fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 1 | /* |
fpizlo@apple.com | d70351b | 2015-07-13 02:16:17 +0000 | [diff] [blame] | 2 | * Copyright (C) 2012-2015 Apple Inc. All rights reserved. |
fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 3 | * |
| 4 | * Redistribution and use in source and binary forms, with or without |
| 5 | * modification, are permitted provided that the following conditions |
| 6 | * are met: |
fpizlo@apple.com | 3a264a1 | 2012-07-11 23:33:20 +0000 | [diff] [blame] | 7 | * 1. Redistributions of source code must retain the above copyright |
| 8 | * notice, this list of conditions and the following disclaimer. |
| 9 | * 2. Redistributions in binary form must reproduce the above copyright |
| 10 | * notice, this list of conditions and the following disclaimer in the |
| 11 | * documentation and/or other materials provided with the distribution. |
fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 12 | * |
fpizlo@apple.com | 3a264a1 | 2012-07-11 23:33:20 +0000 | [diff] [blame] | 13 | * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY |
| 14 | * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
| 15 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
| 16 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR |
| 17 | * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, |
| 18 | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, |
| 19 | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR |
| 20 | * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY |
| 21 | * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
| 22 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
| 23 | * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 24 | */ |
| 25 | |
| 26 | #include "config.h" |
| 27 | #include "Watchpoint.h" |
| 28 | |
ysuzuki@apple.com | dafef97 | 2019-05-12 22:50:21 +0000 | [diff] [blame] | 29 | #include "AdaptiveInferredPropertyValueWatchpointBase.h" |
| 30 | #include "CodeBlockJettisoningWatchpoint.h" |
| 31 | #include "DFGAdaptiveStructureWatchpoint.h" |
| 32 | #include "FunctionRareData.h" |
sbarati@apple.com | 0c3609d | 2016-06-28 21:30:20 +0000 | [diff] [blame] | 33 | #include "HeapInlines.h" |
ysuzuki@apple.com | dafef97 | 2019-05-12 22:50:21 +0000 | [diff] [blame] | 34 | #include "LLIntPrototypeLoadAdaptiveStructureWatchpoint.h" |
| 35 | #include "ObjectToStringAdaptiveStructureWatchpoint.h" |
| 36 | #include "StructureStubClearingWatchpoint.h" |
sbarati@apple.com | 0c3609d | 2016-06-28 21:30:20 +0000 | [diff] [blame] | 37 | #include "VM.h" |
oliver@apple.com | 634a76a | 2013-07-25 03:59:09 +0000 | [diff] [blame] | 38 | #include <wtf/CompilationThread.h> |
fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 39 | |
| 40 | namespace JSC { |
| 41 | |
fpizlo@apple.com | 2c4a7e9 | 2014-08-06 05:27:46 +0000 | [diff] [blame] | 42 | void StringFireDetail::dump(PrintStream& out) const |
| 43 | { |
| 44 | out.print(m_string); |
| 45 | } |
| 46 | |
fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 47 | Watchpoint::~Watchpoint() |
| 48 | { |
fpizlo@apple.com | d70351b | 2015-07-13 02:16:17 +0000 | [diff] [blame] | 49 | if (isOnList()) { |
| 50 | // This will happen if we get destroyed before the set fires. That's totally a valid |
| 51 | // possibility. For example: |
| 52 | // |
| 53 | // CodeBlock has a Watchpoint on transition from structure S1. The transition never |
| 54 | // happens, but the CodeBlock gets destroyed because of GC. |
fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 55 | remove(); |
