[webkit-changes] [WebKit/WebKit] bebb14: [JSC] Make CodeBlock destruction lazy

Mon, 27 Nov 2023 18:18:20 -0800 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: bebb1488bc66c7d4a4b5b2837a3e8e163659b623
      
https://github.com/WebKit/WebKit/commit/bebb1488bc66c7d4a4b5b2837a3e8e163659b623
  Author: Yusuke Suzuki <ysuz...@apple.com>
  Date:   2023-11-27 (Mon, 27 Nov 2023)

  Changed paths:
    M Source/JavaScriptCore/bytecode/CodeBlock.cpp
    M Source/JavaScriptCore/bytecode/CodeBlockJettisoningWatchpoint.cpp
    M Source/JavaScriptCore/bytecode/CodeBlockJettisoningWatchpoint.h
    M Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp
    M Source/JavaScriptCore/bytecode/MetadataTable.cpp
    M Source/JavaScriptCore/bytecode/MetadataTable.h
    M Source/JavaScriptCore/bytecode/UnlinkedCodeBlock.cpp
    M Source/JavaScriptCore/bytecode/UnlinkedCodeBlock.h
    M Source/JavaScriptCore/bytecode/UnlinkedMetadataTable.h
    M Source/JavaScriptCore/heap/CodeBlockSet.cpp
    M Source/JavaScriptCore/heap/CodeBlockSet.h
    M Source/JavaScriptCore/heap/Heap.cpp
    M Source/JavaScriptCore/heap/Heap.h
    M Source/JavaScriptCore/heap/JITStubRoutineSet.cpp
    M Source/JavaScriptCore/heap/JITStubRoutineSet.h
    M Source/JavaScriptCore/jit/GCAwareJITStubRoutine.cpp
    M Source/JavaScriptCore/jit/GCAwareJITStubRoutine.h
    M Source/JavaScriptCore/jit/PolymorphicCallStubRoutine.cpp
    M Source/JavaScriptCore/jit/PolymorphicCallStubRoutine.h
    M Source/JavaScriptCore/runtime/CachedTypes.cpp

  Log Message:
  -----------
  [JSC] Make CodeBlock destruction lazy
https://bugs.webkit.org/show_bug.cgi?id=265361
rdar://118818460

Reviewed by Mark Lam.

This patch makes CodeBlock destruction lazy.

1. CodeBlockSet is relying on the fact that CodeBlock's destructor is called as 
soon as it gets dead.
   We wipe dead CodeBlocks instead in 
CodeBlockSet::clearCurrentlyExecutingAndRemoveDeadCodeBlocks.
2. JITStubRoutine has a possibility that, (1) now CodeBlock is dead but 
destructor is not called, (2) JITStubRoutine
   was not executed, but (3) because of conservativeness, once it is determined 
as non-executed but now it is conservatively
   seen as executed. In this case, we may mark already dead cells and cause the 
problem. In this patch, GCAwareJITStubRoutine
   now has owner cell (we already had this concept), and we maintain the 
liveness information of this owner cell.
   As a result, we can know that whether this JITStubRoutine is dead or not 
based on this owner cell's liveness and avoid the
   above race conditions.
3. CodeBlockJettisoningWatchpoint should check whether CodeBlock is still alive 
(via isLive), since it is possible that CodeBlock
   may be dead now but destructor is not called yet. This is well aligned to 
the other Watchpoint.
4. CodeBlock destructor should not touch UnlinkedCodeBlock since it may be 
already dead at this point. Previously it was OK since
   we are always sweeping CodeBlocks first before UnlinkedCodeBlock. But now 
this is not guaranteed. But only usage is didOptimize
   bit propagation. So we put this in UnlinkedMetadataTable instead. We may 
miss this propagation when MetadataTable is empty, but
   this is very rare and it happens only for super small functions, so it does 
not matter for the real world code.

* Source/JavaScriptCore/bytecode/CodeBlock.cpp:
(JSC::CodeBlock::~CodeBlock):
* Source/JavaScriptCore/bytecode/CodeBlockJettisoningWatchpoint.cpp:
(JSC::CodeBlockJettisoningWatchpoint::fireInternal):
* Source/JavaScriptCore/bytecode/CodeBlockJettisoningWatchpoint.h:
* Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp:
(JSC::InlineCacheCompiler::regenerate):
* Source/JavaScriptCore/bytecode/MetadataTable.cpp:
(JSC::MetadataTable::sizeInBytesForGC):
* Source/JavaScriptCore/bytecode/MetadataTable.h:
(JSC::MetadataTable::forEachValueProfile):
(JSC::MetadataTable::valueProfileForOffset):
(JSC::MetadataTable::unlinkedMetadata const):
(JSC::MetadataTable::totalSize const):
* Source/JavaScriptCore/bytecode/UnlinkedCodeBlock.cpp:
(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
* Source/JavaScriptCore/bytecode/UnlinkedCodeBlock.h:
(JSC::UnlinkedCodeBlock::didOptimize const):
(JSC::UnlinkedCodeBlock::setDidOptimize):
* Source/JavaScriptCore/bytecode/UnlinkedMetadataTable.h:
(JSC::UnlinkedMetadataTable::didOptimize const):
(JSC::UnlinkedMetadataTable::setDidOptimize):
* Source/JavaScriptCore/heap/CodeBlockSet.cpp:
(JSC::CodeBlockSet::clearCurrentlyExecutingAndRemoveDeadCodeBlocks):
(JSC::CodeBlockSet::clearCurrentlyExecuting): Deleted.
* Source/JavaScriptCore/heap/CodeBlockSet.h:
* Source/JavaScriptCore/heap/Heap.cpp:
(JSC::Heap::deleteUnmarkedCompiledCode):
(JSC::Heap::runEndPhase):
(JSC::Heap::finalize):
* Source/JavaScriptCore/heap/JITStubRoutineSet.cpp:
(JSC::JITStubRoutineSet::~JITStubRoutineSet):
(JSC::JITStubRoutineSet::deleteUnmarkedJettisonedStubRoutines):
* Source/JavaScriptCore/heap/JITStubRoutineSet.h:
(JSC::JITStubRoutineSet::deleteUnmarkedJettisonedStubRoutines):
* Source/JavaScriptCore/jit/GCAwareJITStubRoutine.cpp:
(JSC::GCAwareJITStubRoutine::GCAwareJITStubRoutine):
(JSC::PolymorphicAccessJITStubRoutine::PolymorphicAccessJITStubRoutine):
(JSC::MarkingGCAwareJITStubRoutine::MarkingGCAwareJITStubRoutine):
(JSC::GCAwareJITStubRoutineWithExceptionHandler::GCAwareJITStubRoutineWithExceptionHandler):
(JSC::createICJITStubRoutine):
* Source/JavaScriptCore/jit/GCAwareJITStubRoutine.h:
(JSC::GCAwareJITStubRoutine::create):
(JSC::GCAwareJITStubRoutine::owner const):
* Source/JavaScriptCore/jit/PolymorphicCallStubRoutine.cpp:
(JSC::PolymorphicCallStubRoutine::PolymorphicCallStubRoutine):
* Source/JavaScriptCore/jit/PolymorphicCallStubRoutine.h:
* Source/JavaScriptCore/runtime/CachedTypes.cpp:
(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):

Canonical link: https://commits.webkit.org/271184@main


_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to