Pass the pointer of owning object in GCPointer::set() part I

Differential Revision: D62222257

Author: lavenzg

include/hermes/VM/GCPointer-inline.h

@@ -32,19 +32,29 @@ GCPointerBase::GCPointerBase(
   }
 }
 
-inline void GCPointerBase::set(PointerBase &base, GCCell *ptr, GC &gc) {
+inline void GCPointerBase::set(
+    PointerBase &base,
+    GCCell *ptr,
+    GC &gc,
+    const GCCell *owningObj) {
   assert(
       (!ptr || gc.validPointer(ptr)) &&
       "Cannot set a GCPointer to an invalid pointer");
   // Write barrier must happen before the write.
+  (void)owningObj;
   gc.writeBarrier(this, ptr);
   setNoBarrier(CompressedPointer::encode(ptr, base));
 }
 
-inline void GCPointerBase::setNonNull(PointerBase &base, GCCell *ptr, GC &gc) {
+inline void GCPointerBase::setNonNull(
+    PointerBase &base,
+    GCCell *ptr,
+    GC &gc,
+    const GCCell *owningObj) {
   assert(
       gc.validPointer(ptr) && "Cannot set a GCPointer to an invalid pointer");
   // Write barrier must happen before the write.
+  (void)owningObj;
   gc.writeBarrier(this, ptr);
   setNoBarrier(CompressedPointer::encodeNonNull(ptr, base));
 }

include/hermes/VM/GCPointer.h

@@ -38,9 +38,12 @@ class GCPointerBase : public CompressedPointer {
   /// \param ptr The memory being pointed to.
   /// \param base The base of ptr.
   /// \param gc Used for write barriers.
-  inline void set(PointerBase &base, GCCell *ptr, GC &gc);
+  /// \param owningObj The object that contains this GCPointer.
+  inline void
+  set(PointerBase &base, GCCell *ptr, GC &gc, const GCCell *owningObj);
   inline void set(PointerBase &base, CompressedPointer ptr, GC &gc);
-  inline void setNonNull(PointerBase &base, GCCell *ptr, GC &gc);
+  inline void
+  setNonNull(PointerBase &base, GCCell *ptr, GC &gc, const GCCell *owningObj);
 
   /// Set this pointer to null. This needs a write barrier in some types of
   /// garbage collectors.
@@ -90,11 +93,12 @@ class GCPointer : public GCPointerBase {
   /// \param base The base of ptr.
   /// \param ptr The memory being pointed to.
   /// \param gc Used for write barriers.
-  void set(PointerBase &base, T *ptr, GC &gc) {
-    GCPointerBase::set(base, ptr, gc);
+  /// \param owningObj The object that contains this GCPointer.
+  void set(PointerBase &base, T *ptr, GC &gc, const GCCell *owningObj) {
+    GCPointerBase::set(base, ptr, gc, owningObj);
   }
-  void setNonNull(PointerBase &base, T *ptr, GC &gc) {
-    GCPointerBase::setNonNull(base, ptr, gc);
+  void setNonNull(PointerBase &base, T *ptr, GC &gc, const GCCell *owningObj) {
+    GCPointerBase::setNonNull(base, ptr, gc, owningObj);
   }
 
   /// Convenience overload of GCPointer::set for other GCPointers.

include/hermes/VM/HiddenClass.h

@@ -326,7 +326,7 @@ class HiddenClass final : public GCCell {
   }
 
   void setForInCache(BigStorage *arr, Runtime &runtime) {
-    forInCache_.set(runtime, arr, runtime.getHeap());
+    forInCache_.set(runtime, arr, runtime.getHeap(), this);
   }
 
   void clearForInCache(Runtime &runtime) {

include/hermes/VM/JSArray.h

@@ -121,7 +121,7 @@ class ArrayImpl : public JSObject {
   /// Set the indexed storage of this array to be \p p. The pointer is allowed
   /// to be null.
   void setIndexedStorage(PointerBase &base, StorageType *p, GC &gc) {
-    indexedStorage_.set(base, p, gc);
+    indexedStorage_.set(base, p, gc, this);
   }
 
