Make embedded maps in optimized code weak.

src/mark-compact.cc

 // Copyright 2012 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 64 matching lines @@
 class VerifyMarkingVisitor: public ObjectVisitor {
  public:
   void VisitPointers(Object** start, Object** end) {
     for (Object** current = start; current < end; current++) {
       if ((*current)->IsHeapObject()) {
         HeapObject* object = HeapObject::cast(*current);
         CHECK(HEAP->mark_compact_collector()->IsMarked(object));
       }
     }
   }
+

[Michael Starzinger, 2013/01/21 10:31:48]

Drop one of the empty newlines.

+
+  void VisitEmbeddedPointer(RelocInfo* rinfo) {
+    ASSERT(rinfo->rmode() == RelocInfo::EMBEDDED_OBJECT);
+    if (rinfo->host()->kind() != Code::OPTIMIZED_FUNCTION ||
+        !rinfo->target_object()->IsMap() ||
+        !Map::cast(rinfo->target_object())->CanTransition()) {
+      VisitPointer(rinfo->target_object_address());
+    }
+  }
 };
 
 
 static void VerifyMarking(Address bottom, Address top) {
   VerifyMarkingVisitor visitor;
   HeapObject* object;
   Address next_object_must_be_here_or_later = bottom;
 
   for (Address current = bottom;
        current < top;
@@ skipping 721 matching lines @@
     space->PrepareForMarkCompact();
   }
 
 #ifdef VERIFY_HEAP
   if (!was_marked_incrementally_ && FLAG_verify_heap) {
     VerifyMarkbitsAreClean();
   }
 #endif
 }
 
+class DeoptimizeMarkedCodeFilter : public OptimizedFunctionFilter {
+ public:
+  virtual bool TakeFunction(JSFunction* function) {
+    return function->code()->marked_for_deoptimization();
+  }
+};
+
 
 void MarkCompactCollector::Finish() {
 #ifdef DEBUG
   ASSERT(state_ == SWEEP_SPACES || state_ == RELOCATE_OBJECTS);
   state_ = IDLE;
 #endif
   // The stub cache is not traversed during GC; clear the cache to
   // force lazy re-initialization of it. This must be done after the
   // GC, because it relies on the new address of certain old space
   // objects (empty string, illegal builtin).
   heap()->isolate()->stub_cache()->Clear();
+
+  DeoptimizeMarkedCodeFilter filter;
+  Deoptimizer::DeoptimizeAllFunctionsWith(&filter);
 }
 
 
 // -------------------------------------------------------------------------
 // Phase 1: tracing and marking live objects.
 //   before: all objects are in normal state.
 //   after: a live object's map pointer is marked as '00'.
 
 // Marking all live objects in the heap as part of mark-sweep or mark-compact
 // collection.  Before marking, all objects are in their normal state.  After
@@ skipping 1312 matching lines @@
     STATIC_ASSERT(LAST_TYPE == LAST_JS_RECEIVER_TYPE);
     if (map->instance_type() < FIRST_JS_RECEIVER_TYPE) continue;
 
     if (map->attached_to_shared_function_info()) {
       JSFunction::cast(map->constructor())->shared()->AttachInitialMap(map);
     }
   }
 }
 
 
 void MarkCompactCollector::ClearNonLiveTransitions() {

[Michael Starzinger, 2013/01/21 10:31:48]

This function should be renamed to "ClearNonLiveReferences" now that it deals
with more than transitions.

[ulan, 2013/01/21 13:11:57]

Done.

   HeapObjectIterator map_iterator(heap()->map_space());
   // Iterate over the map space, setting map transitions that go from
   // a marked map to an unmarked map to null transitions.  This action
   // is carried out only on maps of JSObjects and related subtypes.
   for (HeapObject* obj = map_iterator.Next();
        obj != NULL; obj = map_iterator.Next()) {
     Map* map = reinterpret_cast<Map*>(obj);
     MarkBit map_mark = Marking::MarkBitFrom(map);
     if (map->IsFreeSpace()) continue;
 
