[wasm-gc] Allocate supertype arrays in old space

We fix an inconsistency where supertype arrays for wasm-gc object maps were not always allocated in old space. To do so we add an AllocationType argument to a couple of factory helpers. Bug: v8:7748 Change-Id: I8b16032b8504c17e0f730cfc86e30b172645b67b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3320455Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#78285}

[wasm-gc] Allocate supertype arrays in old space
We fix an inconsistency where supertype arrays for wasm-gc object maps were not always allocated in old space. To do so we add an AllocationType argument to a couple of factory helpers. Bug: v8:7748 Change-Id: I8b16032b8504c17e0f730cfc86e30b172645b67b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3320455Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Manos Koukoutos <manoskouk@chromium.org> Cr-Commit-Position: refs/heads/main@{#78285}
58531652 · Manos Koukoutos · V8 LUCI CQ · 77b09f96 · 58531652 · 58531652
Commit 58531652 authored Dec 08, 2021 by Manos Koukoutos Committed by V8 LUCI CQ Dec 08, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 16 additions and 9 deletions

factory.cc src/heap/factory.cc +10 -7

factory.h src/heap/factory.h +6 -2

No files found.
--- a/src/heap/factory.cc
+++ b/src/heap/factory.cc
@@ -1474,7 +1474,8 @@ Handle<WasmTypeInfo> Factory::NewWasmTypeInfo(
  Handle<ArrayList> subtypes = ArrayList::New(isolate(), 0);
  Handle<FixedArray> supertypes;
  if (opt_parent.is_null()) {
-    supertypes = NewFixedArray(wasm::kMinimumSupertypeArraySize);
+    supertypes =
+        NewFixedArray(wasm::kMinimumSupertypeArraySize, AllocationType::kOld);
    for (int i = 0; i < supertypes->length(); i++) {
      supertypes->set(i, *undefined_value());
    }
@@ -1489,7 +1490,7 @@ Handle<WasmTypeInfo> Factory::NewWasmTypeInfo(
    if (last_defined_index == parent_supertypes->length() - 1) {
      supertypes = CopyArrayAndGrow(parent_supertypes, 1, AllocationType::kOld);
    } else {
-      supertypes = CopyFixedArray(parent_supertypes);
+      supertypes = CopyFixedArray(parent_supertypes, AllocationType::kOld);
    }
    supertypes->set(last_defined_index + 1, *opt_parent);
  }
@@ -1499,7 +1500,7 @@ Handle<WasmTypeInfo> Factory::NewWasmTypeInfo(
  DisallowGarbageCollection no_gc;
  result.AllocateExternalPointerEntries(isolate());
  result.set_foreign_address(isolate(), type_address);
-  result.set_supertypes(*supertypes);
+  result.set_supertypes(*supertypes, SKIP_WRITE_BARRIER);
  result.set_subtypes(*subtypes);
  result.set_instance_size(instance_size_bytes);
  result.set_instance(*instance);
@@ -1952,9 +1953,10 @@ inline void ZeroEmbedderFields(i::JSObject obj) {
 }  // namespace

 template <typename T>
-Handle<T> Factory::CopyArrayWithMap(Handle<T> src, Handle<Map> map) {
+Handle<T> Factory::CopyArrayWithMap(Handle<T> src, Handle<Map> map,
+                                    AllocationType allocation) {
  int len = src->length();
-  HeapObject new_object = AllocateRawFixedArray(len, AllocationType::kYoung);
+  HeapObject new_object = AllocateRawFixedArray(len, allocation);
  DisallowGarbageCollection no_gc;
  new_object.set_map_after_allocation(*map, SKIP_WRITE_BARRIER);
  T result = T::cast(new_object);
@@ -2090,9 +2092,10 @@ Handle<FixedArray> Factory::CopyFixedArrayUpTo(Handle<FixedArray> array,
  return handle(result, isolate());
 }

-Handle<FixedArray> Factory::CopyFixedArray(Handle<FixedArray> array) {
+Handle<FixedArray> Factory::CopyFixedArray(Handle<FixedArray> array,
+                                           AllocationType allocation) {
  if (array->length() == 0) return array;
-  return CopyArrayWithMap(array, handle(array->map(), isolate()));
+  return CopyArrayWithMap(array, handle(array->map(), isolate()), allocation);
 }

 Handle<FixedDoubleArray> Factory::CopyFixedDoubleArray(

--- a/src/heap/factory.h
+++ b/src/heap/factory.h
@@ -484,7 +484,9 @@ class V8_EXPORT_PRIVATE Factory : public FactoryBase<Factory> {
      Handle<FixedArray> array, int new_len,
      AllocationType allocation = AllocationType::kYoung);

-  Handle<FixedArray> CopyFixedArray(Handle<FixedArray> array);
+  Handle<FixedArray> CopyFixedArray(
+      Handle<FixedArray> array,
+      AllocationType allocation = AllocationType::kYoung);

  Handle<FixedDoubleArray> CopyFixedDoubleArray(Handle<FixedDoubleArray> array);

@@ -1045,7 +1047,9 @@ class V8_EXPORT_PRIVATE Factory : public FactoryBase<Factory> {
  HeapObject New(Handle<Map> map, AllocationType allocation);

  template <typename T>
-  Handle<T> CopyArrayWithMap(Handle<T> src, Handle<Map> map);
+  Handle<T> CopyArrayWithMap(
+      Handle<T> src, Handle<Map> map,
+      AllocationType allocation = AllocationType::kYoung);
  template <typename T>
  Handle<T> CopyArrayAndGrow(Handle<T> src, int grow_by,
                             AllocationType allocation);