From af69cb07db0d810a1a1a507b890e6beb23dc421c Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Sun, 23 Feb 2020 14:41:40 +0100 Subject: Revert #1137 - Remove unboxed arrays - accounting for removal of watch()/unwatch() - updated for intermediate code changes. --- js/src/vm/UnboxedObject-inl.h | 663 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 663 insertions(+) (limited to 'js/src/vm/UnboxedObject-inl.h') diff --git a/js/src/vm/UnboxedObject-inl.h b/js/src/vm/UnboxedObject-inl.h index c1468a5b1..93ad7bf28 100644 --- a/js/src/vm/UnboxedObject-inl.h +++ b/js/src/vm/UnboxedObject-inl.h @@ -172,6 +172,669 @@ UnboxedPlainObject::layout() const return group()->unboxedLayout(); } +///////////////////////////////////////////////////////////////////// +// UnboxedArrayObject +///////////////////////////////////////////////////////////////////// + +inline const UnboxedLayout& +UnboxedArrayObject::layout() const +{ + return group()->unboxedLayout(); +} + +inline void +UnboxedArrayObject::setLength(ExclusiveContext* cx, uint32_t length) +{ + if (length > INT32_MAX) { + // Track objects with overflowing lengths in type information. + MarkObjectGroupFlags(cx, this, OBJECT_FLAG_LENGTH_OVERFLOW); + } + + length_ = length; +} + +inline void +UnboxedArrayObject::setInitializedLength(uint32_t initlen) +{ + if (initlen < initializedLength()) { + switch (elementType()) { + case JSVAL_TYPE_STRING: + for (size_t i = initlen; i < initializedLength(); i++) + triggerPreBarrier(i); + break; + case JSVAL_TYPE_OBJECT: + for (size_t i = initlen; i < initializedLength(); i++) + triggerPreBarrier(i); + break; + default: + MOZ_ASSERT(!UnboxedTypeNeedsPreBarrier(elementType())); + } + } + setInitializedLengthNoBarrier(initlen); +} + +template +inline bool +UnboxedArrayObject::setElementSpecific(ExclusiveContext* cx, size_t index, const Value& v) +{ + MOZ_ASSERT(index < initializedLength()); + MOZ_ASSERT(Type == elementType()); + uint8_t* p = elements() + index * UnboxedTypeSize(Type); + return SetUnboxedValue(cx, this, JSID_VOID, p, elementType(), v, /* preBarrier = */ true); +} + +template +inline void +UnboxedArrayObject::setElementNoTypeChangeSpecific(size_t index, const Value& v) +{ + MOZ_ASSERT(index < initializedLength()); + MOZ_ASSERT(Type == elementType()); + uint8_t* p = elements() + index * UnboxedTypeSize(Type); + return SetUnboxedValueNoTypeChange(this, p, elementType(), v, /* preBarrier = */ true); +} + +template +inline bool +UnboxedArrayObject::initElementSpecific(ExclusiveContext* cx, size_t index, const Value& v) +{ + MOZ_ASSERT(index < initializedLength()); + MOZ_ASSERT(Type == elementType()); + uint8_t* p = elements() + index * UnboxedTypeSize(Type); + return SetUnboxedValue(cx, this, JSID_VOID, p, elementType(), v, /* preBarrier = */ false); +} + +template +inline void +UnboxedArrayObject::initElementNoTypeChangeSpecific(size_t index, const Value& v) +{ + MOZ_ASSERT(index < initializedLength()); + MOZ_ASSERT(Type == elementType()); + uint8_t* p = elements() + index * UnboxedTypeSize(Type); + return SetUnboxedValueNoTypeChange(this, p, elementType(), v, /* preBarrier = */ false); +} + +template +inline Value +UnboxedArrayObject::getElementSpecific(size_t index) +{ + MOZ_ASSERT(index < initializedLength()); + MOZ_ASSERT(Type == elementType()); + uint8_t* p = elements() + index * UnboxedTypeSize(Type); + return