JSThreadsAndGC: Difference between revisions

Motivation

• More robust thread safety API
• Reduce GC pauses
• Minor performance win from eliminating object locking

Threading. In short, SM's support for sharing objects among threads has not gotten the maintenance attention it needs. It's accumulating bugs. At the same time, it is now widely acknowledged that shared-everything threads are a problematic programming model. Better ideas (like HTML5 Workers) are emerging. We need new JSAPI support for shared-nothing threads.

GC. At the same time our GC performance is not where we want it. There are still direct optimization opportunities. Beyond that, we want to be able to perform GC on a single browser tab, for shorter pause times when only one tab is active.

What these two things have in common is that they both involve dividing the JSRuntime's object graph into separate, mostly-isolated compartments, such that every object is in a compartment, and an ordinary object cannot have a direct reference to an object in a different compartment. (We will support special wrapper objects that provide transparent access to objects in other compartments.)

The changes we need to make for single-tab GC will simultaneously make it easier to add assertions enforcing the new rules about sharing objects across threads. Conveniently, in the browser, wrapper objects already exist in almost all the right places--it's a critical security boundary in the browser, and the wrappers impose various security policies.

Plans

These plans are limited to bugs that are part of the main central body of work to get us to per-tab GC, which we hope will dramatically reduce pause time.

Benchmark automation — We need a way to turn a crank and get GC performance numbers: overall speed, length of longest pause, and total time spent in GC for several GC-intensive benchmarks. sayrer should get mail when we make these numbers move. This sort of data might as well be available via jsdbgapi.h in release builds. It won't be expensive to collect.

Compartments and wrappers API — Add API for creating a global object and associating it with a compartment. Use it in Gecko everywhere we create a global. Add minimal API for a special kind of object that is allowed to hold a strong reference across compartments (a wrapper object). Use it in XPConnect for our security wrappers.

Compartment assertions — Add assertions that there are no direct references across compartments, both at API boundaries and within the engine. Fix what breaks. In particular, wrappers and the structured clone algorithm will need to copy strings and doubles instead of passing them freely from one compartment to another.

GCSubheaps — Factor GC-related code into a class, js::GCHeap (bug 556324). Carve out a second class, GCSubheap, so that a single GCHeap can have several GCSubheaps, each of which handles its own set of VM pages from which individual GC things may be allocated. Give each compartment its own GCSubheap. Allocate every object, double, and string from the GCSubheap for the compartment where it will live.

MT wrappers — Implement an automatically-spreading membrane of proxy objects that allow one thread to access objects from another compartment that is running in another thread. There is some risk here because it's unclear how this should work regarding objects on the scope chain (global objects, Call and Block objects). See bug 558866 comments 1-4.

Lock-free allocation and slot access — Remove locking from allocation paths. Remove scope locking everywhere. (bug 558866)

Compartmental GC — Support collecting garbage in one GCSubheap without walking the rest of the graph (bug 558861).

Make compartments the same thing as Subheaps.