   /// @}

include/hermes/VM/JSDataView.h

@@ -92,7 +92,7 @@ class JSDataView final : public JSObject {
     assert(
         offset + length <= buffer->size() &&
         "A DataView cannot be looking outside of the storage");
-    buffer_.setNonNull(runtime, buffer, runtime.getHeap());
+    buffer_.setNonNull(runtime, buffer, runtime.getHeap(), this);
     offset_ = offset;
     length_ = length;
   }

include/hermes/VM/JSMapImpl.h

@@ -146,7 +146,7 @@ class JSMapIteratorImpl final : public JSObject {
       Runtime &runtime,
       Handle<JSMapImpl<JSMapTypeTraits<C>::ContainerKind>> data,
       IterationKind kind) {
-    data_.set(runtime, data.get(), runtime.getHeap());
+    data_.set(runtime, data.get(), runtime.getHeap(), this);
     iterationKind_ = kind;
 
     assert(data_ && "Invalid storage data");
@@ -172,7 +172,8 @@ class JSMapIteratorImpl final : public JSObject {
           runtime,
           self->data_.getNonNull(runtime)->iteratorNext(
               runtime, self->itr_.get(runtime)),
-          runtime.getHeap());
+          runtime.getHeap(),
+          *self);
       if (self->itr_) {
         switch (self->iterationKind_) {
           case IterationKind::Key:

include/hermes/VM/JSObject.h

@@ -509,7 +509,7 @@ class JSObject : public GCCell {
   /// cycle checking.
   static void
   unsafeSetParentInternal(JSObject *self, Runtime &runtime, JSObject *parent) {
-    self->parent_.set(runtime, parent, runtime.getHeap());
+    self->parent_.set(runtime, parent, runtime.getHeap(), self);
   }
 
   /// Return the value of an internal property slot. Use getDirectSlotValue if
@@ -1686,7 +1686,7 @@ inline ExecutionStatus JSObject::allocatePropStorage(
     return ExecutionStatus::EXCEPTION;
 
   selfHandle->propStorage_.setNonNull(
-      runtime, vmcast<PropStorage>(*res), runtime.getHeap());
+      runtime, vmcast<PropStorage>(*res), runtime.getHeap(), *selfHandle);
   return ExecutionStatus::RETURNED;
 }
 

include/hermes/VM/OrderedHashMap.h

@@ -207,7 +207,7 @@ class OrderedHashMapBase {
       return ExecutionStatus::EXCEPTION;
     }
 
-    self->hashTable_.set(runtime, arrRes->get(), runtime.getHeap());
+    self->hashTable_.set(runtime, arrRes->get(), runtime.getHeap(), *self);
     return ExecutionStatus::RETURNED;
   }
 

lib/VM/Domain.cpp

@@ -167,7 +167,7 @@ ExecutionStatus Domain::importCJSModuleTable(
       return ExecutionStatus::EXCEPTION;
     }
 
-    self->throwingRequire_.set(runtime, *requireFn, runtime.getHeap());
+    self->throwingRequire_.set(runtime, *requireFn, runtime.getHeap(), *self);
   } else {
     cjsModules = self->cjsModules_.get(runtime);
   }
@@ -308,7 +308,7 @@ ExecutionStatus Domain::importCJSModuleTable(
     }
   }
 
-  self->cjsModules_.set(runtime, cjsModules.get(), runtime.getHeap());
+  self->cjsModules_.set(runtime, cjsModules.get(), runtime.getHeap(), *self);
   return ExecutionStatus::RETURNED;
 }
 
@@ -343,8 +343,8 @@ Handle<RequireContext> RequireContext::create(
       runtime.getHiddenClassForPrototype(
           *objProto, numOverlapSlots<RequireContext>()));
   auto self = JSObjectInit::initToHandle(runtime, cell);
-  self->domain_.set(runtime, *domain, runtime.getHeap());
-  self->dirname_.set(runtime, *dirname, runtime.getHeap());
+  self->domain_.set(runtime, *domain, runtime.getHeap(), *self);
+  self->dirname_.set(runtime, *dirname, runtime.getHeap(), *self);
   return self;
 }
 

lib/VM/DummyObject.cpp

@@ -53,7 +53,7 @@ void DummyObject::releaseExtMem(GC &gc) {
 }
 
 void DummyObject::setPointer(GC &gc, DummyObject *obj) {
-  other.set(gc.getPointerBase(), obj, gc);
+  other.set(gc.getPointerBase(), obj, gc, this);
 }
 