fpizlo@apple.com | d70351b | 2015-07-13 02:16:17 +0000 | [diff] [blame] | 56 | } |
| 57 | } |
| 58 | |
utatane.tea@gmail.com | 7cb4614 | 2018-06-27 05:01:29 +0000 | [diff] [blame] | 59 | void Watchpoint::fire(VM& vm, const FireDetail& detail) |
fpizlo@apple.com | d70351b | 2015-07-13 02:16:17 +0000 | [diff] [blame] | 60 | { |
| 61 | RELEASE_ASSERT(!isOnList()); |
ysuzuki@apple.com | dafef97 | 2019-05-12 22:50:21 +0000 | [diff] [blame] | 62 | switch (m_type) { |
| 63 | #define JSC_DEFINE_WATCHPOINT_DISPATCH(type, cast) \ |
| 64 | case Type::type: \ |
| 65 | static_cast<cast*>(this)->fireInternal(vm, detail); \ |
| 66 | break; |
| 67 | JSC_WATCHPOINT_TYPES(JSC_DEFINE_WATCHPOINT_DISPATCH) |
| 68 | #undef JSC_DEFINE_WATCHPOINT_DISPATCH |
| 69 | } |
fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 70 | } |
| 71 | |
fpizlo@apple.com | 09a6af0 | 2013-11-18 02:10:42 +0000 | [diff] [blame] | 72 | WatchpointSet::WatchpointSet(WatchpointState state) |
| 73 | : m_state(state) |
fpizlo@apple.com | 3396171 | 2013-11-20 05:49:05 +0000 | [diff] [blame] | 74 | , m_setIsNotEmpty(false) |
fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 75 | { |
| 76 | } |
| 77 | |
| 78 | WatchpointSet::~WatchpointSet() |
| 79 | { |
fpizlo@apple.com | 4917df2 | 2013-10-31 03:52:23 +0000 | [diff] [blame] | 80 | // Remove all watchpoints, so that they don't try to remove themselves. Note that we |
| 81 | // don't fire watchpoints on deletion. We assume that any code that is interested in |
| 82 | // watchpoints already also separately has a mechanism to make sure that the code is |
| 83 | // either keeping the watchpoint set's owner alive, or does some weak reference thing. |
| 84 | while (!m_set.isEmpty()) |
| 85 | m_set.begin()->remove(); |
fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 86 | } |
| 87 | |
| 88 | void WatchpointSet::add(Watchpoint* watchpoint) |
| 89 | { |
oliver@apple.com | 634a76a | 2013-07-25 03:59:09 +0000 | [diff] [blame] | 90 | ASSERT(!isCompilationThread()); |
fpizlo@apple.com | 09a6af0 | 2013-11-18 02:10:42 +0000 | [diff] [blame] | 91 | ASSERT(state() != IsInvalidated); |
fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 92 | if (!watchpoint) |
| 93 | return; |
| 94 | m_set.push(watchpoint); |
fpizlo@apple.com | 3396171 | 2013-11-20 05:49:05 +0000 | [diff] [blame] | 95 | m_setIsNotEmpty = true; |
fpizlo@apple.com | 09a6af0 | 2013-11-18 02:10:42 +0000 | [diff] [blame] | 96 | m_state = IsWatched; |
fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 97 | } |
| 98 | |
sbarati@apple.com | 0c3609d | 2016-06-28 21:30:20 +0000 | [diff] [blame] | 99 | void WatchpointSet::fireAllSlow(VM& vm, const FireDetail& detail) |
fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 100 | { |
fpizlo@apple.com | 09a6af0 | 2013-11-18 02:10:42 +0000 | [diff] [blame] | 101 | ASSERT(state() == IsWatched); |
fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 102 | |
fpizlo@apple.com | 3396171 | 2013-11-20 05:49:05 +0000 | [diff] [blame] | 103 | WTF::storeStoreFence(); |
fpizlo@apple.com | f3ea6848 | 2015-07-13 20:10:02 +0000 | [diff] [blame] | 104 | m_state = IsInvalidated; // Do this first. Needed for adaptive watchpoints. |
sbarati@apple.com | 0c3609d | 2016-06-28 21:30:20 +0000 | [diff] [blame] | 105 | fireAllWatchpoints(vm, detail); |
oliver@apple.com | 9055d14 | 2013-07-25 03:59:02 +0000 | [diff] [blame] | 106 | WTF::storeStoreFence(); |
fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 107 | } |
| 108 | |
