JavaScriptBench
diff --git a/‎Source/JavaScriptCore/API/JSBase.cpp‎
Lines changed: 4 additions & 1 deletion b/‎Source/JavaScriptCore/API/JSBase.cpp‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎Source/JavaScriptCore/ChangeLog‎
Lines changed: 66 additions & 0 deletions b/‎Source/JavaScriptCore/ChangeLog‎
Lines changed: 66 additions & 0 deletions
diff --git a/‎Source/JavaScriptCore/bytecode/CodeBlock.cpp‎
Lines changed: 5 additions & 5 deletions b/‎Source/JavaScriptCore/bytecode/CodeBlock.cpp‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎Source/JavaScriptCore/bytecode/CodeBlock.h‎
Lines changed: 1 addition & 1 deletion b/‎Source/JavaScriptCore/bytecode/CodeBlock.h‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎Source/JavaScriptCore/heap/Heap.cpp‎
Lines changed: 17 additions & 20 deletions b/‎Source/JavaScriptCore/heap/Heap.cpp‎
Lines changed: 17 additions & 20 deletions
diff --git a/‎Source/JavaScriptCore/heap/Heap.h‎
Lines changed: 15 additions & 6 deletions b/‎Source/JavaScriptCore/heap/Heap.h‎
Lines changed: 15 additions & 6 deletions
diff --git a/‎Source/JavaScriptCore/heap/HeapInlines.h‎
Lines changed: 32 additions & 3 deletions b/‎Source/JavaScriptCore/heap/HeapInlines.h‎
Lines changed: 32 additions & 3 deletions
diff --git a/‎Source/JavaScriptCore/heap/SlotVisitor.h‎
Lines changed: 1 addition & 1 deletion b/‎Source/JavaScriptCore/heap/SlotVisitor.h‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎Source/JavaScriptCore/heap/SlotVisitorInlines.h‎
Lines changed: 2 additions & 20 deletions b/‎Source/JavaScriptCore/heap/SlotVisitorInlines.h‎
Lines changed: 2 additions & 20 deletions
diff --git a/‎Source/JavaScriptCore/runtime/JSArrayBufferView.cpp‎
Lines changed: 1 addition & 1 deletion b/‎Source/JavaScriptCore/runtime/JSArrayBufferView.cpp‎
Lines changed: 1 addition & 1 deletion
@@ -139,7 +139,10 @@ void JSReportExtraMemoryCost(JSContextRef ctx, size_t size)
     }
     ExecState* exec = toJS(ctx);
     JSLockHolder locker(exec);
-    exec->vm().heap.reportExtraMemoryCost(size);
+
+    // FIXME: switch to deprecatedReportExtraMemory.
+    // https://bugs.webkit.org/show_bug.cgi?id=142593
+    exec->vm().heap.reportExtraMemoryAllocated(size);
 }
 
 extern "C" JS_EXPORT void JSSynchronousGarbageCollectForDebugging(JSContextRef);
 