 /* static */ constexpr CellKind DummyObject::getCellKind() {

lib/VM/FastArray.cpp

@@ -101,7 +101,7 @@ CallResult<Handle<FastArray>> FastArray::create(
     return ExecutionStatus::EXCEPTION;
 
   self->indexedStorage_.setNonNull(
-      runtime, vmcast<ArrayStorageSmall>(*arrRes), runtime.getHeap());
+      runtime, vmcast<ArrayStorageSmall>(*arrRes), runtime.getHeap(), *self);
 
   auto shv = SmallHermesValue::encodeNumberValue(0, runtime);
   self->setLength(runtime, shv);
@@ -119,7 +119,7 @@ FastArray::pushSlow(Handle<FastArray> self, Runtime &runtime, Handle<> val) {
           ExecutionStatus::EXCEPTION))
     return ExecutionStatus::EXCEPTION;
 
-  self->indexedStorage_.setNonNull(runtime, *storage, runtime.getHeap());
+  self->indexedStorage_.setNonNull(runtime, *storage, runtime.getHeap(), *self);
   auto newSz = SmallHermesValue::encodeNumberValue(storage->size(), runtime);
   self->setLength(runtime, newSz);
   return ExecutionStatus::RETURNED;
@@ -138,7 +138,7 @@ ExecutionStatus FastArray::appendSlow(
           ArrayStorageSmall::append(storage, runtime, otherStorage) ==
           ExecutionStatus::EXCEPTION))
     return ExecutionStatus::EXCEPTION;
-  self->indexedStorage_.setNonNull(runtime, *storage, runtime.getHeap());
+  self->indexedStorage_.setNonNull(runtime, *storage, runtime.getHeap(), *self);
   auto newSz = SmallHermesValue::encodeNumberValue(storage->size(), runtime);
   self->setLength(runtime, newSz);
   return ExecutionStatus::RETURNED;

lib/VM/HiddenClass.cpp

@@ -826,7 +826,8 @@ ExecutionStatus HiddenClass::addToPropertyMap(
     return ExecutionStatus::EXCEPTION;
   }
 
-  selfHandle->propertyMap_.setNonNull(runtime, *updatedMap, runtime.getHeap());
+  selfHandle->propertyMap_.setNonNull(
+      runtime, *updatedMap, runtime.getHeap(), *selfHandle);
   return ExecutionStatus::RETURNED;
 }
 
@@ -889,7 +890,8 @@ void HiddenClass::initializeMissingPropertyMap(
       inserted->first->slot = slotIndex++;
   }
 
-  selfHandle->propertyMap_.setNonNull(runtime, *mapHandle, runtime.getHeap());
+  selfHandle->propertyMap_.setNonNull(
+      runtime, *mapHandle, runtime.getHeap(), *selfHandle);
 }
 
 void HiddenClass::stealPropertyMapFromParent(

lib/VM/JSCallableProxy.cpp

@@ -65,8 +65,8 @@ void JSCallableProxy::setTargetAndHandler(
     Runtime &runtime,
     Handle<JSObject> target,
     Handle<JSObject> handler) {
-  slots_.target.set(runtime, target.get(), runtime.getHeap());
-  slots_.handler.set(runtime, handler.get(), runtime.getHeap());
+  slots_.target.set(runtime, target.get(), runtime.getHeap(), this);
+  slots_.handler.set(runtime, handler.get(), runtime.getHeap(), this);
 }
 
 CallResult<bool> JSCallableProxy::isConstructor(Runtime &runtime) {

lib/VM/JSError.cpp

@@ -507,7 +507,8 @@ ExecutionStatus JSError::recordStackTrace(
       }
     }
   }
-  selfHandle->domains_.set(runtime, domains.get(), runtime.getHeap());
+  selfHandle->domains_.set(
+      runtime, domains.get(), runtime.getHeap(), *selfHandle);
 
