diff options
Diffstat (limited to 'js/src/gc/Nursery.h')
-rw-r--r-- | js/src/gc/Nursery.h | 658 |
1 files changed, 658 insertions, 0 deletions
diff --git a/js/src/gc/Nursery.h b/js/src/gc/Nursery.h new file mode 100644 index 0000000000..2bab1623b0 --- /dev/null +++ b/js/src/gc/Nursery.h @@ -0,0 +1,658 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- + * vim: set ts=8 sw=2 et tw=80: + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef gc_Nursery_h +#define gc_Nursery_h + +#include "mozilla/EnumeratedArray.h" +#include "mozilla/TimeStamp.h" + +#include <tuple> + +#include "gc/GCEnum.h" +#include "gc/GCProbes.h" +#include "gc/Heap.h" +#include "gc/MallocedBlockCache.h" +#include "gc/Pretenuring.h" +#include "js/AllocPolicy.h" +#include "js/Class.h" +#include "js/GCAPI.h" +#include "js/TypeDecls.h" +#include "js/UniquePtr.h" +#include "js/Utility.h" +#include "js/Vector.h" + +#define FOR_EACH_NURSERY_PROFILE_TIME(_) \ + /* Key Header text */ \ + _(Total, "total") \ + _(TraceValues, "mkVals") \ + _(TraceCells, "mkClls") \ + _(TraceSlots, "mkSlts") \ + _(TraceWasmAnyRefs, "mkWars") \ + _(TraceWholeCells, "mcWCll") \ + _(TraceGenericEntries, "mkGnrc") \ + _(CheckHashTables, "ckTbls") \ + _(MarkRuntime, "mkRntm") \ + _(MarkDebugger, "mkDbgr") \ + _(SweepCaches, "swpCch") \ + _(CollectToObjFP, "colObj") \ + _(CollectToStrFP, "colStr") \ + _(ObjectsTenuredCallback, "tenCB") \ + _(Sweep, "sweep") \ + _(UpdateJitActivations, "updtIn") \ + _(FreeMallocedBuffers, "frSlts") \ + _(FreeTrailerBlocks, "frTrBs") \ + _(ClearNursery, "clear") \ + _(PurgeStringToAtomCache, "pStoA") \ + _(Pretenure, "pretnr") + +template <typename T> +class SharedMem; + +namespace js { + +struct StringStats; +class AutoLockGCBgAlloc; +class ObjectElements; +struct NurseryChunk; +class HeapSlot; +class JSONPrinter; +class MapObject; +class SetObject; +class JS_PUBLIC_API Sprinter; + +namespace gc { +class AutoGCSession; +struct Cell; +class GCSchedulingTunables; +class TenuringTracer; +} // namespace gc + +class Nursery { + public: + explicit Nursery(gc::GCRuntime* gc); + ~Nursery(); + + [[nodiscard]] bool init(AutoLockGCBgAlloc& lock); + + // Number of allocated (ready to use) chunks. + unsigned allocatedChunkCount() const { return chunks_.length(); } + + // Total number of chunks and the capacity of the nursery. Chunks will be + // lazilly allocated and added to the chunks array up to this limit, after + // that the nursery must be collected, this limit may be raised during + // collection. + unsigned maxChunkCount() const { + MOZ_ASSERT(capacity()); + return HowMany(capacity(), gc::ChunkSize); + } + + void enable(); + void disable(); + bool isEnabled() const { return capacity() != 0; } + + void enableStrings(); + void disableStrings(); + bool canAllocateStrings() const { return canAllocateStrings_; } + + void enableBigInts(); + void disableBigInts(); + bool canAllocateBigInts() const { return canAllocateBigInts_; } + + // Return true if no allocations have been made since the last collection. + bool isEmpty() const; + + // Check whether an arbitrary pointer is within the nursery. This is + // slower than IsInsideNursery(Cell*), but works on all types of pointers. + MOZ_ALWAYS_INLINE bool isInside(gc::Cell* cellp) const = delete; + MOZ_ALWAYS_INLINE bool isInside(const void* p) const { + for (auto* chunk : chunks_) { + if (uintptr_t(p) - uintptr_t(chunk) < gc::ChunkSize) { + return true; + } + } + return false; + } + + template <typename T> + inline bool isInside(const SharedMem<T>& p) const; + + // Allocate and return a pointer to a new GC thing. Returns nullptr if the + // Nursery is full. + void* allocateCell(gc::AllocSite* site, size_t size, JS::TraceKind kind); + + // Allocate and return a pointer to a new GC thing. Returns nullptr if the + // handleAllocationFailure() needs to be called before retrying. + inline void* tryAllocateCell(gc::AllocSite* site, size_t size, + JS::TraceKind kind); + + // Attempt to handle the failure of tryAllocate. Returns a GCReason