[webkit-changes] [277381] trunk/Source/JavaScriptCore

Wed, 12 May 2021 11:35:56 -0700

Title: [277381] trunk/Source/_javascript_Core
Revision
277381
Author
[email protected]
Date
2021-05-12 11:34:55 -0700 (Wed, 12 May 2021)

Log Message

Unreviewed, reverting r277346.
https://bugs.webkit.org/show_bug.cgi?id=225705

Introduced a (rare) deadlock

Reverted changeset:

"ConservativeRoots triggers page demand on Speedometer"
https://bugs.webkit.org/show_bug.cgi?id=225676
https://trac.webkit.org/changeset/277346

Modified Paths

Diff

Modified: trunk/Source/_javascript_Core/ChangeLog (277380 => 277381)


--- trunk/Source/_javascript_Core/ChangeLog	2021-05-12 18:28:25 UTC (rev 277380)
+++ trunk/Source/_javascript_Core/ChangeLog	2021-05-12 18:34:55 UTC (rev 277381)
@@ -1,3 +1,16 @@
+2021-05-12  Commit Queue  <[email protected]>
+
+        Unreviewed, reverting r277346.
+        https://bugs.webkit.org/show_bug.cgi?id=225705
+
+        Introduced a (rare) deadlock
+
+        Reverted changeset:
+
+        "ConservativeRoots triggers page demand on Speedometer"
+        https://bugs.webkit.org/show_bug.cgi?id=225676
+        https://trac.webkit.org/changeset/277346
+
 2021-05-12  Mark Lam  <[email protected]>
 
         Remove dead code around ENABLE(OPCODE_SAMPLING) and ENABLE(CODEBLOCK_SAMPLING).

Modified: trunk/Source/_javascript_Core/heap/ConservativeRoots.cpp (277380 => 277381)


--- trunk/Source/_javascript_Core/heap/ConservativeRoots.cpp	2021-05-12 18:28:25 UTC (rev 277380)
+++ trunk/Source/_javascript_Core/heap/ConservativeRoots.cpp	2021-05-12 18:34:55 UTC (rev 277381)
@@ -38,14 +38,30 @@
 namespace JSC {
 
 ConservativeRoots::ConservativeRoots(Heap& heap)
-    : m_heap(heap)
+    : m_roots(m_inlineRoots)
+    , m_size(0)
+    , m_capacity(inlineCapacity)
+    , m_heap(heap)
 {
 }
 
 ConservativeRoots::~ConservativeRoots()
 {
+    if (m_roots != m_inlineRoots)
+        OSAllocator::decommitAndRelease(m_roots, m_capacity * sizeof(HeapCell*));
 }
 
+void ConservativeRoots::grow()
+{
+    size_t newCapacity = m_capacity == inlineCapacity ? nonInlineCapacity : m_capacity * 2;
+    HeapCell** newRoots = static_cast<HeapCell**>(OSAllocator::reserveAndCommit(newCapacity * sizeof(HeapCell*)));
+    memcpy(newRoots, m_roots, m_size * sizeof(HeapCell*));
+    if (m_roots != m_inlineRoots)
+        OSAllocator::decommitAndRelease(m_roots, m_capacity * sizeof(HeapCell*));
+    m_capacity = newCapacity;
+    m_roots = newRoots;
+}
+
 template<typename MarkHook>
 inline void ConservativeRoots::genericAddPointer(void* p, HeapVersion markingVersion, HeapVersion newlyAllocatedVersion, TinyBloomFilter filter, MarkHook& markHook)
 {
@@ -58,7 +74,10 @@
             if (isJSCellKind(cellKind))
                 markHook.markKnownJSCell(static_cast<JSCell*>(p));
             
-            m_roots.append(bitwise_cast<HeapCell*>(p));
+            if (m_size == m_capacity)
+                grow();
+            
+            m_roots[m_size++] = bitwise_cast<HeapCell*>(p);
         });
 }

Modified: trunk/Source/_javascript_Core/heap/ConservativeRoots.h (277380 => 277381)


--- trunk/Source/_javascript_Core/heap/ConservativeRoots.h	2021-05-12 18:28:25 UTC (rev 277380)
+++ trunk/Source/_javascript_Core/heap/ConservativeRoots.h	2021-05-12 18:34:55 UTC (rev 277381)
@@ -34,8 +34,6 @@
 class JITStubRoutineSet;
 
 class ConservativeRoots {
-    static constexpr size_t inlineCapacity = 1024;
-    
 public:
     ConservativeRoots(Heap&);
     ~ConservativeRoots();
@@ -43,9 +41,13 @@
     void add(void* begin, void* end);
     void add(void* begin, void* end, JITStubRoutineSet&, CodeBlockSet&);
     
-    const Vector<HeapCell*, inlineCapacity>& roots() const { return m_roots; };
+    size_t size() const;
+    HeapCell** roots() const;
 
 private:
+    static constexpr size_t inlineCapacity = 128;
+    static constexpr size_t nonInlineCapacity = 8192 / sizeof(HeapCell*);
+    
     template<typename MarkHook>
     void genericAddPointer(void*, HeapVersion markingVersion, HeapVersion newlyAllocatedVersion, TinyBloomFilter, MarkHook&);
 
@@ -52,8 +54,23 @@
     template<typename MarkHook>
     void genericAddSpan(void*, void* end, MarkHook&);
     
+    void grow();
+
+    HeapCell** m_roots;
+    size_t m_size;
+    size_t m_capacity;
     Heap& m_heap;
-    Vector<HeapCell*, inlineCapacity> m_roots;
+    HeapCell* m_inlineRoots[inlineCapacity];
 };
 
+inline size_t ConservativeRoots::size() const
+{
+    return m_size;
+}
+
+inline HeapCell** ConservativeRoots::roots() const
+{
+    return m_roots;
+}
+
 } // namespace JSC

Modified: trunk/Source/_javascript_Core/heap/SlotVisitor.cpp (277380 => 277381)


--- trunk/Source/_javascript_Core/heap/SlotVisitor.cpp	2021-05-12 18:28:25 UTC (rev 277380)
+++ trunk/Source/_javascript_Core/heap/SlotVisitor.cpp	2021-05-12 18:34:55 UTC (rev 277381)
@@ -129,8 +129,10 @@
 
 void SlotVisitor::append(const ConservativeRoots& conservativeRoots)
 {
-    for (auto root : conservativeRoots.roots())
-        appendJSCellOrAuxiliary(root);
+    HeapCell** roots = conservativeRoots.roots();
+    size_t size = conservativeRoots.size();
+    for (size_t i = 0; i < size; ++i)
+        appendJSCellOrAuxiliary(roots[i]);
 }
 
 void SlotVisitor::appendJSCellOrAuxiliary(HeapCell* heapCell)

Modified: trunk/Source/_javascript_Core/heap/VerifierSlotVisitor.cpp (277380 => 277381)


--- trunk/Source/_javascript_Core/heap/VerifierSlotVisitor.cpp	2021-05-12 18:28:25 UTC (rev 277380)
+++ trunk/Source/_javascript_Core/heap/VerifierSlotVisitor.cpp	2021-05-12 18:34:55 UTC (rev 277381)
@@ -148,8 +148,10 @@
         }
     };
 
-    for (auto root : conservativeRoots.roots())
-        appendJSCellOrAuxiliary(root);
+    HeapCell** roots = conservativeRoots.roots();
+    size_t size = conservativeRoots.size();
+    for (size_t i = 0; i < size; ++i)
+        appendJSCellOrAuxiliary(roots[i]);
 }
 
 void VerifierSlotVisitor::appendToMarkStack(JSCell* cell)

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to