot;
3920 }
3921 
3922 TranslatedFrame* TranslatedState::GetFrameFromJSFrameIndex(int jsframe_index) {
3923  for (size_t i = 0; i < frames_.size(); i++) {
3924  if (frames_[i].kind() == TranslatedFrame::kInterpretedFunction ||
3925  frames_[i].kind() == TranslatedFrame::kJavaScriptBuiltinContinuation ||
3926  frames_[i].kind() ==
3927  TranslatedFrame::kJavaScriptBuiltinContinuationWithCatch) {
3928  if (jsframe_index > 0) {
3929  jsframe_index--;
3930  } else {
3931  return &(frames_[i]);
3932  }
3933  }
3934  }
3935  return nullptr;
3936 }
3937 
3938 TranslatedFrame* TranslatedState::GetArgumentsInfoFromJSFrameIndex(
3939  int jsframe_index, int* args_count) {
3940  for (size_t i = 0; i < frames_.size(); i++) {
3941  if (frames_[i].kind() == TranslatedFrame::kInterpretedFunction ||
3942  frames_[i].kind() == TranslatedFrame::kJavaScriptBuiltinContinuation ||
3943  frames_[i].kind() ==
3944  TranslatedFrame::kJavaScriptBuiltinContinuationWithCatch) {
3945  if (jsframe_index > 0) {
3946  jsframe_index--;
3947  } else {
3948  // We have the JS function frame, now check if it has arguments
3949  // adaptor.
3950  if (i > 0 &&
3951  frames_[i - 1].kind() == TranslatedFrame::kArgumentsAdaptor) {
3952  *args_count = frames_[i - 1].height();
3953  return &(frames_[i - 1]);
3954  }
3955  *args_count =
3956  frames_[i].shared_info()->internal_formal_parameter_count() + 1;
3957  return &(frames_[i]);
3958  }
3959  }
3960  }
3961  return nullptr;
3962 }
3963 
3964 void TranslatedState::StoreMaterializedValuesAndDeopt(JavaScriptFrame* frame) {
3965  MaterializedObjectStore* materialized_store =
3966  isolate_->materialized_object_store();
3967  Handle<FixedArray> previously_materialized_objects =
3968  materialized_store->Get(stack_frame_pointer_);
3969 
3970  Handle<Object> marker = isolate_->factory()->arguments_marker();
3971 
3972  int length = static_cast<int>(object_positions_.size());
3973  bool new_store = false;
3974  if (previously_materialized_objects.is_null()) {
3975  previously_materialized_objects =
3976  isolate_->factory()->NewFixedArray(length, TENURED);
3977  for (int i = 0; i < length; i++) {
3978  previously_materialized_objects->set(i, *marker);
3979  }
3980  new_store = true;
3981  }
3982 
3983  CHECK_EQ(length, previously_materialized_objects->length());
3984 
3985  bool value_changed = false;
3986  for (int i = 0; i < length; i++) {
3987  TranslatedState::ObjectPosition pos = object_positions_[i];
3988  TranslatedValue* value_info =
3989  &(frames_[pos.frame_index_].values_[pos.value_index_]);
3990 
3991  CHECK(value_info->IsMaterializedObject());
3992 
3993  // Skip duplicate objects (i.e., those that point to some
3994  // other object id).