if minor + // GC is required, or NO_REASON if the failure was handled and allocation will + // now succeed. + [[nodiscard]] JS::GCReason handleAllocationFailure(); + + static size_t nurseryCellHeaderSize() { + return sizeof(gc::NurseryCellHeader); + } + + // Allocate a buffer for a given zone, using the nursery if possible. Returns + // <buffer, isMalloced> so the caller can register the buffer if + // needed. Returns false in |isMalloced| if the allocation fails. + // + // Use the following API if the owning Cell is already known. + std::tuple<void*, bool> allocateBuffer(JS::Zone* zone, size_t nbytes, + arena_id_t arenaId); + + // Allocate a buffer for a given Cell, using the nursery if possible and + // owner is in the nursery. + void* allocateBuffer(JS::Zone* zone, gc::Cell* owner, size_t nbytes, + arena_id_t arenaId); + + // Allocate a buffer for a given Cell, always using the nursery if |owner| is + // in the nursery. The requested size must be less than or equal to + // MaxNurseryBufferSize. + void* allocateBufferSameLocation(gc::Cell* owner, size_t nbytes, + arena_id_t arenaId); + + // Allocate a zero-initialized buffer for a given zone, using the nursery if + // possible. If the buffer isn't allocated in the nursery, the given arena is + // used. Returns <buffer, isMalloced>. Returns false in |isMalloced| if the + // allocation fails. + std::tuple<void*, bool> allocateZeroedBuffer(JS::Zone* zone, size_t nbytes, + arena_id_t arena); + + // Allocate a zero-initialized buffer for a given Cell, using the nursery if + // possible and |owner| is in the nursery. If the buffer isn't allocated in + // the nursery, the given arena is used. + void* allocateZeroedBuffer(gc::Cell* owner, size_t nbytes, arena_id_t arena); + + // Resize an existing buffer. + void* reallocateBuffer(JS::Zone* zone, gc::Cell* cell, void* oldBuffer, + size_t oldBytes, size_t newBytes, arena_id_t arena); + + // Free an object buffer. + void freeBuffer(void* buffer, size_t nbytes); + + // The maximum number of bytes allowed to reside in nursery buffers. + static const size_t MaxNurseryBufferSize = 1024; + + // Do a minor collection. + void collect(JS::GCOptions options, JS::GCReason reason); + + // If the thing at |*ref| in the Nursery has been forwarded, set |*ref| to + // the new location and return true. Otherwise return false and leave + // |*ref| unset. + [[nodiscard]] MOZ_ALWAYS_INLINE static bool getForwardedPointer( + js::gc::Cell** ref); + + // Forward a slots/elements pointer stored in an Ion frame. + void forwardBufferPointer(uintptr_t* pSlotsElems); + + inline void maybeSetForwardingPointer(JSTracer* trc, void* oldData, + void* newData, bool direct); + inline void setForwardingPointerWhileTenuring(void* oldData, void* newData, + bool direct); + + // Handle an external buffer when a cell is promoted. Updates the pointer to + // the (possibly moved) buffer and returns whether it was moved. + enum WasBufferMoved : bool { BufferNotMoved = false, BufferMoved = true }; + WasBufferMoved maybeMoveRawBufferOnPromotion(void** bufferp, gc::Cell* owner, + size_t nbytes, MemoryUse use, + arena_id_t arena); + template <typename T> + WasBufferMoved maybeMoveBufferOnPromotion(T** bufferp, gc::Cell* owner, + size_t nbytes, MemoryUse use, + arena_id_t arena) { + return maybeMoveRawBufferOnPromotion(reinterpret_cast<void**>(bufferp), + owner, nbytes, use, arena); + } + template <typename T> + WasBufferMoved maybeMoveBufferOnPromotion(T** bufferp, gc::Cell* owner, + size_t nbytes, MemoryUse use) { + return maybeMoveBufferOnPromotion(bufferp, owner, nbytes, use, MallocArena); + } + + // Register a malloced buffer that is held by a nursery object, which + // should be freed at the end of a minor GC. Buffers are unregistered when + // their owning objects are tenured. + [[nodiscard]] bool registerMallocedBuffer(void* buffer, size_t nbytes); + + // Mark a malloced buffer as no longer needing to be freed. + void removeMallocedBuffer(void* buffer, size_t