1. 26 Aug, 2011 1 commit
    • fpizlo@apple.com's avatar
      The GC does not have a facility for profiling the kinds of objects · d6bcd37d
      fpizlo@apple.com authored
      that occupy the heap
      https://bugs.webkit.org/show_bug.cgi?id=66849
      
      Reviewed by Geoffrey Garen.
      
      Destructor calls and object scans are now optionally counted, per
      vtable. When the heap is destroyed and profiling is enabled, the
      counts are dumped, with care taken to print the names of classes
      (modulo C++ mangling) sorted in descending commonality.
      
      * GNUmakefile.list.am:
      * JavaScriptCore.exp:
      * JavaScriptCore.pro:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * heap/Heap.cpp:
      (JSC::Heap::destroy):
      * heap/Heap.h:
      * heap/MarkStack.cpp:
      (JSC::SlotVisitor::visitChildren):
      (JSC::SlotVisitor::drain):
      * heap/MarkStack.h:
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::callDestructor):
      * heap/MarkedBlock.h:
      * heap/VTableSpectrum.cpp: Added.
      (JSC::VTableSpectrum::VTableSpectrum):
      (JSC::VTableSpectrum::~VTableSpectrum):
      (JSC::VTableSpectrum::countVPtr):
      (JSC::VTableSpectrum::count):
      (JSC::VTableAndCount::VTableAndCount):
      (JSC::VTableAndCount::operator<):
      (JSC::VTableSpectrum::dump):
      * heap/VTableSpectrum.h: Added.
      * wtf/Platform.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@93918 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d6bcd37d
  2. 02 Aug, 2011 1 commit
    • fpizlo@apple.com's avatar
      JSC GC uses dummy cells to avoid having to remember which cells · d9a81f43
      fpizlo@apple.com authored
      it has already destroyed
      https://bugs.webkit.org/show_bug.cgi?id=65556
      
      Reviewed by Oliver Hunt.
      
      This gets rid of dummy cells, and ensures that it's not necessary
      to invoke a destructor on cells that have already been swept.  In
      the common case, a block knows that either all of its free cells
      still need to have destructors called, or none of them do, which
      minimizes the amount of branching that needs to happen per cell
      when performing a sweep.
      
      This is performance neutral on SunSpider and V8.  It is meant as
      a stepping stone to simplify the implementation of more
      sophisticated sweeping algorithms.
      
      * heap/Heap.cpp:
      (JSC::CountFunctor::ClearMarks::operator()):
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::initForCellSize):
      (JSC::MarkedBlock::callDestructor):
      (JSC::MarkedBlock::specializedReset):
      (JSC::MarkedBlock::reset):
      (JSC::MarkedBlock::specializedSweep):
      (JSC::MarkedBlock::sweep):
      (JSC::MarkedBlock::produceFreeList):
      (JSC::MarkedBlock::lazySweep):
      (JSC::MarkedBlock::blessNewBlockForFastPath):
      (JSC::MarkedBlock::blessNewBlockForSlowPath):
      (JSC::MarkedBlock::canonicalizeBlock):
      * heap/MarkedBlock.h:
      (JSC::MarkedBlock::FreeCell::setNoObject):
      (JSC::MarkedBlock::setDestructorState):
      (JSC::MarkedBlock::destructorState):
      (JSC::MarkedBlock::notifyMayHaveFreshFreeCells):
      * runtime/JSCell.cpp:
      * runtime/JSCell.h:
      (JSC::JSCell::JSCell::JSCell):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::clearBuiltinStructures):
      * runtime/JSGlobalData.h:
      * runtime/Structure.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@92233 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d9a81f43
  3. 31 Jul, 2011 2 commits
  4. 29 Jul, 2011 1 commit
    • fpizlo@apple.com's avatar
      JSC GC zombie support no longer works, and is likely no longer needed. · 2f1f3943
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=65404
      
      Reviewed by Darin Adler.
      
      This removes zombies, because they no longer work, are not tested, are
      probably not needed, and are getting in the way of GC optimization
      work.
      
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * heap/Handle.h:
      (JSC::HandleConverter::operator->):
      (JSC::HandleConverter::operator*):
      * heap/HandleHeap.cpp:
      (JSC::HandleHeap::isValidWeakNode):
      * heap/Heap.cpp:
      (JSC::Heap::destroy):
      (JSC::Heap::collect):
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::sweep):
      * heap/MarkedBlock.h:
      (JSC::MarkedBlock::clearMarks):
      * interpreter/Register.h:
      (JSC::Register::Register):
      (JSC::Register::operator=):
      * runtime/ArgList.h:
      (JSC::MarkedArgumentBuffer::append):
      (JSC::ArgList::ArgList):
      * runtime/JSCell.cpp:
      (JSC::isZombie):
      * runtime/JSCell.h:
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      (JSC::JSGlobalData::clearBuiltinStructures):
      * runtime/JSGlobalData.h:
      * runtime/JSValue.h:
      * runtime/JSValueInlineMethods.h:
      (JSC::JSValue::JSValue):
      * runtime/JSZombie.cpp: Removed.
      * runtime/JSZombie.h: Removed.
      * runtime/WriteBarrier.h:
      (JSC::WriteBarrierBase::setEarlyValue):
      (JSC::WriteBarrierBase::operator*):
      (JSC::WriteBarrierBase::setWithoutWriteBarrier):
      * wtf/Platform.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@92046 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2f1f3943
  5. 14 Jul, 2011 1 commit
    • commit-queue@webkit.org's avatar
      GC allocation fast path has too many operations. · e8dceaf2
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=64493
      
      Patch by Filip Pizlo <fpizlo@apple.com> on 2011-07-14
      Reviewed by Darin Adler.
      
      Changed the timing of the lazy sweep so that it occurs when we land on
      a previously-unsweeped block, rather than whenever we land on an unsweeped
      cell.  After the per-block lazy sweep occurs, the block is turned into a
      singly linked list of free cells.  The allocation fast path is now just a
      load-branch-store to remove a cell from the head of the list.
      
      Additionally, this changes the way new blocks are allocated.  Previously,
      they would be populated with dummy cells.  With this patch, they are
      turned into a free list, which means that there will never be destructor
      calls for allocations in fresh blocks.
      
      These changes result in a 1.9% speed-up on V8, and a 0.6% speed-up on
      SunSpider.  There are no observed statistically significant slow-downs
      on any individual benchmark.
      
