Changeset 28110 in webkit for trunk/JavaScriptCore

Timestamp:

Nov 28, 2007, 5:12:03 AM (18 years ago)

Author:

[email protected]

Message:

Roll out r28106 and r28108. These introduced a frequent assertion failure on page load and broke all non-Mac builds.

Location:

trunk/JavaScriptCore

Files:

• ChangeLog (modified) (1 diff)
• JavaScriptCore.exp (modified) (5 diffs)
• JavaScriptCore.xcodeproj/project.pbxproj (modified) (4 diffs)
• kjs/ExecState.cpp (modified) (1 diff)
• kjs/ExecState.h (modified) (1 diff)
• kjs/JSWrapperObject.cpp (modified) (1 diff)
• kjs/JSWrapperObject.h (modified) (2 diffs)
• kjs/MarkStack.h (deleted)
• kjs/array_instance.cpp (modified) (2 diffs)
• kjs/array_instance.h (modified) (1 diff)
• kjs/bool_object.cpp (modified) (1 diff)
• kjs/bool_object.h (modified) (1 diff)
• kjs/collector.cpp (modified) (14 diffs)
• kjs/collector.h (modified) (7 diffs)
• kjs/error_object.cpp (modified) (1 diff)
• kjs/error_object.h (modified) (1 diff)
• kjs/function.cpp (modified) (4 diffs)
• kjs/function.h (modified) (3 diffs)
• kjs/internal.cpp (modified) (1 diff)
• kjs/interpreter.cpp (modified) (1 diff)
• kjs/interpreter.h (modified) (1 diff)
• kjs/list.cpp (modified) (2 diffs)
• kjs/list.h (modified) (2 diffs)
• kjs/object.cpp (modified) (2 diffs)
• kjs/object.h (modified) (4 diffs)
• kjs/property_map.cpp (modified) (2 diffs)
• kjs/property_map.h (modified) (2 diffs)
• kjs/scope_chain.h (modified) (1 diff)
• kjs/string_object.cpp (modified) (1 diff)
• kjs/string_object.h (modified) (1 diff)
• kjs/value.h (modified) (6 diffs)