@@ -1,3 +1,69 @@
+2015-03-11  Geoffrey Garen  <ggaren@apple.com>
+
+        Refactored the JSC::Heap extra cost API for clarity and to make some known bugs more obvious
+        https://bugs.webkit.org/show_bug.cgi?id=142589
+
+        Reviewed by Andreas Kling.
+
+        * API/JSBase.cpp:
+        (JSReportExtraMemoryCost): Added a FIXME to annotate a known bug.
+
+        * bytecode/CodeBlock.cpp:
+        (JSC::CodeBlock::CodeBlock):
+        (JSC::CodeBlock::visitAggregate):
+        * bytecode/CodeBlock.h:
+        (JSC::CodeBlock::setJITCode): Updated for rename.
+
+        * heap/Heap.cpp:
+        (JSC::Heap::Heap):
+        (JSC::Heap::reportExtraMemoryAllocatedSlowCase):
+        (JSC::Heap::deprecatedReportExtraMemorySlowCase): Renamed our reporting
+        APIs to clarify their relationship to each other: One must report extra
+        memory at the time of allocation, and at the time the GC visits it.
+
+        (JSC::Heap::extraMemorySize):
+        (JSC::Heap::size):
+        (JSC::Heap::capacity):
+        (JSC::Heap::sizeAfterCollect):
+        (JSC::Heap::willStartCollection): Updated for renames. Added explicit
+        API for deprecated users who can't use our best API.
+ 
+        (JSC::Heap::reportExtraMemoryCostSlowCase): Deleted.
+        (JSC::Heap::extraSize): Deleted.
+
+        * heap/Heap.h:
+        * heap/HeapInlines.h:
+        (JSC::Heap::reportExtraMemoryAllocated):
+        (JSC::Heap::reportExtraMemoryVisited):
+        (JSC::Heap::deprecatedReportExtraMemory):
+        (JSC::Heap::reportExtraMemoryCost): Deleted. Ditto.
+
+        * heap/SlotVisitor.h:
+        * heap/SlotVisitorInlines.h:
+        (JSC::SlotVisitor::reportExtraMemoryVisited):
+        (JSC::SlotVisitor::reportExtraMemoryUsage): Deleted. Moved this
+        functionality into the Heap since it's pretty detailed in its access
+        to the heap.
+
+        * runtime/JSArrayBufferView.cpp:
+        (JSC::JSArrayBufferView::ConstructionContext::ConstructionContext):
+        * runtime/JSGenericTypedArrayViewInlines.h:
+        (JSC::JSGenericTypedArrayView<Adaptor>::visitChildren): Updated for
+        renames.
+
+        * runtime/JSString.cpp:
+        (JSC::JSString::visitChildren):
+        (JSC::JSRopeString::resolveRopeToAtomicString):
+        (JSC::JSRopeString::resolveRope):
+        * runtime/JSString.h:
+        (JSC::JSString::finishCreation): Updated for renames.
+
+        * runtime/SparseArrayValueMap.cpp:
+        (JSC::SparseArrayValueMap::add): Added FIXME.
+
+        * runtime/WeakMapData.cpp:
+        (JSC::WeakMapData::visitChildren): Updated for rename.
+
 2015-03-11  Ryosuke Niwa  <rniwa@webkit.org>
 
         Calling super() in a base class results in a crash
 
@@ -1677,7 +1677,7 @@ CodeBlock::CodeBlock(CopyParsedBlockTag, CodeBlock& other)
     }
 
     m_heap->m_codeBlocks.add(this);
-    m_heap->reportExtraMemoryCost(sizeof(CodeBlock));
+    m_heap->reportExtraMemoryAllocated(sizeof(CodeBlock));
 }
 
 CodeBlock::CodeBlock(ScriptExecutable* ownerExecutable, UnlinkedCodeBlock* unlinkedCodeBlock, JSScope* scope, PassRefPtr<SourceProvider> sourceProvider, unsigned sourceOffset, unsigned firstLineColumnOffset)
@@ -2131,7 +2131,7 @@ CodeBlock::CodeBlock(ScriptExecutable* ownerExecutable, UnlinkedCodeBlock* unlin
         dumpBytecode();
 
     m_heap->m_codeBlocks.add(this);
-    m_heap->reportExtraMemoryCost(sizeof(CodeBlock) + m_instructions.size() * sizeof(Instruction));
+    m_heap->reportExtraMemoryAllocated(sizeof(CodeBlock) + m_instructions.size() * sizeof(Instruction));
 }
 
 CodeBlock::~CodeBlock()
@@ -2223,15 +2223,15 @@ void CodeBlock::visitAggregate(SlotVisitor& visitor)
     if (CodeBlock* otherBlock = specialOSREntryBlockOrNull())
         otherBlock->visitAggregate(visitor);
 
-    visitor.reportExtraMemoryUsage(ownerExecutable(), sizeof(CodeBlock));
+    visitor.reportExtraMemoryVisited(ownerExecutable(), sizeof(CodeBlock));
     if (m_jitCode)
-        visitor.reportExtraMemoryUsage(ownerExecutable(), m_jitCode->size());
+        visitor.reportExtraMemoryVisited(ownerExecutable(), m_jitCode->size());
     if (m_instructions.size()) {
         // Divide by refCount() because m_instructions points to something that is shared
         // by multiple CodeBlocks, and we only want to count it towards the heap size once.
         // Having each CodeBlock report only its proportional share of the size is one way
         // of accomplishing this.
-        visitor.reportExtraMemoryUsage(ownerExecutable(), m_instructions.size() * sizeof(Instruction) / m_instructions.refCount());
+        visitor.reportExtraMemoryVisited(ownerExecutable(), m_instructions.size() * sizeof(Instruction) / m_instructions.refCount());
     }
 
     visitor.append(&m_unlinkedCode);
 