      * JavaScriptCore.exp:
      * heap/Heap.cpp:
      (JSC::Heap::allocateSlowCase):
      (JSC::Heap::collect):
      (JSC::Heap::canonicalizeBlocks):
      (JSC::Heap::resetAllocator):
      * heap/Heap.h:
      (JSC::Heap::forEachProtectedCell):
      (JSC::Heap::forEachCell):
      (JSC::Heap::forEachBlock):
      (JSC::Heap::allocate):
      * heap/MarkedBlock.cpp:
      (JSC::MarkedBlock::MarkedBlock):
      (JSC::MarkedBlock::lazySweep):
      (JSC::MarkedBlock::blessNewBlockForFastPath):
      (JSC::MarkedBlock::blessNewBlockForSlowPath):
      (JSC::MarkedBlock::canonicalizeBlock):
      * heap/MarkedBlock.h:
      * heap/NewSpace.cpp:
      (JSC::NewSpace::addBlock):
      (JSC::NewSpace::canonicalizeBlocks):
      * heap/NewSpace.h:
      (JSC::NewSpace::allocate):
      (JSC::NewSpace::SizeClass::SizeClass):
      (JSC::NewSpace::SizeClass::canonicalizeBlock):
      * heap/OldSpace.cpp:
      (JSC::OldSpace::addBlock):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@91039 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      e8dceaf2
  6. 17 Jun, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-06-16 Geoffrey Garen <ggaren@apple.com> · 69f77964
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Added some write barrier action, compiled out by default
              https://bugs.webkit.org/show_bug.cgi?id=62844
      
              * JavaScriptCore.exp: Build!
      
              * JavaScriptCore.xcodeproj/project.pbxproj: Fixed an incremental build
              issue with Heap.cpp.
      
              * heap/Heap.cpp:
              (JSC::Heap::writeBarrierSlowCase):
              * heap/Heap.h:
              (JSC::Heap::writeBarrier):
              * heap/MarkedBlock.h:
              (JSC::MarkedBlock::isAtomAligned):
              (JSC::MarkedBlock::blockFor):
              (JSC::MarkedBlock::atomNumber):
              (JSC::MarkedBlock::ownerSetNumber):
              (JSC::MarkedBlock::addOldSpaceOwner):
              (JSC::MarkedBlock::OwnerSet::OwnerSet):
              (JSC::MarkedBlock::OwnerSet::add):
              (JSC::MarkedBlock::OwnerSet::clear):
              (JSC::MarkedBlock::OwnerSet::size):
              (JSC::MarkedBlock::OwnerSet::didOverflow):
              (JSC::MarkedBlock::OwnerSet::owners): Added a basic write barrier that
              tracks owners for regions within blocks. Currently unused.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@89156 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      69f77964
  7. 09 Jun, 2011 3 commits
    • ggaren@apple.com's avatar
      2011-06-09 Geoffrey Garen <ggaren@apple.com> · f68b13e7
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Added OldSpace to the project
              https://bugs.webkit.org/show_bug.cgi?id=62417
              
              Currently unused.
              
              Added OldSpace, the ability to iterate NewSpace vs OldSpace, and a
              per-block flag for testing whether you're in NewSpace vs OldSpace.
      
              * CMakeLists.txt:
              * GNUmakefile.list.am:
              * JavaScriptCore.gypi:
              * JavaScriptCore.pro:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
              * JavaScriptCore.xcodeproj/project.pbxproj: Build!
      
              * heap/MarkedBlock.cpp:
              (JSC::MarkedBlock::MarkedBlock):
              * heap/MarkedBlock.h:
              (JSC::MarkedBlock::inNewSpace):
              (JSC::MarkedBlock::setInNewSpace): Added inNewSpace flag, for use in
              write barrier.
      
              * heap/NewSpace.cpp:
              (JSC::NewSpace::addBlock):
              (JSC::NewSpace::removeBlock):
              * heap/NewSpace.h:
              (JSC::NewSpace::forEachBlock): Added forEachBlock, to use for
              NewSpace-specific operations.
      
              * heap/OldSpace.cpp: Added.
              (JSC::OldSpace::OldSpace):
              (JSC::OldSpace::addBlock):
              (JSC::OldSpace::removeBlock):
              * heap/OldSpace.h: Added.
              (JSC::OldSpace::forEachBlock): New class for holding promoted blocks.
              Not in use yet.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@88519 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f68b13e7
    • ggaren@apple.com's avatar
      2011-06-09 Geoffrey Garen <ggaren@apple.com> · 28cfb358
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Factored MarkedBlock set management into a helper class with a fast case Bloom filter
              https://bugs.webkit.org/show_bug.cgi?id=62413
              
              SunSpider reports a small speedup.
              
              This is in preparation for having ConservativeSet operate on arbitrary
              sets of MarkedBlocks, and in preparation for conservative scanning
              becoming proportionally more important than other GC activities.
      
              * GNUmakefile.list.am:
              * JavaScriptCore.gypi:
              * JavaScriptCore.xcodeproj/project.pbxproj: Build-o.
      
              * heap/ConservativeRoots.cpp:
              (JSC::ConservativeRoots::add):
              * heap/ConservativeRoots.h:
              (JSC::ConservativeRoots::ConservativeRoots): Operate on a MarkedBlockSet
              directly, instead of a Heap, so we can operate on subsets of the Heap
              instead.
              
              Use a TinyBloomFilter for single-cycle exclusion of most pointers. This
              is particularly important since we expect not to find our subject pointer
              in the MarkedBlock hash, and hash misses are more expensive than typical
              hash lookups because they have high collision rates.
              
              No need for single-pointer add() to be public anymore, since nobody uses it.
      
              * heap/Heap.cpp:
              (JSC::Heap::markRoots):
              * heap/Heap.h:
              (JSC::Heap::forEachCell):
              (JSC::Heap::forEachBlock): Use MarkedBlockSet since that's what
              ConservativeRoots relies on.
              
              Nixed contains(), since nobody uses it anymore.
      
              * heap/MarkedBlock.h:
              (WTF::MarkedBlockHash::hash): Added a faster hash taking advantage of
              the VM layout properties of MarkedBlocks.
      
              * heap/MarkedBlockSet.h: Added.
              (JSC::MarkedBlockSet::add):
              (JSC::MarkedBlockSet::remove):
              (JSC::MarkedBlockSet::recomputeFilter):
              (JSC::MarkedBlockSet::filter):
              (JSC::MarkedBlockSet::set):
              * heap/TinyBloomFilter.h: Added.
              (JSC::TinyBloomFilter::TinyBloomFilter):
              (JSC::TinyBloomFilter::add):
              (JSC::TinyBloomFilter::ruleOut): New helper class, used above.
      
              * interpreter/RegisterFile.cpp:
              (JSC::RegisterFile::gatherConservativeRoots): No need to specifically
              exclude values by tag -- the tiny bloom filter is already a register-register
              compare, so adding another "rule out" factor just slows things down.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@88504 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      28cfb358
    • ggaren@apple.com's avatar
      2011-06-08 Geoffrey Garen <ggaren@apple.com> · 8a23d6ad
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Factored a bunch of Heap functionality into stand-alone functors
              https://bugs.webkit.org/show_bug.cgi?id=62337
              
              This is in preparation for making these functors operate on arbitrary
              sets of MarkedBlocks.
      
              * JavaScriptCore.exp: This file is a small tragedy.
      
              * debugger/Debugger.cpp:
              (JSC::Debugger::recompileAllJSFunctions): Updated for type change and rename.
      
              * heap/HandleHeap.h:
              (JSC::HandleHeap::forEachStrongHandle): New function for iterating all
              strong handles, so we can play along in the functor game.
      