GetUnboxedValue(p, Type, /* maybeUninitialized = */ false); +} + +template +inline void +UnboxedArrayObject::triggerPreBarrier(size_t index) +{ + MOZ_ASSERT(UnboxedTypeNeedsPreBarrier(Type)); + + uint8_t* p = elements() + index * UnboxedTypeSize(Type); + + switch (Type) { + case JSVAL_TYPE_STRING: { + JSString** np = reinterpret_cast(p); + JSString::writeBarrierPre(*np); + break; + } + + case JSVAL_TYPE_OBJECT: { + JSObject** np = reinterpret_cast(p); + JSObject::writeBarrierPre(*np); + break; + } + + default: + MOZ_CRASH("Bad type"); + } +} + +///////////////////////////////////////////////////////////////////// +// Combined methods for NativeObject and UnboxedArrayObject accesses. +///////////////////////////////////////////////////////////////////// + +static inline bool +HasAnyBoxedOrUnboxedDenseElements(JSObject* obj) +{ + return obj->isNative() || obj->is(); +} + +static inline size_t +GetAnyBoxedOrUnboxedInitializedLength(JSObject* obj) +{ + if (obj->isNative()) + return obj->as().getDenseInitializedLength(); + if (obj->is()) + return obj->as().initializedLength(); + return 0; +} + +static inline size_t +GetAnyBoxedOrUnboxedCapacity(JSObject* obj) +{ + if (obj->isNative()) + return obj->as().getDenseCapacity(); + if (obj->is()) + return obj->as().capacity(); + return 0; +} + +static inline Value +GetAnyBoxedOrUnboxedDenseElement(JSObject* obj, size_t index) +{ + if (obj->isNative()) + return obj->as().getDenseElement(index); + return obj->as().getElement(index); +} + +static inline size_t +GetAnyBoxedOrUnboxedArrayLength(JSObject* obj) +{ + if (obj->is()) + return obj->as().length(); + return obj->as().length(); +} + +static inline void +SetAnyBoxedOrUnboxedArrayLength(JSContext* cx, JSObject* obj, size_t length) +{ + if (obj->is()) { + MOZ_ASSERT(length >= obj->as().length()); + obj->as().setLength(cx, length); + } else { + MOZ_ASSERT(length >= obj->as().length()); + obj->as().setLength(cx, length); + } +} + +static inline bool +SetAnyBoxedOrUnboxedDenseElement(JSContext* cx, JSObject* obj, size_t index, const Value& value) +{ + if (obj->isNative()) { + obj->as().setDenseElementWithType(cx, index, value); + return true; + } + return obj->as().setElement(cx, index, value); +} + +static inline bool +InitAnyBoxedOrUnboxedDenseElement(JSContext* cx, JSObject* obj, size_t index, const Value& value) +{ + if (obj->isNative()) { + obj->as().initDenseElementWithType(cx, index, value); + return true; + } + return obj->as().initElement(cx, index, value); +} + +///////////////////////////////////////////////////////////////////// +// Template methods for NativeObject and UnboxedArrayObject accesses. +///////////////////////////////////////////////////////////////////// + +static inline JSValueType +GetBoxedOrUnboxedType(JSObject* obj) +{ + if (obj->isNative()) + return JSVAL_TYPE_MAGIC; + return obj->as().elementType(); +} + +template +static inline bool +HasBoxedOrUnboxedDenseElements(JSObject* obj) +{ + if (Type == JSVAL_TYPE_MAGIC) + return obj->isNative(); + return obj->is() && obj->as().elementType() == Type; +} + +template +static inline size_t +GetBoxedOrUnboxedInitializedLength(JSObject* obj) +{ + if (Type == JSVAL_TYPE_MAGIC) + return obj->as().getDenseInitializedLength(); + return obj->as().initializedLength(); +} + +template +static inline DenseElementResult +SetBoxedOrUnboxedInitializedLength(JSContext* cx, JSObject* obj, size_t initlen) +{ + size_t oldInitlen = GetBoxedOrUnboxedInitializedLength(obj); + if (Type == JSVAL_TYPE_MAGIC) { + obj->as().setDenseInitializedLength(initlen); + if (initlen < oldInitlen) + obj->as().shrinkElements(cx, initlen); + } else { + obj->as().setInitializedLength(initlen); + if (initlen < oldInitlen) + obj->as().shrinkElements(cx, initlen); + } + return DenseElementResult::Success; +} + +template +static inline size_t +GetBoxedOrUnboxedCapacity(JSObject* obj) +{ + if (Type == JSVAL_TYPE_MAGIC) + return obj->as().getDenseCapacity(); + return obj->as().capacity(); +} + +template +static inline Value +GetBoxedOrUnboxedDenseElement(JSObject* obj, size_t index) +{ + if (Type == JSVAL_TYPE_MAGIC) + return obj->as().getDenseElement(index); + return obj->as().getElementSpecific(index); +} + +template +static inline void +SetBoxedOrUnboxedDenseElementNoTypeChange(JSObject* obj, size_t index, const Value& value) +{ + if (Type == JSVAL_TYPE_MAGIC) + obj->as().setDenseElement(index, value); + else + obj->as().setElementNoTypeChangeSpecific(index, value); +} + +template +static inline bool +SetBoxedOrUnboxedDenseElement(JSContext* cx, JSObject* obj, size_t index, const Value& value) +{ + if (Type == JSVAL_TYPE_MAGIC) { + obj->as().setDenseElementWithType(cx, index, value); + return true; + } + return obj->as().setElementSpecific(cx, index, value); +} + +template +static inline DenseElementResult +EnsureBoxedOrUnboxedDenseElements(JSContext* cx, JSObject* obj, size_t count) +{ + if (Type == JSVAL_TYPE_MAGIC) { + if (!obj->as().ensureElements(cx, count)) + return DenseElementResult::Failure; + } else { + if (obj->as().capacity() < count) { + if (!obj->as().growElements(cx, count)) + return DenseElementResult::Failure; + } + } + return DenseElementResult::Success; +} + +template +static inline DenseElementResult +SetOrExtendBoxedOrUnboxedDenseElements(ExclusiveContext* cx, JSObject* obj, + uint32_t start, const Value* vp, uint32_t count, + ShouldUpdateTypes updateTypes = ShouldUpdateTypes::Update) +{ + if (Type == JSVAL_TYPE_MAGIC) { + NativeObject* nobj = &obj->as(); + + if (nobj->denseElementsAreFrozen()) + return DenseElementResult::Incomplete; + + if (obj->is() && + !obj->as().lengthIsWritable() && + start + count >= obj->as().length()) + { + return DenseElementResult::Incomplete; + } + + DenseElementResult result = nobj->ensureDenseElements(cx, start, count); + if (result != DenseElementResult::Success) + return result; + + if (obj->is() && start + count >= obj->as().length()) + obj->as().setLengthInt32(start + count); + + if (updateTypes == ShouldUpdateTypes::DontUpdate && !nobj->shouldConvertDoubleElements()) { + nobj->copyDenseElements(start, vp, count); + } else { + for (size_t i = 0; i < count; i++) + nobj->setDenseElementWithType(cx, start + i, vp[i]); + } + + return DenseElementResult::Success; + } + + UnboxedArrayObject* nobj = &obj->as(); + + if (start > nobj->initializedLength()) + return DenseElementResult::Incomplete; + + if (start + count >= UnboxedArrayObject::MaximumCapacity) + return DenseElementResult::Incomplete; + + if (start + count > nobj->capacity() && !nobj->growElements(cx, start + count)) + return DenseElementResult::Failure; + + size_t oldInitlen = nobj->initializedLength(); + + // Overwrite any existing elements covered by the new range. If