1. 26 Aug, 2011 1 commit
    • fpizlo@apple.com's avatar
      The GC does not have a facility for profiling the kinds of objects · d6bcd37d
      fpizlo@apple.com authored
      that occupy the heap
      https://bugs.webkit.org/show_bug.cgi?id=66849
      
      Reviewed by Geoffrey Garen.
      
      Destructor calls and object scans are now optionally counted, per
      vtable. When the heap is destroyed and profiling is enabled, the
      counts are dumped, with care taken to print the names of classes
      (modulo C++ mangling) sorted in descending commonality.
      
      * GNUmakefile.list.am:
      * JavaScriptCore.exp:
      * JavaScriptCore.pro:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * heap/Heap.cpp:
      (JSC::Heap::destroy):
      * heap/Heap.h:
      * heap/MarkStack.cpp:
      (JSC::SlotVisitor::visitChildren):
      (JSC::SlotVisitor::drain):
      * heap/MarkStack.h:
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::callDestructor):
      * heap/MarkedBlock.h:
      * heap/VTableSpectrum.cpp: Added.
      (JSC::VTableSpectrum::VTableSpectrum):
      (JSC::VTableSpectrum::~VTableSpectrum):
      (JSC::VTableSpectrum::countVPtr):
      (JSC::VTableSpectrum::count):
      (JSC::VTableAndCount::VTableAndCount):
      (JSC::VTableAndCount::operator<):
      (JSC::VTableSpectrum::dump):
      * heap/VTableSpectrum.h: Added.
      * wtf/Platform.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@93918 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d6bcd37d
  2. 03 Aug, 2011 1 commit
  3. 02 Aug, 2011 3 commits
    • fpizlo@apple.com's avatar
      JSC GC uses dummy cells to avoid having to remember which cells · d9a81f43
      fpizlo@apple.com authored
      it has already destroyed
      https://bugs.webkit.org/show_bug.cgi?id=65556
      
      Reviewed by Oliver Hunt.
      
      This gets rid of dummy cells, and ensures that it's not necessary
      to invoke a destructor on cells that have already been swept.  In
      the common case, a block knows that either all of its free cells
      still need to have destructors called, or none of them do, which
      minimizes the amount of branching that needs to happen per cell
      when performing a sweep.
      
      This is performance neutral on SunSpider and V8.  It is meant as
      a stepping stone to simplify the implementation of more
      sophisticated sweeping algorithms.
      
      * heap/Heap.cpp:
      (JSC::CountFunctor::ClearMarks::operator()):
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::initForCellSize):
      (JSC::MarkedBlock::callDestructor):
      (JSC::MarkedBlock::specializedReset):
      (JSC::MarkedBlock::reset):
      (JSC::MarkedBlock::specializedSweep):
      (JSC::MarkedBlock::sweep):
      (JSC::MarkedBlock::produceFreeList):
      (JSC::MarkedBlock::lazySweep):
      (JSC::MarkedBlock::blessNewBlockForFastPath):
      (JSC::MarkedBlock::blessNewBlockForSlowPath):
      (JSC::MarkedBlock::canonicalizeBlock):
      * heap/MarkedBlock.h:
      (JSC::MarkedBlock::FreeCell::setNoObject):
      (JSC::MarkedBlock::setDestructorState):
      (JSC::MarkedBlock::destructorState):
      (JSC::MarkedBlock::notifyMayHaveFreshFreeCells):
      * runtime/JSCell.cpp:
      * runtime/JSCell.h:
      (JSC::JSCell::JSCell::JSCell):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::clearBuiltinStructures):
      * runtime/JSGlobalData.h:
      * runtime/Structure.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@92233 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d9a81f43
    • fpizlo@apple.com's avatar
      JSC GC is far too conservative about growing the heap size, particularly · f49ce5c9
      fpizlo@apple.com authored
      on desktop platforms
      https://bugs.webkit.org/show_bug.cgi?id=65438
      
      Reviewed by Oliver Hunt.
      
      Source/JavaScriptCore:
      
      The minimum heap size is now 16MB instead of 512KB, provided all of the
      following are true:
      a) ENABLE(LARGE_HEAP) is set, which currently only happens on
         x86 targets, but could reasonably happen on any platform that is
         known to have a decent amount of RAM.
      b) JSGlobalData is initialized with HeapSize = LargeHeap, which
         currently only happens when it's the JSDOMWindowBase in WebCore or
         in the jsc command-line tool.
      
      This is a 4.1% speed-up on SunSpider.
      
      * JavaScriptCore.exp:
      * heap/Heap.cpp:
      (JSC::Heap::Heap):
      (JSC::Heap::collect):
      * heap/Heap.h:
      * jsc.cpp:
      (main):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::createContextGroup):
      (JSC::JSGlobalData::create):
      (JSC::JSGlobalData::createLeaked):
      (JSC::JSGlobalData::sharedInstance):
      * runtime/JSGlobalData.h:
      * wtf/Platform.h:
      
      Source/WebCore:
      
      No change in behavior, thus no new tests.
      
      Pass the LargeHeap hint to JSGlobalData when creating the JSC runtime
      instance corresponding to non-worker JS code.
      
      * bindings/js/JSDOMWindowBase.cpp:
      (WebCore::JSDOMWindowBase::commonJSGlobalData):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@92224 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f49ce5c9
    • fpizlo@apple.com's avatar
      JSC does a GC even when the heap still has free pages · 5ee14281
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=65445
      
      Reviewed by Oliver Hunt.
      
      If the high watermark is not reached, then we allocate new blocks as
      before.  If the current watermark does reach (or exceed) the high
      watermark, then we check if there is a block on the free block pool.
      If there is, we simply allocation from it.  If there isn't, we
      invoke a collectin as before.  This effectively couples the elastic
      scavenging to the collector's decision function.  That is, if an
      application rapidly varies its heap usage (sometimes using more and
      sometimes less) then the collector will not thrash as it used to.
      But if heap usage drops and stays low then the scavenger thread and
      the GC will eventually reach a kind of consensus: the GC will set
      the watermark low because of low heap usage, and the scavenger thread
      will steadily eliminate pages from the free page pool, until the size
      of the free pool is below the high watermark.
      
      On command-line, this is neutral on SunSpider and Kraken and a 3% win
      on V8.  In browser, this is a 1% win on V8 and neutral on the other
      two.
      
      * heap/Heap.cpp:
      (JSC::Heap::allocateSlowCase):
      (JSC::Heap::allocateBlock):
      * heap/Heap.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@92217 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5ee14281
  4. 31 Jul, 2011 1 commit
    • fpizlo@apple.com's avatar
      The JSC garbage collector returns memory to the operating system too · 07148b12
      fpizlo@apple.com authored
      eagerly.
      https://bugs.webkit.org/show_bug.cgi?id=65382
      
      Reviewed by Oliver Hunt.
      
      This introduces a memory reuse model similar to the one in FastMalloc.
      A periodic scavenger thread runs in the background and returns half the
      free memory to the OS on each timer fire.  New block allocations first
      attempt to get the memory from the collector's internal pool, reverting
      to OS allocation only when this pool is empty.
      
      * heap/Heap.cpp:
      (JSC::Heap::Heap):
      (JSC::Heap::~Heap):
      (JSC::Heap::destroy):
      (JSC::Heap::waitForRelativeTimeWhileHoldingLock):
      (JSC::Heap::waitForRelativeTime):
      (JSC::Heap::blockFreeingThreadStartFunc):
      (JSC::Heap::blockFreeingThreadMain):
      (JSC::Heap::allocateBlock):
      (JSC::Heap::freeBlocks):
      (JSC::Heap::releaseFreeBlocks):
      * heap/Heap.h:
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::destroy):
      (JSC::MarkedBlock::MarkedBlock):
      (JSC::MarkedBlock::initForCellSize):
      (JSC::MarkedBlock::reset):
      * heap/MarkedBlock.h:
      * wtf/Platform.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@92084 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      07148b12
  5. 29 Jul, 2011 1 commit
    • fpizlo@apple.com's avatar
      JSC GC zombie support no longer works, and is likely no longer needed. · 2f1f3943
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=65404
      
      Reviewed by Darin Adler.
      
      This removes zombies, because they no longer work, are not tested, are
      probably not needed, and are getting in the way of GC optimization
      work.
      
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * heap/Handle.h:
      (JSC::HandleConverter::operator->):
      (JSC::HandleConverter::operator*):
      * heap/HandleHeap.cpp:
      (JSC::HandleHeap::isValidWeakNode):
      * heap/Heap.cpp:
      (JSC::Heap::destroy):
      (JSC::Heap::collect):
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::sweep):
      * heap/MarkedBlock.h:
      (JSC::MarkedBlock::clearMarks):
      * interpreter/Register.h:
      (JSC::Register::Register):
      (JSC::Register::operator=):
      * runtime/ArgList.h:
      (JSC::MarkedArgumentBuffer::append):
      (JSC::ArgList::ArgList):
      * runtime/JSCell.cpp:
      (JSC::isZombie):
      * runtime/JSCell.h:
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::clearBuiltinStructures):
      * runtime/JSGlobalData.h:
      * runtime/JSValue.h:
      * runtime/JSValueInlineMethods.h:
      (JSC::JSValue::JSValue):
      * runtime/JSZombie.cpp: Removed.
      * runtime/JSZombie.h: Removed.
      * runtime/WriteBarrier.h:
      (JSC::WriteBarrierBase::setEarlyValue):
      (JSC::WriteBarrierBase::operator*):
      (JSC::WriteBarrierBase::setWithoutWriteBarrier):
      * wtf/Platform.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@92046 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2f1f3943
  6. 27 Jul, 2011 1 commit
    • slewis@apple.com's avatar
      Revert http://trac.webkit.org/changeset/90415. · 6ba7d15b
      slewis@apple.com authored
      Caused a 5% sunspider regression in-browser.
      
      Unreviewed rollout.
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::visitAggregate):
      * heap/Heap.cpp:
      (JSC::Heap::collectAllGarbage):
      * heap/MarkStack.h:
      (JSC::MarkStack::MarkStack):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::releaseExecutableMemory):
      * runtime/RegExp.cpp:
      (JSC::RegExp::compile):
      (JSC::RegExp::invalidateCode):
      * runtime/RegExp.h:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@91869 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6ba7d15b
  7. 14 Jul, 2011 1 commit
    • commit-queue@webkit.org's avatar
      GC allocation fast path has too many operations. · e8dceaf2
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=64493
      
      Patch by Filip Pizlo <fpizlo@apple.com> on 2011-07-14
      Reviewed by Darin Adler.
      
      Changed the timing of the lazy sweep so that it occurs when we land on
      a previously-unsweeped block, rather than whenever we land on an unsweeped
      cell.  After the per-block lazy sweep occurs, the block is turned into a
      singly linked list of free cells.  The allocation fast path is now just a
      load-branch-store to remove a cell from the head of the list.
      
      Additionally, this changes the way new blocks are allocated.  Previously,
      they would be populated with dummy cells.  With this patch, they are
      turned into a free list, which means that there will never be destructor
      calls for allocations in fresh blocks.
      
      These changes result in a 1.9% speed-up on V8, and a 0.6% speed-up on
      SunSpider.  There are no observed statistically significant slow-downs
      on any individual benchmark.
      
      * JavaScriptCore.exp:
      * heap/Heap.cpp:
      (JSC::Heap::allocateSlowCase):
      (JSC::Heap::collect):
      (JSC::Heap::canonicalizeBlocks):
      (JSC::Heap::resetAllocator):
      * heap/Heap.h:
      (JSC::Heap::forEachProtectedCell):
      (JSC::Heap::forEachCell):
      (JSC::Heap::forEachBlock):
      (JSC::Heap::allocate):
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::MarkedBlock):
      (JSC::MarkedBlock::lazySweep):
      (JSC::MarkedBlock::blessNewBlockForFastPath):
      (JSC::MarkedBlock::blessNewBlockForSlowPath):
      (JSC::MarkedBlock::canonicalizeBlock):
      * heap/MarkedBlock.h:
      * heap/NewSpace.cpp:
      (JSC::NewSpace::addBlock):
      (JSC::NewSpace::canonicalizeBlocks):
      * heap/NewSpace.h:
      (JSC::NewSpace::allocate):
      (JSC::NewSpace::SizeClass::SizeClass):
      (JSC::NewSpace::SizeClass::canonicalizeBlock):
      * heap/OldSpace.cpp:
      (JSC::OldSpace::addBlock):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@91039 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      e8dceaf2
  8. 12 Jul, 2011 1 commit
    • commit-queue@webkit.org's avatar
      COLLECT_ON_EVERY_ALLOCATION no longer works. · f42601f4
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=64388
      
      Patch by Filip Pizlo <fpizlo@apple.com> on 2011-07-12
      Reviewed by Oliver Hunt.
      
