http2,async-wrap: introduce AliasedBuffer class

This change introduces an AliasedBuffer class and updates asytnc-wrap and http2 to use this class. A common technique to optimize performance is to create a native buffer and then map that native buffer to user space via JS array. The runtime can efficiently write to the native buffer without having to route though JS, and the values being written are accessible from user space. While efficient, this technique allows modifications to user space memory w/out going through JS type system APIs, effectively bypassing any monitoring the JS VM has in place to track program state modifications. The result is that monitors have an incorrect view of prorgram state. The AliasedBuffer class provides a future placeholder where this technique can be used, but writes can still be observed. To achieve this, the node-chakra-core fork will add in appropriate tracking logic in the AliasedBuffer's SetValue() method. Going forward, this class can evolve to support more sophisticated mechanisms if necessary. PR-URL: #15077 Reviewed-By: Trevor Norris <trev.norris@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>
nodejs · Sep 20, 2017 · a32c8a5 · a32c8a5
1 parent b0f5b2a
commit a32c8a5
Show file tree

Hide file tree

Showing 11 changed files with 610 additions and 123 deletions.
diff --git a/node.gyp b/node.gyp
@@ -228,6 +228,7 @@
         'src/util.cc',
         'src/uv.cc',
         # headers to make for a more pleasant IDE experience
+        'src/aliased_buffer.h',
         'src/async-wrap.h',
         'src/async-wrap-inl.h',
         'src/base-object.h',
@@ -246,6 +247,7 @@
         'src/node_constants.h',
         'src/node_debug_options.h',
         'src/node_http2.h',
+        'src/node_http2_state.h',
         'src/node_internals.h',
         'src/node_javascript.h',
         'src/node_mutex.h',
@@ -650,6 +652,8 @@
       'sources': [
         'src/node_platform.cc',
         'src/node_platform.h',
+        'test/cctest/node_test_fixture.cc',
+        'test/cctest/test_aliased_buffer.cc',
         'test/cctest/test_base64.cc',
         'test/cctest/test_environment.cc',
         'test/cctest/test_util.cc',