we fail + // after this point due to some incompatible type being written to the + // object's elements, afterwards the contents will be different from when + // we started. The caller must retry the operation using a generic path, + // which will overwrite the already-modified elements as well as the ones + // that were left alone. + size_t i = 0; + if (updateTypes == ShouldUpdateTypes::DontUpdate) { + for (size_t j = start; i < count && j < oldInitlen; i++, j++) + nobj->setElementNoTypeChangeSpecific(j, vp[i]); + } else { + for (size_t j = start; i < count && j < oldInitlen; i++, j++) { + if (!nobj->setElementSpecific(cx, j, vp[i])) + return DenseElementResult::Incomplete; + } + } + + if (i != count) { + obj->as().setInitializedLength(start + count); + if (updateTypes == ShouldUpdateTypes::DontUpdate) { + for (; i < count; i++) + nobj->initElementNoTypeChangeSpecific(start + i, vp[i]); + } else { + for (; i < count; i++) { + if (!nobj->initElementSpecific(cx, start + i, vp[i])) { + nobj->setInitializedLengthNoBarrier(oldInitlen); + return DenseElementResult::Incomplete; + } + } + } + } + + if (start + count >= nobj->length()) + nobj->setLength(cx, start + count); + + return DenseElementResult::Success; +} + +template +static inline DenseElementResult +MoveBoxedOrUnboxedDenseElements(JSContext* cx, JSObject* obj, uint32_t dstStart, uint32_t srcStart, + uint32_t length) +{ + MOZ_ASSERT(HasBoxedOrUnboxedDenseElements(obj)); + + if (Type == JSVAL_TYPE_MAGIC) { + if (obj->as().denseElementsAreFrozen()) + return DenseElementResult::Incomplete; + + if (!obj->as().maybeCopyElementsForWrite(cx)) + return DenseElementResult::Failure; + obj->as().moveDenseElements(dstStart, srcStart, length); + } else { + uint8_t* data = obj->as().elements(); + size_t elementSize = UnboxedTypeSize(Type); + + if (UnboxedTypeNeedsPreBarrier(Type) && + JS::shadow::Zone::asShadowZone(obj->zone())->needsIncrementalBarrier()) + { + // Trigger pre barriers on any elements we are overwriting. See + // NativeObject::moveDenseElements. No post barrier is needed as + // only whole cell post barriers are used with unboxed objects. + for (size_t i = 0; i < length; i++) + obj->as().triggerPreBarrier(dstStart + i); + } + + memmove(data + dstStart * elementSize, + data + srcStart * elementSize, + length * elementSize); + } + + return DenseElementResult::Success; +} + +template +static inline DenseElementResult +CopyBoxedOrUnboxedDenseElements(JSContext* cx, JSObject* dst, JSObject* src, + uint32_t dstStart, uint32_t srcStart, uint32_t length) +{ + MOZ_ASSERT(HasBoxedOrUnboxedDenseElements(src)); + MOZ_ASSERT(HasBoxedOrUnboxedDenseElements(dst)); + MOZ_ASSERT(GetBoxedOrUnboxedInitializedLength(dst) == dstStart); + MOZ_ASSERT(GetBoxedOrUnboxedInitializedLength(src) >= srcStart + length); + MOZ_ASSERT(GetBoxedOrUnboxedCapacity(dst) >= dstStart + length); + + SetBoxedOrUnboxedInitializedLength(cx, dst, dstStart + length); + + if (DstType == JSVAL_TYPE_MAGIC) { + if (SrcType == JSVAL_TYPE_MAGIC) { + const Value* vp = src->as().getDenseElements() + srcStart; + dst->as().initDenseElements(dstStart, vp, length); + } else { + for (size_t i = 0; i < length; i++) { + Value v = GetBoxedOrUnboxedDenseElement(src, srcStart + i); + dst->as().initDenseElement(dstStart + i, v); + } + } + } else if (DstType == SrcType) { + uint8_t* dstData = dst->as().elements(); + uint8_t* srcData = src->as().elements(); + size_t elementSize = UnboxedTypeSize(DstType); + + memcpy(dstData + dstStart * elementSize, + srcData + srcStart * elementSize, + length * elementSize); + + // Add a store buffer entry if we might have copied a nursery pointer to dst. + if (UnboxedTypeNeedsPostBarrier(DstType) && !IsInsideNursery(dst)) + dst->runtimeFromMainThread()->gc.storeBuffer.putWholeCell(dst); + } else if (DstType == JSVAL_TYPE_DOUBLE && SrcType == JSVAL_TYPE_INT32) { + uint8_t* dstData = dst->as().elements(); + uint8_t* srcData = src->as().elements(); + + for (size_t i = 0; i < length; i++) { + int32_t v = *reinterpret_cast(srcData + (srcStart + i) * sizeof(int32_t)); + *reinterpret_cast(dstData + (dstStart + i) * sizeof(double)) = v; + } + } else { + for (size_t i = 0; i < length; i++) { + Value v = GetBoxedOrUnboxedDenseElement(src, srcStart + i); + dst->as().initElementNoTypeChangeSpecific(dstStart + i, v); + } + } + + return DenseElementResult::Success; +} + +///////////////////////////////////////////////////////////////////// +// Dispatch to specialized methods based on the type of an object. +///////////////////////////////////////////////////////////////////// + +// Goop to fix MSVC. See DispatchTraceKindTyped in TraceKind.h. +// The clang-cl front end defines _MSC_VER, but still requires the explicit +// template declaration, so we must test for __clang__ here as well. +#if defined(_MSC_VER) && !defined(__clang__) +# define DEPENDENT_TEMPLATE_HINT +#else +# define DEPENDENT_TEMPLATE_HINT template +#endif + +// Function to dispatch a method specialized to whatever boxed or unboxed dense +// elements which an input object has. +template +DenseElementResult +CallBoxedOrUnboxedSpecialization(F f, JSObject* obj) +{ + if (!HasAnyBoxedOrUnboxedDenseElements(obj)) + return DenseElementResult::Incomplete; + switch (GetBoxedOrUnboxedType(obj)) { + case JSVAL_TYPE_MAGIC: + return f. DEPENDENT_TEMPLATE_HINT operator()(); + case JSVAL_TYPE_BOOLEAN: + return f. DEPENDENT_TEMPLATE_HINT operator()(); + case JSVAL_TYPE_INT32: + return f. DEPENDENT_TEMPLATE_HINT operator()(); + case JSVAL_TYPE_DOUBLE: + return f. DEPENDENT_TEMPLATE_HINT operator()(); + case JSVAL_TYPE_STRING: + return f. DEPENDENT_TEMPLATE_HINT operator()(); + case JSVAL_TYPE_OBJECT: + return f. DEPENDENT_TEMPLATE_HINT operator()(); + default: + MOZ_CRASH(); + } +} + +// As above, except the specialization can reflect the unboxed type of two objects. +template +DenseElementResult +CallBoxedOrUnboxedSpecialization(F f, JSObject* obj1, JSObject* obj2) +{ + if (!HasAnyBoxedOrUnboxedDenseElements(obj1) || !HasAnyBoxedOrUnboxedDenseElements(obj2)) + return DenseElementResult::Incomplete; + +#define SPECIALIZE_OBJ2(TYPE) \ + switch (GetBoxedOrUnboxedType(obj2)) { \ + case JSVAL_TYPE_MAGIC: \ + return f. DEPENDENT_TEMPLATE_HINT operator()(); \ + case JSVAL_TYPE_BOOLEAN: \ + return f. DEPENDENT_TEMPLATE_HINT operator()(); \ + case JSVAL_TYPE_INT32: \ + return f. DEPENDENT_TEMPLATE_HINT operator()(); \ + case JSVAL_TYPE_DOUBLE: \ + return f. DEPENDENT_TEMPLATE_HINT operator()(); \ + case JSVAL_TYPE_STRING: \ + return f. DEPENDENT_TEMPLATE_HINT operator()(); \ + case JSVAL_TYPE_OBJECT: \ + return f. DEPENDENT_TEMPLATE_HINT operator()(); \ + default: \ + MOZ_CRASH(); \ + } + + switch (GetBoxedOrUnboxedType(obj1)) { + case