      Added a flag to Heap that determines if it's safe to collect (which for now means that
      JSGlobalObject has actually been initialized, but it should work for other things, too).
      This allows JSGlobalObject to allocate even if the allocator wants to GC; instead of
      GCing it just grows the heap, if necessary.
      
      Then changed Heap::allocate() to not recurse ad infinitum when
      COLLECT_ON_EVERY_ALLOCATION is set.  This also makes the allocator generally more
      resilient against bugs; this change allowed me to put in handy assertions, such as that
      an allocation must succeed after either a collection or after a new block was added.
      
      * heap/Heap.cpp:
      (JSC::Heap::Heap):
      (JSC::Heap::tryAllocate):
      (JSC::Heap::allocate):
      (JSC::Heap::collectAllGarbage):
      (JSC::Heap::collect):
      * heap/Heap.h:
      (JSC::Heap::notifyIsSafeToCollect):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@90865 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f42601f4
  9. 05 Jul, 2011 1 commit
    • oliver@apple.com's avatar
      2011-07-05 Oliver Hunt <oliver@apple.com> · 9edc15f2
      oliver@apple.com authored
              Don't throw out compiled code repeatedly
              https://bugs.webkit.org/show_bug.cgi?id=63960
      
              Reviewed by Gavin Barraclough.
      
              Stop throwing away all compiled code every time
              we're told to do a full GC.  Instead unlink all
              callsites during such GC passes to maximise the
              number of collectable functions, but otherwise
              leave compiled functions alone.
      
              * API/JSBase.cpp:
              (JSGarbageCollect):
              * bytecode/CodeBlock.cpp:
              (JSC::CodeBlock::visitAggregate):
              * heap/Heap.cpp:
              (JSC::Heap::collectAllGarbage):
              * heap/MarkStack.h:
              (JSC::MarkStack::shouldUnlinkCalls):
              (JSC::MarkStack::setShouldUnlinkCalls):
              * runtime/JSGlobalData.cpp:
              (JSC::JSGlobalData::recompileAllJSFunctions):
              (JSC::JSGlobalData::releaseExecutableMemory):
              * runtime/RegExp.cpp:
              (JSC::RegExp::compile):
              (JSC::RegExp::invalidateCode):
              * runtime/RegExp.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@90415 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      9edc15f2
  10. 27 Jun, 2011 1 commit
    • oliver@apple.com's avatar
      2011-06-27 Oliver Hunt <oliver@apple.com> · 1db480d3
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Support throwing away non-running code even while other code is running
              https://bugs.webkit.org/show_bug.cgi?id=63485
      
              Add a function to CodeBlock to support unlinking direct linked callsites,
              and then with that in place add logic to discard code from any function
              that is not currently on the stack.
      
              The unlinking completely reverts any optimized call sites, such that they
              may be relinked again in future.
      
              * JavaScriptCore.exp:
              * bytecode/CodeBlock.cpp:
              (JSC::CodeBlock::unlinkCalls):
              (JSC::CodeBlock::clearEvalCache):
              * bytecode/CodeBlock.h:
              (JSC::CallLinkInfo::CallLinkInfo):
              (JSC::CallLinkInfo::unlink):
              * bytecode/EvalCodeCache.h:
              (JSC::EvalCodeCache::clear):
              * heap/Heap.cpp:
              (JSC::Heap::getConservativeRegisterRoots):
              * heap/Heap.h:
              * jit/JIT.cpp:
              (JSC::JIT::privateCompile):
              * jit/JIT.h:
              * jit/JITCall.cpp:
              (JSC::JIT::compileOpCall):
              * jit/JITWriteBarrier.h:
              (JSC::JITWriteBarrierBase::clear):
              * jsc.cpp:
              (GlobalObject::GlobalObject):
              (functionReleaseExecutableMemory):
              * runtime/Executable.cpp:
              (JSC::EvalExecutable::unlinkCalls):
              (JSC::ProgramExecutable::unlinkCalls):
              (JSC::FunctionExecutable::discardCode):
              (JSC::FunctionExecutable::unlinkCalls):
              * runtime/Executable.h:
              * runtime/JSGlobalData.cpp:
              (JSC::SafeRecompiler::returnValue):
              (JSC::SafeRecompiler::operator()):
              (JSC::JSGlobalData::releaseExecutableMemory):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@89885 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      1db480d3
  11. 17 Jun, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-06-16 Geoffrey Garen <ggaren@apple.com> · 69f77964
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Added some write barrier action, compiled out by default
              https://bugs.webkit.org/show_bug.cgi?id=62844
      
              * JavaScriptCore.exp: Build!
      
              * JavaScriptCore.xcodeproj/project.pbxproj: Fixed an incremental build
              issue with Heap.cpp.
      
              * heap/Heap.cpp:
              (JSC::Heap::writeBarrierSlowCase):
              * heap/Heap.h:
              (JSC::Heap::writeBarrier):
              * heap/MarkedBlock.h:
              (JSC::MarkedBlock::isAtomAligned):
              (JSC::MarkedBlock::blockFor):
              (JSC::MarkedBlock::atomNumber):
              (JSC::MarkedBlock::ownerSetNumber):
              (JSC::MarkedBlock::addOldSpaceOwner):
              (JSC::MarkedBlock::OwnerSet::OwnerSet):
              (JSC::MarkedBlock::OwnerSet::add):
              (JSC::MarkedBlock::OwnerSet::clear):
              (JSC::MarkedBlock::OwnerSet::size):
              (JSC::MarkedBlock::OwnerSet::didOverflow):
              (JSC::MarkedBlock::OwnerSet::owners): Added a basic write barrier that
              tracks owners for regions within blocks. Currently unused.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@89156 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      69f77964
  12. 16 Jun, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-06-16 Geoffrey Garen <ggaren@apple.com> · 6e1f8c1b
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Introduced SlotVisitor into the project
              https://bugs.webkit.org/show_bug.cgi?id=62820
              
              This resolves a class vs typedef forward declaration issue, and gives all
              exported symbols the correct names.
      
              * CMakeLists.txt:
              * GNUmakefile.list.am:
              * JavaScriptCore.exp:
              * JavaScriptCore.gypi:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * JavaScriptCore.xcodeproj/project.pbxproj: Build!
      
              * bytecode/EvalCodeCache.h:
              * heap/HandleHeap.h:
              * heap/Heap.cpp:
              (JSC::Heap::Heap):
              (JSC::Heap::markRoots):
              * heap/Heap.h:
              * heap/HeapRootVisitor.h: Replaced MarkStack with SlotVisitor. Now no
              clients operate on a MarkStack.
      
              * heap/MarkStack.cpp:
              (JSC::SlotVisitor::visitChildren):
              (JSC::SlotVisitor::drain):
              * heap/SlotVisitor.h: Added.
              (JSC::SlotVisitor::SlotVisitor): Used 'protected' and a little cheesy
              inheritance to give SlotVisitor all the attributes of MarkStack without
              making this change giant. Over time, we will move more behavior into
              SlotVisitor and its subclasses.
      
              * heap/MarkStack.h:
              * heap/NewSpace.h: Replaced MarkStack with SlotVisitor. Now no
              clients operate on a MarkStack.
      
              * runtime/ArgList.h:
              * runtime/JSCell.h:
              * runtime/JSObject.h:
              * runtime/ScopeChain.h:
              * runtime/SmallStrings.h:
              * runtime/Structure.h: Replaced MarkStack with SlotVisitor. Now no
              clients operate on a MarkStack.
      2011-06-16  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Oliver Hunt.
      
              Introduced SlotVisitor into the project
              https://bugs.webkit.org/show_bug.cgi?id=62820
      
              This resolves a class vs typedef forward declaration issue, and gives all
              exported symbols the correct names.
      
              * dom/EventListener.h:
              * dom/Node.h:
              * dom/NodeFilterCondition.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@89069 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6e1f8c1b
  13. 09 Jun, 2011 2 commits
    • ggaren@apple.com's avatar
      2011-06-09 Geoffrey Garen <ggaren@apple.com> · 28cfb358
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Factored MarkedBlock set management into a helper class with a fast case Bloom filter
              https://bugs.webkit.org/show_bug.cgi?id=62413
              
              SunSpider reports a small speedup.
              
              This is in preparation for having ConservativeSet operate on arbitrary
              sets of MarkedBlocks, and in preparation for conservative scanning
              becoming proportionally more important than other GC activities.
      
              * GNUmakefile.list.am:
              * JavaScriptCore.gypi:
              * JavaScriptCore.xcodeproj/project.pbxproj: Build-o.
      
              * heap/ConservativeRoots.cpp:
              (JSC::ConservativeRoots::add):
              * heap/ConservativeRoots.h:
              (JSC::ConservativeRoots::ConservativeRoots): Operate on a MarkedBlockSet
              directly, instead of a Heap, so we can operate on subsets of the Heap
              instead.
              
              Use a TinyBloomFilter for single-cycle exclusion of most pointers. This
              is particularly important since we expect not to find our subject pointer
              in the MarkedBlock hash, and hash misses are more expensive than typical
              hash lookups because they have high collision rates.
              
              No need for single-pointer add() to be public anymore, since nobody uses it.
      
              * heap/Heap.cpp:
              (JSC::Heap::markRoots):
              * heap/Heap.h:
              (JSC::Heap::forEachCell):
              (JSC::Heap::forEachBlock): Use MarkedBlockSet since that's what
              ConservativeRoots relies on.
              
              Nixed contains(), since nobody uses it anymore.
      
              * heap/MarkedBlock.h:
              (WTF::MarkedBlockHash::hash): Added a faster hash taking advantage of
              the VM layout properties of MarkedBlocks.
      
              * heap/MarkedBlockSet.h: Added.
              (JSC::MarkedBlockSet::add):
              (JSC::MarkedBlockSet::remove):
              (JSC::MarkedBlockSet::recomputeFilter):
              (JSC::MarkedBlockSet::filter):
              (JSC::MarkedBlockSet::set):
              * heap/TinyBloomFilter.h: Added.
              (JSC::TinyBloomFilter::TinyBloomFilter):
              (JSC::TinyBloomFilter::add):
              (JSC::TinyBloomFilter::ruleOut): New helper class, used above.
      
              * interpreter/RegisterFile.cpp:
              (JSC::RegisterFile::gatherConservativeRoots): No need to specifically
              exclude values by tag -- the tiny bloom filter is already a register-register
              compare, so adding another "rule out" factor just slows things down.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@88504 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      28cfb358
    • ggaren@apple.com's avatar
      2011-06-08 Geoffrey Garen <ggaren@apple.com> · 8a23d6ad
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Factored a bunch of Heap functionality into stand-alone functors
              https://bugs.webkit.org/show_bug.cgi?id=62337
              
              This is in preparation for making these functors operate on arbitrary
              sets of MarkedBlocks.
      
              * JavaScriptCore.exp: This file is a small tragedy.
      
              * debugger/Debugger.cpp:
              (JSC::Debugger::recompileAllJSFunctions): Updated for type change and rename.
      
              * heap/HandleHeap.h:
              (JSC::HandleHeap::forEachStrongHandle): New function for iterating all
              strong handles, so we can play along in the functor game.
      
