Revert "[compiler] Make JSDataViewRef and JSBoundFunctionRef bg-serialized"

This reverts commit 036e578314. Reason for revert: crbug.com/1227279 Original change's description: > [compiler] Make JSDataViewRef and JSBoundFunctionRef bg-serialized > > ... but keep/make subclass-specific methods do direct reads. > > Bug: v8:7790 > Change-Id: Ia4b9d207ce75cf28f6f0f33027ab05e27db49ce9 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2959621 > Reviewed-by: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Cr-Commit-Position: refs/heads/master@{#75457} Bug: chromium:1227279, v8:7790 Change-Id: I4a77107c926ce3d99407d87a3160c2a555e6fbfe Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3013310 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Georg Neis <neis@chromium.org> Cr-Commit-Position: refs/heads/master@{#75624}
2021-07-08 06:30:50 +00:00 · 2021-07-08 06:30:50 +00:00 · 2d002e2ccd
commit 2d002e2ccd
parent 0de2f7ca39
2 changed files with 29 additions and 38 deletions
--- a/src/compiler/heap-refs.cc
+++ b/src/compiler/heap-refs.cc
@ -745,35 +745,19 @@ class ArrayBoilerplateDescriptionData : public HeapObjectData {
 class JSDataViewData : public JSObjectData {
 public:
  JSDataViewData(JSHeapBroker* broker, ObjectData** storage,
-                 Handle<JSDataView> object,
-                 ObjectDataKind kind = kSerializedHeapObject)
-      : JSObjectData(broker, storage, object, kind) {
-    if (kind == kSerializedHeapObject) {
-      DCHECK(!broker->is_concurrent_inlining());
-      byte_length_ = object->byte_length();
-    } else {
-      DCHECK_EQ(kind, kBackgroundSerializedHeapObject);
-      DCHECK(broker->is_concurrent_inlining());
-    }
-  }
+                 Handle<JSDataView> object);

-  size_t byte_length() const {
-    DCHECK_EQ(kind(), kSerializedHeapObject);
-    return byte_length_;
-  }
+  size_t byte_length() const { return byte_length_; }

 private:
-  size_t byte_length_ = 0;  // Only valid if not concurrent inlining.
+  size_t const byte_length_;
 };

 class JSBoundFunctionData : public JSObjectData {
 public:
  JSBoundFunctionData(JSHeapBroker* broker, ObjectData** storage,
-                      Handle<JSBoundFunction> object,
-                      ObjectDataKind kind = kSerializedHeapObject)
-      : JSObjectData(broker, storage, object, kind) {}
+                      Handle<JSBoundFunction> object);

-  // For main-thread serialization only.
  bool Serialize(JSHeapBroker* broker);
  bool serialized() const { return serialized_; }

@ -1719,9 +1703,17 @@ class ScriptContextTableData : public FixedArrayData {
      : FixedArrayData(broker, storage, object, kind) {}
 };

-bool JSBoundFunctionData::Serialize(JSHeapBroker* broker) {
-  DCHECK(!broker->is_concurrent_inlining());
+JSDataViewData::JSDataViewData(JSHeapBroker* broker, ObjectData** storage,
+                               Handle<JSDataView> object)
+    : JSObjectData(broker, storage, object),
+      byte_length_(object->byte_length()) {}

+JSBoundFunctionData::JSBoundFunctionData(JSHeapBroker* broker,
+                                         ObjectData** storage,
+                                         Handle<JSBoundFunction> object)
+    : JSObjectData(broker, storage, object) {}
+
+bool JSBoundFunctionData::Serialize(JSHeapBroker* broker) {
  if (serialized_) return true;
  if (broker->StackHasOverflowed()) return false;

@ -3144,13 +3136,15 @@ uint64_t HeapNumberRef::value_as_bits() const {
  return ObjectRef::data()->AsHeapNumber()->value_as_bits();
 }

-// Immutable after initialization.
+// These JSBoundFunction fields are immutable after initialization. Moreover,
+// as long as JSObjects are still serialized on the main thread, all
+// JSBoundFunctionRefs are created at a time when the underlying objects are
+// guaranteed to be fully initialized.
 BIMODAL_ACCESSOR_WITH_FLAG(JSBoundFunction, JSReceiver, bound_target_function)
 BIMODAL_ACCESSOR_WITH_FLAG(JSBoundFunction, Object, bound_this)
 BIMODAL_ACCESSOR_WITH_FLAG(JSBoundFunction, FixedArray, bound_arguments)

-// Immutable after initialization.
-BIMODAL_ACCESSOR_WITH_FLAG_C(JSDataView, size_t, byte_length)
+BIMODAL_ACCESSOR_C(JSDataView, size_t, byte_length)

 BIMODAL_ACCESSOR_C(JSFunction, bool, has_feedback_vector)
 BIMODAL_ACCESSOR_C(JSFunction, bool, has_initial_map)
@ -4109,22 +4103,12 @@ void JSFunctionRef::SerializeCodeAndFeedback() {
 }

 bool JSBoundFunctionRef::serialized() const {
-  if (data_->should_access_heap() || broker()->is_concurrent_inlining()) {
-    return true;
-  }
+  if (data_->should_access_heap()) return true;
  if (data_->AsJSBoundFunction()->serialized()) return true;
  TRACE_BROKER_MISSING(broker(), "data for JSBoundFunction " << this);
  return false;
 }

-bool JSBoundFunctionRef::Serialize() {
-  if (data_->should_access_heap() || broker()->is_concurrent_inlining()) {
-    return true;
-  }
-  CHECK_EQ(broker()->mode(), JSHeapBroker::kSerializing);
-  return data()->AsJSBoundFunction()->Serialize(broker());
-}
-
 bool JSFunctionRef::serialized() const {
  if (data_->should_access_heap()) return true;
  if (data_->AsJSFunction()->serialized()) return true;
@ -4263,6 +4247,12 @@ bool JSTypedArrayRef::serialized() const {
  return false;
 }

+bool JSBoundFunctionRef::Serialize() {
+  if (data_->should_access_heap()) return true;
+  CHECK_EQ(broker()->mode(), JSHeapBroker::kSerializing);
+  return data()->AsJSBoundFunction()->Serialize(broker());
+}
+
 bool PropertyCellRef::Serialize() const {
  if (data_->should_access_heap()) return true;
  CHECK(broker()->mode() == JSHeapBroker::kSerializing ||
--- a/src/compiler/heap-refs.h
+++ b/src/compiler/heap-refs.h
@ -81,8 +81,8 @@ enum class RefSerializationKind {
 #define HEAP_BROKER_OBJECT_LIST(V)                                        \
  /* Subtypes of JSObject */                                              \
  V(JSArray, RefSerializationKind::kBackgroundSerialized)                 \
-  V(JSBoundFunction, RefSerializationKind::kBackgroundSerialized)         \
-  V(JSDataView, RefSerializationKind::kBackgroundSerialized)              \
+  V(JSBoundFunction, RefSerializationKind::kSerialized)                   \
+  V(JSDataView, RefSerializationKind::kSerialized)                        \
  V(JSFunction, RefSerializationKind::kSerialized)                        \
  V(JSGlobalObject, RefSerializationKind::kBackgroundSerialized)          \
  V(JSGlobalProxy, RefSerializationKind::kBackgroundSerialized)           \
@ -388,6 +388,7 @@ class JSBoundFunctionRef : public JSObjectRef {
  bool Serialize();
  bool serialized() const;

+  // The following are available only after calling Serialize().
  JSReceiverRef bound_target_function() const;
  ObjectRef bound_this() const;
  FixedArrayRef bound_arguments() const;