JSVAL_TYPE_MAGIC: + SPECIALIZE_OBJ2(JSVAL_TYPE_MAGIC) + case JSVAL_TYPE_BOOLEAN: + SPECIALIZE_OBJ2(JSVAL_TYPE_BOOLEAN) + case JSVAL_TYPE_INT32: + SPECIALIZE_OBJ2(JSVAL_TYPE_INT32) + case JSVAL_TYPE_DOUBLE: + SPECIALIZE_OBJ2(JSVAL_TYPE_DOUBLE) + case JSVAL_TYPE_STRING: + SPECIALIZE_OBJ2(JSVAL_TYPE_STRING) + case JSVAL_TYPE_OBJECT: + SPECIALIZE_OBJ2(JSVAL_TYPE_OBJECT) + default: + MOZ_CRASH(); + } + +#undef SPECIALIZE_OBJ2 +} + +#undef DEPENDENT_TEMPLATE_HINT + +#define DefineBoxedOrUnboxedFunctor1(Signature, A) \ +struct Signature ## Functor { \ + A a; \ + explicit Signature ## Functor(A a) \ + : a(a) \ + {} \ + template \ + DenseElementResult operator()() { \ + return Signature(a); \ + } \ +} + +#define DefineBoxedOrUnboxedFunctor3(Signature, A, B, C) \ +struct Signature ## Functor { \ + A a; B b; C c; \ + Signature ## Functor(A a, B b, C c) \ + : a(a), b(b), c(c) \ + {} \ + template \ + DenseElementResult operator()() { \ + return Signature(a, b, c); \ + } \ +} + +#define DefineBoxedOrUnboxedFunctor4(Signature, A, B, C, D) \ +struct Signature ## Functor { \ + A a; B b; C c; D d; \ + Signature ## Functor(A a, B b, C c, D d) \ + : a(a), b(b), c(c), d(d) \ + {} \ + template \ + DenseElementResult operator()() { \ + return Signature(a, b, c, d); \ + } \ +} + +#define DefineBoxedOrUnboxedFunctorPair4(Signature, A, B, C, D) \ +struct Signature ## Functor { \ + A a; B b; C c; D d; \ + Signature ## Functor(A a, B b, C c, D d) \ + : a(a), b(b), c(c), d(d) \ + {} \ + template \ + DenseElementResult operator()() { \ + return Signature(a, b, c, d); \ + } \ +} + +#define DefineBoxedOrUnboxedFunctor5(Signature, A, B, C, D, E) \ +struct Signature ## Functor { \ + A a; B b; C c; D d; E e; \ + Signature ## Functor(A a, B b, C c, D d, E e) \ + : a(a), b(b), c(c), d(d), e(e) \ + {} \ + template \ + DenseElementResult operator()() { \ + return Signature(a, b, c, d, e); \ + } \ +} + +#define DefineBoxedOrUnboxedFunctor6(Signature, A, B, C, D, E, F) \ +struct Signature ## Functor { \ + A a; B b; C c; D d; E e; F f; \ + Signature ## Functor(A a, B b, C c, D d, E e, F f) \ + : a(a), b(b), c(c), d(d), e(e), f(f) \ + {} \ + template \ + DenseElementResult operator()() { \ + return Signature(a, b, c, d, e, f); \ + } \ +} + +#define DefineBoxedOrUnboxedFunctorPair6(Signature, A, B, C, D, E, F) \ +struct Signature ## Functor { \ + A a; B b; C c; D d; E e; F f; \ + Signature ## Functor(A a, B b, C c, D d, E e, F f) \ + : a(a), b(b), c(c), d(d), e(e), f(f) \ + {} \ + template \ + DenseElementResult operator()() { \ + return Signature(a, b, c, d, e, f); \ + } \ +} + +DenseElementResult +SetOrExtendAnyBoxedOrUnboxedDenseElements(ExclusiveContext* cx, JSObject* obj, + uint32_t start, const Value* vp, uint32_t count, + ShouldUpdateTypes updateTypes = ShouldUpdateTypes::Update); + +DenseElementResult +MoveAnyBoxedOrUnboxedDenseElements(JSContext* cx, JSObject* obj, + uint32_t dstStart, uint32_t srcStart, uint32_t length); + +DenseElementResult +CopyAnyBoxedOrUnboxedDenseElements(JSContext* cx, JSObject* dst, JSObject* src, + uint32_t dstStart, uint32_t srcStart, uint32_t length); + +void +SetAnyBoxedOrUnboxedInitializedLength(JSContext* cx, JSObject* obj, size_t initlen); + +DenseElementResult +EnsureAnyBoxedOrUnboxedDenseElements(JSContext* cx, JSObject* obj, size_t count); + } // namespace js #endif // vm_UnboxedObject_inl_h -- cgit v1.2.3