nbytes) { + MOZ_ASSERT(mallocedBuffers.has(buffer)); + MOZ_ASSERT(nbytes > 0); + MOZ_ASSERT(mallocedBufferBytes >= nbytes); + mallocedBuffers.remove(buffer); + mallocedBufferBytes -= nbytes; + } + + // Mark a malloced buffer as no longer needing to be freed during minor + // GC. There's no need to account for the size here since all remaining + // buffers will soon be freed. + void removeMallocedBufferDuringMinorGC(void* buffer) { + MOZ_ASSERT(JS::RuntimeHeapIsMinorCollecting()); + MOZ_ASSERT(mallocedBuffers.has(buffer)); + mallocedBuffers.remove(buffer); + } + + [[nodiscard]] bool addedUniqueIdToCell(gc::Cell* cell) { + MOZ_ASSERT(IsInsideNursery(cell)); + MOZ_ASSERT(isEnabled()); + return cellsWithUid_.append(cell); + } + + size_t sizeOfMallocedBuffers(mozilla::MallocSizeOf mallocSizeOf) const; + + // Wasm "trailer" (C++-heap-allocated) blocks. + // + // All involved blocks are allocated/deallocated via this nursery's + // `mallocedBlockCache_`. Hence we must store both the block address and + // its freelist ID, wrapped up in a PointerAndUint7. + // + // Trailer blocks registered here are added to `trailersAdded_`. Those that + // are later deregistered as a result of `obj_moved` calls that indicate + // tenuring, should be added to `trailersRemoved_`. + // + // Unfortunately ::unregisterTrailer cannot be allowed to OOM. To get + // around this we rely on the observation that all deregistered blocks + // should previously have been registered, so the deregistered set can never + // be larger than the registered set. Hence ::registerTrailer effectively + // preallocates space in `trailersRemoved_` so as to ensure that, in the + // worst case, all registered blocks can be handed to ::unregisterTrailer + // without needing to resize `trailersRemoved_` in ::unregisterTrailer. + // + // The downside is that most of the space in `trailersRemoved_` is wasted in + // the case where there are few blocks deregistered. This is unfortunate + // but it's hard to see how to avoid it. + // + // At the end of a minor collection, all blocks in the set `trailersAdded_ - + // trailersRemoved_[0 .. trailersRemovedUsed_ - 1]` are handed back to the + // `mallocedBlockCache_`. + [[nodiscard]] inline bool registerTrailer(PointerAndUint7 blockAndListID, + size_t nBytes); + inline void unregisterTrailer(void* block); + size_t sizeOfTrailerBlockSets(mozilla::MallocSizeOf mallocSizeOf) const; + + size_t capacity() const { return capacity_; } + size_t committed() const { + return std::min(capacity_, allocatedChunkCount() * gc::ChunkSize); + } + + // Used and free space both include chunk headers for that part of the + // nursery. + // + // usedSpace() + freeSpace() == capacity() + // + MOZ_ALWAYS_INLINE size_t usedSpace() const { + return capacity() - freeSpace(); + } + MOZ_ALWAYS_INLINE size_t freeSpace() const { + MOZ_ASSERT(isEnabled()); + MOZ_ASSERT(currentEnd_ - position_ <= NurseryChunkUsableSize); + MOZ_ASSERT(currentChunk_ < maxChunkCount()); + return (currentEnd_ - position_) + + (maxChunkCount() - currentChunk_ - 1) * gc::ChunkSize; + } + +#ifdef JS_GC_ZEAL + void enterZealMode(); + void leaveZealMode(); +#endif + + // Write profile time JSON on JSONPrinter. + void renderProfileJSON(JSONPrinter& json) const; + + // Print header line for profile times. + void printProfileHeader(); + + // Print total profile times on shutdown. + void printTotalProfileTimes(); + + void* addressOfPosition() const { return (void**)&position_; } + static constexpr int32_t offsetOfCurrentEndFromPosition() { + return offsetof(Nursery, currentEnd_) - offsetof(Nursery, position_); + } + + void* addressOfNurseryAllocatedSites() { + return pretenuringNursery.addressOfAllocatedSites(); + } + + void requestMinorGC(JS::GCReason reason); + + bool minorGCRequested() const { + return minorGCTriggerReason_ != JS::GCReason::NO_REASON; + } + JS::GCReason minorGCTriggerReason() const { return minorGCTriggerReason_; } + + bool shouldCollect() const; + bool isNearlyFull() const; + bool isUnderused() const; + + bool