              * heap/Heap.cpp:
              (JSC::CountFunctor::CountFunctor::CountFunctor):
              (JSC::CountFunctor::CountFunctor::count):
              (JSC::CountFunctor::CountFunctor::returnValue):
              (JSC::CountFunctor::ClearMarks::operator()):
              (JSC::CountFunctor::ResetAllocator::operator()):
              (JSC::CountFunctor::Sweep::operator()):
              (JSC::CountFunctor::MarkCount::operator()):
              (JSC::CountFunctor::Size::operator()):
              (JSC::CountFunctor::Capacity::operator()):
              (JSC::CountFunctor::Count::operator()):
              (JSC::CountFunctor::CountIfGlobalObject::operator()):
              (JSC::CountFunctor::TakeIfEmpty::TakeIfEmpty):
              (JSC::CountFunctor::TakeIfEmpty::operator()):
              (JSC::CountFunctor::TakeIfEmpty::returnValue):
              (JSC::CountFunctor::RecordType::RecordType):
              (JSC::CountFunctor::RecordType::typeName):
              (JSC::CountFunctor::RecordType::operator()):
              (JSC::CountFunctor::RecordType::returnValue): These functors factor out
              behavior that used to be in the functions below.
      
              (JSC::Heap::clearMarks):
              (JSC::Heap::sweep):
              (JSC::Heap::objectCount):
              (JSC::Heap::size):
              (JSC::Heap::capacity):
              (JSC::Heap::protectedGlobalObjectCount):
              (JSC::Heap::protectedObjectCount):
              (JSC::Heap::protectedObjectTypeCounts):
              (JSC::Heap::objectTypeCounts):
              (JSC::Heap::resetAllocator):
              (JSC::Heap::freeBlocks):
              (JSC::Heap::shrink): Factored out behavior into the functors above.
      
              * heap/Heap.h:
              (JSC::Heap::forEachProtectedCell):
              (JSC::Heap::forEachCell):
              (JSC::Heap::forEachBlock): Added forEach* iteration templates. I chose
              functor-based templates instead of plain iterators because they're simpler
              to implement in this case and they require a lot less code at the call site.
      
              * heap/MarkedBlock.h:
              (JSC::MarkedBlock::VoidFunctor::returnValue): Default parent class for
              trivial functors.
      
              (JSC::MarkedBlock::forEachCell): Renamed forEach to forEachCell because
              we have a few different kind of "for each" now.
      
              * runtime/JSGlobalData.cpp:
              (WTF::Recompile::operator()):
              (JSC::JSGlobalData::JSGlobalData):
              (JSC::JSGlobalData::recompileAllJSFunctions): Updated for type change and rename.
      
              * runtime/JSGlobalData.h: Removed globalObjectCount because it was unused.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@88473 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8a23d6ad
  14. 08 Jun, 2011 3 commits
    • ggaren@apple.com's avatar
      2011-06-08 Geoffrey Garen <ggaren@apple.com> · d7cca848
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Took some responsibilities away from NewSpace
              https://bugs.webkit.org/show_bug.cgi?id=62325
              
              NewSpace is basically just an allocator now.
              
              Heap acts as a controller, responsible for managing the set of all
              MarkedBlocks.
              
              This is in preparation for moving parts of the controller logic into
              separate helper classes that can act on arbitrary sets of MarkedBlocks
              that may or may not be in NewSpace.
      
              * heap/Heap.cpp:
              (JSC::Heap::Heap):
              (JSC::Heap::destroy):
              (JSC::Heap::allocate):
              (JSC::Heap::markRoots):
              (JSC::Heap::clearMarks):
              (JSC::Heap::sweep):
              (JSC::Heap::objectCount):
              (JSC::Heap::size):
              (JSC::Heap::capacity):
              (JSC::Heap::collect):
              (JSC::Heap::resetAllocator):
              (JSC::Heap::allocateBlock):
              (JSC::Heap::freeBlocks):
              (JSC::Heap::shrink): Moved the set of MarkedBlocks from NewSpace to Heap,
              along with all functions that operate on the set of MarkedBlocks. Also
              moved responsibility for deciding whether to allocate a new MarkedBlock,
              and for allocating it.
      
              * heap/Heap.h:
              (JSC::Heap::contains):
              (JSC::Heap::forEach): Ditto.
      
              * heap/NewSpace.cpp:
              (JSC::NewSpace::addBlock):
              (JSC::NewSpace::removeBlock):
              (JSC::NewSpace::resetAllocator):
              * heap/NewSpace.h:
              (JSC::NewSpace::waterMark):
              (JSC::NewSpace::allocate): Ditto.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@88389 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d7cca848
    • ggaren@apple.com's avatar
      2011-06-08 Geoffrey Garen <ggaren@apple.com> · 788b601d
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Some more MarkedSpace => NewSpace renaming
              https://bugs.webkit.org/show_bug.cgi?id=62305
      
              * JavaScriptCore.exp:
              * JavaScriptCore.order:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * heap/Heap.cpp:
              (JSC::Heap::Heap):
              (JSC::Heap::destroy):
              (JSC::Heap::reportExtraMemoryCostSlowCase):
              (JSC::Heap::allocate):
              (JSC::Heap::markRoots):
              (JSC::Heap::objectCount):
              (JSC::Heap::size):
              (JSC::Heap::capacity):
              (JSC::Heap::collect):
              (JSC::Heap::isValidAllocation):
              * heap/Heap.h:
              (JSC::Heap::markedSpace):
              (JSC::Heap::contains):
              (JSC::Heap::forEach):
              (JSC::Heap::allocate):
              * runtime/JSCell.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@88379 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      788b601d
    • ggaren@apple.com's avatar
      2011-06-07 Geoffrey Garen <ggaren@apple.com> · 4f1e836c
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Split 'reset' into 'collect' and 'resetAllocator'
              https://bugs.webkit.org/show_bug.cgi?id=62267
      
              * heap/Heap.cpp:
              (JSC::Heap::allocate):
              (JSC::Heap::collectAllGarbage):
              (JSC::Heap::collect):
              * heap/Heap.h:
              * heap/MarkedBlock.h:
              (JSC::MarkedBlock::resetAllocator):
              * heap/MarkedSpace.cpp:
              (JSC::MarkedSpace::resetAllocator):
              * heap/MarkedSpace.h:
              (JSC::MarkedSpace::SizeClass::resetAllocator):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@88328 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4f1e836c
  15. 07 Jun, 2011 1 commit
  16. 29 May, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-05-29 Geoffrey Garen <ggaren@apple.com> · 58c6e459
      ggaren@apple.com authored
              Reviewed by Sam Weinig.
      
              Some heap refactoring
              https://bugs.webkit.org/show_bug.cgi?id=61704
              
              SunSpider says no change.
      
              * JavaScriptCore.exp: Export!
      
              * heap/Heap.cpp: COLLECT_ON_EVERY_ALLOCATION can actually do so now.
      
              (JSC::Heap::Heap): Changed Heap sub-objects to point to the heap.
      
              (JSC::Heap::allocate): Changed inline allocation code to only select the
              size class, since this can be optimized out at compile time -- everything
              else is now inlined into this out-of-line function.
              
              No need to duplicate ASSERTs made in our caller.
      
              * heap/Heap.h:
              (JSC::Heap::heap):
              (JSC::Heap::isMarked):
              (JSC::Heap::testAndSetMarked):
              (JSC::Heap::testAndClearMarked):
              (JSC::Heap::setMarked): Call directly into MarkedBlock instead of adding
              a layer of indirection through MarkedSpace.
      
              (JSC::Heap::allocate): See above.
      
              * heap/MarkedBlock.cpp:
              (JSC::MarkedBlock::create):
              (JSC::MarkedBlock::MarkedBlock):
              * heap/MarkedBlock.h: Changed Heap sub-objects to point to the heap.
      
              * heap/MarkedSpace.cpp:
              (JSC::MarkedSpace::MarkedSpace):
              (JSC::MarkedSpace::allocateBlock):
              * heap/MarkedSpace.h:
              (JSC::MarkedSpace::allocate): Updated to match changes above.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@87653 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      58c6e459
  17. 26 May, 2011 3 commits
  18. 24 May, 2011 1 commit
  19. 17 May, 2011 2 commits
    • ggaren@apple.com's avatar
      Source/JavaScriptCore: Rolling back in r86653 with build fixed. · 19fe5092
      ggaren@apple.com authored
      Reviewed by Gavin Barraclough and Oliver Hunt.
      
      Global object initialization is expensive
      https://bugs.webkit.org/show_bug.cgi?id=60933
              
      Changed a bunch of globals to allocate their properties lazily, and changed
      the global object to allocate a bunch of its globals lazily.
              
      This reduces the footprint of a global object from 287 objects with 58
      functions for 24K to 173 objects with 20 functions for 15K.
      
      Large patch, but it's all mechanical.
      
      * DerivedSources.make:
      * JavaScriptCore.exp: Build!
      
      * create_hash_table: Added a special case for fromCharCode, since it uses
      a custom "thunk generator".
      
      * heap/Heap.cpp:
      (JSC::TypeCounter::operator()): Fixed a bug where the type counter would
      overcount objects that were owned through more than one mechanism because
      it was getting in the way of counting the results for this patch.
      
      * interpreter/CallFrame.h:
      (JSC::ExecState::arrayConstructorTable):
      (JSC::ExecState::arrayPrototypeTable):
      (JSC::ExecState::booleanPrototypeTable):
      (JSC::ExecState::dateConstructorTable):
      (JSC::ExecState::errorPrototypeTable):
      (JSC::ExecState::globalObjectTable):
      (JSC::ExecState::numberConstructorTable):
      (JSC::ExecState::numberPrototypeTable):
      (JSC::ExecState::objectPrototypeTable):
      (JSC::ExecState::regExpPrototypeTable):
      (JSC::ExecState::stringConstructorTable): Added new tables.
      
      * runtime/ArrayConstructor.cpp:
      (JSC::ArrayConstructor::ArrayConstructor):
      (JSC::ArrayConstructor::getOwnPropertySlot):
      (JSC::ArrayConstructor::getOwnPropertyDescriptor):
      * runtime/ArrayConstructor.h:
      (JSC::ArrayConstructor::createStructure):
      * runtime/ArrayPrototype.cpp:
      (JSC::ArrayPrototype::getOwnPropertySlot):
      (JSC::ArrayPrototype::getOwnPropertyDescriptor):
      * runtime/ArrayPrototype.h:
      * runtime/BooleanPrototype.cpp:
      (JSC::BooleanPrototype::BooleanPrototype):
      (JSC::BooleanPrototype::getOwnPropertySlot):
      (JSC::BooleanPrototype::getOwnPropertyDescriptor):
      * runtime/BooleanPrototype.h:
      (JSC::BooleanPrototype::createStructure):
      * runtime/DateConstructor.cpp:
      (JSC::DateConstructor::DateConstructor):
      (JSC::DateConstructor::getOwnPropertySlot):
      (JSC::DateConstructor::getOwnPropertyDescriptor):
      * runtime/DateConstructor.h:
      (JSC::DateConstructor::createStructure):
      * runtime/ErrorPrototype.cpp:
      (JSC::ErrorPrototype::ErrorPrototype):
      (JSC::ErrorPrototype::getOwnPropertySlot):
      (JSC::ErrorPrototype::getOwnPropertyDescriptor):
      * runtime/ErrorPrototype.h:
      (JSC::ErrorPrototype::createStructure): Standardized these objects
      to use static tables for function properties.
      
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::~JSGlobalData):
      * runtime/JSGlobalData.h: Added new tables.
      
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::reset):
      (JSC::JSGlobalObject::addStaticGlobals):
      (JSC::JSGlobalObject::getOwnPropertySlot):
      (JSC::JSGlobalObject::getOwnPropertyDescriptor):
      * runtime/JSGlobalObject.h:
      * runtime/JSGlobalObjectFunctions.cpp:
      * runtime/JSGlobalObjectFunctions.h: Changed JSGlobalObject to use a
      static table for its global functions. This required uninlining some
      things to avoid a circular header dependency. However, those things
      probably shouldn't have been inlined in the first place.
              
      Even more global object properties can be made lazy, but that requires
      more in-depth changes.
      