diff --git a/src/aliased_buffer.h b/src/aliased_buffer.h
@@ -0,0 +1,200 @@
+
+#ifndef SRC_ALIASED_BUFFER_H_
+#define SRC_ALIASED_BUFFER_H_
+
+#include "v8.h"
+#include "util.h"
+#include "util-inl.h"
+
+namespace node {
+
+/**
+ * This class encapsulates the technique of having a native buffer mapped to
+ * a JS object. Writes to the native buffer can happen efficiently without
+ * going through JS, and the data is then available to user's via the exposed
+ * JS object.
+ *
+ * While this technique is computationaly efficient, it is effectively a
+ * write to JS program state w/out going through the standard
+ * (monitored) API. Thus any VM capabilities to detect the modification are
+ * circumvented.
+ *
+ * The encapsulation herein provides a placeholder where such writes can be
+ * observed. Any notification APIs will be left as a future exercise.
+ */
+template <class NativeT, class V8T>
+class AliasedBuffer {
+ public:
+  AliasedBuffer(v8::Isolate* isolate, const size_t count)
+      : isolate_(isolate),
+        count_(count),
+        byte_offset_(0),
+        free_buffer_(true) {
+    CHECK_GT(count, 0);
+    const v8::HandleScope handle_scope(isolate_);
+
+    const size_t sizeInBytes = sizeof(NativeT) * count;
+
+    // allocate native buffer
+    buffer_ = Calloc<NativeT>(count);
+
+    // allocate v8 ArrayBuffer
+    v8::Local<v8::ArrayBuffer> ab = v8::ArrayBuffer::New(
+        isolate_, buffer_, sizeInBytes);
+
+    // allocate v8 TypedArray
+    v8::Local<V8T> js_array = V8T::New(ab, byte_offset_, count);
+    js_array_ = v8::Global<V8T>(isolate, js_array);
+  }
+
+  /**
+   * Create an AliasedBuffer over a sub-region of another aliased buffer.
+   * The two will share a v8::ArrayBuffer instance &
+   * a native buffer, but will each read/write to different sections of the
+   * native buffer.
+   *
+   *  Note that byte_offset must by aligned by sizeof(NativeT).
+   */
+  AliasedBuffer(v8::Isolate* isolate,
+                const size_t byte_offset,
+                const size_t count,
+                const AliasedBuffer<uint8_t,
+                v8::Uint8Array>& backing_buffer)
+      : isolate_(isolate),
+        count_(count),
+        byte_offset_(byte_offset),
+        free_buffer_(false) {
+    const v8::HandleScope handle_scope(isolate_);
+
+    v8::Local<v8::ArrayBuffer> ab = backing_buffer.GetArrayBuffer();
+
+    // validate that the byte_offset is aligned with sizeof(NativeT)
+    CHECK_EQ(byte_offset & (sizeof(NativeT) - 1), 0);
+    // validate this fits inside the backing buffer
+    CHECK_LE(sizeof(NativeT) * count,  ab->ByteLength() - byte_offset);
+
+    buffer_ = reinterpret_cast<NativeT*>(
+        const_cast<uint8_t*>(backing_buffer.GetNativeBuffer() + byte_offset));
+
+    v8::Local<V8T> js_array = V8T::New(ab, byte_offset, count);
+    js_array_ = v8::Global<V8T>(isolate, js_array);
+  }
+
+  AliasedBuffer(const AliasedBuffer& that)
+      : isolate_(that.isolate_),
+        count_(that.count_),
+        byte_offset_(that.byte_offset_),
+        buffer_(that.buffer_),
+        free_buffer_(false) {
+    js_array_ = v8::Global<V8T>(that.isolate_, that.GetJSArray());
+  }
+
+  ~AliasedBuffer() {
+    if (free_buffer_ && buffer_ != nullptr) {
+      free(buffer_);
+    }
+    js_array_.Reset();
+  }
+
+  /**
+   * Helper class that is returned from operator[] to support assignment into
+   * a specified location.
+   */
+  class Reference {
+   public:
+    Reference(AliasedBuffer<NativeT, V8T>* aliased_buffer, size_t index)
+        : aliased_buffer_(aliased_buffer),
+          index_(index) {
+    }
+
+    Reference(const Reference& that)
+        : aliased_buffer_(that.aliased_buffer_),
+          index_(that.index_) {
+    }
+
+    inline Reference& operator=(const NativeT &val) {
+      aliased_buffer_->SetValue(index_, val);
+      return *this;
+    }
+
+    operator NativeT() const {
+      return aliased_buffer_->GetValue(index_);
+    }
+
+   private:
+    AliasedBuffer<NativeT, V8T>* aliased_buffer_;
+    size_t index_;
+  };
+
+  /**
+   *  Get the underlying v8 TypedArray overlayed on top of the native buffer
+   */
+  v8::Local<V8T> GetJSArray() const {
+    return js_array_.Get(isolate_);
+  }
+
+  /**
+  *  Get the underlying v8::ArrayBuffer underlying the TypedArray and
+  *  overlaying the native buffer
+  */
+  v8::Local<v8::ArrayBuffer> GetArrayBuffer() const {
+    return GetJSArray()->Buffer();
+  }
+
+  /**
+   *  Get the underlying native buffer. Note that all reads/writes should occur
+   *  through the GetValue/SetValue/operator[] methods
+   */
+  inline const NativeT* GetNativeBuffer() const {
+    return buffer_;
+  }
+
+  /**
+   *  Synonym for GetBuffer()
+   */
+  inline const NativeT* operator * () const {
+    return GetNativeBuffer();
+  }
+
+  /**
+   *  Set position index to given value.
+   */
+  inline void SetValue(const size_t index, NativeT value) {
+#if defined(DEBUG) && DEBUG
+    CHECK_LT(index, count_);
+#endif
+    buffer_[index] = value;
+  }
+
+  /**
+   *  Get value at position index
+   */
+  inline const NativeT GetValue(const size_t index) const {
+#if defined(DEBUG) && DEBUG
+    CHECK_LT(index, count_);
+#endif
+    return buffer_[index];
+  }
+
+  /**
+   *  Effectively, a synonym for GetValue/SetValue
+   */
+  Reference operator[](size_t index) {
+    return Reference(this, index);
+  }
+
+  NativeT operator[](size_t index) const {
+    return GetValue(index);
+  }
+
+ private:
+  v8::Isolate* const isolate_;
+  size_t count_;
+  size_t byte_offset_;
+  NativeT* buffer_;
+  v8::Global<V8T> js_array_;
+  bool free_buffer_;
+};
+}  // namespace node
+
+#endif  // SRC_ALIASED_BUFFER_H_
diff --git a/src/async-wrap.cc b/src/async-wrap.cc
@@ -31,7 +31,6 @@
 #include "v8-profiler.h"
 
 using v8::Array;
-using v8::ArrayBuffer;
 using v8::Context;
 using v8::Float64Array;
 using v8::Function;
@@ -53,7 +52,6 @@ using v8::RetainedObjectInfo;
 using v8::String;
 using v8::Symbol;
 using v8::TryCatch;
-using v8::Uint32Array;
 using v8::Undefined;
 using v8::Value;
 
@@ -476,13 +474,9 @@ void AsyncWrap::Initialize(Local<Object> target,
   // callbacks waiting to be called on a particular event. It can then be
   // incremented/decremented from JS quickly to communicate to C++ if there are
   // any callbacks waiting to be called.
-  uint32_t* fields_ptr = env->async_hooks()->fields();
-  int fields_count = env->async_hooks()->fields_count();
-  Local<ArrayBuffer> fields_ab =
-      ArrayBuffer::New(isolate, fields_ptr, fields_count * sizeof(*fields_ptr));
   FORCE_SET_TARGET_FIELD(target,
                          "async_hook_fields",
-                         Uint32Array::New(fields_ab, 0, fields_count));
+                         env->async_hooks()->fields().GetJSArray());
 