enableProfiling() const { return enableProfiling_; } + + bool addMapWithNurseryMemory(MapObject* obj) { + MOZ_ASSERT_IF(!mapsWithNurseryMemory_.empty(), + mapsWithNurseryMemory_.back() != obj); + return mapsWithNurseryMemory_.append(obj); + } + bool addSetWithNurseryMemory(SetObject* obj) { + MOZ_ASSERT_IF(!setsWithNurseryMemory_.empty(), + setsWithNurseryMemory_.back() != obj); + return setsWithNurseryMemory_.append(obj); + } + + // The amount of space in the mapped nursery available to allocations. + static const size_t NurseryChunkUsableSize = + gc::ChunkSize - sizeof(gc::ChunkBase); + + void joinDecommitTask(); + + mozilla::TimeStamp collectionStartTime() { + return startTimes_[ProfileKey::Total]; + } + + bool canCreateAllocSite() { return pretenuringNursery.canCreateAllocSite(); } + void noteAllocSiteCreated() { pretenuringNursery.noteAllocSiteCreated(); } + bool reportPretenuring() const { return reportPretenuring_; } + void maybeStopPretenuring(gc::GCRuntime* gc) { + pretenuringNursery.maybeStopPretenuring(gc); + } + + void setAllocFlagsForZone(JS::Zone* zone); + + // Round a size in bytes to the nearest valid nursery size. + static size_t roundSize(size_t size); + + // The malloc'd block cache. + gc::MallocedBlockCache& mallocedBlockCache() { return mallocedBlockCache_; } + size_t sizeOfMallocedBlockCache(mozilla::MallocSizeOf mallocSizeOf) const { + return mallocedBlockCache_.sizeOfExcludingThis(mallocSizeOf); + } + + mozilla::TimeStamp lastCollectionEndTime() const; + + private: + enum class ProfileKey { +#define DEFINE_TIME_KEY(name, text) name, + FOR_EACH_NURSERY_PROFILE_TIME(DEFINE_TIME_KEY) +#undef DEFINE_TIME_KEY + KeyCount + }; + + using ProfileTimes = + mozilla::EnumeratedArray<ProfileKey, ProfileKey::KeyCount, + mozilla::TimeStamp>; + using ProfileDurations = + mozilla::EnumeratedArray<ProfileKey, ProfileKey::KeyCount, + mozilla::TimeDuration>; + + // Calculate the promotion rate of the most recent minor GC. + // The valid_for_tenuring parameter is used to return whether this + // promotion rate is accurate enough (the nursery was full enough) to be + // used for tenuring and other decisions. + // + // Must only be called if the previousGC data is initialised. + double calcPromotionRate(bool* validForTenuring) const; + + void freeTrailerBlocks(); + + NurseryChunk& chunk(unsigned index) const { return *chunks_[index]; } + + // Set the allocation position to the start of a chunk. This sets + // currentChunk_, position_ and currentEnd_ values as appropriate. + void moveToStartOfChunk(unsigned chunkno); + + bool initFirstChunk(AutoLockGCBgAlloc& lock); + + // extent is advisory, it will be ignored in sub-chunk and generational zeal + // modes. It will be clamped to Min(NurseryChunkUsableSize, capacity_). + void poisonAndInitCurrentChunk(size_t extent = gc::ChunkSize); + + void setCurrentEnd(); + void setStartToCurrentPosition(); + + // Allocate the next chunk, or the first chunk for initialization. + // Callers will probably want to call moveToStartOfChunk(0) next. + [[nodiscard]] bool allocateNextChunk(unsigned chunkno, + AutoLockGCBgAlloc& lock); + + uintptr_t currentEnd() const { return currentEnd_; } + + uintptr_t position() const { return position_; } + + MOZ_ALWAYS_INLINE bool isSubChunkMode() const; + + JSRuntime* runtime() const; + gcstats::Statistics& stats() const; + + const js::gc::GCSchedulingTunables& tunables() const; + + void getAllocFlagsForZone(JS::Zone* zone, bool* allocObjectsOut, + bool* allocStringsOut, bool* allocBigIntsOut); + void updateAllZoneAllocFlags(); + void updateAllocFlagsForZone(JS::Zone* zone); + void discardCodeAndSetJitFlagsForZone(JS::Zone* zone); + + void* allocate(size_t size); + + // Common internal allocator function. If this fails, call + // handleAllocationFailure to see whether it's possible to retry. + inline void* tryAllocate(size_t size); + + [[nodiscard]] bool moveToNextChunk(); + + struct CollectionResult { + size_t tenuredBytes; + size_t tenuredCells; + }; + CollectionResult