trunk/JavaScriptCore/ChangeLog

@@ -1 @@
-2007-11-28  Maciej Stachowiak  <[email protected]>
-
-        Add files missing from previous commit.
-
-        * kjs/MarkStack.h: Added.
-
-2007-11-28  Maciej Stachowiak  <[email protected]>
-
-        Not reviewed.
-
-        - Fixed "Stack overflow crash in JavaScript garbage collector mark pass"
-        http://bugs.webkit.org/show_bug.cgi?id=12216
-        
-        Implement mark stack. This version is not suitable for prime time because it makes a
-        huge allocation on every collect, and potentially makes marking of detached subtrees
-        slow. But it is a .2% - .4% speedup even without much tweaking.
-        
-        The basic approach is to replace mark() methods with
-        markChildren(MarkStack&) methods. Reachable references are pushed
-        onto a mark stack (which encapsulates ignoring already-marked
-        references). 
-        
-        Objects are no longer responsible for actually setting their own
-        mark bits, the collector does that. This means that for objects on
-        the number heap we don't have to call markChildren() at all since
-        we know there aren't any.
-        
-        The mark phase of collect pushes roots onto the mark stack
-        and drains it as often as possible.
-        
-        To make this approach viable requires a constant-size mark stack
-        and a slow fallback approach for when the stack size is exceeded,
-        plus optimizations to make the required stack small in common
-        cases. This should be doable.
-
-        * JavaScriptCore.exp: Export new symbols.
-        * JavaScriptCore.xcodeproj/project.pbxproj: Add new file.
-        * kjs/collector.cpp:
-        (KJS::Collector::heapAllocate):
-        (KJS::drainMarkStack): Helper for all of the below.
-        (KJS::Collector::markStackObjectsConservatively): Use mark stack.
-        (KJS::Collector::markCurrentThreadConservatively): ditto
-        (KJS::Collector::markOtherThreadConservatively): ditto
-        (KJS::Collector::markProtectedObjects): ditto
-        (KJS::Collector::markMainThreadOnlyObjects): ditto
-        (KJS::Collector::collect): ditto
-        * kjs/collector.h:
-        (KJS::Collector::cellMayHaveRefs): Helper for MarkStack.
-
-        * kjs/MarkStack.h: Added. The actual mark stack implementation.
-        (KJS::MarkStack::push):
-        (KJS::MarkStack::pushAtom):
-        (KJS::MarkStack::pop):
-        (KJS::MarkStack::isEmpty):
-        (KJS::MarkStack::reserveCapacity):
-
-        Changed mark() methods to markChildren() methods:
-        
-        * kjs/ExecState.cpp:
-        (KJS::ExecState::markChildren):
-        * kjs/ExecState.h:
-        * kjs/JSWrapperObject.cpp:
-        (KJS::JSWrapperObject::markChildren):
-        * kjs/JSWrapperObject.h:
-        * kjs/array_instance.cpp:
-        (KJS::ArrayInstance::markChildren):
-        * kjs/array_instance.h:
-        * kjs/bool_object.cpp:
-        (BooleanInstance::markChildren):
-        * kjs/bool_object.h:
-        * kjs/error_object.cpp:
-        * kjs/error_object.h:
-        * kjs/function.cpp:
-        (KJS::FunctionImp::markChildren):
-        (KJS::Arguments::Arguments):
-        (KJS::Arguments::markChildren):
-        (KJS::ActivationImp::markChildren):
-        * kjs/function.h:
-        * kjs/internal.cpp:
-        (KJS::GetterSetterImp::markChildren):
-        * kjs/interpreter.cpp:
-        (KJS::Interpreter::markRoots):
-        * kjs/interpreter.h:
-        * kjs/list.cpp:
-        (KJS::List::markProtectedListsSlowCase):
-        * kjs/list.h:
-        (KJS::List::markProtectedLists):
-        * kjs/object.cpp:
-        (KJS::JSObject::markChildren):
-        * kjs/object.h:
-        (KJS::ScopeChain::markChildren):
-        * kjs/property_map.cpp:
-        (KJS::PropertyMap::markChildren):
-        * kjs/property_map.h:
-        * kjs/scope_chain.h:
-        * kjs/string_object.cpp:
-        (KJS::StringInstance::markChildren):
-        * kjs/string_object.h:
-
-2007-11-28  Maciej Stachowiak  <[email protected]>
-
-        Reviewed by Darin and Geoff.
-
-        - Fixed "Stack overflow crash in JavaScript garbage collector mark pass"
-        http://bugs.webkit.org/show_bug.cgi?id=12216
-        
-        Implement mark stack. This version is not suitable for prime time because it makes a
-        huge allocation on every collect, and potentially makes marking of detached subtrees
-        slow. But it is an 0.4% SunSpider speedup even without much tweaking.
-        
-        The basic approach is to replace mark() methods with
-        markChildren(MarkStack&) methods. Reachable references are pushed
-        onto a mark stack (which encapsulates ignoring already-marked
-        references). 
-        
-        Objects are no longer responsible for actually setting their own
-        mark bits, the collector does that. This means that for objects on
-        the number heap we don't have to call markChildren() at all since
-        we know there aren't any.
-        
-        The mark phase of collect pushes roots onto the mark stack
-        and drains it as often as possible.
-        
-        To make this approach viable requires a constant-size mark stack
-        and a slow fallback approach for when the stack size is exceeded,
-        plus optimizations to make the required stack small in common
-        cases. This should be doable.
-
-        * JavaScriptCore.exp: Export new symbols.
-        * JavaScriptCore.xcodeproj/project.pbxproj: Add new file.
-        * kjs/collector.cpp:
-        (KJS::Collector::heapAllocate):
-        (KJS::drainMarkStack): Helper for all of the below.
-        (KJS::Collector::markStackObjectsConservatively): Use mark stack.
-        (KJS::Collector::markCurrentThreadConservatively): ditto
-        (KJS::Collector::markOtherThreadConservatively): ditto
-        (KJS::Collector::markProtectedObjects): ditto
-        (KJS::Collector::markMainThreadOnlyObjects): ditto
-        (KJS::Collector::collect): ditto
-        * kjs/collector.h:
-        (KJS::Collector::cellMayHaveRefs): Helper for MarkStack.
-
-        * kjs/MarkStack.h: Added. The actual mark stack implementation.
-        (KJS::MarkStack::push):
-        (KJS::MarkStack::pushAtom):
-        (KJS::MarkStack::pop):
-        (KJS::MarkStack::isEmpty):
-        (KJS::MarkStack::reserveCapacity):
-
-        Changed mark() methods to markChildren() methods:
-        
-        * kjs/ExecState.cpp:
-        (KJS::ExecState::markChildren):
-        * kjs/ExecState.h:
-        * kjs/JSWrapperObject.cpp:
-        (KJS::JSWrapperObject::markChildren):
-        * kjs/JSWrapperObject.h:
-        * kjs/array_instance.cpp:
-        (KJS::ArrayInstance::markChildren):
-        * kjs/array_instance.h:
-        * kjs/bool_object.cpp:
-        (BooleanInstance::markChildren):
-        * kjs/bool_object.h:
-        * kjs/error_object.cpp:
-        * kjs/error_object.h:
-        * kjs/function.cpp:
-        (KJS::FunctionImp::markChildren):
-        (KJS::Arguments::Arguments):
-        (KJS::Arguments::markChildren):
-        (KJS::ActivationImp::markChildren):
-        * kjs/function.h:
-        * kjs/internal.cpp:
-        (KJS::GetterSetterImp::markChildren):
-        * kjs/interpreter.cpp:
-        (KJS::Interpreter::markRoots):
-        * kjs/interpreter.h:
-        * kjs/list.cpp:
-        (KJS::List::markProtectedListsSlowCase):
-        * kjs/list.h:
-        (KJS::List::markProtectedLists):
-        * kjs/object.cpp:
-        (KJS::JSObject::markChildren):
-        * kjs/object.h:
-        (KJS::ScopeChain::markChildren):
-        * kjs/property_map.cpp:
-        (KJS::PropertyMap::markChildren):
-        * kjs/property_map.h:
-        * kjs/scope_chain.h:
-        * kjs/string_object.cpp:
-        (KJS::StringInstance::markChildren):
-        * kjs/string_object.h:
-
 2007-11-27  Alp Toker  <[email protected]>
 