@@ -273,7 +273,7 @@ class CodeBlock : public ThreadSafeRefCounted<CodeBlock>, public UnconditionalFi
     void setJITCode(PassRefPtr<JITCode> code)
     {
         ASSERT(m_heap->isDeferred());
-        m_heap->reportExtraMemoryCost(code->size());
+        m_heap->reportExtraMemoryAllocated(code->size());
         ConcurrentJITLocker locker(m_lock);
         WTF::storeStoreFence(); // This is probably not needed because the lock will also do something similar, but it's good to be paranoid.
         m_jitCode = code;
 
@@ -309,7 +309,8 @@ Heap::Heap(VM* vm, HeapType heapType)
     , m_operationInProgress(NoOperation)
     , m_objectSpace(this)
     , m_storageSpace(this)
-    , m_extraMemoryUsage(0)
+    , m_extraMemorySize(0)
+    , m_deprecatedExtraMemorySize(0)
     , m_machineThreads(this)
     , m_sharedData(vm)
     , m_slotVisitor(m_sharedData)
@@ -392,23 +393,18 @@ void Heap::releaseDelayedReleasedObjects()
 #endif
 }
 
-void Heap::reportExtraMemoryCostSlowCase(size_t cost)
+void Heap::reportExtraMemoryAllocatedSlowCase(size_t size)
 {
-    // Our frequency of garbage collection tries to balance memory use against speed
-    // by collecting based on the number of newly created values. However, for values
-    // that hold on to a great deal of memory that's not in the form of other JS values,
-    // that is not good enough - in some cases a lot of those objects can pile up and
-    // use crazy amounts of memory without a GC happening. So we track these extra
-    // memory costs. Only unusually large objects are noted, and we only keep track
-    // of this extra cost until the next GC. In garbage collected languages, most values
-    // are either very short lived temporaries, or have extremely long lifetimes. So
-    // if a large value survives one garbage collection, there is not much point to
-    // collecting more frequently as long as it stays alive.
-
-    didAllocate(cost);
+    didAllocate(size);
     collectIfNecessaryOrDefer();
 }
 
+void Heap::deprecatedReportExtraMemorySlowCase(size_t size)
+{
+    m_deprecatedExtraMemorySize += size;
+    reportExtraMemoryAllocatedSlowCase(size);
+}
+
 void Heap::reportAbandonedObjectGraph()
 {
     // Our clients don't know exactly how much memory they
@@ -854,19 +850,19 @@ size_t Heap::objectCount()
     return m_objectSpace.objectCount();
 }
 
-size_t Heap::extraSize()
+size_t Heap::extraMemorySize()
 {
-    return m_extraMemoryUsage + m_arrayBuffers.size();
+    return m_extraMemorySize + m_deprecatedExtraMemorySize + m_arrayBuffers.size();
 }
 
 size_t Heap::size()
 {
-    return m_objectSpace.size() + m_storageSpace.size() + extraSize();
+    return m_objectSpace.size() + m_storageSpace.size() + extraMemorySize();
 }
 
 size_t Heap::capacity()
 {
-    return m_objectSpace.capacity() + m_storageSpace.capacity() + extraSize();
+    return m_objectSpace.capacity() + m_storageSpace.capacity() + extraMemorySize();
 }
 
 size_t Heap::sizeAfterCollect()
@@ -876,7 +872,7 @@ size_t Heap::sizeAfterCollect()
     // rather than all used (including dead) copied bytes, thus it's 
     // always the case that m_totalBytesCopied <= m_storageSpace.size(). 
     ASSERT(m_totalBytesCopied <= m_storageSpace.size());
-    return m_totalBytesVisited + m_totalBytesCopied + extraSize();
+    return m_totalBytesVisited + m_totalBytesCopied + extraMemorySize();
 }
 
 size_t Heap::protectedGlobalObjectCount()
@@ -1124,7 +1120,8 @@ void Heap::willStartCollection(HeapOperation collectionType)
     }
     if (m_operationInProgress == FullCollection) {
         m_sizeBeforeLastFullCollect = m_sizeAfterLastCollect + m_bytesAllocatedThisCycle;
-        m_extraMemoryUsage = 0;
+        m_extraMemorySize = 0;
+        m_deprecatedExtraMemorySize = 0;
 
         if (m_fullActivityCallback)
             m_fullActivityCallback->willCollect();
 
@@ -161,13 +161,21 @@ class Heap {
     JS_EXPORT_PRIVATE void collect(HeapOperation collectionType = AnyCollection);
     bool collectIfNecessaryOrDefer(); // Returns true if it did collect.
 
