From 8a3c4ffe97992280f14115ff32d0c07c3a24fb75 Mon Sep 17 00:00:00 2001 From: Tom Ritter Date: Thu, 22 Aug 2019 19:53:08 +0200 Subject: [PATCH] Bug 1474659 Add dedicated AllocKinds just for ArrayBufferObjects. r?sfink Summary: The reason for doing this is to get ArrayBufferObjects allocated into their own arenas. The specific enum values were chosen to avoid breaking assumptions about where certain values fall in the list, such as OBJECT_FIRST == FUNCTION. Reviewers: sfink Subscribers: jandem Bug #: 1474659 Differential Revision: https://phabricator.services.mozilla.com/D40227 --- js/src/gc/AllocKind.h | 4 ++++ js/src/gc/GC.cpp | 35 ++++++++++++++++++++++----------- js/src/gc/GCRuntime.h | 2 +- js/src/vm/ArrayBufferObject.cpp | 17 ++++++++++++++-- 4 files changed, 44 insertions(+), 14 deletions(-) diff --git a/js/src/gc/AllocKind.h b/js/src/gc/AllocKind.h index 178976a7c0707..57273042eb7c7 100644 --- a/js/src/gc/AllocKind.h +++ b/js/src/gc/AllocKind.h @@ -45,12 +45,16 @@ namespace gc { D(OBJECT0_BACKGROUND, Object, JSObject, JSObject_Slots0, true, true, true) \ D(OBJECT2, Object, JSObject, JSObject_Slots2, false, false, true) \ D(OBJECT2_BACKGROUND, Object, JSObject, JSObject_Slots2, true, true, true) \ + D(ARRAYBUFFER4, Object, JSObject, JSObject_Slots4, true, true, true) \ D(OBJECT4, Object, JSObject, JSObject_Slots4, false, false, true) \ D(OBJECT4_BACKGROUND, Object, JSObject, JSObject_Slots4, true, true, true) \ + D(ARRAYBUFFER8, Object, JSObject, JSObject_Slots8, true, true, true) \ D(OBJECT8, Object, JSObject, JSObject_Slots8, false, false, true) \ D(OBJECT8_BACKGROUND, Object, JSObject, JSObject_Slots8, true, true, true) \ + D(ARRAYBUFFER12, Object, JSObject, JSObject_Slots12, true, true, true) \ D(OBJECT12, Object, JSObject, JSObject_Slots12, false, false, true) \ D(OBJECT12_BACKGROUND, Object, JSObject, JSObject_Slots12, true, true, true) \ + D(ARRAYBUFFER16, Object, JSObject, JSObject_Slots16, true, true, true) \ D(OBJECT16, Object, JSObject, JSObject_Slots16, false, false, true) \ D(OBJECT16_BACKGROUND, Object, JSObject, JSObject_Slots16, true, true, true) diff --git a/js/src/gc/GC.cpp b/js/src/gc/GC.cpp index 25b5e77e73edf..79240a1d71f13 100644 --- a/js/src/gc/GC.cpp +++ b/js/src/gc/GC.cpp @@ -506,8 +506,10 @@ static constexpr FinalizePhase BackgroundFinalizePhases[] = { {gcstats::PhaseKind::SWEEP_OBJECT, {AllocKind::FUNCTION, AllocKind::FUNCTION_EXTENDED, AllocKind::OBJECT0_BACKGROUND, AllocKind::OBJECT2_BACKGROUND, - AllocKind::OBJECT4_BACKGROUND, AllocKind::OBJECT8_BACKGROUND, - AllocKind::OBJECT12_BACKGROUND, AllocKind::OBJECT16_BACKGROUND}}, + AllocKind::ARRAYBUFFER4, AllocKind::OBJECT4_BACKGROUND, + AllocKind::ARRAYBUFFER8, AllocKind::OBJECT8_BACKGROUND, + AllocKind::ARRAYBUFFER12, AllocKind::OBJECT12_BACKGROUND, + AllocKind::ARRAYBUFFER16, AllocKind::OBJECT16_BACKGROUND}}, {gcstats::PhaseKind::SWEEP_SCOPE, { AllocKind::SCOPE, @@ -2883,15 +2885,26 @@ static constexpr AllocKinds UpdatePhaseOne{ // UpdatePhaseTwo