msaboff@apple.com | fbf2bf5 | 2018-05-08 23:20:33 +0000 | [diff] [blame] | 109 | void WatchpointSet::fireAllSlow(VM&, DeferredWatchpointFire* deferredWatchpoints) |
| 110 | { |
| 111 | ASSERT(state() == IsWatched); |
| 112 | |
| 113 | WTF::storeStoreFence(); |
| 114 | deferredWatchpoints->takeWatchpointsToFire(this); |
| 115 | m_state = IsInvalidated; // Do after moving watchpoints to deferredWatchpoints so deferredWatchpoints gets our current state. |
| 116 | WTF::storeStoreFence(); |
| 117 | } |
| 118 | |
sbarati@apple.com | 0c3609d | 2016-06-28 21:30:20 +0000 | [diff] [blame] | 119 | void WatchpointSet::fireAllSlow(VM& vm, const char* reason) |
fpizlo@apple.com | 2c4a7e9 | 2014-08-06 05:27:46 +0000 | [diff] [blame] | 120 | { |
sbarati@apple.com | 0c3609d | 2016-06-28 21:30:20 +0000 | [diff] [blame] | 121 | fireAllSlow(vm, StringFireDetail(reason)); |
fpizlo@apple.com | 2c4a7e9 | 2014-08-06 05:27:46 +0000 | [diff] [blame] | 122 | } |
| 123 | |
sbarati@apple.com | 0c3609d | 2016-06-28 21:30:20 +0000 | [diff] [blame] | 124 | void WatchpointSet::fireAllWatchpoints(VM& vm, const FireDetail& detail) |
fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 125 | { |
fpizlo@apple.com | f3ea6848 | 2015-07-13 20:10:02 +0000 | [diff] [blame] | 126 | // In case there are any adaptive watchpoints, we need to make sure that they see that this |
| 127 | // watchpoint has been already invalidated. |
| 128 | RELEASE_ASSERT(hasBeenInvalidated()); |
sbarati@apple.com | 0c3609d | 2016-06-28 21:30:20 +0000 | [diff] [blame] | 129 | |
| 130 | // Firing a watchpoint may cause a GC to happen. This GC could destroy various |
| 131 | // Watchpoints themselves while they're in the process of firing. It's not safe |
| 132 | // for most Watchpoints to be destructed while they're in the middle of firing. |
| 133 | // This GC could also destroy us, and we're not in a safe state to be destroyed. |
| 134 | // The safest thing to do is to DeferGCForAWhile to prevent this GC from happening. |
| 135 | DeferGCForAWhile deferGC(vm.heap); |
fpizlo@apple.com | f3ea6848 | 2015-07-13 20:10:02 +0000 | [diff] [blame] | 136 | |
fpizlo@apple.com | d70351b | 2015-07-13 02:16:17 +0000 | [diff] [blame] | 137 | while (!m_set.isEmpty()) { |
| 138 | Watchpoint* watchpoint = m_set.begin(); |
| 139 | ASSERT(watchpoint->isOnList()); |
| 140 | |
| 141 | // Removing the Watchpoint before firing it makes it possible to implement watchpoints |
| 142 | // that add themselves to a different set when they fire. This kind of "adaptive" |
| 143 | // watchpoint can be used to track some semantic property that is more fine-graiend than |
| 144 | // what the set can convey. For example, we might care if a singleton object ever has a |
| 145 | // property called "foo". We can watch for this by checking if its Structure has "foo" and |
| 146 | // then watching its transitions. But then the watchpoint fires if any property is added. |
| 147 | // So, before the watchpoint decides to invalidate any code, it can check if it is |
| 148 | // possible to add itself to the transition watchpoint set of the singleton object's new |
| 149 | // Structure. |
| 150 | watchpoint->remove(); |
| 151 | ASSERT(m_set.begin() != watchpoint); |
| 152 | ASSERT(!watchpoint->isOnList()); |
| 153 | |
utatane.tea@gmail.com | 7cb4614 | 2018-06-27 05:01:29 +0000 | [diff] [blame] | 154 | watchpoint->fire(vm, detail); |
fpizlo@apple.com | d70351b | 2015-07-13 02:16:17 +0000 | [diff] [blame] | 155 | // After we fire the watchpoint, the watchpoint pointer may be a dangling pointer. That's |
| 156 | // fine, because we have no use for the pointer anymore. |
