Changeset 128260 in webkit for trunk/Source/JavaScriptCore/runtime/JSActivation.cpp

Timestamp:

Sep 11, 2012, 9:08:18 PM (13 years ago)

Author:

[email protected]

Message:

JSActivation should inline allocate its registers, and eliminate
'arguments' registers in the common case
​https://bugs.webkit.org/show_bug.cgi?id=96427

Reviewed by Filip Pizlo.

This cuts the size class for simple closures down to 64 bytes.

• bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::BytecodeGenerator): Set the usesNonStrictEval
flag, which is new. Use a more specific test for whether a function
uses 'arguments', so we can avoid allocating, initializing, and tearing
off those registers in the common case. Distinguish between capturing
arguments and not, so we can avoid allocating space for arguments in
the torn-off object.

We can make this even more general in the future, with some bytecode
generator refactoring.

(JSC::BytecodeGenerator::resolve): Updated for new interface.

• bytecompiler/BytecodeGenerator.h:

(BytecodeGenerator):
(JSC::BytecodeGenerator::symbolTable): Updated some types.

• heap/Heap.cpp:

(JSC::Heap::isValidAllocation): Allow large allocations, now that they
are both supported and used.

• heap/Heap.h:

(Heap): Added a new form of allocateCell that specifies the full size
of the allocation, to allow for extra space on the end.

• interpreter/CallFrame.h:

(JSC::ExecState::argumentOffset):
(JSC::ExecState::argumentOffsetIncludingThis):

• interpreter/Interpreter.cpp:

(JSC::Interpreter::unwindCallFrame): Refactored this code to be more
specific about tearing off 'arguments' vs activations. This is something
I forgot in my last patch, and it is required now that we can have
acitvations without 'arguments' registers.

• runtime/Arguments.h:

(JSC::Arguments::setRegisters): No need for setRegisters anymore because
the activation object's storage doesn't change.

• runtime/JSActivation.cpp:

(JSC::JSActivation::JSActivation): Initialize our storage manually because
it's not declared to the C++ compiler.

(JSC::JSActivation::visitChildren): No copyAndAppend because our storage
is not out-of-line anymore.

(JSC::JSActivation::symbolTableGet):
(JSC::JSActivation::symbolTablePut):
(JSC::JSActivation::getOwnPropertyNames):
(JSC::JSActivation::symbolTablePutWithAttributes):
(JSC::JSActivation::getOwnPropertySlot):
(JSC::JSActivation::getOwnPropertyDescriptor):
(JSC::JSActivation::argumentsGetter): Refactored isTornOff() testing to
avoid using a data member and to avoid hard-coding any offset assumptions.

• runtime/JSActivation.h:

(JSC):
(JSActivation):
(JSC::JSActivation::create):
(JSC::JSActivation::isDynamicScope):
(JSC::JSActivation::captureStart):
(JSC::JSActivation::storageSize):
(JSC::JSActivation::storageSizeInBytes):
(JSC::JSActivation::registerOffset):
(JSC::JSActivation::tearOff):
(JSC::JSActivation::isTornOff):
(JSC::JSActivation::storage):
(JSC::JSActivation::allocationSize):
(JSC::JSActivation::isValid): New helper functions for doing the math
on our inline storage. Note that in the "AllOfTheThings" tear-off case,
the number of things is not known at compile time, so we store the
number in the argument count register. We can't just copy the raw contents
of the register beacuse we need a value that is safe for precise marking,
and the value in the register file has an invalid tag.

• runtime/JSCell.h:

(JSC::allocateCell): New function for allocating with extra storage
on the end.

• runtime/JSSymbolTableObject.h:

(JSC::JSSymbolTableObject::JSSymbolTableObject):
(JSC::JSSymbolTableObject::finishCreation):

• runtime/JSVariableObject.h:

(JSC::JSVariableObject::JSVariableObject):
(JSVariableObject): Make it easier for subclasses to use their symbol
tables during construction, by passing the table as a constructor argument.

• runtime/SymbolTable.h:

(JSC::SharedSymbolTable::usesNonStrictEval):
(JSC::SharedSymbolTable::setUsesNonStrictEval):
(SharedSymbolTable):
(JSC::SharedSymbolTable::captureMode):
(JSC::SharedSymbolTable::setCaptureMode):
(JSC::SharedSymbolTable::captureStart):
(JSC::SharedSymbolTable::setCaptureStart):
(JSC::SharedSymbolTable::captureEnd):
(JSC::SharedSymbolTable::setCaptureEnd):
(JSC::SharedSymbolTable::parameterCountIncludingThis):
(JSC::SharedSymbolTable::setParameterCountIncludingThis):
(JSC::SharedSymbolTable::SharedSymbolTable): Added data members to more
precisely describe what kind of capture is in play, and to avoid having
data members in the activation. We expect N activations per symbol table,
so this can be a big savings in heavy closure usage.