      * runtime/MathObject.cpp:
      * runtime/NumberConstructor.cpp:
      (JSC::NumberConstructor::getOwnPropertySlot):
      (JSC::NumberConstructor::getOwnPropertyDescriptor):
      * runtime/NumberPrototype.cpp:
      (JSC::NumberPrototype::NumberPrototype):
      (JSC::NumberPrototype::getOwnPropertySlot):
      (JSC::NumberPrototype::getOwnPropertyDescriptor):
      * runtime/NumberPrototype.h:
      (JSC::NumberPrototype::createStructure):
      * runtime/ObjectPrototype.cpp:
      (JSC::ObjectPrototype::ObjectPrototype):
      (JSC::ObjectPrototype::put):
      (JSC::ObjectPrototype::getOwnPropertySlot):
      (JSC::ObjectPrototype::getOwnPropertyDescriptor):
      * runtime/ObjectPrototype.h:
      (JSC::ObjectPrototype::createStructure):
      * runtime/RegExpPrototype.cpp:
      (JSC::RegExpPrototype::RegExpPrototype):
      (JSC::RegExpPrototype::getOwnPropertySlot):
      (JSC::RegExpPrototype::getOwnPropertyDescriptor):
      * runtime/RegExpPrototype.h:
      (JSC::RegExpPrototype::createStructure):
      * runtime/StringConstructor.cpp:
      (JSC::StringConstructor::StringConstructor):
      (JSC::StringConstructor::getOwnPropertySlot):
      (JSC::StringConstructor::getOwnPropertyDescriptor):
      * runtime/StringConstructor.h:
      (JSC::StringConstructor::createStructure): Standardized these objects
      to use static tables for function properties.
      
      LayoutTests: Global object initialization is expensive
      https://bugs.webkit.org/show_bug.cgi?id=60933
              
      Reviewed by Gavin Barraclough.
      
      Added a few more expected failures, now that more code uses static hash
      tables.
              
      The fact that built-ins are not deletable, but should be, is covered by
      https://bugs.webkit.org/show_bug.cgi?id=61014
      
      * sputnik/Conformance/15_Native_Objects/15.6_Boolean/15.6.2/S15.6.2.1_A4-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.6_Boolean/15.6.3/15.6.3.1_Boolean.prototype/S15.6.3.1_A1-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.6_Boolean/15.6.4/S15.6.4_A1-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.7_Number/15.7.2/S15.7.2.1_A4-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.7_Number/15.7.3/15.7.3.1_Number.prototype/S15.7.3.1_A2_T1-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.7_Number/15.7.4/S15.7.4_A1-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.9_Date/15.9.4/15.9.4.2_Date.parse/S15.9.4.2_A1_T2-expected.txt:
      * sputnik/Conformance/15_Native_Objects/15.9_Date/15.9.4/15.9.4.3_Date.UTC/S15.9.4.3_A1_T2-expected.txt:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86727 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      19fe5092
    • commit-queue@webkit.org's avatar
      2011-05-16 Sheriff Bot <webkit.review.bot@gmail.com> · 5a39502a
      commit-queue@webkit.org authored
              Unreviewed, rolling out r86653.
              http://trac.webkit.org/changeset/86653
              https://bugs.webkit.org/show_bug.cgi?id=60944
      
              "Caused regressions on Windows, OSX and EFL" (Requested by
              yutak on #webkit).
      
              * DerivedSources.make:
              * DerivedSources.pro:
              * GNUmakefile.am:
              * GNUmakefile.list.am:
              * JavaScriptCore.exp:
              * JavaScriptCore.gypi:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * create_hash_table:
              * heap/Heap.cpp:
              (JSC::TypeCounter::operator()):
              * interpreter/CallFrame.h:
              (JSC::ExecState::arrayTable):
              (JSC::ExecState::numberTable):
              * runtime/ArrayConstructor.cpp:
              (JSC::ArrayConstructor::ArrayConstructor):
              * runtime/ArrayConstructor.h:
              * runtime/ArrayPrototype.cpp:
              (JSC::ArrayPrototype::getOwnPropertySlot):
              (JSC::ArrayPrototype::getOwnPropertyDescriptor):
              * runtime/ArrayPrototype.h:
              * runtime/BooleanPrototype.cpp:
              (JSC::BooleanPrototype::BooleanPrototype):
              * runtime/BooleanPrototype.h:
              * runtime/DateConstructor.cpp:
              (JSC::DateConstructor::DateConstructor):
              * runtime/DateConstructor.h:
              * runtime/ErrorPrototype.cpp:
              (JSC::ErrorPrototype::ErrorPrototype):
              * runtime/ErrorPrototype.h:
              * runtime/JSGlobalData.cpp:
              (JSC::JSGlobalData::JSGlobalData):
              (JSC::JSGlobalData::~JSGlobalData):
              * runtime/JSGlobalData.h:
              * runtime/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::reset):
              * runtime/JSGlobalObject.h:
              (JSC::JSGlobalObject::addStaticGlobals):
              (JSC::JSGlobalObject::getOwnPropertySlot):
              (JSC::JSGlobalObject::getOwnPropertyDescriptor):
              * runtime/JSGlobalObjectFunctions.cpp:
              (JSC::globalFuncJSCPrint):
              * runtime/JSGlobalObjectFunctions.h:
              * runtime/MathObject.cpp:
              * runtime/NumberConstructor.cpp:
              (JSC::NumberConstructor::getOwnPropertySlot):
              (JSC::NumberConstructor::getOwnPropertyDescriptor):
              * runtime/NumberPrototype.cpp:
              (JSC::NumberPrototype::NumberPrototype):
              * runtime/NumberPrototype.h:
              * runtime/ObjectPrototype.cpp:
              (JSC::ObjectPrototype::ObjectPrototype):
              (JSC::ObjectPrototype::put):
              (JSC::ObjectPrototype::getOwnPropertySlot):
              * runtime/ObjectPrototype.h:
              * runtime/RegExpPrototype.cpp:
              (JSC::RegExpPrototype::RegExpPrototype):
              * runtime/RegExpPrototype.h:
              * runtime/StringConstructor.cpp:
              (JSC::StringConstructor::StringConstructor):
              * runtime/StringConstructor.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86657 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      5a39502a
  20. 16 May, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-05-16 Geoffrey Garen <ggaren@apple.com> · 836c5d91
      ggaren@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Global object initialization is expensive
              https://bugs.webkit.org/show_bug.cgi?id=60933
              
              Changed a bunch of globals to allocate their properties lazily, and changed
              the global object to allocate a bunch of its globals lazily.
              
              This reduces the footprint of a global object from 287 objects with 58
              functions for 24K to 173 objects with 20 functions for 15K.
      
              Large patch, but it's all mechanical.
      
              * DerivedSources.make:
              * JavaScriptCore.exp: Build!
      
              * create_hash_table: Added a special case for fromCharCode, since it uses
              a custom "thunk generator".
      
              * heap/Heap.cpp:
              (JSC::TypeCounter::operator()): Fixed a bug where the type counter would
              overcount objects that were owned through more than one mechanism because
              it was getting in the way of counting the results for this patch.
      
              * interpreter/CallFrame.h:
              (JSC::ExecState::arrayConstructorTable):
              (JSC::ExecState::arrayPrototypeTable):
              (JSC::ExecState::booleanPrototypeTable):
              (JSC::ExecState::dateConstructorTable):
              (JSC::ExecState::errorPrototypeTable):
              (JSC::ExecState::globalObjectTable):
              (JSC::ExecState::numberConstructorTable):
              (JSC::ExecState::numberPrototypeTable):
              (JSC::ExecState::objectPrototypeTable):
              (JSC::ExecState::regExpPrototypeTable):
              (JSC::ExecState::stringConstructorTable): Added new tables.
      
              * runtime/ArrayConstructor.cpp:
              (JSC::ArrayConstructor::ArrayConstructor):
              (JSC::ArrayConstructor::getOwnPropertySlot):
              (JSC::ArrayConstructor::getOwnPropertyDescriptor):
              * runtime/ArrayConstructor.h:
              (JSC::ArrayConstructor::createStructure):
              * runtime/ArrayPrototype.cpp:
              (JSC::ArrayPrototype::getOwnPropertySlot):
              (JSC::ArrayPrototype::getOwnPropertyDescriptor):
              * runtime/ArrayPrototype.h:
              * runtime/BooleanPrototype.cpp:
              (JSC::BooleanPrototype::BooleanPrototype):
              (JSC::BooleanPrototype::getOwnPropertySlot):
              (JSC::BooleanPrototype::getOwnPropertyDescriptor):
              * runtime/BooleanPrototype.h:
              (JSC::BooleanPrototype::createStructure):
              * runtime/DateConstructor.cpp:
              (JSC::DateConstructor::DateConstructor):
              (JSC::DateConstructor::getOwnPropertySlot):
              (JSC::DateConstructor::getOwnPropertyDescriptor):
              * runtime/DateConstructor.h:
              (JSC::DateConstructor::createStructure):
              * runtime/ErrorPrototype.cpp:
              (JSC::ErrorPrototype::ErrorPrototype):
              (JSC::ErrorPrototype::getOwnPropertySlot):
              (JSC::ErrorPrototype::getOwnPropertyDescriptor):
              * runtime/ErrorPrototype.h:
              (JSC::ErrorPrototype::createStructure): Standardized these objects
              to use static tables for function properties.
      
              * runtime/JSGlobalData.cpp:
              (JSC::JSGlobalData::JSGlobalData):
              (JSC::JSGlobalData::~JSGlobalData):
              * runtime/JSGlobalData.h: Added new tables.
      
              * runtime/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::reset):
              (JSC::JSGlobalObject::addStaticGlobals):
              (JSC::JSGlobalObject::getOwnPropertySlot):
              (JSC::JSGlobalObject::getOwnPropertyDescriptor):
              * runtime/JSGlobalObject.h:
              * runtime/JSGlobalObjectFunctions.cpp:
              * runtime/JSGlobalObjectFunctions.h: Changed JSGlobalObject to use a
              static table for its global functions. This required uninlining some
              things to avoid a circular header dependency. However, those things
              probably shouldn't have been inlined in the first place.
              
              Even more global object properties can be made lazy, but that requires
              more in-depth changes.
      
              * runtime/MathObject.cpp:
              * runtime/NumberConstructor.cpp:
              (JSC::NumberConstructor::getOwnPropertySlot):
              (JSC::NumberConstructor::getOwnPropertyDescriptor):
              * runtime/NumberPrototype.cpp:
              (JSC::NumberPrototype::NumberPrototype):
              (JSC::NumberPrototype::getOwnPropertySlot):
              (JSC::NumberPrototype::getOwnPropertyDescriptor):
              * runtime/NumberPrototype.h:
              (JSC::NumberPrototype::createStructure):
              * runtime/ObjectPrototype.cpp:
              (JSC::ObjectPrototype::ObjectPrototype):
              (JSC::ObjectPrototype::put):
              (JSC::ObjectPrototype::getOwnPropertySlot):
              (JSC::ObjectPrototype::getOwnPropertyDescriptor):
              * runtime/ObjectPrototype.h:
              (JSC::ObjectPrototype::createStructure):
              * runtime/RegExpPrototype.cpp:
              (JSC::RegExpPrototype::RegExpPrototype):
              (JSC::RegExpPrototype::getOwnPropertySlot):
              (JSC::RegExpPrototype::getOwnPropertyDescriptor):
              * runtime/RegExpPrototype.h:
              (JSC::RegExpPrototype::createStructure):
              * runtime/StringConstructor.cpp:
              (JSC::StringConstructor::StringConstructor):
              (JSC::StringConstructor::getOwnPropertySlot):
              (JSC::StringConstructor::getOwnPropertyDescriptor):
              * runtime/StringConstructor.h:
              (JSC::StringConstructor::createStructure): Standardized these objects
              to use static tables for function properties.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86653 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      836c5d91
  21. 15 May, 2011 1 commit
    • ggaren@apple.com's avatar
      Partial fix for <rdar://problem/9417875> REGRESSION: SunSpider ~17% slower · 73b63b7b
      ggaren@apple.com authored
      in browser than on command line
              
      Reviewed by Maciej Stachowiak.
      
      This patch fixes a few issues in generated code that could unreasonably
      prolong object lifetimes.
      
