[compiler] Make JSDataViewRef and JSBoundFunctionRef bg-serialized

... but keep/make subclass-specific methods do direct reads. Bug: v8:7790 Change-Id: Ia4b9d207ce75cf28f6f0f33027ab05e27db49ce9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2959621Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#75457}

[compiler] Make JSDataViewRef and JSBoundFunctionRef bg-serialized
... but keep/make subclass-specific methods do direct reads. Bug: v8:7790 Change-Id: Ia4b9d207ce75cf28f6f0f33027ab05e27db49ce9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2959621Reviewed-by: Jakob Gruber <jgruber@chromium.org> Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#75457}
036e5783 · Jakob Gruber · V8 LUCI CQ · 5fefa970 · 036e5783 · 036e5783
Commit 036e5783 authored Jun 30, 2021 by Jakob Gruber Committed by V8 LUCI CQ Jun 30, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 38 additions and 29 deletions

heap-refs.cc src/compiler/heap-refs.cc +36 -26

heap-refs.h src/compiler/heap-refs.h +2 -3

No files found.
--- a/src/compiler/heap-refs.cc
+++ b/src/compiler/heap-refs.cc
@@ -745,19 +745,35 @@ class ArrayBoilerplateDescriptionData : public HeapObjectData {
 class JSDataViewData : public JSObjectData {
 public:
  JSDataViewData(JSHeapBroker* broker, ObjectData** storage,
-                 Handle<JSDataView> object);
+                 Handle<JSDataView> object,
+                 ObjectDataKind kind = kSerializedHeapObject)
+      : JSObjectData(broker, storage, object, kind) {
+    if (kind == kSerializedHeapObject) {
+      DCHECK(!broker->is_concurrent_inlining());
+      byte_length_ = object->byte_length();
+    } else {
+      DCHECK_EQ(kind, kBackgroundSerializedHeapObject);
+      DCHECK(broker->is_concurrent_inlining());
+    }
+  }

-  size_t byte_length() const { return byte_length_; }
+  size_t byte_length() const {
+    DCHECK_EQ(kind(), kSerializedHeapObject);
+    return byte_length_;
+  }

 private:
-  size_t const byte_length_;
+  size_t byte_length_ = 0;  // Only valid if not concurrent inlining.
 };

 class JSBoundFunctionData : public JSObjectData {
 public:
  JSBoundFunctionData(JSHeapBroker* broker, ObjectData** storage,
-                      Handle<JSBoundFunction> object);
+                      Handle<JSBoundFunction> object,
+                      ObjectDataKind kind = kSerializedHeapObject)
+      : JSObjectData(broker, storage, object, kind) {}

+  // For main-thread serialization only.
  bool Serialize(JSHeapBroker* broker);
  bool serialized() const { return serialized_; }

@@ -1819,17 +1835,9 @@ class ScriptContextTableData : public FixedArrayData {
      : FixedArrayData(broker, storage, object, kind) {}
 };

-JSDataViewData::JSDataViewData(JSHeapBroker* broker, ObjectData** storage,
-                               Handle<JSDataView> object)
-    : JSObjectData(broker, storage, object),
-      byte_length_(object->byte_length()) {}
-
-JSBoundFunctionData::JSBoundFunctionData(JSHeapBroker* broker,
-                                         ObjectData** storage,
-                                         Handle<JSBoundFunction> object)
-    : JSObjectData(broker, storage, object) {}
-
 bool JSBoundFunctionData::Serialize(JSHeapBroker* broker) {
+  DCHECK(!broker->is_concurrent_inlining());
+
  if (serialized_) return true;
  if (broker->StackHasOverflowed()) return false;

@@ -3366,15 +3374,13 @@ BIMODAL_ACCESSOR(HeapObject, Map, map)
 BIMODAL_ACCESSOR_C(HeapNumber, double, value)
 BIMODAL_ACCESSOR_C(HeapNumber, uint64_t, value_as_bits)