is typed object descriptor objects. -static constexpr AllocKinds UpdatePhaseThree{ - AllocKind::LAZY_SCRIPT, AllocKind::SCOPE, - AllocKind::FUNCTION, AllocKind::FUNCTION_EXTENDED, - AllocKind::OBJECT0, AllocKind::OBJECT0_BACKGROUND, - AllocKind::OBJECT2, AllocKind::OBJECT2_BACKGROUND, - AllocKind::OBJECT4, AllocKind::OBJECT4_BACKGROUND, - AllocKind::OBJECT8, AllocKind::OBJECT8_BACKGROUND, - AllocKind::OBJECT12, AllocKind::OBJECT12_BACKGROUND, - AllocKind::OBJECT16, AllocKind::OBJECT16_BACKGROUND}; +static constexpr AllocKinds UpdatePhaseThree{AllocKind::LAZY_SCRIPT, + AllocKind::SCOPE, + AllocKind::FUNCTION, + AllocKind::FUNCTION_EXTENDED, + AllocKind::OBJECT0, + AllocKind::OBJECT0_BACKGROUND, + AllocKind::OBJECT2, + AllocKind::OBJECT2_BACKGROUND, + AllocKind::ARRAYBUFFER4, + AllocKind::OBJECT4, + AllocKind::OBJECT4_BACKGROUND, + AllocKind::ARRAYBUFFER8, + AllocKind::OBJECT8, + AllocKind::OBJECT8_BACKGROUND, + AllocKind::ARRAYBUFFER12, + AllocKind::OBJECT12, + AllocKind::OBJECT12_BACKGROUND, + AllocKind::ARRAYBUFFER16, + AllocKind::OBJECT16, + AllocKind::OBJECT16_BACKGROUND}; void GCRuntime::updateAllCellPointers(MovingTracer* trc, Zone* zone) { size_t bgTaskCount = CellUpdateBackgroundTaskCount(); diff --git a/js/src/gc/GCRuntime.h b/js/src/gc/GCRuntime.h index f46a921b85096..1f9519b1f5e74 100644 --- a/js/src/gc/GCRuntime.h +++ b/js/src/gc/GCRuntime.h @@ -195,7 +195,7 @@ class ChainedIter { typedef HashMap, SystemAllocPolicy> RootedValueMap; -using AllocKinds = mozilla::EnumSet; +using AllocKinds = mozilla::EnumSet; // A singly linked list of zones. class ZoneList { diff --git a/js/src/vm/ArrayBufferObject.cpp b/js/src/vm/ArrayBufferObject.cpp index 02b0f6be1c49f..ea16450ac6588 100644 --- a/js/src/vm/ArrayBufferObject.cpp +++ b/js/src/vm/ArrayBufferObject.cpp @@ -1179,6 +1179,19 @@ static MOZ_MUST_USE bool CheckArrayBufferTooLarge(JSContext* cx, return true; } +static inline js::gc::AllocKind GetArrayBufferGCObjectKind(size_t numSlots) { + if (numSlots <= 4) { + return js::gc::AllocKind::ARRAYBUFFER4; + } + if (numSlots <= 8) { + return js::gc::AllocKind::ARRAYBUFFER8; + } + if (numSlots <= 12) { + return js::gc::AllocKind::ARRAYBUFFER12; + } + return js::gc::AllocKind::ARRAYBUFFER16; +} + ArrayBufferObject* ArrayBufferObject::createForContents( JSContext* cx, uint32_t nbytes, BufferContents contents) { MOZ_ASSERT(contents); @@ -1219,7 +1232,7 @@ ArrayBufferObject* ArrayBufferObject::createForContents( } MOZ_ASSERT(!(class_.flags & JSCLASS_HAS_PRIVATE)); - gc::AllocKind allocKind = gc::GetGCObjectKind(nslots); + gc::AllocKind allocKind = GetArrayBufferGCObjectKind(nslots); AutoSetNewObjectMetadata metadata(cx); Rooted buffer( @@ -1268,7 +1281,7 @@ ArrayBufferObject* ArrayBufferObject::createZeroed( } MOZ_ASSERT(!(class_.flags & JSCLASS_HAS_PRIVATE)); - gc::AllocKind allocKind = gc::GetGCObjectKind(nslots); + gc::AllocKind allocKind = GetArrayBufferGCObjectKind(nslots); AutoSetNewObjectMetadata metadata(cx); Rooted buffer( -- GitLab