Revision: 19995
Author: [email protected]
Date: Mon Mar 17 13:42:37 2014 UTC
Log: Pretenure code generation corner case with new space COW arrays.
When advised to pretenure in crankshaft, and the boilerplate is a cow
array, move the elements to old space if it's not already there to avoid
overflowing the store buffer.
[email protected]
Review URL: https://codereview.chromium.org/197473004
http://code.google.com/p/v8/source/detail?r=19995
Modified:
/branches/bleeding_edge/src/factory.cc
/branches/bleeding_edge/src/factory.h
/branches/bleeding_edge/src/heap.cc
/branches/bleeding_edge/src/heap.h
/branches/bleeding_edge/src/hydrogen.cc
=======================================
--- /branches/bleeding_edge/src/factory.cc Mon Mar 17 10:21:01 2014 UTC
+++ /branches/bleeding_edge/src/factory.cc Mon Mar 17 13:42:37 2014 UTC
@@ -887,6 +887,15 @@
Handle<FixedArray> Factory::CopyFixedArray(Handle<FixedArray> array) {
CALL_HEAP_FUNCTION(isolate(), array->Copy(), FixedArray);
}
+
+
+Handle<FixedArray> Factory::CopyAndTenureFixedCOWArray(
+ Handle<FixedArray> array) {
+ ASSERT(isolate()->heap()->InNewSpace(*array));
+ CALL_HEAP_FUNCTION(isolate(),
+ isolate()->heap()->CopyAndTenureFixedCOWArray(*array),
+ FixedArray);
+}
Handle<FixedArray> Factory::CopySizeFixedArray(Handle<FixedArray> array,
=======================================
--- /branches/bleeding_edge/src/factory.h Mon Mar 17 10:21:01 2014 UTC
+++ /branches/bleeding_edge/src/factory.h Mon Mar 17 13:42:37 2014 UTC
@@ -290,6 +290,10 @@
Handle<FixedArray> CopyFixedArray(Handle<FixedArray> array);
+ // This method expects a COW array in new space, and creates a copy
+ // of it in old space.
+ Handle<FixedArray> CopyAndTenureFixedCOWArray(Handle<FixedArray> array);
+
Handle<FixedArray> CopySizeFixedArray(Handle<FixedArray> array,
int new_length,
PretenureFlag pretenure =
NOT_TENURED);
=======================================
--- /branches/bleeding_edge/src/heap.cc Mon Mar 17 10:38:45 2014 UTC
+++ /branches/bleeding_edge/src/heap.cc Mon Mar 17 13:42:37 2014 UTC
@@ -5045,6 +5045,33 @@
MaybeObject* Heap::AllocateEmptyExternalArray(ExternalArrayType
array_type) {
return AllocateExternalArray(0, array_type, NULL, TENURED);
}
+
+
+MaybeObject* Heap::CopyAndTenureFixedCOWArray(FixedArray* src) {
+ if (!InNewSpace(src)) {
+ return src;
+ }
+
+ int len = src->length();
+ Object* obj;
+ { MaybeObject* maybe_obj = AllocateRawFixedArray(len, TENURED);
+ if (!maybe_obj->ToObject(&obj)) return maybe_obj;
+ }
+ HeapObject::cast(obj)->set_map_no_write_barrier(fixed_array_map());
+ FixedArray* result = FixedArray::cast(obj);
+ result->set_length(len);
+
+ // Copy the content
+ DisallowHeapAllocation no_gc;
+ WriteBarrierMode mode = result->GetWriteBarrierMode(no_gc);
+ for (int i = 0; i < len; i++) result->set(i, src->get(i), mode);
+
+ // TODO(mvstanton): The map is set twice because of protection against
calling
+ // set() on a COW FixedArray. Issue v8:3221 created to track this, and
+ // we might then be able to remove this whole method.
+ HeapObject::cast(obj)->set_map_no_write_barrier(fixed_cow_array_map());
+ return result;
+}
MaybeObject* Heap::CopyFixedArrayWithMap(FixedArray* src, Map* map) {
=======================================
--- /branches/bleeding_edge/src/heap.h Mon Mar 17 10:38:45 2014 UTC
+++ /branches/bleeding_edge/src/heap.h Mon Mar 17 13:42:37 2014 UTC
@@ -975,6 +975,10 @@
// Failure::RetryAfterGC(requested_bytes, space) if the allocation
failed.
MUST_USE_RESULT inline MaybeObject* CopyFixedArray(FixedArray* src);
+ // Make a copy of src and return it. Returns
+ // Failure::RetryAfterGC(requested_bytes, space) if the allocation
failed.
+ MUST_USE_RESULT MaybeObject* CopyAndTenureFixedCOWArray(FixedArray* src);
+
// Make a copy of src, set the map, and return the copy. Returns
// Failure::RetryAfterGC(requested_bytes, space) if the allocation
failed.
MUST_USE_RESULT MaybeObject* CopyFixedArrayWithMap(FixedArray* src, Map*
map);
=======================================
--- /branches/bleeding_edge/src/hydrogen.cc Mon Mar 17 08:31:21 2014 UTC
+++ /branches/bleeding_edge/src/hydrogen.cc Mon Mar 17 13:42:37 2014 UTC
@@ -9756,6 +9756,18 @@
int elements_size = (elements->length() > 0 &&
elements->map() != isolate()->heap()->fixed_cow_array_map()) ?
elements->Size() : 0;
+
+ if (pretenure_flag == TENURED &&
+ elements->map() == isolate()->heap()->fixed_cow_array_map() &&
+ isolate()->heap()->InNewSpace(*elements)) {
+ // If we would like to pretenure a fixed cow array, we must ensure
that the
+ // array is already in old space, otherwise we'll create too many
old-to-
+ // new-space pointers (overflowing the store buffer).
+ elements = Handle<FixedArrayBase>(
+ isolate()->factory()->CopyAndTenureFixedCOWArray(
+ Handle<FixedArray>::cast(elements)));
+ boilerplate_object->set_elements(*elements);
+ }
HInstruction* object_elements = NULL;
if (elements_size > 0) {
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