trunk/JavaScriptCore/JavaScriptCore.exp

@@ -123 +123 @@
 __ZN3KJS11Interpreter24setShouldPrintExceptionsEb
 __ZN3KJS11Interpreter27resetGlobalObjectPropertiesEv
+__ZN3KJS11Interpreter4markEv
 __ZN3KJS11Interpreter6s_hookE
 __ZN3KJS11Interpreter8evaluateERKNS_7UStringEiPKNS_5UCharEiPNS_7JSValueE
 __ZN3KJS11Interpreter8evaluateERKNS_7UStringEiS3_PNS_7JSValueE
-__ZN3KJS11Interpreter9markRootsERNS_9MarkStackE
 __ZN3KJS11InterpreterC1Ev
 __ZN3KJS11InterpreterC2Ev
@@ -145 +145 @@
 __ZN3KJS13SavedBuiltinsD1Ev
 __ZN3KJS13jsOwnedStringERKNS_7UStringE
-__ZN3KJS14StringInstance12markChildrenERNS_9MarkStackE
 __ZN3KJS14StringInstance14deletePropertyEPNS_9ExecStateERKNS_10IdentifierE
 __ZN3KJS14StringInstance16getPropertyNamesEPNS_9ExecStateERNS_17PropertyNameArrayE
@@ -154 +153 @@
 __ZN3KJS14StringInstanceC1EPNS_8JSObjectERKNS_7UStringE
 __ZN3KJS14StringInstanceC2EPNS_8JSObjectERKNS_7UStringE
+__ZN3KJS15JSWrapperObject4markEv
 __ZN3KJS15SavedPropertiesC1Ev
 __ZN3KJS15SavedPropertiesD1Ev
@@ -202 +202 @@
 __ZN3KJS8DebuggerD2Ev
 __ZN3KJS8JSObject11hasInstanceEPNS_9ExecStateEPNS_7JSValueE
-__ZN3KJS8JSObject12markChildrenERNS_9MarkStackE
 __ZN3KJS8JSObject12removeDirectERKNS_10IdentifierE
 __ZN3KJS8JSObject14callAsFunctionEPNS_9ExecStateEPS0_RKNS_4ListE
@@ -214 +213 @@
 __ZN3KJS8JSObject3putEPNS_9ExecStateEjPNS_7JSValueEi
 __ZN3KJS8JSObject4callEPNS_9ExecStateEPS0_RKNS_4ListE
+__ZN3KJS8JSObject4markEv
 __ZN3KJS8JSObject9constructEPNS_9ExecStateERKNS_4ListE
 __ZN3KJS8JSObject9constructEPNS_9ExecStateERKNS_4ListERKNS_10IdentifierERKNS_7UStringEi

trunk/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj

@@ -100 +100 @@
                 6592C319098B7DE10003D4F6 /* VectorTraits.h in Headers */ = {isa = PBXBuildFile; fileRef = 6592C317098B7DE10003D4F6 /* VectorTraits.h */; settings = {ATTRIBUTES = (Private, ); }; };
                 65A7A5E00CD1D50E00061F8E /* LabelStack.h in Headers */ = {isa = PBXBuildFile; fileRef = 65B813A80CD1D01900DF59D6 /* LabelStack.h */; settings = {ATTRIBUTES = (Private, ); }; };
-                65A8B8DB0CF408F400DC7C27 /* MarkStack.h in Headers */ = {isa = PBXBuildFile; fileRef = 65A8B8D80CF408E900DC7C27 /* MarkStack.h */; settings = {ATTRIBUTES = (Private, ); }; };
                 65B1749A09D0FEB700820339 /* array_object.lut.h in Headers */ = {isa = PBXBuildFile; fileRef = 65B1749909D0FEB700820339 /* array_object.lut.h */; };
                 65B174F509D100FA00820339 /* math_object.lut.h in Headers */ = {isa = PBXBuildFile; fileRef = 65B174F109D100FA00820339 /* math_object.lut.h */; };
@@ -512 +511 @@
                 6592C316098B7DE10003D4F6 /* Vector.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = Vector.h; sourceTree = "<group>"; };
                 6592C317098B7DE10003D4F6 /* VectorTraits.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = VectorTraits.h; sourceTree = "<group>"; };
-                65A8B8D80CF408E900DC7C27 /* MarkStack.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MarkStack.h; sourceTree = "<group>"; };
                 65B1749909D0FEB700820339 /* array_object.lut.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = file; name = array_object.lut.h; path = ../../../../../symroots/Debug/DerivedSources/JavaScriptCore/array_object.lut.h; sourceTree = "<group>"; };
                 65B174BE09D1000200820339 /* chartables.c */ = {isa = PBXFileReference; explicitFileType = sourcecode.c.c; fileEncoding = 30; path = chartables.c; sourceTree = "<group>"; };
@@ -1011 +1009 @@
                                 F692A8690255597D01FF60F7 /* lookup.h */,
                                 F692A86A0255597D01FF60F7 /* math_object.cpp */,
-                                65A8B8D80CF408E900DC7C27 /* MarkStack.h */,
                                 F692A86B0255597D01FF60F7 /* math_object.h */,
                                 F692A86D0255597D01FF60F7 /* nodes.cpp */,
@@ -1174 +1171 @@
                                 65F340940CD6C1C000C0CA8B /* LocalStorage.h in Headers */,
                                 5DBD18B00C5401A700C15EAE /* MallocZoneSupport.h in Headers */,
-                                65A8B8DB0CF408F400DC7C27 /* MarkStack.h in Headers */,
                                 BCF655590A2049710038A194 /* MathExtras.h in Headers */,
                                 932F5B840822A1C700736975 /* NP_jsobject.h in Headers */,

trunk/JavaScriptCore/kjs/ExecState.cpp

@@ -89 +89 @@
 }
 
-void ExecState::markChildren(MarkStack& stack)
+void ExecState::mark()
 {
     for (ExecState* exec = this; exec; exec = exec->m_callingExecState)
-        exec->m_scopeChain.markChildren(stack);
+        exec->m_scopeChain.mark();
 }
 

trunk/JavaScriptCore/kjs/ExecState.h

@@ -101 +101 @@
         void setGlobalObject(JSGlobalObject*);
         
-        void markChildren(MarkStack&);
+        void mark();
         
         // This is a workaround to avoid accessing the global variables for these identifiers in

trunk/JavaScriptCore/kjs/JSWrapperObject.cpp

@@ -25 +25 @@
 namespace KJS {
 
-void JSWrapperObject::markChildren(MarkStack& stack) 
+void JSWrapperObject::mark() 
 {
-    JSObject::markChildren(stack);
-    stack.pushAtom(m_internalValue);
+    JSObject::mark();
+    if (m_internalValue && !m_internalValue->marked())
+        m_internalValue->mark();
 }
 

trunk/JavaScriptCore/kjs/JSWrapperObject.h

@@ -57 +57 @@
         void setInternalValue(JSValue* v);
         