     ASSERT(map->IsMap());
-    // Only JSObject and subtypes have map transitions and back pointers.
-    STATIC_ASSERT(LAST_TYPE == LAST_JS_OBJECT_TYPE);
-    if (map->instance_type() < FIRST_JS_OBJECT_TYPE) continue;
+    if (!map->CanTransition()) continue;
 
     if (map_mark.Get() &&
         map->attached_to_shared_function_info()) {
       // This map is used for inobject slack tracking and has been detached
       // from SharedFunctionInfo during the mark phase.
       // Since it survived the GC, reattach it now.
       map->unchecked_constructor()->unchecked_shared()->AttachInitialMap(map);
     }
 
     ClearNonLivePrototypeTransitions(map);
     ClearNonLiveMapTransitions(map, map_mark);
+
+    if (map_mark.Get()) {
+      ClearNonLiveDependentCodes(map);
+    } else {
+      DeoptimizeLiveDependentCodes(map);

[Michael Starzinger, 2013/01/21 10:31:48]

How about naming this ClearAndDeoptimizeDependentCodes?

[ulan, 2013/01/21 13:11:57]

Done.

+    }
   }
 }
 
 
 void MarkCompactCollector::ClearNonLivePrototypeTransitions(Map* map) {
   int number_of_transitions = map->NumberOfProtoTransitions();
   FixedArray* prototype_transitions = map->GetPrototypeTransitions();
 
   int new_number_of_transitions = 0;
   const int header = Map::kProtoTransitionHeaderSize;
@@ skipping 48 matching lines @@
   // Follow back pointer, check whether we are dealing with a map transition
   // from a live map to a dead path and in case clear transitions of parent.
   bool current_is_alive = map_mark.Get();
   bool parent_is_alive = Marking::MarkBitFrom(parent).Get();
   if (!current_is_alive && parent_is_alive) {
     parent->ClearNonLiveTransitions(heap());
   }
 }
 
 
+void MarkCompactCollector::DeoptimizeLiveDependentCodes(Map* map) {
+  AssertNoAllocation no_allocation_scope;
+  DependentCodes* codes = map->dependent_codes();
+  int number_of_codes = codes->number_of_codes();
+  if (number_of_codes == 0) return;
+  for (int i = 0; i < number_of_codes; i++) {
+    Code* code = codes->code_at(i);
+    if (IsMarked(code) && !code->marked_for_deoptimization()) {
+      code->set_marked_for_deoptimization(true);
+    }
+    codes->clear_code_at(i);
+  }
+  map->set_dependent_codes(DependentCodes::cast(heap()->empty_fixed_array()));
+}
+
+
+void MarkCompactCollector::ClearNonLiveDependentCodes(Map* map) {
+  AssertNoAllocation no_allocation_scope;
+  DependentCodes* codes = map->dependent_codes();
+  int number_of_codes = codes->number_of_codes();
+  if (number_of_codes == 0) return;
+  int new_number_of_codes = 0;
+  for (int i = 0; i < number_of_codes; i++) {
+    Code* code = codes->code_at(i);
+    if (IsMarked(code) && !code->marked_for_deoptimization()) {
+      if (new_number_of_codes != i) {
+        codes->set_code_at(new_number_of_codes, code);
+        Object** slot = codes->code_slot_at(new_number_of_codes);
+        RecordSlot(slot, slot, code);
+        new_number_of_codes++;
+      }
+    }
+  }
+  for (int i = new_number_of_codes; i < number_of_codes; i++) {
+    codes->clear_code_at(i);
+  }
+  codes->set_number_of_codes(new_number_of_codes);
+}
+
+
 void MarkCompactCollector::ProcessWeakMaps() {
   Object* weak_map_obj = encountered_weak_maps();
   while (weak_map_obj != Smi::FromInt(0)) {
     ASSERT(MarkCompactCollector::IsMarked(HeapObject::cast(weak_map_obj)));
     JSWeakMap* weak_map = reinterpret_cast<JSWeakMap*>(weak_map_obj);
     ObjectHashTable* table = ObjectHashTable::cast(weak_map->table());
     Object** anchor = reinterpret_cast<Object**>(table->address());
     for (int i = 0; i < table->Capacity(); i++) {
       if (MarkCompactCollector::IsMarked(HeapObject::cast(table->KeyAt(i)))) {
         Object** key_slot =
@@ skipping 1575 matching lines @@
   while (buffer != NULL) {
     SlotsBuffer* next_buffer = buffer->next();
     DeallocateBuffer(buffer);
     buffer = next_buffer;
   }
   *buffer_address = NULL;
 }
 
 
 } }  // namespace v8::internal