      * heap/Heap.cpp:
      (JSC::Heap::collectAllGarbage): Throw away all function code before doing
      a major collection. We want to clear polymorphic caches, since they can
      keep alive large object graphs that have gone "stale". For the same reason,
      but to a lesser extent, we also want to clear linked functions and other
      one-off caches.
      
      This has the side-benefit of reducing memory footprint from run-once
      functions, and of allowing predictions and caches that have failed to
      re-specialize.
      
      Eventually, if compilation costs rise far enough, we may want a more
      limited strategy for de-specializing code without throwing it away
      completely, but this works for now, and it's the simplest solution.
      
      * jit/JITStubs.cpp:
      (JSC::JITThunks::hostFunctionStub):
      * jit/JITStubs.h:
      * runtime/JSFunction.cpp: Made the host function stub cache weak --
      otherwise it's effectively a memory leak that can seriously fragment the
      GC and JIT heaps.
      
      (JSC::JSFunction::JSFunction):
      (JSC::JSFunction::visitChildren): Cleared up some comments that confused
      me when working with this code.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@86510 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      73b63b7b
  22. 11 May, 2011 1 commit
  23. 25 Apr, 2011 1 commit
  24. 22 Apr, 2011 2 commits
    • commit-queue@webkit.org's avatar
      2011-04-22 Sheriff Bot <webkit.review.bot@gmail.com> · 2dba4a48
      commit-queue@webkit.org authored
              Unreviewed, rolling out r84650 and r84654.
              http://trac.webkit.org/changeset/84650
              http://trac.webkit.org/changeset/84654
              https://bugs.webkit.org/show_bug.cgi?id=59218
      
              Broke Windows build (Requested by bweinstein on #webkit).
      
              * API/JSCallbackObjectFunctions.h:
              (JSC::::init):
              * JavaScriptCore.exp:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * heap/Handle.h:
              (JSC::HandleBase::operator!):
              (JSC::HandleBase::operator UnspecifiedBoolType*):
              (JSC::HandleTypes::getFromSlot):
              * heap/HandleHeap.cpp:
              (JSC::HandleHeap::markStrongHandles):
              (JSC::HandleHeap::markWeakHandles):
              (JSC::HandleHeap::finalizeWeakHandles):
              (JSC::HandleHeap::writeBarrier):
              (JSC::HandleHeap::protectedGlobalObjectCount):
              (JSC::HandleHeap::isValidWeakNode):
              * heap/HandleHeap.h:
              (JSC::HandleHeap::copyWeak):
              (JSC::HandleHeap::makeWeak):
              (JSC::HandleHeap::Node::slot):
              * heap/HandleStack.cpp:
              (JSC::HandleStack::mark):
              (JSC::HandleStack::grow):
              * heap/HandleStack.h:
              (JSC::HandleStack::zapTo):
              (JSC::HandleStack::push):
              * heap/Heap.cpp:
              (JSC::HandleHeap::protectedObjectTypeCounts):
              * heap/Local.h:
              (JSC::::set):
              * heap/Strong.h:
              (JSC::Strong::set):
              * heap/Weak.h:
              (JSC::Weak::set):
              * runtime/StructureTransitionTable.h:
              (JSC::StructureTransitionTable::singleTransition):
              (JSC::StructureTransitionTable::setSingleTransition):
              * runtime/WeakGCMap.h:
              (JSC::WeakGCMap::add):
              (JSC::WeakGCMap::set):
              * runtime/WriteBarrier.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@84660 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2dba4a48
    • oliver@apple.com's avatar
      2011-04-22 Oliver Hunt <oliver@apple.com> · 4b66844e
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Make it harder to use HandleSlot incorrectly
              https://bugs.webkit.org/show_bug.cgi?id=59205
      
              Just add a little type fudging to make it harder to
              incorrectly assign through a HandleSlot.
      
              * API/JSCallbackObjectFunctions.h:
              (JSC::::init):
              * JavaScriptCore.exp:
              * heap/Handle.h:
              (JSC::HandleBase::operator!):
              (JSC::HandleBase::operator UnspecifiedBoolType*):
              (JSC::HandleTypes::getFromSlot):
              * heap/HandleHeap.cpp:
              (JSC::HandleHeap::markStrongHandles):
              (JSC::HandleHeap::markWeakHandles):
              (JSC::HandleHeap::finalizeWeakHandles):
              (JSC::HandleHeap::writeBarrier):
              (JSC::HandleHeap::protectedGlobalObjectCount):
              (JSC::HandleHeap::isValidWeakNode):
              * heap/HandleHeap.h:
              (JSC::HandleHeap::copyWeak):
              (JSC::HandleHeap::makeWeak):
              (JSC::HandleHeap::Node::slot):
              * heap/HandleStack.cpp:
              (JSC::HandleStack::mark):
              (JSC::HandleStack::grow):
              * heap/HandleStack.h:
              (JSC::HandleStack::zapTo):
              (JSC::HandleStack::push):
              * heap/Heap.cpp:
              (JSC::HandleHeap::protectedObjectTypeCounts):
              * heap/Local.h:
              (JSC::::set):
              * heap/Strong.h:
              (JSC::Strong::set):
              * heap/Weak.h:
              (JSC::Weak::set):
              * runtime/StructureTransitionTable.h:
              (JSC::StructureTransitionTable::singleTransition):
              (JSC::StructureTransitionTable::setSingleTransition):
              * runtime/WeakGCMap.h:
              (JSC::WeakGCMap::add):
              (JSC::WeakGCMap::set):
              * runtime/WriteBarrier.h:
              (JSC::OpaqueJSValue::toJSValue):
              (JSC::OpaqueJSValue::toJSValueRef):
              (JSC::OpaqueJSValue::fromJSValue):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@84650 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      4b66844e
  25. 21 Apr, 2011 1 commit
    • oliver@apple.com's avatar
      2011-04-21 Oliver Hunt <oliver@apple.com> · 433d02f9
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Start moving to a general visitor pattern for GC traversal
              https://bugs.webkit.org/show_bug.cgi?id=59141
      
              This is just a rename:
                  markChildren -> visitChildren
                  markAggregate -> visitAggregate
                  markStack -> visitor
                  MarkStack -> typedef'd to SlotVisitor
      
              * API/JSCallbackObject.h:
              (JSC::JSCallbackObjectData::visitChildren):
              (JSC::JSCallbackObjectData::JSPrivatePropertyMap::visitChildren):
              (JSC::JSCallbackObject::visitChildren):
              * JavaScriptCore.exp:
              * bytecode/CodeBlock.cpp:
              (JSC::CodeBlock::visitStructures):
              (JSC::EvalCodeCache::visitAggregate):
              (JSC::CodeBlock::visitAggregate):
              * bytecode/CodeBlock.h:
              * bytecode/EvalCodeCache.h:
              * bytecode/Instruction.h:
              (JSC::PolymorphicAccessStructureList::visitAggregate):
              * bytecode/StructureStubInfo.cpp:
              (JSC::StructureStubInfo::visitAggregate):
              * bytecode/StructureStubInfo.h:
              * debugger/DebuggerActivation.cpp:
              (JSC::DebuggerActivation::visitChildren):
              * debugger/DebuggerActivation.h:
              * heap/HandleHeap.cpp:
              (JSC::WeakHandleOwner::isReachableFromOpaqueRoots):
              (JSC::HandleHeap::markStrongHandles):
              (JSC::HandleHeap::markWeakHandles):
              * heap/HandleHeap.h:
              * heap/HandleStack.cpp:
              (JSC::HandleStack::mark):
              * heap/HandleStack.h:
              * heap/Heap.cpp:
              (JSC::Heap::markProtectedObjects):
              (JSC::Heap::markTempSortVectors):
              (JSC::Heap::markRoots):
              * heap/Heap.h:
              * heap/MarkStack.cpp:
              (JSC::MarkStack::visitChildren):
              (JSC::MarkStack::drain):
              * heap/MarkStack.h:
              (JSC::HeapRootVisitor::HeapRootVisitor):
              (JSC::HeapRootVisitor::mark):
              (JSC::HeapRootVisitor::visitor):
              * heap/MarkedSpace.h:
              * runtime/ArgList.cpp:
              (JSC::MarkedArgumentBuffer::markLists):
              * runtime/ArgList.h:
              * runtime/Arguments.cpp:
              (JSC::Arguments::visitChildren):
              * runtime/Arguments.h:
              * runtime/Executable.cpp:
              (JSC::EvalExecutable::visitChildren):
              (JSC::ProgramExecutable::visitChildren):
              (JSC::FunctionExecutable::visitChildren):
              * runtime/Executable.h:
              * runtime/GetterSetter.cpp:
              (JSC::GetterSetter::visitChildren):
              * runtime/GetterSetter.h:
              (JSC::GetterSetter::createStructure):
              * runtime/JSAPIValueWrapper.h:
              (JSC::JSAPIValueWrapper::createStructure):
              * runtime/JSActivation.cpp:
              (JSC::JSActivation::visitChildren):
              * runtime/JSActivation.h:
              * runtime/JSArray.cpp:
              (JSC::JSArray::visitChildren):
              * runtime/JSArray.h:
              (JSC::JSArray::visitDirect):
              * runtime/JSCell.h:
              (JSC::JSCell::JSCell::visitChildren):
              * runtime/JSFunction.cpp:
              (JSC::JSFunction::visitChildren):
              * runtime/JSFunction.h:
              * runtime/JSGlobalObject.cpp:
              (JSC::visitIfNeeded):
              (JSC::JSGlobalObject::visitChildren):
              * runtime/JSGlobalObject.h:
              * runtime/JSONObject.cpp:
              * runtime/JSObject.cpp:
              (JSC::JSObject::visitChildren):
              * runtime/JSObject.h:
              (JSC::JSObject::visitDirect):
              * runtime/JSPropertyNameIterator.cpp:
              (JSC::JSPropertyNameIterator::visitChildren):
              * runtime/JSPropertyNameIterator.h:
              (JSC::JSPropertyNameIterator::createStructure):
              * runtime/JSStaticScopeObject.cpp:
              (JSC::JSStaticScopeObject::visitChildren):
              * runtime/JSStaticScopeObject.h:
              * runtime/JSTypeInfo.h:
              (JSC::TypeInfo::TypeInfo):
              (JSC::TypeInfo::overridesVisitChildren):
              * runtime/JSWrapperObject.cpp:
              (JSC::JSWrapperObject::visitChildren):
              * runtime/JSWrapperObject.h:
              * runtime/JSZombie.h:
              (JSC::JSZombie::visitChildren):
              * runtime/NativeErrorConstructor.cpp:
              (JSC::NativeErrorConstructor::visitChildren):
              * runtime/NativeErrorConstructor.h:
              * runtime/RegExpObject.cpp:
              (JSC::RegExpObject::visitChildren):
              * runtime/RegExpObject.h:
              * runtime/ScopeChain.cpp:
              (JSC::ScopeChainNode::visitChildren):
              * runtime/ScopeChain.h:
              * runtime/SmallStrings.cpp:
              (JSC::SmallStrings::visitChildren):
              * runtime/SmallStrings.h:
              * runtime/Structure.cpp:
              (JSC::Structure::Structure):
              (JSC::Structure::visitChildren):
              * runtime/Structure.h:
              * runtime/StructureChain.cpp:
              (JSC::StructureChain::visitChildren):
              * runtime/StructureChain.h:
              (JSC::StructureChain::createStructure):
      2011-04-21  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Start moving to a general visitor pattern for GC traversal
              https://bugs.webkit.org/show_bug.cgi?id=59141
      
              This is just a rename:
                  markChildren -> visitChildren
                  markAggregate -> visitAggregate
                  markStack -> visitor
                  MarkStack -> typedef'd to SlotVisitor
      
              * UserObjectImp.cpp:
              (UserObjectImp::visitChildren):
      2011-04-21  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoffrey Garen.
      