              * heap/Heap.cpp:
              (JSC::CountFunctor::CountFunctor::CountFunctor):
              (JSC::CountFunctor::CountFunctor::count):
              (JSC::CountFunctor::CountFunctor::returnValue):
              (JSC::CountFunctor::ClearMarks::operator()):
              (JSC::CountFunctor::ResetAllocator::operator()):
              (JSC::CountFunctor::Sweep::operator()):
              (JSC::CountFunctor::MarkCount::operator()):
              (JSC::CountFunctor::Size::operator()):
              (JSC::CountFunctor::Capacity::operator()):
              (JSC::CountFunctor::Count::operator()):
              (JSC::CountFunctor::CountIfGlobalObject::operator()):
              (JSC::CountFunctor::TakeIfEmpty::TakeIfEmpty):
              (JSC::CountFunctor::TakeIfEmpty::operator()):
              (JSC::CountFunctor::TakeIfEmpty::returnValue):
              (JSC::CountFunctor::RecordType::RecordType):
              (JSC::CountFunctor::RecordType::typeName):
              (JSC::CountFunctor::RecordType::operator()):
              (JSC::CountFunctor::RecordType::returnValue): These functors factor out
              behavior that used to be in the functions below.
      
              (JSC::Heap::clearMarks):
              (JSC::Heap::sweep):
              (JSC::Heap::objectCount):
              (JSC::Heap::size):
              (JSC::Heap::capacity):
              (JSC::Heap::protectedGlobalObjectCount):
              (JSC::Heap::protectedObjectCount):
              (JSC::Heap::protectedObjectTypeCounts):
              (JSC::Heap::objectTypeCounts):
              (JSC::Heap::resetAllocator):
              (JSC::Heap::freeBlocks):
              (JSC::Heap::shrink): Factored out behavior into the functors above.
      
              * heap/Heap.h:
              (JSC::Heap::forEachProtectedCell):
              (JSC::Heap::forEachCell):
              (JSC::Heap::forEachBlock): Added forEach* iteration templates. I chose
              functor-based templates instead of plain iterators because they're simpler
              to implement in this case and they require a lot less code at the call site.
      
              * heap/MarkedBlock.h:
              (JSC::MarkedBlock::VoidFunctor::returnValue): Default parent class for
              trivial functors.
      
              (JSC::MarkedBlock::forEachCell): Renamed forEach to forEachCell because
              we have a few different kind of "for each" now.
      
              * runtime/JSGlobalData.cpp:
              (WTF::Recompile::operator()):
              (JSC::JSGlobalData::JSGlobalData):
              (JSC::JSGlobalData::recompileAllJSFunctions): Updated for type change and rename.
      
              * runtime/JSGlobalData.h: Removed globalObjectCount because it was unused.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@88473 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8a23d6ad
  8. 08 Jun, 2011 2 commits
  9. 29 May, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-05-29 Geoffrey Garen <ggaren@apple.com> · 58c6e459
      ggaren@apple.com authored
              Reviewed by Sam Weinig.
      
              Some heap refactoring
              https://bugs.webkit.org/show_bug.cgi?id=61704
              
              SunSpider says no change.
      
              * JavaScriptCore.exp: Export!
      
              * heap/Heap.cpp: COLLECT_ON_EVERY_ALLOCATION can actually do so now.
      
              (JSC::Heap::Heap): Changed Heap sub-objects to point to the heap.
      
              (JSC::Heap::allocate): Changed inline allocation code to only select the
              size class, since this can be optimized out at compile time -- everything
              else is now inlined into this out-of-line function.
              
              No need to duplicate ASSERTs made in our caller.
      
              * heap/Heap.h:
              (JSC::Heap::heap):
              (JSC::Heap::isMarked):
              (JSC::Heap::testAndSetMarked):
              (JSC::Heap::testAndClearMarked):
              (JSC::Heap::setMarked): Call directly into MarkedBlock instead of adding
              a layer of indirection through MarkedSpace.
      
              (JSC::Heap::allocate): See above.
      
              * heap/MarkedBlock.cpp:
              (JSC::MarkedBlock::create):
              (JSC::MarkedBlock::MarkedBlock):
              * heap/MarkedBlock.h: Changed Heap sub-objects to point to the heap.
      
              * heap/MarkedSpace.cpp:
              (JSC::MarkedSpace::MarkedSpace):
              (JSC::MarkedSpace::allocateBlock):
              * heap/MarkedSpace.h:
              (JSC::MarkedSpace::allocate): Updated to match changes above.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@87653 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      58c6e459
  10. 27 May, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-05-26 Geoffrey Garen <ggaren@apple.com> · d887ac60
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Optimized ConservativeSet to avoid double-visiting objects
              https://bugs.webkit.org/show_bug.cgi?id=61592
              
              SunSpider thinks this might be a 1% speedup
      
              * heap/ConservativeRoots.h:
              (JSC::ConservativeRoots::add): Use testAndClearMarked to avoid double-visiting
              an object.
      
              * heap/Heap.h:
              (JSC::Heap::isMarked):
              (JSC::Heap::testAndSetMarked):
              (JSC::Heap::testAndClearMarked):
              (JSC::Heap::setMarked): Added testAndClearMarked. Changed argument type
              to void*, since clients want to ask questions about arbitrary pointers
              into the heap, even when they aren't known to be JSCells.
      
              * heap/MarkedBlock.h:
              (JSC::MarkedBlock::testAndClearMarked):
              * heap/MarkedSpace.h:
              (JSC::MarkedSpace::isMarked):
              (JSC::MarkedSpace::testAndSetMarked):
              (JSC::MarkedSpace::testAndClearMarked):
              (JSC::MarkedSpace::setMarked):
              (JSC::MarkedSpace::contains): Ditto.
      
              * wtf/Bitmap.h:
              (WTF::::testAndClear): New function for ConservativeRoots's inverted
              marking pass.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@87522 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d887ac60
  11. 26 May, 2011 4 commits
  12. 20 May, 2011 1 commit
  13. 02 May, 2011 1 commit
    • ggaren@apple.com's avatar
      Tiny bit of heap cleanup. · f8defb10
      ggaren@apple.com authored
      Reviewed by Oliver Hunt.
      
      * heap/MarkedBlock.h:
      (JSC::MarkedBlock::contains): Tightened up an assertion and a comment.
      
      * heap/MarkedSpace.h:
      (JSC::MarkedSpace::globalData):
      (JSC::MarkedSpace::highWaterMark):
      (JSC::MarkedSpace::setHighWaterMark): Moved inlines out of the class
      definition, for better clarity.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@85533 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f8defb10
  14. 11 Apr, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-04-11 Geoffrey Garen <ggaren@apple.com> · 0b32d098
      ggaren@apple.com authored
              Rubber-stamped by Sam Weinig.
              
              Moved remaining heap implementation files to the heap folder.
      