   // The following v8::Float64Array has 5 fields. These fields are shared in
   // this way to allow JS and C++ to read/write each value as quickly as
@@ -493,15 +487,9 @@ void AsyncWrap::Initialize(Local<Object> target,
   // kInitTriggerId: Write the id of the resource responsible for a handle's
   //   creation just before calling the new handle's constructor. After the new
   //   handle is constructed kInitTriggerId is set back to 0.
-  double* uid_fields_ptr = env->async_hooks()->uid_fields();
-  int uid_fields_count = env->async_hooks()->uid_fields_count();
-  Local<ArrayBuffer> uid_fields_ab = ArrayBuffer::New(
-      isolate,
-      uid_fields_ptr,
-      uid_fields_count * sizeof(*uid_fields_ptr));
   FORCE_SET_TARGET_FIELD(target,
                          "async_uid_fields",
-                         Float64Array::New(uid_fields_ab, 0, uid_fields_count));
+                         env->async_hooks()->uid_fields().GetJSArray());
 
   Local<Object> constants = Object::New(isolate);
 #define SET_HOOKS_CONSTANT(name)                                              \

diff --git a/src/env-inl.h b/src/env-inl.h
@@ -24,6 +24,7 @@
 
 #if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
 
+#include "aliased_buffer.h"
 #include "env.h"
 #include "node.h"
 #include "util.h"
@@ -82,8 +83,8 @@ inline uint32_t* IsolateData::zero_fill_field() const {
 
 inline Environment::AsyncHooks::AsyncHooks(v8::Isolate* isolate)
     : isolate_(isolate),
-      fields_(),
-      uid_fields_() {
+      fields_(isolate, kFieldsCount),
+      uid_fields_(isolate, kUidFieldsCount) {
   v8::HandleScope handle_scope(isolate_);
 
   // kAsyncUidCntr should start at 1 because that'll be the id the execution
@@ -105,15 +106,17 @@ inline Environment::AsyncHooks::AsyncHooks(v8::Isolate* isolate)
 #undef V
 }
 
-inline uint32_t* Environment::AsyncHooks::fields() {
+inline AliasedBuffer<uint32_t, v8::Uint32Array>&
+Environment::AsyncHooks::fields() {
   return fields_;
 }
 
 inline int Environment::AsyncHooks::fields_count() const {
   return kFieldsCount;
 }
 
-inline double* Environment::AsyncHooks::uid_fields() {
+inline AliasedBuffer<double, v8::Float64Array>&
+Environment::AsyncHooks::uid_fields() {
   return uid_fields_;
 }
 
@@ -147,7 +150,7 @@ inline bool Environment::AsyncHooks::pop_ids(double async_id) {
     fprintf(stderr,
             "Error: async hook stack has become corrupted ("
             "actual: %.f, expected: %.f)\n",
-            uid_fields_[kCurrentAsyncId],
+            uid_fields_.GetValue(kCurrentAsyncId),
             async_id);
     Environment* env = Environment::GetCurrent(isolate_);
     DumpBacktrace(stderr);
@@ -326,7 +329,7 @@ inline Environment::~Environment() {
   delete[] heap_statistics_buffer_;
   delete[] heap_space_statistics_buffer_;
   delete[] http_parser_buffer_;
-  free(http2_state_buffer_);
+  delete http2_state_;
   free(performance_state_);
 }
 
@@ -425,7 +428,9 @@ inline std::vector<double>* Environment::destroy_ids_list() {
 }
 
 inline double Environment::new_async_id() {
-  return ++async_hooks()->uid_fields()[AsyncHooks::kAsyncUidCntr];
+  async_hooks()->uid_fields()[AsyncHooks::kAsyncUidCntr] =
+    async_hooks()->uid_fields()[AsyncHooks::kAsyncUidCntr] + 1;
+  return async_hooks()->uid_fields()[AsyncHooks::kAsyncUidCntr];
 }
 
 inline double Environment::current_async_id() {
@@ -437,7 +442,8 @@ inline double Environment::trigger_id() {
 }
 
 inline double Environment::get_init_trigger_id() {
-  double* uid_fields = async_hooks()->uid_fields();
+  AliasedBuffer<double, v8::Float64Array>& uid_fields =
+    async_hooks()->uid_fields();
   double tid = uid_fields[AsyncHooks::kInitTriggerId];
   uid_fields[AsyncHooks::kInitTriggerId] = 0;
   if (tid <= 0) tid = current_async_id();
@@ -477,13 +483,13 @@ inline void Environment::set_http_parser_buffer(char* buffer) {
   http_parser_buffer_ = buffer;
 }
 
-inline http2::http2_state* Environment::http2_state_buffer() const {
-  return http2_state_buffer_;
+inline http2::http2_state* Environment::http2_state() const {
+  return http2_state_;
 }
 
-inline void Environment::set_http2_state_buffer(http2::http2_state* buffer) {
-  CHECK_EQ(http2_state_buffer_, nullptr);  // Should be set only once.
-  http2_state_buffer_ = buffer;
+inline void Environment::set_http2_state(http2::http2_state* buffer) {
+  CHECK_EQ(http2_state_, nullptr);  // Should be set only once.
+  http2_state_ = buffer;
 }
 
 inline double* Environment::fs_stats_field_array() const {