doCollection(gc::AutoGCSession& session, + JS::GCOptions options, JS::GCReason reason); + void traceRoots(gc::AutoGCSession& session, gc::TenuringTracer& mover); + + size_t doPretenuring(JSRuntime* rt, JS::GCReason reason, + bool validPromotionRate, double promotionRate); + + // Handle relocation of slots/elements pointers stored in Ion frames. + inline void setForwardingPointer(void* oldData, void* newData, bool direct); + + inline void setDirectForwardingPointer(void* oldData, void* newData); + void setIndirectForwardingPointer(void* oldData, void* newData); + + inline void setSlotsForwardingPointer(HeapSlot* oldSlots, HeapSlot* newSlots, + uint32_t nslots); + inline void setElementsForwardingPointer(ObjectElements* oldHeader, + ObjectElements* newHeader, + uint32_t capacity); + +#ifdef DEBUG + bool checkForwardingPointerLocation(void* ptr, bool expectedInside); +#endif + + // Updates pointers to nursery objects that have been tenured and discards + // pointers to objects that have been freed. + void sweep(); + + // Reset the current chunk and position after a minor collection. Also poison + // the nursery on debug & nightly builds. + void clear(); + + void sweepMapAndSetObjects(); + + // Allocate a buffer for a given zone, using the nursery if possible. + void* allocateBuffer(JS::Zone* zone, size_t nbytes); + + // Change the allocable space provided by the nursery. + void maybeResizeNursery(JS::GCOptions options, JS::GCReason reason); + size_t targetSize(JS::GCOptions options, JS::GCReason reason); + void clearRecentGrowthData(); + void growAllocableSpace(size_t newCapacity); + void shrinkAllocableSpace(size_t newCapacity); + void minimizeAllocableSpace(); + + // Free the chunks starting at firstFreeChunk until the end of the chunks + // vector. Shrinks the vector but does not update maxChunkCount(). + void freeChunksFrom(unsigned firstFreeChunk); + + void sendTelemetry(JS::GCReason reason, mozilla::TimeDuration totalTime, + bool wasEmpty, double promotionRate, + size_t sitesPretenured); + + void printCollectionProfile(JS::GCReason reason, double promotionRate); + void printDeduplicationData(js::StringStats& prev, js::StringStats& curr); + + // Profile recording and printing. + void maybeClearProfileDurations(); + void startProfile(ProfileKey key); + void endProfile(ProfileKey key); + static void printProfileDurations(const ProfileDurations& times, + Sprinter& sprinter); + + mozilla::TimeStamp collectionStartTime() const; + + private: + // Fields used during allocation fast path are grouped first: + + // Pointer to the first unallocated byte in the nursery. + uintptr_t position_; + + // Pointer to the last byte of space in the current chunk. + uintptr_t currentEnd_; + + // Other fields not necessarily used during allocation follow: + + gc::GCRuntime* const gc; + + // Vector of allocated chunks to allocate from. + Vector<NurseryChunk*, 0, SystemAllocPolicy> chunks_; + + // The index of the chunk that is currently being allocated from. + uint32_t currentChunk_; + + // These fields refer to the beginning of the nursery. They're normally 0 + // and chunk(0).start() respectively. Except when a generational GC zeal + // mode is active, then they may be arbitrary (see Nursery::clear()). + uint32_t startChunk_; + uintptr_t startPosition_; + + // The current nursery capacity measured in bytes. It may grow up to this + // value without a collection, allocating chunks on demand. This limit may be + // changed by maybeResizeNursery() each collection. It includes chunk headers. + size_t capacity_; + + gc::PretenuringNursery pretenuringNursery; + + mozilla::TimeDuration timeInChunkAlloc_; + + // Report minor collections taking at least this long, if enabled. + bool enableProfiling_ = false; + bool profileWorkers_ = false; + + mozilla::TimeDuration profileThreshold_; + + // Whether we will nursery-allocate strings. + bool canAllocateStrings_; + + // Whether we will nursery-allocate BigInts. + bool canAllocateBigInts_; + + // Report how many strings