              * Android.mk:
              * CMakeLists.txt:
              * GNUmakefile.list.am:
              * JavaScriptCore.gypi:
              * JavaScriptCore.pro:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * heap/ConservativeRoots.cpp: Copied from runtime/ConservativeSet.cpp.
              * heap/ConservativeRoots.h: Copied from runtime/ConservativeSet.h.
              * heap/Handle.h:
              * heap/Heap.cpp:
              * heap/MachineStackMarker.cpp: Copied from runtime/MachineStackMarker.cpp.
              * heap/MachineStackMarker.h: Copied from runtime/MachineStackMarker.h.
              * heap/MarkStack.cpp: Copied from runtime/MarkStack.cpp.
              * heap/MarkStack.h: Copied from runtime/MarkStack.h.
              * heap/MarkStackPosix.cpp: Copied from runtime/MarkStackPosix.cpp.
              * heap/MarkStackSymbian.cpp: Copied from runtime/MarkStackSymbian.cpp.
              * heap/MarkStackWin.cpp: Copied from runtime/MarkStackWin.cpp.
              * heap/MarkedBlock.cpp: Copied from runtime/MarkedBlock.cpp.
              * heap/MarkedBlock.h: Copied from runtime/MarkedBlock.h.
              * heap/MarkedSpace.cpp: Copied from runtime/MarkedSpace.cpp.
              * heap/MarkedSpace.h: Copied from runtime/MarkedSpace.h.
              * interpreter/RegisterFile.cpp:
              * runtime/ConservativeSet.cpp: Removed.
              * runtime/ConservativeSet.h: Removed.
              * runtime/MachineStackMarker.cpp: Removed.
              * runtime/MachineStackMarker.h: Removed.
              * runtime/MarkStack.cpp: Removed.
              * runtime/MarkStack.h: Removed.
              * runtime/MarkStackPosix.cpp: Removed.
              * runtime/MarkStackSymbian.cpp: Removed.
              * runtime/MarkStackWin.cpp: Removed.
              * runtime/MarkedBlock.cpp: Removed.
              * runtime/MarkedBlock.h: Removed.
              * runtime/MarkedSpace.cpp: Removed.
              * runtime/MarkedSpace.h: Removed.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@83506 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0b32d098
  15. 16 Mar, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-03-16 Geoffrey Garen <ggaren@apple.com> · 02bf0404
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Some conservative root gathering cleanup
              https://bugs.webkit.org/show_bug.cgi?id=56447
              
              SunSpider says 0.5% - 1.8% faster.
      
              * interpreter/RegisterFile.cpp:
              (JSC::RegisterFile::gatherConservativeRoots):
              * interpreter/RegisterFile.h: New helper function for doing the
              conservative gathering of the register file. It's still conservative,
              since the register file may contain uninitialized values, but it's
              moving-safe, because it only visits values tagged as pointers, so there's
              no risk of mistaking an integer for a pointer and accidentally changing it.
      
              * runtime/ConservativeSet.cpp:
              (JSC::ConservativeRoots::add):
              * runtime/ConservativeSet.h: Added a single-value add function, used above.
      
              * runtime/Heap.cpp:
              (JSC::Heap::markRoots): Separated machine stack conservative roots from
              register file conservative roots because machine stack roots must be
              pinned, but register file roots need not be pinned.
              
              Adopted new interface for passing the current stack extent to the machine
              stack root gathering routine. This allows us to exclude marking-related
              data structures on the stack, and thus avoid double-marking the set of
              machine roots.
      
              * runtime/MachineStackMarker.cpp:
              (JSC::MachineThreads::gatherFromCurrentThread):
              (JSC::MachineThreads::gatherConservativeRoots):
              * runtime/MachineStackMarker.h: Added new interface, described above.
      
              * runtime/MarkedBlock.h:
              (JSC::MarkedBlock::firstAtom):
              * wtf/StdLibExtras.h:
              (WTF::roundUpToMultipleOf): Moved roundUpToMultipleOf so it could be used
              by MachineStacks.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@81262 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      02bf0404
  16. 01 Mar, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-03-01 Geoffrey Garen <ggaren@apple.com> · 2006beef
      ggaren@apple.com authored
              Reviewed by Sam Weinig.
      
              Rolled back in r79627 now that the underlying cause for it crashing is fixed.
              https://bugs.webkit.org/show_bug.cgi?id=55159
      
              * JavaScriptCore.exp:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * runtime/Heap.cpp:
              (JSC::Heap::allocateSlowCase):
              * runtime/Heap.h:
              * runtime/JSCell.h:
              (JSC::JSCell::MarkedSpace::sizeClassFor):
              (JSC::JSCell::Heap::allocate):
              (JSC::JSCell::JSCell::operator new):
              * runtime/MarkedBlock.h:
              * runtime/MarkedSpace.cpp:
              (JSC::MarkedSpace::MarkedSpace):
              (JSC::MarkedSpace::allocateBlock):
              (JSC::MarkedSpace::reset):
              * runtime/MarkedSpace.h:
              (JSC::MarkedSpace::SizeClass::SizeClass):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@80052 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2006beef
  17. 25 Feb, 2011 1 commit
  18. 24 Feb, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-02-24 Geoffrey Garen <ggaren@apple.com> · c4bbdf58
      ggaren@apple.com authored
              Reviewed by Darin Adler.
      
              Variable-sized allocation (but still capped at 64 bytes)
              https://bugs.webkit.org/show_bug.cgi?id=55159
              
              SunSpider reports no change.
      
              * JavaScriptCore.exp: Some day, I hope not to have to edit this file.
      
              * runtime/Heap.cpp:
              (JSC::Heap::allocateSlowCase): Split allocation into a fast and slow
              case, so the fast case can inline size class selection and turn it into
              a compile-time constant.
              
              Changed the collect-on-every allocation debugging switch to collect only
              on every slow allocation, so you can still flip the switch without
              recompiling the world. This may also be preferable for debugging purposes,
              since collecting after every single allocation can be unusably slow,
              and can mask problems by running destructors early.
      
              * runtime/Heap.h: Ditto.
      
              * runtime/JSCell.h:
              (JSC::JSCell::MarkedSpace::sizeClassFor):
              (JSC::JSCell::Heap::allocate):
              (JSC::JSCell::JSCell::operator new): The inlining mentioned above.
      
              * runtime/MarkedBlock.h: Dropped the block size from 256KB to 16KB. With
              multiple size classes, allocating a full 256KB for the first allocation
              in a given class can be pathologically wasteful. (8KB, or 4KB Mac and
              8KB Windows, would be even better, but that seems to be a peformance
              regression for now.)
              
              * runtime/MarkedSpace.cpp:
              (JSC::MarkedSpace::MarkedSpace):
              (JSC::MarkedSpace::allocateBlock):
              (JSC::MarkedSpace::reset): There's more than one size class now, and its
              cell size is not constant.
      
              * runtime/MarkedSpace.h:
              (JSC::MarkedSpace::SizeClass::SizeClass): Ditto.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@79627 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c4bbdf58
  19. 23 Feb, 2011 3 commits
    • ggaren@apple.com's avatar
      2011-02-23 Geoffrey Garen <ggaren@apple.com> · 428bb493
      ggaren@apple.com authored
              Reviewed by Darin Adler.
      
              Refactored MarkedSpace to operate in terms of size classes
              https://bugs.webkit.org/show_bug.cgi?id=55106
              
              SunSpider reports no change.
      