3995  if (value_info->object_index() != i) continue;
3996 
3997  Handle<Object> value(value_info->GetRawValue(), isolate_);
3998 
3999  if (!value.is_identical_to(marker)) {
4000  if (previously_materialized_objects->get(i) == *marker) {
4001  previously_materialized_objects->set(i, *value);
4002  value_changed = true;
4003  } else {
4004  CHECK(previously_materialized_objects->get(i) == *value);
4005  }
4006  }
4007  }
4008  if (new_store && value_changed) {
4009  materialized_store->Set(stack_frame_pointer_,
4010  previously_materialized_objects);
4011  CHECK_EQ(frames_[0].kind(), TranslatedFrame::kInterpretedFunction);
4012  CHECK_EQ(frame->function(), frames_[0].front().GetRawValue());
4013  Deoptimizer::DeoptimizeFunction(frame->function(), frame->LookupCode());
4014  }
4015 }
4016 
4017 void TranslatedState::UpdateFromPreviouslyMaterializedObjects() {
4018  MaterializedObjectStore* materialized_store =
4019  isolate_->materialized_object_store();
4020  Handle<FixedArray> previously_materialized_objects =
4021  materialized_store->Get(stack_frame_pointer_);
4022 
4023  // If we have no previously materialized objects, there is nothing to do.
4024  if (previously_materialized_objects.is_null()) return;
4025 
4026  Handle<Object> marker = isolate_->factory()->arguments_marker();
4027 
4028  int length = static_cast<int>(object_positions_.size());
4029  CHECK_EQ(length, previously_materialized_objects->length());
4030 
4031  for (int i = 0; i < length; i++) {
4032  // For a previously materialized objects, inject their value into the
4033  // translated values.
4034  if (previously_materialized_objects->get(i) != *marker) {
4035  TranslatedState::ObjectPosition pos = object_positions_[i];
4036  TranslatedValue* value_info =
4037  &(frames_[pos.frame_index_].values_[pos.value_index_]);
4038  CHECK(value_info->IsMaterializedObject());
4039 
4040  if (value_info->kind() == TranslatedValue::kCapturedObject) {
4041  value_info->set_initialized_storage(
4042  Handle<Object>(previously_materialized_objects->get(i), isolate_));
4043  }
4044  }
4045  }
4046 }
4047 
4048 void TranslatedState::VerifyMaterializedObjects() {
4049 #if VERIFY_HEAP
4050  int length = static_cast<int>(object_positions_.size());
4051  for (int i = 0; i < length; i++) {
4052  TranslatedValue* slot = GetValueByObjectIndex(i);
4053  if (slot->kind() == TranslatedValue::kCapturedObject) {
4054  CHECK_EQ(slot, GetValueByObjectIndex(slot->object_index()));
4055  if (slot->materialization_state() == TranslatedValue::kFinished) {
4056  slot->GetStorage()->ObjectVerify(isolate());
4057  } else {
4058  CHECK_EQ(slot->materialization_state(),
4059  TranslatedValue::kUninitialized);
4060  }
4061  }
4062  }
4063 #endif
4064 }
4065 
4066 bool TranslatedState::DoUpdateFeedback() {
4067  if (!feedback_vector_handle_.is_null()) {
4068  CHECK(!feedback_slot_.IsInvalid());
4069  isolate()->CountUsage(v8::Isolate::kDeoptimizerDisableSpeculation);
4070  FeedbackNexus nexus(feedback_vector_handle_, feedback_slot_);
4071  nexus.SetSpeculationMode(SpeculationMode::kDisallowSpeculation);
4072  return true;
4073  }
4074  return false;
4075 }
4076 
4077 void TranslatedState::ReadUpdateFeedback(TranslationIterator* iterator,
4078  FixedArray literal_array,
4079  FILE* trace_file) {
4080  CHECK_EQ(Translation::UPDATE_FEEDBACK, iterator->Next());
4081  feedback_vector_ = FeedbackVector::cast(literal_array->get(iterator->Next()));
4082  feedback_slot_ = FeedbackSlot(iterator->Next());
4083  if (trace_file != nullptr) {
4084  PrintF(trace_file, " reading FeedbackVector (slot %d)\n",
4085  feedback_slot_.ToInt());
4086  }
4087 }
4088 
4089 } // namespace internal
4090 } // namespace v8
4091 
4092 // Undefine the heap manipulation macros.
4093 #include "src/objects/object-macros-undef.h"
int64_t
uintptr_t
v8
Definition: libplatform.h:13
uint32_t