were deduplicated. + bool reportDeduplications_; + + // Whether to report information on pretenuring, and if so the allocation + // threshold at which to report details of each allocation site. + bool reportPretenuring_; + size_t reportPretenuringThreshold_; + + // Whether and why a collection of this nursery has been requested. When this + // happens |prevPosition_| is set to the current position and |position_| set + // to the end of the chunk to force the next allocation to fail. + JS::GCReason minorGCTriggerReason_; + uintptr_t prevPosition_; + + // Profiling data. + + ProfileTimes startTimes_; + ProfileDurations profileDurations_; + ProfileDurations totalDurations_; + + // Data about the previous collection. + struct PreviousGC { + JS::GCReason reason = JS::GCReason::NO_REASON; + size_t nurseryCapacity = 0; + size_t nurseryCommitted = 0; + size_t nurseryUsedBytes = 0; + size_t nurseryUsedChunkCount = 0; + size_t tenuredBytes = 0; + size_t tenuredCells = 0; + mozilla::TimeStamp endTime; + }; + PreviousGC previousGC; + + bool hasRecentGrowthData; + double smoothedTargetSize; + + // The set of externally malloced buffers potentially kept live by objects + // stored in the nursery. Any external buffers that do not belong to a + // tenured thing at the end of a minor GC must be freed. + using BufferRelocationOverlay = void*; + using BufferSet = HashSet<void*, PointerHasher<void*>, SystemAllocPolicy>; + BufferSet mallocedBuffers; + size_t mallocedBufferBytes = 0; + + // Wasm "trailer" (C++-heap-allocated) blocks. See comments above on + // ::registerTrailer and ::unregisterTrailer. + Vector<PointerAndUint7, 0, SystemAllocPolicy> trailersAdded_; + Vector<void*, 0, SystemAllocPolicy> trailersRemoved_; + size_t trailersRemovedUsed_ = 0; + size_t trailerBytes_ = 0; + + // During a collection most hoisted slot and element buffers indicate their + // new location with a forwarding pointer at the base. This does not work + // for buffers whose length is less than pointer width, or when different + // buffers might overlap each other. For these, an entry in the following + // table is used. + using ForwardedBufferMap = + HashMap<void*, void*, PointerHasher<void*>, SystemAllocPolicy>; + ForwardedBufferMap forwardedBuffers; + + // When we assign a unique id to cell in the nursery, that almost always + // means that the cell will be in a hash table, and thus, held live, + // automatically moving the uid from the nursery to its new home in + // tenured. It is possible, if rare, for an object that acquired a uid to + // be dead before the next collection, in which case we need to know to + // remove it when we sweep. + // + // Note: we store the pointers as Cell* here, resulting in an ugly cast in + // sweep. This is because this structure is used to help implement + // stable object hashing and we have to break the cycle somehow. + using CellsWithUniqueIdVector = Vector<gc::Cell*, 8, SystemAllocPolicy>; + CellsWithUniqueIdVector cellsWithUid_; + + // Lists of map and set objects allocated in the nursery or with iterators + // allocated there. Such objects need to be swept after minor GC. + Vector<MapObject*, 0, SystemAllocPolicy> mapsWithNurseryMemory_; + Vector<SetObject*, 0, SystemAllocPolicy> setsWithNurseryMemory_; + + UniquePtr<NurseryDecommitTask> decommitTask; + + // A cache of small C++-heap allocated blocks associated with this Nursery. + // This provided so as to provide cheap allocation/deallocation of + // out-of-line storage areas as used by WasmStructObject and + // WasmArrayObject, although the mechanism is general and not specific to + // these object types. Regarding lifetimes, because the cache holds only + // blocks that are not currently in use, it can be flushed at any point with + // no correctness impact, only a performance impact. + gc::MallocedBlockCache mallocedBlockCache_; + + friend class gc::GCRuntime; + friend class gc::TenuringTracer; + friend struct NurseryChunk; +}; + +} // namespace js + +#endif // gc_Nursery_h |