              * runtime/JSCell.h:
              (JSC::JSCell::MarkedSpace::sizeClassFor):
              (JSC::JSCell::MarkedSpace::allocate): Delegate allocation based on size
              class. Since these functions are inline, the compiler can constant fold
              them.
      
              * runtime/MarkedBlock.h:
              (JSC::MarkedBlock::cellSize):
              (JSC::MarkedBlock::size): Factored out a cellSize() helper.
      
              * runtime/MarkedSpace.cpp:
              (JSC::MarkedSpace::allocateBlock):
              (JSC::MarkedSpace::allocateFromSizeClass):
              (JSC::MarkedSpace::shrink):
              (JSC::MarkedSpace::reset):
              * runtime/MarkedSpace.h:
              (JSC::MarkedSpace::SizeClass::SizeClass):
              (JSC::MarkedSpace::SizeClass::reset): Changed to operate in terms of
              abstract SizeClass objects, which are independent linked lists of blocks
              of a certain size class, instead of a single m_heap object.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@79512 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      428bb493
    • ggaren@apple.com's avatar
      2011-02-23 Geoffrey Garen <ggaren@apple.com> · 6c4d6cef
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Moved the "nextAtom" allocation pointer into MarkedBlock for better encapsulation
              https://bugs.webkit.org/show_bug.cgi?id=55079
              
              SunSpider reports no change.
      
              * runtime/Heap.cpp:
              (JSC::Heap::reset): Moved Zombie sweeping here, up from MarkedSpace,
              since we want Heap to logically control MarkedSpace. MarkedSpace should
              never choose to sweep itself.
      
              * runtime/JSCell.h:
              (JSC::JSCell::MarkedBlock::allocate): Updated for nextAtom becoming a
              member of MarkedBlock. No need to reset nextAtom to firstAtom() when
              we reach the end of a block, since there's now an explicit reset pass
              during GC.
      
              * runtime/MarkedBlock.cpp:
              (JSC::MarkedBlock::MarkedBlock):
              * runtime/MarkedBlock.h:
              (JSC::MarkedBlock::reset): Added the nextAtom data member, and reordered
              some data members to improve cache locality.
      
              * runtime/MarkedSpace.cpp:
              (JSC::MarkedSpace::MarkedSpace):
              (JSC::MarkedSpace::allocate):
              (JSC::MarkedSpace::reset):
              * runtime/MarkedSpace.h:
              (JSC::CollectorHeap::CollectorHeap): Removed nextAtom, and added an
              explicit reset pass.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@79492 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      6c4d6cef
    • ggaren@apple.com's avatar
      2011-02-23 Geoffrey Garen <ggaren@apple.com> · 01240f06
      ggaren@apple.com authored
              Reviewed by Darin Adler.
              
              Rolled back in r79367 with SnowLeopard Release bot crash fixed.
              https://bugs.webkit.org/show_bug.cgi?id=54999
              
              The crash was caused by failure to update the "nextBlock" pointer when
              removing a block from the list while shrinking. The fix is to update the
              "nextBlock" pointer.
              
              This crash was very rare because it only happened in cases where the very
              first block in the heap contained no marked cells.
      2011-02-23  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Darin Adler.
      
              Rolled back in r79367 with SnowLeopard Release bot crash fixed.
              https://bugs.webkit.org/show_bug.cgi?id=54999
      2011-02-23  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Darin Adler.
      
              Rolled back in r79367 with SnowLeopard Release bot crash fixed.
              https://bugs.webkit.org/show_bug.cgi?id=54999
      
              * ForwardingHeaders/wtf/DoublyLinkedList.h: Added.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@79472 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      01240f06
  20. 22 Feb, 2011 2 commits
    • rniwa@webkit.org's avatar
      2011-02-22 Sheriff Bot <webkit.review.bot@gmail.com> · ad2ee31d
      rniwa@webkit.org authored
              Unreviewed, rolling out r79367.
              http://trac.webkit.org/changeset/79367
              https://bugs.webkit.org/show_bug.cgi?id=55012
      
              all layout tests are crashing on Snow Leopard (Requested by
              rniwa on #webkit).
      
              * GNUmakefile.am:
              * JavaScriptCore.gypi:
              * JavaScriptCore.vcproj/WTF/WTF.vcproj:
              * JavaScriptCore.xcodeproj/project.pbxproj:
              * runtime/MarkedBlock.cpp:
              (JSC::MarkedBlock::MarkedBlock):
              * runtime/MarkedBlock.h:
              * runtime/MarkedSpace.cpp:
              (JSC::MarkedSpace::destroy):
              (JSC::MarkedSpace::allocateBlock):
              (JSC::MarkedSpace::freeBlock):
              (JSC::MarkedSpace::allocate):
              (JSC::MarkedSpace::shrink):
              (JSC::MarkedSpace::reset):
              * runtime/MarkedSpace.h:
              (JSC::CollectorHeap::collectorBlock):
              * wtf/CMakeLists.txt:
              * wtf/DoublyLinkedList.h: Removed.
      2011-02-22  Sheriff Bot  <webkit.review.bot@gmail.com>
      
              Unreviewed, rolling out r79367.
              http://trac.webkit.org/changeset/79367
              https://bugs.webkit.org/show_bug.cgi?id=55012
      
              all layout tests are crashing on Snow Leopard (Requested by
              rniwa on #webkit).
      
              * ForwardingHeaders/wtf/DoublyLinkedList.h: Removed.
      2011-02-22  Sheriff Bot  <webkit.review.bot@gmail.com>
      
              Unreviewed, rolling out r79367.
              http://trac.webkit.org/changeset/79367
              https://bugs.webkit.org/show_bug.cgi?id=55012
      
              all layout tests are crashing on Snow Leopard (Requested by
              rniwa on #webkit).
      
              * ForwardingHeaders/wtf/DoublyLinkedList.h: Removed.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@79390 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ad2ee31d
    • ggaren@apple.com's avatar
      2011-02-22 Geoffrey Garen <ggaren@apple.com> · f03d166e
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Manage MarkedBlocks in a linked list instead of a vector, so arbitrary removal is O(1)
              https://bugs.webkit.org/show_bug.cgi?id=54999
              
              SunSpider reports no change.
      
              * GNUmakefile.am:
              * JavaScriptCore.gypi:
              * JavaScriptCore.vcproj/WTF/WTF.vcproj:
              * JavaScriptCore.xcodeproj/project.pbxproj: So many build systems, so little time.
              * wtf/CMakeLists.txt:
      
              * runtime/MarkedBlock.cpp:
              (JSC::MarkedBlock::MarkedBlock):
              * runtime/MarkedBlock.h:
              (JSC::MarkedBlock::setPrev):
              (JSC::MarkedBlock::setNext):
              (JSC::MarkedBlock::prev):
              (JSC::MarkedBlock::next): Added linked list data members and accessors.
      
              * runtime/MarkedSpace.cpp:
              (JSC::MarkedSpace::destroy):
              (JSC::MarkedSpace::allocateBlock): Stop using vector, since it doesn't exist anymore.
      
              (JSC::MarkedSpace::freeBlocks): New helper function for updating relevant
              data structures when freeing blocks.
      