   // Remove the last entry.
   stack->pop_back();
@@ -521,7 +522,8 @@ ExecutionStatus JSError::recordStackTrace(
       "Function names and stack trace must have same size.");
 
   selfHandle->stacktrace_ = std::move(stack);
-  selfHandle->funcNames_.set(runtime, *funcNames, runtime.getHeap());
+  selfHandle->funcNames_.set(
+      runtime, *funcNames, runtime.getHeap(), *selfHandle);
   return ExecutionStatus::RETURNED;
 }
 

lib/VM/JSGeneratorObject.cpp

@@ -43,7 +43,7 @@ CallResult<PseudoHandle<JSGeneratorObject>> JSGeneratorObject::create(
       parentHandle,
       runtime.getHiddenClassForPrototype(
           *parentHandle, numOverlapSlots<JSGeneratorObject>()));
-  cell->innerFunction_.set(runtime, *innerFunction, runtime.getHeap());
+  cell->innerFunction_.set(runtime, *innerFunction, runtime.getHeap(), cell);
   return JSObjectInit::initToPseudoHandle(runtime, cell);
 }
 

lib/VM/JSObject.cpp

@@ -101,7 +101,7 @@ PseudoHandle<JSObject> JSObject::create(
     Runtime &runtime,
     Handle<HiddenClass> clazz) {
   auto obj = JSObject::create(runtime, clazz->getNumProperties());
-  obj->clazz_.setNonNull(runtime, *clazz, runtime.getHeap());
+  obj->clazz_.setNonNull(runtime, *clazz, runtime.getHeap(), obj.get());
   // If the hidden class has index like property, we need to clear the fast path
   // flag.
   if (LLVM_UNLIKELY(
@@ -115,7 +115,7 @@ PseudoHandle<JSObject> JSObject::create(
     Handle<JSObject> parentHandle,
     Handle<HiddenClass> clazz) {
   PseudoHandle<JSObject> obj = JSObject::create(runtime, clazz);
-  obj->parent_.set(runtime, parentHandle.get(), runtime.getHeap());
+  obj->parent_.set(runtime, parentHandle.get(), runtime.getHeap(), obj.get());
   return obj;
 }
 
@@ -224,7 +224,7 @@ CallResult<bool> JSObject::setParent(
     }
   }
   // 9.
-  self->parent_.set(runtime, parent, runtime.getHeap());
+  self->parent_.set(runtime, parent, runtime.getHeap(), self);
   // 10.
   return true;
 }
@@ -252,7 +252,7 @@ void JSObject::allocateNewSlotStorage(
     auto arrRes = runtime.ignoreAllocationFailure(
         PropStorage::create(runtime, DEFAULT_PROPERTY_CAPACITY));
     selfHandle->propStorage_.setNonNull(
-        runtime, vmcast<PropStorage>(arrRes), runtime.getHeap());
+        runtime, vmcast<PropStorage>(arrRes), runtime.getHeap(), *selfHandle);
   } else if (LLVM_UNLIKELY(
                  newSlotIndex >=
                  selfHandle->propStorage_.getNonNull(runtime)->capacity())) {
@@ -262,7 +262,8 @@ void JSObject::allocateNewSlotStorage(
         "allocated slot must be at end");
     auto hnd = runtime.makeMutableHandle(selfHandle->propStorage_);
     PropStorage::resize(hnd, runtime, newSlotIndex + 1);
-    selfHandle->propStorage_.setNonNull(runtime, *hnd, runtime.getHeap());
+    selfHandle->propStorage_.setNonNull(
+        runtime, *hnd, runtime.getHeap(), *selfHandle);
   }
 
   {
@@ -1924,7 +1925,8 @@ CallResult<bool> JSObject::deleteNamed(
   // Perform the actual deletion.
   auto newClazz = HiddenClass::deleteProperty(
       runtime.makeHandle(selfHandle->clazz_), runtime, *pos);
-  selfHandle->clazz_.setNonNull(runtime, *newClazz, runtime.getHeap());
+  selfHandle->clazz_.setNonNull(
+      runtime, *newClazz, runtime.getHeap(), *selfHandle);
 