-    void reportExtraMemoryCost(size_t cost);
+    // Use this API to report non-GC memory referenced by GC objects. Be sure to
+    // call both of these functions: Calling only one may trigger catastropic
+    // memory growth.
+    void reportExtraMemoryAllocated(size_t);
+    void reportExtraMemoryVisited(JSCell*, size_t);
+
+    // Use this API to report non-GC memory if you can't use the better API above.
+    void deprecatedReportExtraMemory(size_t);
+
     JS_EXPORT_PRIVATE void reportAbandonedObjectGraph();
 
     JS_EXPORT_PRIVATE void protect(JSValue);
     JS_EXPORT_PRIVATE bool unprotect(JSValue); // True when the protect count drops to 0.
 
-    size_t extraSize(); // extra memory usage outside of pages allocated by the heap
+    size_t extraMemorySize(); // Non-GC memory referenced by GC objects.
     JS_EXPORT_PRIVATE size_t size();
     JS_EXPORT_PRIVATE size_t capacity();
     JS_EXPORT_PRIVATE size_t objectCount();
@@ -261,15 +269,15 @@ class Heap {
     void* allocateWithoutDestructor(size_t); // For use with objects without destructors.
     template<typename ClassType> void* allocateObjectOfType(size_t); // Chooses one of the methods above based on type.
 
-    static const size_t minExtraCost = 256;
-    static const size_t maxExtraCost = 1024 * 1024;
+    static const size_t minExtraMemory = 256;
 
     class FinalizerOwner : public WeakHandleOwner {
         virtual void finalize(Handle<Unknown>, void* context) override;
     };
 
     JS_EXPORT_PRIVATE bool isValidAllocation(size_t);
-    JS_EXPORT_PRIVATE void reportExtraMemoryCostSlowCase(size_t);
+    JS_EXPORT_PRIVATE void reportExtraMemoryAllocatedSlowCase(size_t);
+    JS_EXPORT_PRIVATE void deprecatedReportExtraMemorySlowCase(size_t);
 
     void collectImpl(HeapOperation, void* stackOrigin, void* stackTop, MachineThreads::RegisterState&);
 
@@ -353,7 +361,8 @@ class Heap {
     MarkedSpace m_objectSpace;
     CopiedSpace m_storageSpace;
     GCIncomingRefCountedSet<ArrayBuffer> m_arrayBuffers;
-    size_t m_extraMemoryUsage;
+    size_t m_extraMemorySize;
+    size_t m_deprecatedExtraMemorySize;
 
     HashSet<const JSCell*> m_copyingRememberedSet;
 
 
@@ -152,10 +152,39 @@ inline void Heap::writeBarrier(const JSCell* from)
 #endif
 }
 
-inline void Heap::reportExtraMemoryCost(size_t cost)
+inline void Heap::reportExtraMemoryAllocated(size_t size)
 {
-    if (cost > minExtraCost) 
-        reportExtraMemoryCostSlowCase(cost);
+    if (size > minExtraMemory) 
+        reportExtraMemoryAllocatedSlowCase(size);
+}
+
+inline void Heap::reportExtraMemoryVisited(JSCell* owner, size_t size)
+{
+#if ENABLE(GGC)
+    // We don't want to double-count the extra memory that was reported in previous collections.
+    if (operationInProgress() == EdenCollection && Heap::isRemembered(owner))
+        return;
+#else
+    UNUSED_PARAM(owner);
+#endif
+
+    size_t* counter = &m_extraMemorySize;
+    
+#if ENABLE(COMPARE_AND_SWAP)
+    for (;;) {
+        size_t oldSize = *counter;
+        if (WTF::weakCompareAndSwapSize(counter, oldSize, oldSize + size))
+            return;
+    }
+#else
+    (*counter) += size;
+#endif
+}
+
+inline void Heap::deprecatedReportExtraMemory(size_t size)
+{
+    if (size > minExtraMemory) 
+        deprecatedReportExtraMemorySlowCase(size);
 }
 
 template<typename Functor> inline typename Functor::ReturnType Heap::forEachProtectedCell(Functor& functor)
 