-        virtual void markChildren(MarkStack& stack);
+        virtual void mark();
         
     private:
@@ -65 +65 @@
     inline JSWrapperObject::JSWrapperObject(JSValue* proto)
         : JSObject(proto)
-        , m_internalValue(jsNull())
+        , m_internalValue(0)
     {
     }

trunk/JavaScriptCore/kjs/array_instance.cpp

@@ -403 +403 @@
 }
 
-void ArrayInstance::markChildren(MarkStack& stack)
-{
-    JSObject::markChildren(stack);
+void ArrayInstance::mark()
+{
+    JSObject::mark();
 
     ArrayStorage* storage = m_storage;
@@ -412 +412 @@
     for (unsigned i = 0; i < usedVectorLength; ++i) {
         JSValue* value = storage->m_vector[i];
-        if (value)
-            stack.push(value);
+        if (value && !value->marked())
+            value->mark();
     }
 
     if (SparseArrayValueMap* map = storage->m_sparseValueMap) {
         SparseArrayValueMap::iterator end = map->end();
-        for (SparseArrayValueMap::iterator it = map->begin(); it != end; ++it)
-            stack.push(it->second);
+        for (SparseArrayValueMap::iterator it = map->begin(); it != end; ++it) {
+            JSValue* value = it->second;
+            if (!value->marked())
+                value->mark();
+        }
     }
 }

trunk/JavaScriptCore/kjs/array_instance.h

@@ -43 +43 @@
     virtual void getPropertyNames(ExecState*, PropertyNameArray&);
 
-    virtual void markChildren(MarkStack&);
+    virtual void mark();
 
     virtual const ClassInfo* classInfo() const { return &info; }

trunk/JavaScriptCore/kjs/bool_object.cpp

@@ -37 +37 @@
   : JSWrapperObject(proto)
 {
-}
-
-void BooleanInstance::markChildren(MarkStack& stack)
-{
-    JSObject::markChildren(stack);
-    ASSERT(JSImmediate::isImmediate(internalValue()));
 }
 

trunk/JavaScriptCore/kjs/bool_object.h

@@ -33 +33 @@
 
     virtual const ClassInfo *classInfo() const { return &info; }
-    virtual void markChildren(MarkStack& stack);
     static const ClassInfo info;
   };

trunk/JavaScriptCore/kjs/collector.cpp

@@ -27 +27 @@
 #include "internal.h"
 #include "list.h"
-#include "MarkStack.h"
 #include "value.h"
 #include <algorithm>
@@ -279 +278 @@
     targetBlock = (Block*)allocateBlock();
     targetBlock->freeList = targetBlock->cells;
-    if (heapType == PrimaryHeap)
-        targetBlock->mayHaveRefs = 1;
     targetBlockUsedCells = 0;
     heap.blocks[usedBlocks] = (CollectorBlock*)targetBlock;
@@ -483 +480 @@
 #define IS_HALF_CELL_ALIGNED(p) (((intptr_t)(p) & (CELL_MASK >> 1)) == 0)
 
-static inline void drainMarkStack(MarkStack& stack)
-{
-    while (!stack.isEmpty())
-        stack.pop()->markChildren(stack);
-}
-
-
-void Collector::markStackObjectsConservatively(MarkStack& stack, void *start, void *end)
+void Collector::markStackObjectsConservatively(void *start, void *end)
 {
   if (start > end) {
@@ -532 +522 @@
                   if (((CollectorCell*)xAsBits)->u.freeCell.zeroIfFree != 0) {
                       JSCell* imp = reinterpret_cast<JSCell*>(xAsBits);
-                      stack.push(imp);
-                      drainMarkStack(stack);
+                      if (!imp->marked())
+                          imp->mark();
                   }
                   break;
@@ -544 +534 @@
 }
 
-void Collector::markCurrentThreadConservatively(MarkStack& stack)
+void Collector::markCurrentThreadConservatively()
 {
     // setjmp forces volatile registers onto the stack
@@ -561 +551 @@
     void* stackBase = currentThreadStackBase();
 
-    markStackObjectsConservatively(stack, stackPointer, stackBase);
+    markStackObjectsConservatively(stackPointer, stackBase);
 }
 
@@ -704 +694 @@
 }
 
-void Collector::markOtherThreadConservatively(MarkStack& stack, Thread* thread)
+void Collector::markOtherThreadConservatively(Thread* thread)
 {
   suspendThread(thread->platformThread);
@@ -712 +702 @@
 
   // mark the thread's registers
-  markStackObjectsConservatively(stack, (void*)&regs, (void*)((char*)&regs + regSize));
+  markStackObjectsConservatively((void*)&regs, (void*)((char*)&regs + regSize));
  
   void* stackPointer = otherThreadStackPointer(regs);
   void* stackBase = otherThreadStackBase(regs, thread);
-  markStackObjectsConservatively(stack, stackPointer, stackBase);
+  markStackObjectsConservatively(stackPointer, stackBase);
 
   resumeThread(thread->platformThread);
@@ -723 +713 @@
 #endif
 
-void Collector::markStackObjectsConservatively(MarkStack& stack)
-{
-  markCurrentThreadConservatively(stack);
+void Collector::markStackObjectsConservatively()
+{
+  markCurrentThreadConservatively();
 
 #if USE(MULTIPLE_THREADS)
   for (Thread *thread = registeredThreads; thread != NULL; thread = thread->next) {
     if (!pthread_equal(thread->posixThread, pthread_self())) {
-        markOtherThreadConservatively(stack, thread);
+      markOtherThreadConservatively(thread);
     }
   }
@@ -782 +772 @@
 }
 