| 157 | } |
fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 158 | } |
| 159 | |
msaboff@apple.com | fbf2bf5 | 2018-05-08 23:20:33 +0000 | [diff] [blame] | 160 | void WatchpointSet::take(WatchpointSet* other) |
| 161 | { |
| 162 | ASSERT(state() == ClearWatchpoint); |
| 163 | m_set.takeFrom(other->m_set); |
| 164 | m_setIsNotEmpty = other->m_setIsNotEmpty; |
| 165 | m_state = other->m_state; |
| 166 | other->m_setIsNotEmpty = false; |
| 167 | } |
| 168 | |
fpizlo@apple.com | 04e4115 | 2012-06-15 22:14:53 +0000 | [diff] [blame] | 169 | void InlineWatchpointSet::add(Watchpoint* watchpoint) |
| 170 | { |
| 171 | inflate()->add(watchpoint); |
| 172 | } |
| 173 | |
sbarati@apple.com | 0c3609d | 2016-06-28 21:30:20 +0000 | [diff] [blame] | 174 | void InlineWatchpointSet::fireAll(VM& vm, const char* reason) |
fpizlo@apple.com | 2c4a7e9 | 2014-08-06 05:27:46 +0000 | [diff] [blame] | 175 | { |
sbarati@apple.com | 0c3609d | 2016-06-28 21:30:20 +0000 | [diff] [blame] | 176 | fireAll(vm, StringFireDetail(reason)); |
fpizlo@apple.com | 2c4a7e9 | 2014-08-06 05:27:46 +0000 | [diff] [blame] | 177 | } |
| 178 | |
fpizlo@apple.com | 04e4115 | 2012-06-15 22:14:53 +0000 | [diff] [blame] | 179 | WatchpointSet* InlineWatchpointSet::inflateSlow() |
| 180 | { |
| 181 | ASSERT(isThin()); |
oliver@apple.com | 634a76a | 2013-07-25 03:59:09 +0000 | [diff] [blame] | 182 | ASSERT(!isCompilationThread()); |
fpizlo@apple.com | 09a6af0 | 2013-11-18 02:10:42 +0000 | [diff] [blame] | 183 | WatchpointSet* fat = adoptRef(new WatchpointSet(decodeState(m_data))).leakRef(); |
oliver@apple.com | 9397e00 | 2013-07-25 03:58:49 +0000 | [diff] [blame] | 184 | WTF::storeStoreFence(); |
fpizlo@apple.com | 04e4115 | 2012-06-15 22:14:53 +0000 | [diff] [blame] | 185 | m_data = bitwise_cast<uintptr_t>(fat); |
| 186 | return fat; |
| 187 | } |
| 188 | |
| 189 | void InlineWatchpointSet::freeFat() |
| 190 | { |
| 191 | ASSERT(isFat()); |
| 192 | fat()->deref(); |
| 193 | } |
| 194 | |
msaboff@apple.com | fbf2bf5 | 2018-05-08 23:20:33 +0000 | [diff] [blame] | 195 | DeferredWatchpointFire::DeferredWatchpointFire(VM& vm) |
| 196 | : m_vm(vm) |
| 197 | , m_watchpointsToFire(ClearWatchpoint) |
| 198 | { |
| 199 | } |
| 200 | |
| 201 | DeferredWatchpointFire::~DeferredWatchpointFire() |
| 202 | { |
| 203 | } |
| 204 | |
| 205 | void DeferredWatchpointFire::fireAll() |
| 206 | { |
| 207 | if (m_watchpointsToFire.state() == IsWatched) |
| 208 | m_watchpointsToFire.fireAll(m_vm, *this); |
| 209 | } |
| 210 | |
| 211 | void DeferredWatchpointFire::takeWatchpointsToFire(WatchpointSet* watchpointsToFire) |
| 212 | { |
| 213 | ASSERT(m_watchpointsToFire.state() == ClearWatchpoint); |
| 214 | ASSERT(watchpointsToFire->state() == IsWatched); |
| 215 | m_watchpointsToFire.take(watchpointsToFire); |
| 216 | } |
| 217 | |
fpizlo@apple.com | b75911b | 2012-06-13 20:53:52 +0000 | [diff] [blame] | 218 | } // namespace JSC |
| 219 | |
fpizlo@apple.com | ed2da80 | 2018-07-22 02:48:16 +0000 | [diff] [blame] | 220 | namespace WTF { |
| 221 | |
| 222 | void printInternal(PrintStream& out, JSC::WatchpointState state) |
| 223 | { |
| 224 | switch (state) { |
| 225 | case JSC::ClearWatchpoint: |
| 226 | out.print("ClearWatchpoint"); |
| 227 | return; |
| 228 | case JSC::IsWatched: |
| 229 | out.print("IsWatched"); |
| 230 | return; |
| 231 | case JSC::IsInvalidated: |
| 232 | out.print("IsInvalidated"); |
| 233 | return; |
| 234 | } |
| 235 | RELEASE_ASSERT_NOT_REACHED(); |
| 236 | } |
| 237 | |
| 238 | } // namespace WTF |
| 239 | |