              Start moving to a general visitor pattern for GC traversal
              https://bugs.webkit.org/show_bug.cgi?id=59141
      
              This is just a rename:
                  markChildren -> visitChildren
                  markAggregate -> visitAggregate
                  markStack -> visitor
                  MarkStack -> typedef'd to SlotVisitor
      
              * bindings/js/JSAttrCustom.cpp:
              (WebCore::JSAttr::visitChildren):
              * bindings/js/JSAudioConstructor.cpp:
              (WebCore::constructAudio):
              * bindings/js/JSCSSRuleCustom.cpp:
              (WebCore::JSCSSRule::visitChildren):
              * bindings/js/JSCSSStyleDeclarationCustom.cpp:
              (WebCore::JSCSSStyleDeclaration::visitChildren):
              * bindings/js/JSDOMBinding.cpp:
              (WebCore::visitActiveObjectsForContext):
              (WebCore::markDOMObjectWrapper):
              * bindings/js/JSDOMBinding.h:
              * bindings/js/JSDOMGlobalObject.cpp:
              (WebCore::JSDOMGlobalObject::visitChildren):
              * bindings/js/JSDOMGlobalObject.h:
              * bindings/js/JSDOMImplementationCustom.cpp:
              (WebCore::JSDOMImplementation::visitChildren):
              * bindings/js/JSDOMWindowCustom.cpp:
              (WebCore::JSDOMWindow::visitChildren):
              * bindings/js/JSDOMWindowShell.cpp:
              (WebCore::JSDOMWindowShell::visitChildren):
              * bindings/js/JSDOMWindowShell.h:
              * bindings/js/JSDocumentCustom.cpp:
              (WebCore::JSDocument::visitChildren):
              * bindings/js/JSElementCustom.cpp:
              (WebCore::JSElement::visitChildren):
              * bindings/js/JSEventListener.cpp:
              (WebCore::JSEventListener::markJSFunction):
              * bindings/js/JSEventListener.h:
              * bindings/js/JSHTMLCanvasElementCustom.cpp:
              (WebCore::JSHTMLCanvasElement::visitChildren):
              * bindings/js/JSHTMLLinkElementCustom.cpp:
              (WebCore::JSHTMLLinkElement::visitChildren):
              * bindings/js/JSHTMLStyleElementCustom.cpp:
              (WebCore::JSHTMLStyleElement::visitChildren):
              * bindings/js/JSImageConstructor.cpp:
              (WebCore::constructImage):
              * bindings/js/JSJavaScriptAudioNodeCustom.cpp:
              (WebCore::JSJavaScriptAudioNode::visitChildren):
              * bindings/js/JSMessageChannelCustom.cpp:
              (WebCore::JSMessageChannel::visitChildren):
              * bindings/js/JSMessagePortCustom.cpp:
              (WebCore::JSMessagePort::visitChildren):
              * bindings/js/JSNamedNodeMapCustom.cpp:
              (WebCore::JSNamedNodeMapOwner::isReachableFromOpaqueRoots):
              (WebCore::JSNamedNodeMap::visitChildren):
              * bindings/js/JSNavigatorCustom.cpp:
              (WebCore::JSNavigator::visitChildren):
              * bindings/js/JSNodeCustom.cpp:
              (WebCore::isObservable):
              (WebCore::isReachableFromDOM):
              (WebCore::JSNodeOwner::isReachableFromOpaqueRoots):
              (WebCore::JSNode::visitChildren):
              * bindings/js/JSNodeCustom.h:
              * bindings/js/JSNodeFilterCondition.cpp:
              (WebCore::JSNodeFilterCondition::WeakOwner::isReachableFromOpaqueRoots):
              * bindings/js/JSNodeFilterCondition.h:
              * bindings/js/JSNodeFilterCustom.cpp:
              (WebCore::JSNodeFilter::visitChildren):
              * bindings/js/JSNodeIteratorCustom.cpp:
              (WebCore::JSNodeIterator::visitChildren):
              * bindings/js/JSNodeListCustom.cpp:
              (WebCore::JSNodeListOwner::isReachableFromOpaqueRoots):
              * bindings/js/JSProcessingInstructionCustom.cpp:
              (WebCore::JSProcessingInstruction::visitChildren):
              * bindings/js/JSSVGElementInstanceCustom.cpp:
              (WebCore::JSSVGElementInstance::visitChildren):
              * bindings/js/JSSharedWorkerCustom.cpp:
              (WebCore::JSSharedWorker::visitChildren):
              * bindings/js/JSStyleSheetCustom.cpp:
              (WebCore::JSStyleSheet::visitChildren):
              * bindings/js/JSTreeWalkerCustom.cpp:
              (WebCore::JSTreeWalker::visitChildren):
              * bindings/js/JSWebGLRenderingContextCustom.cpp:
              (WebCore::JSWebGLRenderingContext::visitChildren):
              * bindings/js/JSWebKitAnimationListCustom.cpp:
              (WebCore::JSWebKitAnimationList::visitChildren):
              * bindings/js/JSWorkerContextCustom.cpp:
              (WebCore::JSWorkerContext::visitChildren):
              * bindings/js/JSXMLHttpRequestCustom.cpp:
              (WebCore::JSXMLHttpRequest::visitChildren):
              * bindings/js/JSXMLHttpRequestUploadCustom.cpp:
              (WebCore::JSXMLHttpRequestUpload::visitChildren):
              * bindings/scripts/CodeGeneratorJS.pm:
              * bridge/qt/qt_instance.cpp:
              (JSC::Bindings::QtRuntimeObject::visitChildren):
              (JSC::Bindings::QtInstance::markAggregate):
              * bridge/qt/qt_instance.h:
              * bridge/qt/qt_pixmapruntime.cpp:
              * bridge/qt/qt_runtime.cpp:
              (JSC::Bindings::QtRuntimeMetaMethod::visitChildren):
              * bridge/qt/qt_runtime.h:
              * dom/EventListener.h:
              (WebCore::EventListener::visitJSFunction):
              * dom/EventTarget.h:
              (WebCore::EventTarget::visitJSEventListeners):
              * dom/Node.h:
              * dom/NodeFilterCondition.h:
              (WebCore::NodeFilterCondition::visitAggregate):
              * page/DOMWindow.h:
              * workers/WorkerContext.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@84556 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      433d02f9
  26. 14 Apr, 2011 2 commits
    • ggaren@apple.com's avatar
      2011-04-14 Geoffrey Garen <ggaren@apple.com> · 6d8758c5
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Drain the mark stack while marking weak handles, not after.
              https://bugs.webkit.org/show_bug.cgi?id=58574
      
              Otherwise, items that would have caused more weak handle marking are
              processed after all weak handle marking has finished, and referenced
              weak handles get recycled.
      
              * heap/HandleHeap.cpp:
              (JSC::HandleHeap::markWeakHandles): Removed looping from here, since we
              want Heap::markRoots to be responsible for draining the mark stack.
      
              * heap/Heap.cpp:
              (JSC::Heap::markRoots): Moved looping to here, as explained above.
              
              For efficiency's sake, drain the mark stack before starting to mark weak
              handles. Otherwise, items drained while marking weak handles may force
              an extra trip through the weak handle list.
      
              For correctness's sake, drain the mark stack each time through the weak
              handle list. Otherwise, opaque roots that would make weak handles reachable
              are not discovered until after weak handle marking is over.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@83910 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6d8758c5
    • oliver@apple.com's avatar
      2011-04-14 Oliver Hunt <oliver@apple.com> · bf9b7f89
      oliver@apple.com authored
              Reviewed by Geoffrey Garen.
      
              Make protected object list in caches window reflect reality
              https://bugs.webkit.org/show_bug.cgi?id=58565
      
              Make sure the heap includes objects protected by Strong handles
              in its list of protected objects.
      
              * heap/HandleHeap.h:
              * heap/Heap.cpp:
              (JSC::HandleHeap::protectedObjectTypeCounts):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@83885 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      bf9b7f89
  27. 13 Apr, 2011 2 commits
    • oliver@apple.com's avatar
      Accidentally made us GC on every allocation. · 611d8b7a
      oliver@apple.com authored
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@83810 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      611d8b7a
    • oliver@apple.com's avatar
      2011-04-13 Oliver Hunt <oliver@apple.com> · bb8da910
      oliver@apple.com authored
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Additional structures are allocated beyond the expected threshold
              so we preflight the test to get them allocated.
      
              * fast/dom/gc-10.html:
      2011-04-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Turn Structure into a GC allocated object.  Most of this patch
              is the mechanical change of replacing variations on RefPtr<Structure>
              with either Structure* (for arguments and locals), WriteBarrier<Structure>
              for the few cases where Structures are held by GC allocated objects
              and Strong<Structure> for the root structure objects in GlobalData.
      