-void Collector::markProtectedObjects(MarkStack& stack)
+void Collector::markProtectedObjects()
 {
   ProtectCountSet& protectedValues = KJS::protectedValues();
   ProtectCountSet::iterator end = protectedValues.end();
   for (ProtectCountSet::iterator it = protectedValues.begin(); it != end; ++it) {
-    stack.push(it->first);
-    drainMarkStack(stack);
-  }
-}
-
-void Collector::markMainThreadOnlyObjects(MarkStack& stack)
+    JSCell *val = it->first;
+    if (!val->marked())
+      val->mark();
+  }
+}
+
+void Collector::markMainThreadOnlyObjects()
 {
 #if USE(MULTIPLE_THREADS)
@@ -824 +815 @@
                     if (!curBlock->marked.get(i)) {
                         JSCell* imp = reinterpret_cast<JSCell*>(cell);
-                        stack.push(imp);
-                        drainMarkStack(stack);
+                        imp->mark();
                     }
                     if (++count == mainThreadOnlyObjectCount)
@@ -961 +951 @@
   // MARK: first mark all referenced objects recursively starting out from the set of root objects
 
-  size_t originalLiveObjects = primaryHeap.numLiveObjects + numberHeap.numLiveObjects;
-
-  MarkStack stack;
-  stack.reserveCapacity(primaryHeap.numLiveObjects);
-
 #ifndef NDEBUG
   // Forbid malloc during the mark phase. Marking a thread suspends it, so 
-  // a malloc inside markChildren() would risk a deadlock with a thread that had been 
+  // a malloc inside mark() would risk a deadlock with a thread that had been 
   // suspended while holding the malloc lock.
   fastMallocForbid();
@@ -976 +961 @@
     Interpreter* scr = Interpreter::s_hook;
     do {
-      scr->markRoots(stack);
-      drainMarkStack(stack);
+      scr->mark();
       scr = scr->next;
     } while (scr != Interpreter::s_hook);
   }
 
-  markStackObjectsConservatively(stack);
-  markProtectedObjects(stack);
-  List::markProtectedLists(stack);
-  drainMarkStack(stack);
+  markStackObjectsConservatively();
+  markProtectedObjects();
+  List::markProtectedLists();
 #if USE(MULTIPLE_THREADS)
   if (!currentThreadIsMainThread)
-    markMainThreadOnlyObjects(stack);
+    markMainThreadOnlyObjects();
 #endif
 
@@ -995 +978 @@
 #endif
     
+  size_t originalLiveObjects = primaryHeap.numLiveObjects + numberHeap.numLiveObjects;
   size_t numLiveObjects = sweep<PrimaryHeap>(currentThreadIsMainThread);
   numLiveObjects += sweep<NumberHeap>(currentThreadIsMainThread);

trunk/JavaScriptCore/kjs/collector.h

@@ -32 +32 @@
 namespace KJS {
 
-  class CollectorBlock;
   class JSCell;
   class JSValue;
-  class MarkStack;
+  class CollectorBlock;
 
   class Collector {
@@ -67 +66 @@
     static bool isCellMarked(const JSCell*);
     static void markCell(JSCell*);
-    static bool cellMayHaveRefs(const JSCell*);
 
     enum HeapType { PrimaryHeap, NumberHeap };
@@ -81 +79 @@
 
     static void recordExtraCost(size_t);
-    static void markProtectedObjects(MarkStack&);
-    static void markMainThreadOnlyObjects(MarkStack&);
-    static void markCurrentThreadConservatively(MarkStack&);
-    static void markOtherThreadConservatively(MarkStack&, Thread*);
-    static void markStackObjectsConservatively(MarkStack&);
-    static void markStackObjectsConservatively(MarkStack&, void* start, void* end);
+    static void markProtectedObjects();
+    static void markMainThreadOnlyObjects();
+    static void markCurrentThreadConservatively();
+    static void markOtherThreadConservatively(Thread*);
+    static void markStackObjectsConservatively();
+    static void markStackObjectsConservatively(void* start, void* end);
 
     static size_t mainThreadOnlyObjectCount;
@@ -110 +108 @@
   const size_t CELL_MASK = CELL_SIZE - 1;
   const size_t CELL_ALIGN_MASK = ~CELL_MASK;
-  const size_t CELLS_PER_BLOCK = (BLOCK_SIZE * 8 - sizeof(uint32_t) * 8 - sizeof(uint32_t) * 8 - sizeof(void *) * 8 - 2 * (7 + 3 * 8)) / (CELL_SIZE * 8 + 2);
+  const size_t CELLS_PER_BLOCK = (BLOCK_SIZE * 8 - sizeof(uint32_t) * 8 - sizeof(void *) * 8 - 2 * (7 + 3 * 8)) / (CELL_SIZE * 8 + 2);
   const size_t SMALL_CELLS_PER_BLOCK = 2 * CELLS_PER_BLOCK;
   const size_t BITMAP_SIZE = (CELLS_PER_BLOCK + 7) / 8;
@@ -148 +146 @@
     uint32_t usedCells;
     CollectorCell* freeList;
-    uint32_t mayHaveRefs;
     CollectorBitmap marked;
     CollectorBitmap collectOnMainThreadOnly;
@@ -158 +155 @@
     uint32_t usedCells;
     SmallCollectorCell* freeList;
-    uint32_t mayHaveRefs;
     CollectorBitmap marked;
     CollectorBitmap collectOnMainThreadOnly;
@@ -188 +184 @@
   }
 