   return true;
 }
@@ -2024,7 +2026,8 @@ CallResult<bool> JSObject::deleteComputed(
     // Remove the property descriptor.
     auto newClazz = HiddenClass::deleteProperty(
         runtime.makeHandle(selfHandle->clazz_), runtime, *pos);
-    selfHandle->clazz_.setNonNull(runtime, *newClazz, runtime.getHeap());
+    selfHandle->clazz_.setNonNull(
+        runtime, *newClazz, runtime.getHeap(), *selfHandle);
   } else if (LLVM_UNLIKELY(selfHandle->flags_.proxyObject)) {
     CallResult<Handle<>> key = toPropertyKey(runtime, nameValPrimitiveHandle);
     if (key == ExecutionStatus::EXCEPTION)
@@ -2613,7 +2616,8 @@ ExecutionStatus JSObject::seal(Handle<JSObject> selfHandle, Runtime &runtime) {
 
   auto newClazz = HiddenClass::makeAllNonConfigurable(
       runtime.makeHandle(selfHandle->clazz_), runtime);
-  selfHandle->clazz_.setNonNull(runtime, *newClazz, runtime.getHeap());
+  selfHandle->clazz_.setNonNull(
+      runtime, *newClazz, runtime.getHeap(), *selfHandle);
 
   selfHandle->flags_.sealed = true;
 
@@ -2638,7 +2642,8 @@ ExecutionStatus JSObject::freeze(
 
   auto newClazz = HiddenClass::makeAllReadOnly(
       runtime.makeHandle(selfHandle->clazz_), runtime);
-  selfHandle->clazz_.setNonNull(runtime, *newClazz, runtime.getHeap());
+  selfHandle->clazz_.setNonNull(
+      runtime, *newClazz, runtime.getHeap(), *selfHandle);
 
   selfHandle->flags_.frozen = true;
   selfHandle->flags_.sealed = true;
@@ -2658,7 +2663,8 @@ void JSObject::updatePropertyFlagsWithoutTransitions(
       flagsToClear,
       flagsToSet,
       props);
-  selfHandle->clazz_.setNonNull(runtime, *newClazz, runtime.getHeap());
+  selfHandle->clazz_.setNonNull(
+      runtime, *newClazz, runtime.getHeap(), *selfHandle);
 }
 
 CallResult<bool> JSObject::isExtensible(
@@ -2783,7 +2789,8 @@ ExecutionStatus JSObject::addOwnPropertyImpl(
   if (LLVM_UNLIKELY(addResult == ExecutionStatus::EXCEPTION)) {
     return ExecutionStatus::EXCEPTION;
   }
-  selfHandle->clazz_.setNonNull(runtime, *addResult->first, runtime.getHeap());
+  selfHandle->clazz_.setNonNull(
+      runtime, *addResult->first, runtime.getHeap(), *selfHandle);
 
   allocateNewSlotStorage(
       selfHandle, runtime, addResult->second, valueOrAccessor);
@@ -2826,7 +2833,8 @@ CallResult<bool> JSObject::updateOwnProperty(
         runtime,
         propertyPos,
         desc.flags);
-    selfHandle->clazz_.setNonNull(runtime, *newClazz, runtime.getHeap());
+    selfHandle->clazz_.setNonNull(
+        runtime, *newClazz, runtime.getHeap(), *selfHandle);
   }
 
   if (updateStatus->first == PropertyUpdateStatus::done)

lib/VM/JSProxy.cpp

@@ -108,8 +108,8 @@ void JSProxy::setTargetAndHandler(
     Handle<JSObject> target,
     Handle<JSObject> handler) {
   auto &slots = detail::slots(*selfHandle);
-  slots.target.set(runtime, target.get(), runtime.getHeap());
-  slots.handler.set(runtime, handler.get(), runtime.getHeap());
+  slots.target.set(runtime, target.get(), runtime.getHeap(), *selfHandle);
+  slots.handler.set(runtime, handler.get(), runtime.getHeap(), *selfHandle);
 }
 
 namespace {

lib/VM/JSRegExp.cpp

@@ -101,7 +101,7 @@ void JSRegExp::initialize(
   assert(
       pattern && flags &&
       "Null pattern and/or flags passed to JSRegExp::initialize");
-  selfHandle->pattern_.set(runtime, *pattern, runtime.getHeap());
+  selfHandle->pattern_.set(runtime, *pattern, runtime.getHeap(), *selfHandle);
 
   DefinePropertyFlags dpf = DefinePropertyFlags::getDefaultNewPropertyFlags();
   dpf.enumerable = 0;
@@ -220,7 +220,8 @@ ExecutionStatus JSRegExp::initializeGroupNameMappingObj(
       return ExecutionStatus::EXCEPTION;
   }
 