              * API/JSCallbackConstructor.cpp:
              (JSC::JSCallbackConstructor::JSCallbackConstructor):
              * API/JSCallbackConstructor.h:
              (JSC::JSCallbackConstructor::createStructure):
              * API/JSCallbackFunction.h:
              (JSC::JSCallbackFunction::createStructure):
              * API/JSCallbackObject.h:
              (JSC::JSCallbackObject::createStructure):
              * API/JSCallbackObjectFunctions.h:
              (JSC::::JSCallbackObject):
              * API/JSContextRef.cpp:
              * JavaScriptCore.JSVALUE32_64only.exp:
              * JavaScriptCore.JSVALUE64only.exp:
              * JavaScriptCore.exp:
              * bytecode/CodeBlock.cpp:
              (JSC::CodeBlock::~CodeBlock):
              (JSC::CodeBlock::markStructures):
              (JSC::CodeBlock::markAggregate):
              * bytecode/CodeBlock.h:
              (JSC::MethodCallLinkInfo::setSeen):
              (JSC::GlobalResolveInfo::GlobalResolveInfo):
              * bytecode/Instruction.h:
              (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
              (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
              (JSC::PolymorphicAccessStructureList::markAggregate):
              (JSC::Instruction::Instruction):
              * bytecode/StructureStubInfo.cpp:
              (JSC::StructureStubInfo::deref):
              (JSC::StructureStubInfo::markAggregate):
              * bytecode/StructureStubInfo.h:
              (JSC::StructureStubInfo::initGetByIdSelf):
              (JSC::StructureStubInfo::initGetByIdProto):
              (JSC::StructureStubInfo::initGetByIdChain):
              (JSC::StructureStubInfo::initPutByIdTransition):
              (JSC::StructureStubInfo::initPutByIdReplace):
              * debugger/DebuggerActivation.cpp:
              (JSC::DebuggerActivation::DebuggerActivation):
              * debugger/DebuggerActivation.h:
              (JSC::DebuggerActivation::createStructure):
              * heap/Handle.h:
              * heap/MarkStack.cpp:
              (JSC::MarkStack::markChildren):
              (JSC::MarkStack::drain):
              * heap/MarkedBlock.cpp:
              (JSC::MarkedBlock::MarkedBlock):
              (JSC::MarkedBlock::sweep):
              * heap/Strong.h:
              (JSC::Strong::Strong):
              (JSC::Strong::set):
              * interpreter/Interpreter.cpp:
              (JSC::Interpreter::resolveGlobal):
              (JSC::Interpreter::resolveGlobalDynamic):
              (JSC::Interpreter::tryCachePutByID):
              (JSC::Interpreter::uncachePutByID):
              (JSC::Interpreter::tryCacheGetByID):
              (JSC::Interpreter::uncacheGetByID):
              (JSC::Interpreter::privateExecute):
              * jit/JIT.h:
              * jit/JITPropertyAccess.cpp:
              (JSC::JIT::privateCompilePutByIdTransition):
              (JSC::JIT::patchMethodCallProto):
              (JSC::JIT::privateCompileGetByIdProto):
              (JSC::JIT::privateCompileGetByIdSelfList):
              (JSC::JIT::privateCompileGetByIdProtoList):
              (JSC::JIT::privateCompileGetByIdChainList):
              (JSC::JIT::privateCompileGetByIdChain):
              * jit/JITPropertyAccess32_64.cpp:
              (JSC::JIT::privateCompilePutByIdTransition):
              (JSC::JIT::patchMethodCallProto):
              (JSC::JIT::privateCompileGetByIdProto):
              (JSC::JIT::privateCompileGetByIdSelfList):
              (JSC::JIT::privateCompileGetByIdProtoList):
              (JSC::JIT::privateCompileGetByIdChainList):
              (JSC::JIT::privateCompileGetByIdChain):
              * jit/JITStubs.cpp:
              (JSC::JITThunks::tryCachePutByID):
              (JSC::JITThunks::tryCacheGetByID):
              (JSC::DEFINE_STUB_FUNCTION):
              (JSC::getPolymorphicAccessStructureListSlot):
              * jit/JSInterfaceJIT.h:
              (JSC::JSInterfaceJIT::storePtrWithWriteBarrier):
              * jsc.cpp:
              (cleanupGlobalData):
              * runtime/Arguments.h:
              (JSC::Arguments::createStructure):
              (JSC::Arguments::Arguments):
              (JSC::JSActivation::copyRegisters):
              * runtime/ArrayConstructor.cpp:
              (JSC::ArrayConstructor::ArrayConstructor):
              (JSC::constructArrayWithSizeQuirk):
              * runtime/ArrayConstructor.h:
              * runtime/ArrayPrototype.cpp:
              (JSC::ArrayPrototype::ArrayPrototype):
              (JSC::arrayProtoFuncSplice):
              * runtime/ArrayPrototype.h:
              (JSC::ArrayPrototype::createStructure):
              * runtime/BatchedTransitionOptimizer.h:
              (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):
              * runtime/BooleanConstructor.cpp:
              (JSC::BooleanConstructor::BooleanConstructor):
              * runtime/BooleanConstructor.h:
              * runtime/BooleanObject.cpp:
              (JSC::BooleanObject::BooleanObject):
              * runtime/BooleanObject.h:
              (JSC::BooleanObject::createStructure):
              * runtime/BooleanPrototype.cpp:
              (JSC::BooleanPrototype::BooleanPrototype):
              * runtime/BooleanPrototype.h:
              * runtime/DateConstructor.cpp:
              (JSC::DateConstructor::DateConstructor):
              * runtime/DateConstructor.h:
              * runtime/DateInstance.cpp:
              (JSC::DateInstance::DateInstance):
              * runtime/DateInstance.h:
              (JSC::DateInstance::createStructure):
              * runtime/DatePrototype.cpp:
              (JSC::DatePrototype::DatePrototype):
              * runtime/DatePrototype.h:
              (JSC::DatePrototype::createStructure):
              * runtime/Error.cpp:
              (JSC::StrictModeTypeErrorFunction::StrictModeTypeErrorFunction):
              * runtime/ErrorConstructor.cpp:
              (JSC::ErrorConstructor::ErrorConstructor):
              * runtime/ErrorConstructor.h:
              * runtime/ErrorInstance.cpp:
              (JSC::ErrorInstance::ErrorInstance):
              (JSC::ErrorInstance::create):
              * runtime/ErrorInstance.h:
              (JSC::ErrorInstance::createStructure):
              * runtime/ErrorPrototype.cpp:
              (JSC::ErrorPrototype::ErrorPrototype):
              * runtime/ErrorPrototype.h:
              * runtime/ExceptionHelpers.cpp:
              (JSC::InterruptedExecutionError::InterruptedExecutionError):
              (JSC::TerminatedExecutionError::TerminatedExecutionError):
              * runtime/Executable.cpp:
              * runtime/Executable.h:
              (JSC::ExecutableBase::ExecutableBase):
              (JSC::ExecutableBase::createStructure):
              (JSC::NativeExecutable::createStructure):
              (JSC::NativeExecutable::NativeExecutable):
              (JSC::ScriptExecutable::ScriptExecutable):
              (JSC::EvalExecutable::createStructure):
              (JSC::ProgramExecutable::createStructure):
              (JSC::FunctionExecutable::createStructure):
              * runtime/FunctionConstructor.cpp:
              (JSC::FunctionConstructor::FunctionConstructor):
              * runtime/FunctionConstructor.h:
              * runtime/FunctionPrototype.cpp:
              (JSC::FunctionPrototype::FunctionPrototype):
              * runtime/FunctionPrototype.h:
              (JSC::FunctionPrototype::createStructure):
              * runtime/GetterSetter.h:
              (JSC::GetterSetter::GetterSetter):
              (JSC::GetterSetter::createStructure):
              * runtime/InitializeThreading.cpp:
              (JSC::initializeThreadingOnce):
              * runtime/InternalFunction.cpp:
              (JSC::InternalFunction::InternalFunction):
              * runtime/InternalFunction.h:
              (JSC::InternalFunction::createStructure):
              * runtime/JSAPIValueWrapper.h:
              (JSC::JSAPIValueWrapper::createStructure):
              (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
              * runtime/JSActivation.cpp:
              (JSC::JSActivation::JSActivation):
              * runtime/JSActivation.h:
              (JSC::JSActivation::createStructure):
              * runtime/JSArray.cpp:
              (JSC::JSArray::JSArray):
              * runtime/JSArray.h:
              (JSC::JSArray::createStructure):
              * runtime/JSByteArray.cpp:
              (JSC::JSByteArray::JSByteArray):
              (JSC::JSByteArray::createStructure):
              * runtime/JSByteArray.h:
              (JSC::JSByteArray::JSByteArray):
              * runtime/JSCell.cpp:
              (JSC::isZombie):
              * runtime/JSCell.h:
              (JSC::JSCell::JSCell::JSCell):
              (JSC::JSCell::JSCell::addressOfStructure):
              (JSC::JSCell::JSCell::structure):
              (JSC::JSCell::JSCell::markChildren):
              (JSC::JSCell::JSValue::isZombie):
              * runtime/JSFunction.cpp:
              (JSC::JSFunction::JSFunction):
              * runtime/JSFunction.h:
              (JSC::JSFunction::createStructure):
              * runtime/JSGlobalData.cpp:
              (JSC::JSGlobalData::storeVPtrs):
              (JSC::JSGlobalData::JSGlobalData):
              (JSC::JSGlobalData::clearBuiltinStructures):
              (JSC::JSGlobalData::createLeaked):
              * runtime/JSGlobalData.h:
              (JSC::allocateGlobalHandle):
              * runtime/JSGlobalObject.cpp:
              (JSC::JSGlobalObject::reset):
              (JSC::JSGlobalObject::markChildren):
              (JSC::JSGlobalObject::copyGlobalsFrom):
              * runtime/JSGlobalObject.h:
              (JSC::JSGlobalObject::JSGlobalObject):
              (JSC::JSGlobalObject::createStructure):
              (JSC::Structure::prototypeChain):
              (JSC::Structure::isValid):
              (JSC::constructEmptyArray):
              * runtime/JSNotAnObject.h:
              (JSC::JSNotAnObject::JSNotAnObject):
              (JSC::JSNotAnObject::createStructure):
              * runtime/JSONObject.cpp:
              (JSC::JSONObject::JSONObject):
              * runtime/JSONObject.h:
              (JSC::JSONObject::createStructure):
              * runtime/JSObject.cpp:
              (JSC::JSObject::defineGetter):
              (JSC::JSObject::defineSetter):
              (JSC::JSObject::seal):
              (JSC::JSObject::freeze):
              (JSC::JSObject::preventExtensions):
              (JSC::JSObject::removeDirect):
              (JSC::JSObject::createInheritorID):
              * runtime/JSObject.h:
              (JSC::JSObject::createStructure):
              (JSC::JSObject::JSObject):
              (JSC::JSNonFinalObject::createStructure):
              (JSC::JSNonFinalObject::JSNonFinalObject):
              (JSC::JSFinalObject::create):
              (JSC::JSFinalObject::createStructure):
              (JSC::JSFinalObject::JSFinalObject):
              (JSC::constructEmptyObject):
              (JSC::createEmptyObjectStructure):
              (JSC::JSObject::~JSObject):
              (JSC::JSObject::setPrototype):
              (JSC::JSObject::setStructure):
              (JSC::JSObject::inheritorID):
              (JSC::JSObject::putDirectInternal):
              (JSC::JSObject::transitionTo):
              (JSC::JSObject::markChildrenDirect):
              * runtime/JSObjectWithGlobalObject.cpp:
              (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
              * runtime/JSObjectWithGlobalObject.h:
              (JSC::JSObjectWithGlobalObject::createStructure):
              (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
              * runtime/JSPropertyNameIterator.cpp:
              (JSC::JSPropertyNameIterator::JSPropertyNameIterator):
              (JSC::JSPropertyNameIterator::create):
              (JSC::JSPropertyNameIterator::get):
              * runtime/JSPropertyNameIterator.h:
              (JSC::JSPropertyNameIterator::createStructure):
              (JSC::JSPropertyNameIterator::setCachedStructure):
              (JSC::Structure::setEnumerationCache):
              * runtime/JSStaticScopeObject.h:
              (JSC::JSStaticScopeObject::JSStaticScopeObject):
              (JSC::JSStaticScopeObject::createStructure):
              * runtime/JSString.h:
              (JSC::RopeBuilder::JSString):
              (JSC::RopeBuilder::createStructure):
              * runtime/JSType.h:
              * runtime/JSTypeInfo.h:
              (JSC::TypeInfo::TypeInfo):
              * runtime/JSValue.h:
              * runtime/JSVariableObject.h:
              (JSC::JSVariableObject::createStructure):
              (JSC::JSVariableObject::JSVariableObject):
              (JSC::JSVariableObject::copyRegisterArray):
              * runtime/JSWrapperObject.h:
              (JSC::JSWrapperObject::createStructure):
              (JSC::JSWrapperObject::JSWrapperObject):
              * runtime/JSZombie.cpp:
              * runtime/JSZombie.h:
              (JSC::JSZombie::JSZombie):
              (JSC::JSZombie::createStructure):
              * runtime/MathObject.cpp:
              (JSC::MathObject::MathObject):
              * runtime/MathObject.h:
              (JSC::MathObject::createStructure):
              * runtime/NativeErrorConstructor.cpp:
              (JSC::NativeErrorConstructor::NativeErrorConstructor):
              (JSC::NativeErrorConstructor::markChildren):
              * runtime/NativeErrorConstructor.h:
              (JSC::NativeErrorConstructor::createStructure):
              * runtime/NativeErrorPrototype.cpp:
              (JSC::NativeErrorPrototype::NativeErrorPrototype):
              * runtime/NativeErrorPrototype.h:
              * runtime/NumberConstructor.cpp:
              (JSC::NumberConstructor::NumberConstructor):
              * runtime/NumberConstructor.h:
              (JSC::NumberConstructor::createStructure):
              * runtime/NumberObject.cpp:
              (JSC::NumberObject::NumberObject):
              * runtime/NumberObject.h:
              (JSC::NumberObject::createStructure):
              * runtime/NumberPrototype.cpp:
              (JSC::NumberPrototype::NumberPrototype):
              * runtime/NumberPrototype.h:
              * runtime/ObjectConstructor.cpp:
              (JSC::ObjectConstructor::ObjectConstructor):
              * runtime/ObjectConstructor.h:
              (JSC::ObjectConstructor::createStructure):
              * runtime/ObjectPrototype.cpp:
              (JSC::ObjectPrototype::ObjectPrototype):
              * runtime/ObjectPrototype.h:
              * runtime/PropertyMapHashTable.h:
              (JSC::PropertyTable::PropertyTable):
              * runtime/RegExpConstructor.cpp:
              (JSC::RegExpConstructor::RegExpConstructor):
              (JSC::RegExpMatchesArray::RegExpMatchesArray):
              * runtime/RegExpConstructor.h:
              (JSC::RegExpConstructor::createStructure):
              * runtime/RegExpObject.cpp:
              (JSC::RegExpObject::RegExpObject):
              * runtime/RegExpObject.h:
              (JSC::RegExpObject::createStructure):
              * runtime/RegExpPrototype.cpp:
              (JSC::RegExpPrototype::RegExpPrototype):
              * runtime/RegExpPrototype.h:
              * runtime/ScopeChain.h:
              (JSC::ScopeChainNode::ScopeChainNode):
              (JSC::ScopeChainNode::createStructure):
              * runtime/StrictEvalActivation.cpp:
              (JSC::StrictEvalActivation::StrictEvalActivation):
              * runtime/StringConstructor.cpp:
              (JSC::StringConstructor::StringConstructor):
              * runtime/StringConstructor.h:
              * runtime/StringObject.cpp:
              (JSC::StringObject::StringObject):
              * runtime/StringObject.h:
              (JSC::StringObject::createStructure):
              * runtime/StringObjectThatMasqueradesAsUndefined.h:
              (JSC::StringObjectThatMasqueradesAsUndefined::StringObjectThatMasqueradesAsUndefined):
              (JSC::StringObjectThatMasqueradesAsUndefined::createStructure):
              * runtime/StringPrototype.cpp:
              (JSC::StringPrototype::StringPrototype):
              * runtime/StringPrototype.h:
              (JSC::StringPrototype::createStructure):
              * runtime/Structure.cpp:
              (JSC::StructureTransitionTable::remove):
              (JSC::StructureTransitionTable::add):
              (JSC::Structure::Structure):
              (JSC::Structure::~Structure):
              (JSC::Structure::materializePropertyMap):
              (JSC::Structure::addPropertyTransitionToExistingStructure):
              (JSC::Structure::addPropertyTransition):
              (JSC::Structure::removePropertyTransition):
              (JSC::Structure::changePrototypeTransition):
              (JSC::Structure::despecifyFunctionTransition):
              (JSC::Structure::getterSetterTransition):
              (JSC::Structure::toDictionaryTransition):
              (JSC::Structure::toCacheableDictionaryTransition):
              (JSC::Structure::toUncacheableDictionaryTransition):
              (JSC::Structure::sealTransition):
              (JSC::Structure::freezeTransition):
              (JSC::Structure::preventExtensionsTransition):
              (JSC::Structure::flattenDictionaryStructure):
              (JSC::Structure::copyPropertyTable):
              (JSC::Structure::put):
              (JSC::Structure::markChildren):
              * runtime/Structure.h:
              (JSC::Structure::create):
              (JSC::Structure::setPrototypeWithoutTransition):
              (JSC::Structure::createStructure):
              (JSC::JSCell::createDummyStructure):
              (JSC::StructureTransitionTable::WeakGCMapFinalizerCallback::keyForFinalizer):
              * runtime/StructureChain.cpp:
              (JSC::StructureChain::StructureChain):
              (JSC::StructureChain::markChildren):
              * runtime/StructureChain.h:
              (JSC::StructureChain::create):
              (JSC::StructureChain::head):
              (JSC::StructureChain::createStructure):
              * runtime/StructureTransitionTable.h:
              (JSC::StructureTransitionTable::WeakGCMapFinalizerCallback::finalizerContextFor):
              (JSC::StructureTransitionTable::~StructureTransitionTable):
              (JSC::StructureTransitionTable::slot):
              (JSC::StructureTransitionTable::setMap):
              (JSC::StructureTransitionTable::singleTransition):
              (JSC::StructureTransitionTable::clearSingleTransition):
              (JSC::StructureTransitionTable::setSingleTransition):
              * runtime/WeakGCMap.h:
              (JSC::DefaultWeakGCMapFinalizerCallback::finalizerContextFor):
              (JSC::DefaultWeakGCMapFinalizerCallback::keyForFinalizer):
              (JSC::WeakGCMap::contains):
              (JSC::WeakGCMap::find):
              (JSC::WeakGCMap::remove):
              (JSC::WeakGCMap::add):
              (JSC::WeakGCMap::set):
              (JSC::WeakGCMap::finalize):
              * runtime/WriteBarrier.h:
              (JSC::writeBarrier):
              (JSC::WriteBarrierBase::set):
              (JSC::WriteBarrierBase::operator*):
              (JSC::WriteBarrierBase::operator->):
              (JSC::WriteBarrierBase::setWithoutWriteBarrier):
      2011-04-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Fix up JSG to correctly mark Structure, et al.
      