-  inline bool Collector::cellMayHaveRefs(const JSCell* cell)
-  {
-    return cellBlock(cell)->mayHaveRefs;
-  }
-
   inline void Collector::reportExtraMemoryCost(size_t cost)
   { 

trunk/JavaScriptCore/kjs/error_object.cpp

@@ -157 +157 @@
 }
 
+void NativeErrorImp::mark()
+{
+  JSObject::mark();
+  if (proto && !proto->marked())
+    proto->mark();
+}

trunk/JavaScriptCore/kjs/error_object.h

@@ -76 +76 @@
     virtual JSValue *callAsFunction(ExecState *exec, JSObject *thisObj, const List &args);
 
+    virtual void mark();
+
     virtual const ClassInfo *classInfo() const { return &info; }
     static const ClassInfo info;

trunk/JavaScriptCore/kjs/function.cpp

@@ -62 +62 @@
 }
 
-void FunctionImp::markChildren(MarkStack& stack)
-{
-    InternalFunctionImp::markChildren(stack);
-    _scope.markChildren(stack);
+void FunctionImp::mark()
+{
+    InternalFunctionImp::mark();
+    _scope.mark();
 }
 
@@ -332 +332 @@
 // ECMA 10.1.8
 Arguments::Arguments(ExecState* exec, FunctionImp* func, const List& args, ActivationImp* act)
-  : JSObject(exec->lexicalInterpreter()->builtinObjectPrototype()) 
-  , _activationObject(act)
-  , indexToNameMap(func, args)
+: JSObject(exec->lexicalInterpreter()->builtinObjectPrototype()), 
+_activationObject(act),
+indexToNameMap(func, args)
 {
   putDirect(exec->propertyNames().callee, func, DontEnum);
@@ -348 +348 @@
 }
 
-void Arguments::markChildren(MarkStack& stack) 
-{
-  JSObject::markChildren(stack);
-  stack.push(_activationObject);
+void Arguments::mark() 
+{
+  JSObject::mark();
+  if (_activationObject && !_activationObject->marked())
+    _activationObject->mark();
 }
 
@@ -484 +485 @@
 }
 
-void ActivationImp::markChildren(MarkStack& stack)
-{
-    JSObject::markChildren(stack);
+void ActivationImp::mark()
+{
+    JSObject::mark();
 
     size_t size = d->localStorage.size();
-    for (size_t i = 0; i < size; ++i)
-        stack.push(d->localStorage[i].value);
+    for (size_t i = 0; i < size; ++i) {
+        JSValue* value = d->localStorage[i].value;
+        if (!value->marked())
+            value->mark();
+    }
     
-    stack.push(d->function);
-    if (d->argumentsObject)
-      stack.push(d->argumentsObject);
+    ASSERT(d->function);
+    if (!d->function->marked())
+        d->function->mark();
+
+    if (d->argumentsObject && !d->argumentsObject->marked())
+        d->argumentsObject->mark();
 }
 

trunk/JavaScriptCore/kjs/function.h

@@ -96 +96 @@
     const ScopeChain& scope() const { return _scope; }
 
-    virtual void markChildren(MarkStack&);
+    virtual void mark();
 
   private:
@@ -125 +125 @@
   public:
     Arguments(ExecState*, FunctionImp* func, const List& args, ActivationImp* act);
-    virtual void markChildren(MarkStack&);
+    virtual void mark();
     virtual bool getOwnPropertySlot(ExecState*, const Identifier&, PropertySlot&);
     virtual void put(ExecState*, const Identifier& propertyName, JSValue* value, int attr = None);
@@ -165 +165 @@
     static const ClassInfo info;
 
-    virtual void markChildren(MarkStack&);
+    virtual void mark();
 
     bool isActivation() { return true; }

trunk/JavaScriptCore/kjs/internal.cpp

@@ -145 +145 @@
 
 // --------------------------- GetterSetterImp ---------------------------------
-void GetterSetterImp::markChildren(MarkStack& stack)
-{
-    if (getter)
-        stack.push(getter);
-    if (setter)
-        stack.push(setter);
+void GetterSetterImp::mark()
+{
+    JSCell::mark();
+    
+    if (getter && !getter->marked())
+        getter->mark();
+    if (setter && !setter->marked())
+        setter->mark();
 }
 