@@ -105,7 +105,7 @@ class SlotVisitor {
 
     void copyLater(JSCell*, CopyToken, void*, size_t);
 
-    void reportExtraMemoryUsage(JSCell* owner, size_t);
+    void reportExtraMemoryVisited(JSCell* owner, size_t);
 
     void addWeakReferenceHarvester(WeakReferenceHarvester*);
     void addUnconditionalFinalizer(UnconditionalFinalizer*);
 
@@ -252,27 +252,9 @@ inline void SlotVisitor::copyLater(JSCell* owner, CopyToken token, void* ptr, si
     }
 }
 
-inline void SlotVisitor::reportExtraMemoryUsage(JSCell* owner, size_t size)
+inline void SlotVisitor::reportExtraMemoryVisited(JSCell* owner, size_t size)
 {
-#if ENABLE(GGC)
-    // We don't want to double-count the extra memory that was reported in previous collections.
-    if (heap()->operationInProgress() == EdenCollection && Heap::isRemembered(owner))
-        return;
-#else
-    UNUSED_PARAM(owner);
-#endif
-
-    size_t* counter = &m_shared.m_vm->heap.m_extraMemoryUsage;
-    
-#if ENABLE(COMPARE_AND_SWAP)
-    for (;;) {
-        size_t oldSize = *counter;
-        if (WTF::weakCompareAndSwapSize(counter, oldSize, oldSize + size))
-            return;
-    }
-#else
-    (*counter) += size;
-#endif
+    heap()->reportExtraMemoryVisited(owner, size);
 }
 
 inline Heap* SlotVisitor::heap() const
 
@@ -78,7 +78,7 @@ JSArrayBufferView::ConstructionContext::ConstructionContext(
             return;
     }
 
-    vm.heap.reportExtraMemoryCost(static_cast<size_t>(length) * elementSize);
+    vm.heap.reportExtraMemoryAllocated(static_cast<size_t>(length) * elementSize);
 
     m_structure = structure;
     m_mode = OversizeTypedArray;
Original file line number	Diff line number	Diff line change
`@@ -139,7 +139,10 @@ void JSReportExtraMemoryCost(JSContextRef ctx, size_t size)`
`139`	`139`	`}`
`140`	`140`	`ExecState* exec = toJS(ctx);`
`141`	`141`	`JSLockHolder locker(exec);`
`142`		`- exec->vm().heap.reportExtraMemoryCost(size);`
	`142`	`+`
	`143`	`+ // FIXME: switch to deprecatedReportExtraMemory.`
	`144`	`+ // https://bugs.webkit.org/show_bug.cgi?id=142593`
	`145`	`+ exec->vm().heap.reportExtraMemoryAllocated(size);`
`143`	`146`	`}`
`144`	`147`
`145`	`148`	`extern "C" JS_EXPORT void JSSynchronousGarbageCollectForDebugging(JSContextRef);`
Original file line number	Diff line number	Diff line change
`@@ -273,7 +273,7 @@ class CodeBlock : public ThreadSafeRefCounted<CodeBlock>, public UnconditionalFi`
`273`	`273`	`void setJITCode(PassRefPtr<JITCode> code)`
`274`	`274`	`{`
`275`	`275`	`ASSERT(m_heap->isDeferred());`
`276`		`- m_heap->reportExtraMemoryCost(code->size());`
	`276`	`+ m_heap->reportExtraMemoryAllocated(code->size());`
`277`	`277`	`ConcurrentJITLocker locker(m_lock);`
`278`	`278`	`WTF::storeStoreFence(); // This is probably not needed because the lock will also do something similar, but it's good to be paranoid.`
`279`	`279`	`m_jitCode = code;`
Original file line number	Diff line number	Diff line change
`@@ -78,7 +78,7 @@ JSArrayBufferView::ConstructionContext::ConstructionContext(`
`78`	`78`	`return;`
`79`	`79`	`}`
`80`	`80`
`81`		`- vm.heap.reportExtraMemoryCost(static_cast<size_t>(length) * elementSize);`
	`81`	`+ vm.heap.reportExtraMemoryAllocated(static_cast<size_t>(length) * elementSize);`
`82`	`82`
`83`	`83`	`m_structure = structure;`
`84`	`84`	`m_mode = OversizeTypedArray;`