              (JSC::MarkedSpace::allocate): Updated for nextBlock being a pointer and
              not a vector index.
      
              (JSC::MarkedSpace::shrink): Construct a temporary list of empties and
              then free them, to avoid modifying our hash table while iterating it.
              This wasn't a concern before because we were using indirect array
              indexing, not direct pointer indexing.
      
              (JSC::MarkedSpace::reset): Updated for nextBlock being a pointer and
              not a vector index.
      
              * runtime/MarkedSpace.h:
              (JSC::CollectorHeap::CollectorHeap): Changed data type from vector to linked list.
      
              * wtf/DoublyLinkedList.h: Added. New linked list class.
              (WTF::::DoublyLinkedList):
              (WTF::::isEmpty):
              (WTF::::head):
              (WTF::::append):
              (WTF::::remove):
      2011-02-22  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Oliver Hunt.
      
              Manage MarkedBlocks in a linked list instead of a vector, so arbitrary removal is O(1)
              https://bugs.webkit.org/show_bug.cgi?id=54999
              
              New WTF header.
      
              * ForwardingHeaders/wtf/DoublyLinkedList.h: Copied from ForwardingHeaders/wtf/FixedArray.h.
      2011-02-22  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Oliver Hunt.
      
              Manage MarkedBlocks in a linked list instead of a vector, so arbitrary removal is O(1)
              https://bugs.webkit.org/show_bug.cgi?id=54999
              
              New WTF header.
      
              * ForwardingHeaders/wtf/DoublyLinkedList.h: Copied from ForwardingHeaders/wtf/FixedArray.h.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@79367 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      f03d166e
  21. 18 Feb, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-02-18 Geoffrey Garen <ggaren@apple.com> · c45f46ae
      ggaren@apple.com authored
              Reviewed by Sam Weinig.
      
              Tightened some usage accounting code in MarkedSpace
              https://bugs.webkit.org/show_bug.cgi?id=54761
              
              SunSpider reports no change.
      
              * runtime/Heap.cpp:
              (JSC::Heap::Heap): Initialize the marked space high water mark on
              construction, instead of relying on some implicit subtleties to make
              not initializing it work out OK.
      
              * runtime/Heap.h: Fixed up includes.
      
              * runtime/MarkedBlock.h: Made firstAtom() static so clients can call it
              even without having allocated a block.
      
              * runtime/MarkedSpace.cpp:
              (JSC::MarkedSpace::MarkedSpace): Don't pre-allocate a block, since this
              would be prohibitively expensive with multiple size classes.
      
              (JSC::MarkedSpace::allocateBlock):
              (JSC::MarkedSpace::freeBlock): Track allocated blocks in a hash set,
              since linear search in the contains check will be prohibitively
              expensive once we're using lots of smaller blocks.
      
              (JSC::MarkedSpace::allocate): Don't assume that we always have a block
              allocated, since we don't anymore. (See above.)
      
              (JSC::MarkedSpace::reset):
              * runtime/MarkedSpace.h: Updated for changes mentioned above.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@79017 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      c45f46ae
  22. 17 Feb, 2011 5 commits
    • ggaren@apple.com's avatar
      2011-02-17 Geoffrey Garen <ggaren@apple.com> · bb88135b
      ggaren@apple.com authored
              Reviewed by Sam Weinig.
      
              Made object allocation secretly variable-sized (Shhhh!)
              https://bugs.webkit.org/show_bug.cgi?id=54721
              
              SunSpider reports no change.
              
              Internally, MarkedBlock now makes variable-sized allocations, even
              though MarkedSpace doesn't take advantage of this yet.
      
              * runtime/MarkedBlock.cpp:
              (JSC::MarkedBlock::MarkedBlock): No need to ASSERT that allocations are
              fixed-sized.
      
              * runtime/MarkedBlock.h: Shrunk the atom size so we can allocate things
              that are not multiples of 64 bytes.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@78958 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      bb88135b
    • ggaren@apple.com's avatar
      2011-02-17 Geoffrey Garen <ggaren@apple.com> · 7bc9c5a0
      ggaren@apple.com authored
              Reviewed by Sam Weinig.
      
              Fixed some math errors when when using variable-sized cells
              https://bugs.webkit.org/show_bug.cgi?id=54717
              
              SunSpider reports no change.
              
              Computer Science Barbie says, "Math is not so hard afterall!"
      
              * runtime/JSCell.h:
              (JSC::JSCell::MarkedBlock::allocate): Round up when calculating the
              minimum number of atoms required for a cell, since rounding down
              will get you splinched.
      
              * runtime/MarkedBlock.cpp:
              (JSC::MarkedBlock::MarkedBlock):
              (JSC::MarkedBlock::sweep):
              * runtime/MarkedBlock.h:
              (JSC::MarkedBlock::forEach): Changed a bunch of != tests to < tests
              because m_endAtom is actually a fuzzy end -- iterating from firstAtom()
              may not hit m_endAtom exactly.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@78957 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7bc9c5a0
    • ggaren@apple.com's avatar
      2011-02-17 Geoffrey Garen <ggaren@apple.com> · d1063e97
      ggaren@apple.com authored
              Reviewed by Sam Weinig.
      
              A little more abstraction for MarkedSpace::contains
              https://bugs.webkit.org/show_bug.cgi?id=54715
      
              * runtime/MarkedBlock.h:
              (JSC::MarkedBlock::contains): Added a contains function, so MarkedSpace
              doesn't have to know how MarkedBlock tracks containment internally.
      
              * runtime/MarkedSpace.h:
              (JSC::MarkedSpace::contains): Call through to MarkedBlock to figure out
              if a cell that seems to be in a block is valid.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@78955 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d1063e97
    • ggaren@apple.com's avatar
      2011-02-17 Geoffrey Garen <ggaren@apple.com> · 7e180265
      ggaren@apple.com authored
              Reviewed by Sam Weinig.
      
              Removed the invariant that the last cell in a block is always marked
              https://bugs.webkit.org/show_bug.cgi?id=54713
              
              SunSpider reports no change.
              
              This adds one branch to allocation, but simplifies the mark invariant,
              especially in a world of variable-sized cells. Now, it really is true
              that any cell whose mark bit is set is a valid, live cell whose
              constructor has run and whose destructor has not run.
      
              * runtime/JSCell.h: 
              (JSC::JSCell::MarkedBlock::allocate): Changed this do-while into a while
              since we can no longer rely on a set mark bit to break out of this loop
              before it reaches the end of the block.
      
              * runtime/MarkedBlock.cpp:
              (JSC::MarkedBlock::MarkedBlock):
              (JSC::MarkedBlock::sweep): 
              * runtime/MarkedBlock.h:
              (JSC::MarkedBlock::isEmpty):
              (JSC::MarkedBlock::clearMarks):
              (JSC::MarkedBlock::markCount):
              (JSC::MarkedBlock::forEach): No need to set a special last mark bit.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@78954 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7e180265
    • ggaren@apple.com's avatar
      2011-02-17 Geoffrey Garen <ggaren@apple.com> · 3e492232
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              Made MarkedBlock variable-sized
              https://bugs.webkit.org/show_bug.cgi?id=54692
              
              SunSpider reports no change.
              