trunk/JavaScriptCore/kjs/interpreter.cpp

@@ -545 +545 @@
 }
 
-void Interpreter::markRoots(MarkStack& stack)
+void Interpreter::mark()
 {
     if (m_currentExec)
-        m_currentExec->markChildren(stack);
-
-    if (m_globalExec.exception())
-        stack.push(m_globalExec.exception());
-
-    if (m_globalObject)
-        stack.push(m_globalObject);
-
-    if (m_Object)
-       stack.push(m_Object);
-    if (m_Function)
-        stack.push(m_Function);
-    if (m_Array)
-        stack.push(m_Array);
-    if (m_Boolean)
-        stack.push(m_Boolean);
-    if (m_String)
-        stack.push(m_String);
-    if (m_Number)
-        stack.push(m_Number);
-    if (m_Date)
-        stack.push(m_Date);
-    if (m_RegExp)
-        stack.push(m_RegExp);
-    if (m_Error)
-        stack.push(m_Error);
-    
-    if (m_ObjectPrototype)
-        stack.push(m_ObjectPrototype);
-    if (m_FunctionPrototype)
-        stack.push(m_FunctionPrototype);
-    if (m_ArrayPrototype)
-        stack.push(m_ArrayPrototype);
-    if (m_BooleanPrototype)
-        stack.push(m_BooleanPrototype);
-    if (m_StringPrototype)
-        stack.push(m_StringPrototype);
-    if (m_NumberPrototype)
-        stack.push(m_NumberPrototype);
-    if (m_DatePrototype)
-        stack.push(m_DatePrototype);
-    if (m_RegExpPrototype)
-        stack.push(m_RegExpPrototype);
-    if (m_ErrorPrototype)
-        stack.push(m_ErrorPrototype);
-    
-    if (m_EvalError)
-        stack.push(m_EvalError);
-    if (m_RangeError)
-        stack.push(m_RangeError);
-    if (m_ReferenceError)
-        stack.push(m_ReferenceError);
-    if (m_SyntaxError)
-        stack.push(m_SyntaxError);
-    if (m_TypeError)
-        stack.push(m_TypeError);
-    if (m_UriError)
-        stack.push(m_UriError);
-    
-    if (m_EvalErrorPrototype)
-        stack.push(m_EvalErrorPrototype);
-    if (m_RangeErrorPrototype)
-        stack.push(m_RangeErrorPrototype);
-    if (m_ReferenceErrorPrototype)
-        stack.push(m_ReferenceErrorPrototype);
-    if (m_SyntaxErrorPrototype)
-        stack.push(m_SyntaxErrorPrototype);
-    if (m_TypeErrorPrototype)
-        stack.push(m_TypeErrorPrototype);
-    if (m_UriErrorPrototype)
-        stack.push(m_UriErrorPrototype);
+        m_currentExec->mark();
+
+    if (m_globalExec.exception() && !m_globalExec.exception()->marked())
+        m_globalExec.exception()->mark();
+
+    if (m_globalObject && !m_globalObject->marked())
+        m_globalObject->mark();
+
+    if (m_Object && !m_Object->marked())
+        m_Object->mark();
+    if (m_Function && !m_Function->marked())
+        m_Function->mark();
+    if (m_Array && !m_Array->marked())
+        m_Array->mark();
+    if (m_Boolean && !m_Boolean->marked())
+        m_Boolean->mark();
+    if (m_String && !m_String->marked())
+        m_String->mark();
+    if (m_Number && !m_Number->marked())
+        m_Number->mark();
+    if (m_Date && !m_Date->marked())
+        m_Date->mark();
+    if (m_RegExp && !m_RegExp->marked())
+        m_RegExp->mark();
+    if (m_Error && !m_Error->marked())
+        m_Error->mark();
+    
+    if (m_ObjectPrototype && !m_ObjectPrototype->marked())
+        m_ObjectPrototype->mark();
+    if (m_FunctionPrototype && !m_FunctionPrototype->marked())
+        m_FunctionPrototype->mark();
+    if (m_ArrayPrototype && !m_ArrayPrototype->marked())
+        m_ArrayPrototype->mark();
+    if (m_BooleanPrototype && !m_BooleanPrototype->marked())
+        m_BooleanPrototype->mark();
+    if (m_StringPrototype && !m_StringPrototype->marked())
+        m_StringPrototype->mark();
+    if (m_NumberPrototype && !m_NumberPrototype->marked())
+        m_NumberPrototype->mark();
+    if (m_DatePrototype && !m_DatePrototype->marked())
+        m_DatePrototype->mark();
+    if (m_RegExpPrototype && !m_RegExpPrototype->marked())
+        m_RegExpPrototype->mark();
+    if (m_ErrorPrototype && !m_ErrorPrototype->marked())
+        m_ErrorPrototype->mark();
+    
+    if (m_EvalError && !m_EvalError->marked())
+        m_EvalError->mark();
+    if (m_RangeError && !m_RangeError->marked())
+        m_RangeError->mark();
+    if (m_ReferenceError && !m_ReferenceError->marked())
+        m_ReferenceError->mark();
+    if (m_SyntaxError && !m_SyntaxError->marked())
+        m_SyntaxError->mark();
+    if (m_TypeError && !m_TypeError->marked())
+        m_TypeError->mark();
+    if (m_UriError && !m_UriError->marked())
+        m_UriError->mark();
+    
+    if (m_EvalErrorPrototype && !m_EvalErrorPrototype->marked())
+        m_EvalErrorPrototype->mark();
+    if (m_RangeErrorPrototype && !m_RangeErrorPrototype->marked())
+        m_RangeErrorPrototype->mark();
+    if (m_ReferenceErrorPrototype && !m_ReferenceErrorPrototype->marked())
+        m_ReferenceErrorPrototype->mark();
+    if (m_SyntaxErrorPrototype && !m_SyntaxErrorPrototype->marked())
+        m_SyntaxErrorPrototype->mark();
+    if (m_TypeErrorPrototype && !m_TypeErrorPrototype->marked())
+        m_TypeErrorPrototype->mark();
+    if (m_UriErrorPrototype && !m_UriErrorPrototype->marked())
+        m_UriErrorPrototype->mark();
 }
 

trunk/JavaScriptCore/kjs/interpreter.h

@@ -291 +291 @@
      * implementing custom mark methods must make sure to chain to this one.
      */
-    virtual void markRoots(MarkStack&);
+    virtual void mark();
 
     static bool shouldPrintExceptions();

trunk/JavaScriptCore/kjs/list.cpp

@@ -44 +44 @@
 }
 
-void List::markProtectedListsSlowCase(MarkStack& stack)
+void List::markProtectedListsSlowCase()
 {
     ListSet::iterator end = markSet().end();
@@ -51 +51 @@
 
         iterator end2 = list->end();
-        for (iterator it2 = list->begin(); it2 != end2; ++it2)
-            stack.push(*it2);
+        for (iterator it2 = list->begin(); it2 != end2; ++it2) {
+            JSValue* v = *it2;
+            if (!v->marked())
+                v->mark();
+        }
     }
 }

trunk/JavaScriptCore/kjs/list.h

@@ -86 +86 @@
         const_iterator end() const { return m_vector.end(); }
 
-        static void markProtectedLists(MarkStack& stack)
+        static void markProtectedLists()
         {
             if (!markSet().size())
                 return;
-            markProtectedListsSlowCase(stack);
+            markProtectedListsSlowCase();
         }
 