-  selfHandle->groupNameMappings_.set(runtime, *obj, runtime.getHeap());
+  selfHandle->groupNameMappings_.set(
+      runtime, *obj, runtime.getHeap(), *selfHandle);
   return ExecutionStatus::RETURNED;
 }
 
@@ -231,7 +232,7 @@ Handle<JSObject> JSRegExp::getGroupNameMappings(Runtime &runtime) {
 }
 
 void JSRegExp::setGroupNameMappings(Runtime &runtime, JSObject *groupObj) {
-  groupNameMappings_.set(runtime, groupObj, runtime.getHeap());
+  groupNameMappings_.set(runtime, groupObj, runtime.getHeap(), this);
 }
 
 void JSRegExp::initializeBytecode(llvh::ArrayRef<uint8_t> bytecode) {

lib/VM/JSTypedArray.cpp

@@ -305,7 +305,7 @@ void JSTypedArrayBase::setBuffer(
   assert(
       self->getByteWidth() == byteWidth &&
       "Cannot set to a buffer of a different byte width");
-  self->buffer_.setNonNull(runtime, buf, runtime.getHeap());
+  self->buffer_.setNonNull(runtime, buf, runtime.getHeap(), self);
   self->offset_ = offset;
   self->length_ = size / byteWidth;
 }

lib/VM/OrderedHashMap.cpp

@@ -207,7 +207,8 @@ ExecutionStatus OrderedHashMapBase<BucketType, Derived>::rehash(
   }
 
   rawSelf->deletedCount_ = 0;
-  rawSelf->hashTable_.setNonNull(runtime, newHashTable, runtime.getHeap());
+  rawSelf->hashTable_.setNonNull(
+      runtime, newHashTable, runtime.getHeap(), *self);
   assert(
       rawSelf->hashTable_.getNonNull(runtime)->size(runtime) ==
           rawSelf->capacity_ &&
@@ -361,17 +362,17 @@ ExecutionStatus OrderedHashMapBase<BucketType, Derived>::doInsert(
   if (!rawSelf->firstIterationEntry_) {
     // If we are inserting the first ever element, update
     // first iteration entry pointer.
-    rawSelf->firstIterationEntry_.set(runtime, newMapEntry.get(), heap);
-    rawSelf->lastIterationEntry_.set(runtime, newMapEntry.get(), heap);
+    rawSelf->firstIterationEntry_.set(runtime, newMapEntry.get(), heap, *self);
+    rawSelf->lastIterationEntry_.set(runtime, newMapEntry.get(), heap, *self);
   } else {
     // Connect the new entry with the last entry.
-    rawSelf->lastIterationEntry_.getNonNull(runtime)->nextIterationEntry.set(
-        runtime, newMapEntry.get(), heap);
+    auto *previousLastEntry = rawSelf->lastIterationEntry_.getNonNull(runtime);
+    previousLastEntry->nextIterationEntry.set(
+        runtime, newMapEntry.get(), heap, previousLastEntry);
     newMapEntry->prevIterationEntry.set(
         runtime, rawSelf->lastIterationEntry_, heap);
 
-    BucketType *previousLastEntry = rawSelf->lastIterationEntry_.get(runtime);
-    rawSelf->lastIterationEntry_.set(runtime, newMapEntry.get(), heap);
+    rawSelf->lastIterationEntry_.set(runtime, newMapEntry.get(), heap, *self);
 
     if (previousLastEntry && previousLastEntry->isDeleted()) {
       // If the last entry was a deleted entry, we no longer need to keep it.

lib/VM/PrimitiveBox.cpp

@@ -81,7 +81,8 @@ void JSString::setPrimitiveString(
   auto shv =
       SmallHermesValue::encodeNumberValue(string->getStringLength(), runtime);
   JSObject::setNamedSlotValueUnsafe(*selfHandle, runtime, desc, shv);
-  selfHandle->primitiveValue_.set(runtime, *string, runtime.getHeap());
+  selfHandle->primitiveValue_.set(
+      runtime, *string, runtime.getHeap(), *selfHandle);
 }
 
 bool JSString::_haveOwnIndexedImpl(