              Each MarkedBlock is now composed of a set of fixed-sized atoms, with one
              mark bit per atom. A given cell may be composed of one or more atoms.
              
              * runtime/Heap.cpp:
              (JSC::Heap::allocate): Made fixed-sizedness a property of MarkedSpace,
              bubbling it up from MarkedBlock, since MarkedBlock now supports variable-
              sizedness.
      
              * runtime/JSCell.h:
              (JSC::JSCell::MarkedBlock::allocate): Removed use of CELLS_PER_BLOCK and
              (implicit) one constants -- these quantities are not constant anymore.
              Updated for switch from cell to atom.
      
              * runtime/MarkedBlock.cpp:
              (JSC::MarkedBlock::create):
              (JSC::MarkedBlock::destroy):
              (JSC::MarkedBlock::MarkedBlock):
              (JSC::MarkedBlock::sweep):
              * runtime/MarkedBlock.h:
              (JSC::MarkedBlock::firstAtom):
              (JSC::MarkedBlock::atoms):
              (JSC::MarkedBlock::isAtomAligned):
              (JSC::MarkedBlock::blockFor):
              (JSC::MarkedBlock::isEmpty):
              (JSC::MarkedBlock::clearMarks):
              (JSC::MarkedBlock::size):
              (JSC::MarkedBlock::capacity):
              (JSC::MarkedBlock::atomNumber):
              (JSC::MarkedBlock::isMarked):
              (JSC::MarkedBlock::testAndSetMarked):
              (JSC::MarkedBlock::setMarked):
              (JSC::MarkedBlock::forEach): Same as above. Also removed use of CELL_SIZE
              and BLOCK_SIZE, and switched away from calling arbitrary pointers cells.
      
              * runtime/MarkedSpace.cpp:
              (JSC::MarkedSpace::MarkedSpace):
              (JSC::MarkedSpace::allocateBlock):
              (JSC::MarkedSpace::allocate):
              (JSC::MarkedSpace::reset):
              * runtime/MarkedSpace.h:
              (JSC::CollectorHeap::CollectorHeap):
              (JSC::MarkedSpace::contains): Updated for renames. Made fixed-sizedness
              a property of MarkedSpace.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@78924 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3e492232
  23. 16 Feb, 2011 1 commit
    • barraclough@apple.com's avatar
      Bug 54524 - Allow JSObject to fully utilize cell's capacity for inline storage. · 77da1086
      barraclough@apple.com authored
      Reviewed by Geoff Garen.
      
      Currently JSObject is both directly instantiated for regular JS objects, and
      derived to implement subtypes. A consequence of this is that we need to ensure
      that sufficient space from the cell is left unused and available for any data
      members that will be introduced by subclasses of JSObject. By restructuring
      the internal storage array out of JSObject we can increase the size in the
      internal storage for regular objects.
      
      Add classes JSFinalObject and JSNonFinalObject. JSNonFinalObject retains as
      much additional capacity as is currently available to allow for data members
      in subclasses. JSFinalObject utilizes all available space for internal storage,
      and only allows construction through JSFinalObject::create().
      
      Source/JavaScriptCore: 
      
      The additional storage made available in the JSObject means that we need no
      longer rely on a union of the internal storage with a pointer to storage that
      is only valid for external storage. This means we can go back to always having
      a valid pointer to property storage, regardless of whether this is internal or
      external. This simplifies some cases of access to the array from C code, and
      significantly simplifies JIT access, since repatching no longer needs to be
      able to change between a load of the storage pointer / a LEA of the internal
      storage.
      
      * API/JSObjectRef.cpp:
      (JSObjectMake):
      * assembler/ARMAssembler.h:
      * assembler/ARMv7Assembler.h:
      * assembler/AbstractMacroAssembler.h:
      (JSC::AbstractMacroAssembler::repatchPointer):
      * assembler/MIPSAssembler.h:
      * assembler/MacroAssemblerARM.h:
      * assembler/MacroAssemblerARMv7.h:
      * assembler/MacroAssemblerMIPS.h:
      * assembler/MacroAssemblerX86.h:
      * assembler/MacroAssemblerX86_64.h:
      * assembler/RepatchBuffer.h:
      * assembler/X86Assembler.h:
      * debugger/DebuggerActivation.cpp:
      (JSC::DebuggerActivation::DebuggerActivation):
      * debugger/DebuggerActivation.h:
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::privateExecute):
      * jit/JIT.h:
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_resolve_global):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emit_op_resolve_global):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::compileGetDirectOffset):
      (JSC::JIT::emit_op_get_by_pname):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::emit_op_put_by_id):
      (JSC::JIT::compilePutDirectOffset):
      (JSC::JIT::patchGetByIdSelf):
      (JSC::JIT::patchPutByIdReplace):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::emit_op_put_by_id):
      (JSC::JIT::compilePutDirectOffset):
      (JSC::JIT::compileGetDirectOffset):
      (JSC::JIT::patchGetByIdSelf):
      (JSC::JIT::patchPutByIdReplace):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      (JSC::JIT::emit_op_get_by_pname):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * runtime/Arguments.h:
      (JSC::Arguments::Arguments):
      * runtime/ErrorInstance.cpp:
      (JSC::ErrorInstance::ErrorInstance):
      * runtime/ErrorInstance.h:
      * runtime/ExceptionHelpers.cpp:
      (JSC::InterruptedExecutionError::InterruptedExecutionError):
      (JSC::TerminatedExecutionError::TerminatedExecutionError):
      * runtime/JSArray.cpp:
      (JSC::JSArray::JSArray):
      * runtime/JSArray.h:
      * runtime/JSByteArray.cpp:
      (JSC::JSByteArray::JSByteArray):
      * runtime/JSByteArray.h:
      (JSC::JSByteArray::JSByteArray):
      * runtime/JSFunction.cpp:
      (JSC::JSFunction::getOwnPropertySlot):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalObject.h:
      (JSC::constructEmptyObject):
      * runtime/JSNotAnObject.h:
      (JSC::JSNotAnObject::JSNotAnObject):
      * runtime/JSObject.cpp:
      (JSC::JSObject::createInheritorID):
      (JSC::JSObject::allocatePropertyStorage):
      * runtime/JSObject.h:
      (JSC::JSObject::propertyStorage):
      (JSC::JSNonFinalObject::JSNonFinalObject):
      (JSC::JSNonFinalObject::createStructure):
      (JSC::JSFinalObject::create):
      (JSC::JSFinalObject::createStructure):
      (JSC::JSFinalObject::JSFinalObject):
      (JSC::JSObject::offsetOfInlineStorage):
      (JSC::constructEmptyObject):
      (JSC::createEmptyObjectStructure):
      (JSC::JSObject::JSObject):
      (JSC::JSObject::~JSObject):
      (JSC::Structure::isUsingInlineStorage):
      * runtime/JSObjectWithGlobalObject.cpp:
      (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
      * runtime/JSObjectWithGlobalObject.h:
      (JSC::JSObjectWithGlobalObject::JSObjectWithGlobalObject):
      * runtime/JSTypeInfo.h:
      (JSC::TypeInfo::TypeInfo):
      (JSC::TypeInfo::isVanilla):
      * runtime/JSVariableObject.h:
      (JSC::JSVariableObject::JSVariableObject):
      * runtime/JSWrapperObject.h:
      (JSC::JSWrapperObject::JSWrapperObject):
      * runtime/ObjectConstructor.cpp:
      (JSC::constructObject):
      * runtime/ObjectPrototype.cpp:
      (JSC::ObjectPrototype::ObjectPrototype):
      * runtime/ObjectPrototype.h:
      * runtime/StrictEvalActivation.cpp:
      (JSC::StrictEvalActivation::StrictEvalActivation):
      * runtime/StrictEvalActivation.h:
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
      (JSC::Structure::growPropertyStorageCapacity):
      