-// These JSBoundFunction fields are immutable after initialization. Moreover,
-// as long as JSObjects are still serialized on the main thread, all
-// JSBoundFunctionRefs are created at a time when the underlying objects are
-// guaranteed to be fully initialized.
+// Immutable after initialization.
 BIMODAL_ACCESSOR_WITH_FLAG(JSBoundFunction, JSReceiver, bound_target_function)
 BIMODAL_ACCESSOR_WITH_FLAG(JSBoundFunction, Object, bound_this)
 BIMODAL_ACCESSOR_WITH_FLAG(JSBoundFunction, FixedArray, bound_arguments)

-BIMODAL_ACCESSOR_C(JSDataView, size_t, byte_length)
+// Immutable after initialization.
+BIMODAL_ACCESSOR_WITH_FLAG_C(JSDataView, size_t, byte_length)

 BIMODAL_ACCESSOR_C(JSFunction, bool, has_feedback_vector)
 BIMODAL_ACCESSOR_C(JSFunction, bool, has_initial_map)
@@ -4445,12 +4451,22 @@ void JSFunctionRef::SerializeCodeAndFeedback() {
 }

 bool JSBoundFunctionRef::serialized() const {
-  if (data_->should_access_heap()) return true;
+  if (data_->should_access_heap() || broker()->is_concurrent_inlining()) {
+    return true;
+  }
  if (data_->AsJSBoundFunction()->serialized()) return true;
  TRACE_BROKER_MISSING(broker(), "data for JSBoundFunction " << this);
  return false;
 }

+bool JSBoundFunctionRef::Serialize() {
+  if (data_->should_access_heap() || broker()->is_concurrent_inlining()) {
+    return true;
+  }
+  CHECK_EQ(broker()->mode(), JSHeapBroker::kSerializing);
+  return data()->AsJSBoundFunction()->Serialize(broker());
+}
+
 bool JSFunctionRef::serialized() const {
  if (data_->should_access_heap()) return true;
  if (data_->AsJSFunction()->serialized()) return true;
@@ -4611,12 +4627,6 @@ bool JSTypedArrayRef::serialized() const {
  return false;
 }

-bool JSBoundFunctionRef::Serialize() {
-  if (data_->should_access_heap()) return true;
-  CHECK_EQ(broker()->mode(), JSHeapBroker::kSerializing);
-  return data()->AsJSBoundFunction()->Serialize(broker());
-}
-
 bool PropertyCellRef::Serialize() const {
  if (data_->should_access_heap()) return true;
  CHECK(broker()->mode() == JSHeapBroker::kSerializing ||

--- a/src/compiler/heap-refs.h
+++ b/src/compiler/heap-refs.h
@@ -81,8 +81,8 @@ enum class RefSerializationKind {
 #define HEAP_BROKER_OBJECT_LIST(V)                                        \
  /* Subtypes of JSObject */                                              \
  V(JSArray, RefSerializationKind::kBackgroundSerialized)                 \
-  V(JSBoundFunction, RefSerializationKind::kSerialized)                   \
-  V(JSDataView, RefSerializationKind::kSerialized)                        \
+  V(JSBoundFunction, RefSerializationKind::kBackgroundSerialized)         \
+  V(JSDataView, RefSerializationKind::kBackgroundSerialized)              \
  V(JSFunction, RefSerializationKind::kSerialized)                        \
  V(JSGlobalObject, RefSerializationKind::kSerialized)                    \
  V(JSGlobalProxy, RefSerializationKind::kBackgroundSerialized)           \
@@ -387,7 +387,6 @@ class JSBoundFunctionRef : public JSObjectRef {
  bool Serialize();
  bool serialized() const;

-  // The following are available only after calling Serialize().
  JSReceiverRef bound_target_function() const;
  ObjectRef bound_this() const;
  FixedArrayRef bound_arguments() const;