@@ -97 +97 @@
     private:
         static ListSet& markSet();
-        static void markProtectedListsSlowCase(MarkStack&);
+        static void markProtectedListsSlowCase();
 
         void expandAndAppend(JSValue*);

trunk/JavaScriptCore/kjs/object.cpp

@@ -114 +114 @@
 // ------------------------------ JSObject ------------------------------------
 
-void JSObject::markChildren(MarkStack& stack)
-{
+void JSObject::mark()
+{
+  JSCell::mark();
+
 #if JAVASCRIPT_MARK_TRACING
   static int markStackDepth = 0;
@@ -125 +127 @@
 #endif
   
-  stack.push(_proto);
-  _prop.markChildren(stack);
+  JSValue *proto = _proto;
+  if (!proto->marked())
+    proto->mark();
+
+  _prop.mark();
   
 #if JAVASCRIPT_MARK_TRACING

trunk/JavaScriptCore/kjs/object.h

@@ -28 +28 @@
 #include "JSType.h"
 #include "CommonIdentifiers.h"
-#include "MarkStack.h"
 #include "interpreter.h"
 #include "property_map.h"
@@ -86 +85 @@
     virtual JSObject *toObject(ExecState *exec) const;
       
-    virtual void markChildren(MarkStack&);
+    virtual void mark();
       
     JSObject *getGetter() { return getter; }
@@ -113 +112 @@
     JSObject();
 
-    virtual void markChildren(MarkStack&);
+    virtual void mark();
     virtual JSType type() const;
 
@@ -588 +587 @@
 // FIXME: Put this function in a separate file named something like scope_chain_mark.h -- can't put it in scope_chain.h since it depends on JSObject.
 
-inline void ScopeChain::markChildren(MarkStack& stack)
-{
-    for (ScopeChainNode* n = _node; n; n = n->next) {
-        JSObject* o = n->object;
-        stack.push(o);
+inline void ScopeChain::mark()
+{
+    for (ScopeChainNode *n = _node; n; n = n->next) {
+        JSObject *o = n->object;
+        if (!o->marked())
+            o->mark();
     }
 }

trunk/JavaScriptCore/kjs/property_map.cpp

@@ -623 +623 @@
 }
 
-void PropertyMap::markChildren(MarkStack& stack) const
-{
-    if (!m_usingTable) {
-#if USE_SINGLE_ENTRY
-        if (m_singleEntryKey)
-            stack.push(m_u.singleEntryValue);
+void PropertyMap::mark() const
+{
+    if (!m_usingTable) {
+#if USE_SINGLE_ENTRY
+        if (m_singleEntryKey) {
+            JSValue* v = m_u.singleEntryValue;
+            if (!v->marked())
+                v->mark();
+        }
 #endif
         return;
@@ -634 +637 @@
 
     unsigned entryCount = m_u.table->keyCount + m_u.table->deletedSentinelCount;
-    for (unsigned i = 1; i <= entryCount; i++)
-        stack.push(m_u.table->entries()[i].value);
+    for (unsigned i = 1; i <= entryCount; i++) {
+        JSValue* v = m_u.table->entries()[i].value;
+        if (!v->marked())
+            v->mark();
+    }
 }
 

trunk/JavaScriptCore/kjs/property_map.h

@@ -30 +30 @@
     class JSObject;
     class JSValue;
-    class MarkStack;
     class PropertyNameArray;
     
@@ -61 +60 @@
         JSValue** getLocation(const Identifier& name);
 
-        void markChildren(MarkStack&) const;
+        void mark() const;
         void getEnumerablePropertyNames(PropertyNameArray&) const;
 

trunk/JavaScriptCore/kjs/scope_chain.h

@@ -83 +83 @@
         void pop();
         
-        void markChildren(MarkStack&);
+        void mark();
 
 #ifndef NDEBUG        

trunk/JavaScriptCore/kjs/string_object.cpp

@@ -128 +128 @@
     propertyNames.add(Identifier(UString::from(i)));
   return JSObject::getPropertyNames(exec, propertyNames);
-}
-
-void StringInstance::markChildren(MarkStack& stack) 
-{
-    JSObject::markChildren(stack);
-    stack.pushAtom(internalValue());
 }
 

trunk/JavaScriptCore/kjs/string_object.h

@@ -47 +47 @@
 
     StringImp* internalValue() const { return static_cast<StringImp*>(JSWrapperObject::internalValue());}
-    virtual void markChildren(MarkStack& stack);
 
   private:

trunk/JavaScriptCore/kjs/value.h

@@ -34 +34 @@
 class JSObject;
 class JSCell;
-class MarkStack;
 
 struct ClassInfo;
@@ -49 +48 @@
     friend class JSCell; // so it can derive from this class
     friend class Collector; // so it can call asCell()
-    friend class MarkStack; // so it can call asCell()
 
 private:
@@ -108 +106 @@
 
     // Garbage collection.
-    void markChildren(MarkStack&);
+    void mark();
     bool marked() const;
 
@@ -167 +165 @@
     // Garbage collection.
     void *operator new(size_t);
-    virtual void markChildren(MarkStack&);
+    virtual void mark();
     bool marked() const;
 };
@@ -293 +291 @@
 }
 
-inline void JSCell::markChildren(MarkStack&)
-{
+inline void JSCell::mark()
+{
+    return Collector::markCell(this);
 }
 
@@ -408 +407 @@
 }
 
-inline void JSValue::markChildren(MarkStack& stack)
-{
-    ASSERT(!JSImmediate::isImmediate(this)); // callers should check !marked() before calling markChildren()
-    asCell()->markChildren(stack);
+inline void JSValue::mark()
+{
+    ASSERT(!JSImmediate::isImmediate(this)); // callers should check !marked() before calling mark()
+    asCell()->mark();
 }