      Source/JavaScriptGlue: 
      
      * UserObjectImp.cpp:
      * UserObjectImp.h:
          Update JSObject -> JSNonFinalObject.
      
      Source/WebCore: 
      
      * bindings/js/JSDOMWindowShell.h:
          Update JSObject -> JSNonFinalObject.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@78732 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      77da1086
  24. 15 Feb, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-02-15 Geoffrey Garen <ggaren@apple.com> · d57b23ce
      ggaren@apple.com authored
              Reviewed by Darin Adler.
      
              Moved MarkedBlock data members to the head of the block
              https://bugs.webkit.org/show_bug.cgi?id=54482
              
              This allows for a variable-sized tail, to accommodate oversized blocks.
      
              SunSpider reports no change.
              
              * runtime/JSCell.h:
              (JSC::JSCell::MarkedBlock::allocate):
              * runtime/MarkedBlock.cpp:
              (JSC::MarkedBlock::destroy):
              (JSC::MarkedBlock::MarkedBlock):
              (JSC::MarkedBlock::sweep):
              * runtime/MarkedBlock.h: Added missing element to the CELLS_PER_BLOCK
              calculation. This kind of error is why we want to migrate to the system
              described below.
      
              (JSC::roundUpToMultipleOf):
              (JSC::MarkedBlock::firstCell):
              (JSC::MarkedBlock::cells):
              (JSC::MarkedBlock::cellNumber): Use subtraction instead of masking to
              calculate cell number. The mask is no longer correct because the first
              cell is not at the head of the block.
      
              (JSC::MarkedBlock::forEach): Replaced m_cells data member with a cells()
              accessor. We want to use sizeof(MarkedBlock) to calculate the size of the
              block header, so we can't have an explicit data member to represent the block tail.
              
              Also replaced iteration from zero with iteration from startCell(), since
              the first N cells are now occupied by the header.
      
              * runtime/MarkedSpace.cpp:
              (JSC::MarkedSpace::MarkedSpace):
              (JSC::MarkedSpace::reset): Replaced iteration from zero as above.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@78605 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d57b23ce
  25. 14 Feb, 2011 1 commit
    • ggaren@apple.com's avatar
      Some MarkedBlock refactoring. · 65d47224
      ggaren@apple.com authored
              
      Rubber-stamped by Gavin Barraclough.
      
      Made cells private.
              
      Renamed cells => m_cells
              marked => m_marks.
      
      * runtime/JSCell.h:
      (JSC::JSCell::MarkedBlock::allocate):
      * runtime/MarkedBlock.cpp:
      (JSC::MarkedBlock::destroy):
      (JSC::MarkedBlock::MarkedBlock):
      (JSC::MarkedBlock::sweep):
      * runtime/MarkedBlock.h:
      (JSC::MarkedBlock::isEmpty):
      (JSC::MarkedBlock::clearMarks):
      (JSC::MarkedBlock::markCount):
      (JSC::MarkedBlock::isMarked):
      (JSC::MarkedBlock::testAndSetMarked):
      (JSC::MarkedBlock::setMarked):
      (JSC::MarkedBlock::forEach):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@78501 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      65d47224
  26. 11 Feb, 2011 1 commit
    • ggaren@apple.com's avatar
      2011-02-11 Geoffrey Garen <ggaren@apple.com> · b843ba85
      ggaren@apple.com authored
              Reviewed by Oliver Hunt.
      
              A little more encapsulation for the heap: Removed CollectorHeapIterator
              https://bugs.webkit.org/show_bug.cgi?id=54298
              
              CollectorHeapIterator is a God object that knows the internals of each
              of the pieces of the heap. This undermines the encapsulation I'm trying
              to achieve by splitting concepts into different classes.
              
              As an alternative, I've given each class a forEach iteration function,
              which takes a functor as an argument. Now, each class just needs to
              know how to iterate the things it knows about.
      
              * GNUmakefile.am:
              * JavaScriptCore.exp:
              * JavaScriptCore.gypi:
              * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: Removed CollectorHeapIterator.
      
              * debugger/Debugger.cpp:
              (JSC::Recompiler::Recompiler):
              (JSC::Recompiler::~Recompiler):
              (JSC::Recompiler::operator()):
              (JSC::Debugger::recompileAllJSFunctions): Updated to use forEach interface
              instead of an iterator.
      
              * runtime/CollectorHeapIterator.h: Removed.
      
              * runtime/Heap.cpp:
              (JSC::TypeCounter::TypeCounter):
              (JSC::TypeCounter::typeName):
              (JSC::TypeCounter::operator()):
              (JSC::TypeCounter::take):
              (JSC::Heap::protectedObjectTypeCounts):
              (JSC::Heap::objectTypeCounts): Added forEach and removed iterator.
      
              * runtime/Heap.h:
              (JSC::Heap::forEach):
              * runtime/JSGlobalData.cpp:
              (JSC::Recompiler::operator()):
              (JSC::JSGlobalData::recompileAllJSFunctions):
      
              * runtime/MarkedBlock.h:
              (JSC::MarkedBlock::forEach): Added forEach. Removed friend declaration
              for CollectorHeapIterator. Now, we can make all our data private and
              change it without breaking any other classes.
      
              * runtime/MarkedSpace.cpp:
              * runtime/MarkedSpace.h:
              (JSC::MarkedSpace::forEach): Added forEach and removed iterator.
      2011-02-11  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Oliver Hunt.
      
              A little more encapsulation for the heap: Removed CollectorHeapIterator
              https://bugs.webkit.org/show_bug.cgi?id=54298
      
              * WebCoreStatistics.cpp:
              (WebCoreStatistics::javaScriptProtectedObjectTypeCounts):
      2011-02-11  Geoffrey Garen  <ggaren@apple.com>
      
              Reviewed by Oliver Hunt.
      
              A little more encapsulation for the heap: Removed CollectorHeapIterator
              https://bugs.webkit.org/show_bug.cgi?id=54298
      
              * Misc/WebCoreStatistics.mm:
              (+[WebCoreStatistics javaScriptProtectedObjectTypeCounts]):
              (+[WebCoreStatistics javaScriptObjectTypeCounts]): Updated for new typedef.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@78382 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      b843ba85