File:

• trunk/Source/JavaScriptCore/runtime/JSActivation.cpp (modified) (11 diffs)

trunk/Source/JavaScriptCore/runtime/JSActivation.cpp

@@ -42 +42 @@
 const ClassInfo JSActivation::s_info = { "JSActivation", &Base::s_info, 0, 0, CREATE_METHOD_TABLE(JSActivation) };
 
-JSActivation::JSActivation(CallFrame* callFrame, FunctionExecutable* functionExecutable)
-    : Base(
-        callFrame->globalData(),
-        callFrame->lexicalGlobalObject()->activationStructure(),
-        callFrame->registers(),
-        callFrame->scope()
-    )
-    , m_registerArray(callFrame->globalData(), this, 0)
-    , m_numCapturedArgs(max(callFrame->argumentCount(), functionExecutable->parameterCount()))
-    , m_numCapturedVars(functionExecutable->capturedVariableCount())
-    , m_isTornOff(false)
-    , m_requiresDynamicChecks(functionExecutable->usesEval() && !functionExecutable->isStrictMode())
-    , m_argumentsRegister(functionExecutable->generatedBytecode().argumentsRegister())
-{
-}
-
-void JSActivation::finishCreation(CallFrame* callFrame, FunctionExecutable* functionExecutable)
-{
-    Base::finishCreation(callFrame->globalData(), functionExecutable->symbolTable());
-    ASSERT(inherits(&s_info));
-}
-
 void JSActivation::visitChildren(JSCell* cell, SlotVisitor& visitor)
 {
@@ -73 +51 @@
 
     // No need to mark our registers if they're still in the RegisterFile.
-    PropertyStorage registerArray = thisObject->m_registerArray.get();
-    if (!registerArray)
+    if (!thisObject->isTornOff())
         return;
 
-    visitor.copyAndAppend(bitwise_cast<void**>(&registerArray), thisObject->registerArraySizeInBytes(), reinterpret_cast<JSValue*>(registerArray), thisObject->registerArraySize());
-    thisObject->m_registerArray.set(registerArray, StorageBarrier::Unchecked);
-    thisObject->m_registers = registerArray + thisObject->registerOffset();
-
-    // Update the arguments object, since it points at our buffer.
-    CallFrame* callFrame = CallFrame::create(reinterpret_cast<Register*>(thisObject->m_registers));
-    if (JSValue v = callFrame->uncheckedR(unmodifiedArgumentsRegister(thisObject->m_argumentsRegister)).jsValue())
-        jsCast<Arguments*>(v)->setRegisters(thisObject->m_registers);
+    for (size_t i = 0; i < thisObject->storageSize(); ++i)
+        visitor.append(&thisObject->storage()[i]);
 }
 
@@ -94 +65 @@
 
     // Defend against the inspector asking for a var after it has been optimized out.
-    if (m_isTornOff && entry.getIndex() >= m_numCapturedVars)
+    if (isTornOff() && !isValid(entry))
         return false;
 
@@ -108 +79 @@
 
     // Defend against the inspector asking for a var after it has been optimized out.
-    if (m_isTornOff && entry.getIndex() >= m_numCapturedVars)
+    if (isTornOff() && !isValid(entry))
         return false;
 
@@ -130 +101 @@
 
     // Defend against the inspector asking for a var after it has been optimized out.
-    if (m_isTornOff && entry.getIndex() >= m_numCapturedVars)
+    if (isTornOff() && !isValid(entry))
         return false;
 
@@ -141 +112 @@
     JSActivation* thisObject = jsCast<JSActivation*>(object);
 
-    if (mode == IncludeDontEnumProperties)
+    if (mode == IncludeDontEnumProperties && !thisObject->isTornOff())
         propertyNames.add(exec->propertyNames().arguments);
 
@@ -148 +119 @@
         if (it->second.getAttributes() & DontEnum && mode != IncludeDontEnumProperties)
             continue;
-        if (it->second.getIndex() >= thisObject->m_numCapturedVars)
+        if (!thisObject->isValid(it->second))
             continue;
         propertyNames.add(Identifier(exec, it->first.get()));
@@ -165 +136 @@
     SymbolTableEntry& entry = iter->second;
     ASSERT(!entry.isNull());
-    if (entry.getIndex() >= m_numCapturedVars)
+    if (!isValid(entry))
         return false;
 
@@ -179 +150 @@
     if (propertyName == exec->propertyNames().arguments) {
         // Defend against the inspector asking for the arguments object after it has been optimized out.
-        if (!thisObject->m_isTornOff) {
+        if (!thisObject->isTornOff()) {
             slot.setCustom(thisObject, thisObject->getArgumentsGetter());
             return true;
@@ -206 +177 @@
     if (propertyName == exec->propertyNames().arguments) {
         // Defend against the inspector asking for the arguments object after it has been optimized out.
-        if (!thisObject->m_isTornOff) {
+        if (!thisObject->isTornOff()) {
             PropertySlot slot;
             JSActivation::getOwnPropertySlot(thisObject, exec, propertyName, slot);
@@ -266 +237 @@
 JSValue JSActivation::argumentsGetter(ExecState*, JSValue slotBase, PropertyName)
 {
-    JSActivation* activation = asActivation(slotBase);
+    JSActivation* activation = jsCast<JSActivation*>(slotBase);
+    if (activation->isTornOff())
+        return jsUndefined();
+
     CallFrame* callFrame = CallFrame::create(reinterpret_cast<Register*>(activation->m_registers));
-    int argumentsRegister = activation->m_argumentsRegister;
+    int argumentsRegister = callFrame->codeBlock()->argumentsRegister();
     if (JSValue arguments = callFrame->uncheckedR(argumentsRegister).jsValue())
         return arguments;