              * JSRun.cpp:
              (JSGlueGlobalObject::JSGlueGlobalObject):
              * JSRun.h:
              * JSUtils.cpp:
              (JSObjectKJSValue):
              * UserObjectImp.cpp:
              (UserObjectImp::UserObjectImp):
              * UserObjectImp.h:
              (UserObjectImp::createStructure):
      2011-04-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Update WebCore for Structure being a GC allocated object
      
              * WebCore.exp.in:
              * bindings/js/JSAudioConstructor.h:
              (WebCore::JSAudioConstructor::createStructure):
              * bindings/js/JSDOMBinding.cpp:
              (WebCore::cacheDOMStructure):
              * bindings/js/JSDOMBinding.h:
              (WebCore::DOMObjectWithGlobalPointer::createStructure):
              (WebCore::DOMObjectWithGlobalPointer::DOMObjectWithGlobalPointer):
              (WebCore::DOMConstructorObject::createStructure):
              (WebCore::DOMConstructorObject::DOMConstructorObject):
              (WebCore::DOMConstructorWithDocument::DOMConstructorWithDocument):
              * bindings/js/JSDOMGlobalObject.cpp:
              (WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
              (WebCore::JSDOMGlobalObject::markChildren):
              * bindings/js/JSDOMGlobalObject.h:
              (WebCore::JSDOMGlobalObject::createStructure):
              * bindings/js/JSDOMWindowBase.cpp:
              (WebCore::JSDOMWindowBase::JSDOMWindowBase):
              * bindings/js/JSDOMWindowBase.h:
              (WebCore::JSDOMWindowBase::createStructure):
              * bindings/js/JSDOMWindowShell.cpp:
              (WebCore::JSDOMWindowShell::JSDOMWindowShell):
              (WebCore::JSDOMWindowShell::setWindow):
              * bindings/js/JSDOMWindowShell.h:
              (WebCore::JSDOMWindowShell::createStructure):
              * bindings/js/JSDOMWrapper.h:
              (WebCore::DOMObject::DOMObject):
              * bindings/js/JSEventListener.cpp:
              (WebCore::JSEventListener::JSEventListener):
              * bindings/js/JSImageConstructor.h:
              (WebCore::JSImageConstructor::createStructure):
              * bindings/js/JSImageDataCustom.cpp:
              (WebCore::toJS):
              * bindings/js/JSOptionConstructor.h:
              (WebCore::JSOptionConstructor::createStructure):
              * bindings/js/JSWorkerContextBase.cpp:
              (WebCore::JSWorkerContextBase::JSWorkerContextBase):
              * bindings/js/JSWorkerContextBase.h:
              (WebCore::JSWorkerContextBase::createStructure):
              * bindings/js/ScriptCachedFrameData.h:
              * bindings/js/SerializedScriptValue.h:
              * bindings/js/WorkerScriptController.cpp:
              (WebCore::WorkerScriptController::initScript):
              * bindings/scripts/CodeGeneratorJS.pm:
              * bridge/c/CRuntimeObject.h:
              (JSC::Bindings::CRuntimeObject::createStructure):
              * bridge/c/c_instance.cpp:
              (JSC::Bindings::CRuntimeMethod::createStructure):
              * bridge/jni/jsc/JavaInstanceJSC.cpp:
              (JavaRuntimeMethod::createStructure):
              * bridge/jni/jsc/JavaRuntimeObject.h:
              (JSC::Bindings::JavaRuntimeObject::createStructure):
              * bridge/objc/ObjCRuntimeObject.h:
              (JSC::Bindings::ObjCRuntimeObject::createStructure):
              * bridge/objc/objc_instance.mm:
              (ObjCRuntimeMethod::createStructure):
              * bridge/objc/objc_runtime.h:
              (JSC::Bindings::ObjcFallbackObjectImp::createStructure):
              * bridge/runtime_array.cpp:
              (JSC::RuntimeArray::RuntimeArray):
              * bridge/runtime_array.h:
              (JSC::RuntimeArray::createStructure):
              * bridge/runtime_method.cpp:
              (JSC::RuntimeMethod::RuntimeMethod):
              * bridge/runtime_method.h:
              (JSC::RuntimeMethod::createStructure):
              * bridge/runtime_object.cpp:
              (JSC::Bindings::RuntimeObject::RuntimeObject):
              * bridge/runtime_object.h:
              (JSC::Bindings::RuntimeObject::createStructure):
              * history/HistoryItem.h:
      2011-04-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Update WebKit for the world of GC allocated Structure
      
              * Plugins/Hosted/NetscapePluginInstanceProxy.h:
              * Plugins/Hosted/ProxyInstance.mm:
              (WebKit::ProxyRuntimeMethod::createStructure):
              * Plugins/Hosted/ProxyRuntimeObject.h:
              (WebKit::ProxyRuntimeObject::createStructure):
      2011-04-13  Oliver Hunt  <oliver@apple.com>
      
              Reviewed by Geoff Garen.
      
              GC allocate Structure
              https://bugs.webkit.org/show_bug.cgi?id=58483
      
              Update WK2 for the world of GC allocated Structure
      
              * WebProcess/Plugins/Netscape/JSNPMethod.h:
              (WebKit::JSNPMethod::createStructure):
              * WebProcess/Plugins/Netscape/JSNPObject.h:
              (WebKit::JSNPObject::createStructure):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@83808 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      bb8da910
  28. 11 Apr, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-04-11 Geoffrey Garen <ggaren@apple.com> · 0b32d098
      ggaren@apple.com authored
              Rubber-stamped by Sam Weinig.
              
              Moved remaining heap implementation files to the heap folder.
      
              * Android.mk:
              * CMakeLists.txt:
              * GNUmakefile.list.am:
              * JavaScriptCore.gypi:
              * JavaScriptCore.pro:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * heap/ConservativeRoots.cpp: Copied from runtime/ConservativeSet.cpp.
              * heap/ConservativeRoots.h: Copied from runtime/ConservativeSet.h.
              * heap/Handle.h:
              * heap/Heap.cpp:
              * heap/MachineStackMarker.cpp: Copied from runtime/MachineStackMarker.cpp.
              * heap/MachineStackMarker.h: Copied from runtime/MachineStackMarker.h.
              * heap/MarkStack.cpp: Copied from runtime/MarkStack.cpp.
              * heap/MarkStack.h: Copied from runtime/MarkStack.h.
              * heap/MarkStackPosix.cpp: Copied from runtime/MarkStackPosix.cpp.
              * heap/MarkStackSymbian.cpp: Copied from runtime/MarkStackSymbian.cpp.
              * heap/MarkStackWin.cpp: Copied from runtime/MarkStackWin.cpp.
              * heap/MarkedBlock.cpp: Copied from runtime/MarkedBlock.cpp.
              * heap/MarkedBlock.h: Copied from runtime/MarkedBlock.h.
              * heap/MarkedSpace.cpp: Copied from runtime/MarkedSpace.cpp.
              * heap/MarkedSpace.h: Copied from runtime/MarkedSpace.h.
              * interpreter/RegisterFile.cpp:
              * runtime/ConservativeSet.cpp: Removed.
              * runtime/ConservativeSet.h: Removed.
              * runtime/MachineStackMarker.cpp: Removed.
              * runtime/MachineStackMarker.h: Removed.
              * runtime/MarkStack.cpp: Removed.
              * runtime/MarkStack.h: Removed.
              * runtime/MarkStackPosix.cpp: Removed.
              * runtime/MarkStackSymbian.cpp: Removed.
              * runtime/MarkStackWin.cpp: Removed.
              * runtime/MarkedBlock.cpp: Removed.
              * runtime/MarkedBlock.h: Removed.
              * runtime/MarkedSpace.cpp: Removed.
              * runtime/MarkedSpace.h: Removed.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@83506 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0b32d098
  29. 10 Apr, 2011 1 commit
    • ggaren@apple.com's avatar
      Moved Heap.h and Heap.cpp to the heap folder, because anything less · 0c5bd6e1
      ggaren@apple.com authored
      would be uncivilized.
      
      Rubber-stamped by Beth Dakin.
      
      Source/JavaScriptCore: 
      
      * Android.mk:
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.gypi:
      * JavaScriptCore.pro:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * heap/Heap.cpp: Copied from JavaScriptCore/runtime/Heap.cpp.
      * heap/Heap.h: Copied from JavaScriptCore/runtime/Heap.h.
      * runtime/Heap.cpp: Removed.
      * runtime/Heap.h: Removed.
      
      Source/WebCore: 
      
      * ForwardingHeaders/heap/Heap.h: Copied from WebCore/ForwardingHeaders/runtime/Heap.h.
      * ForwardingHeaders/runtime/Heap.h: Removed.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@83418 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0c5bd6e1