[JSC] Weak should only accept cell pointees.
[WebKit-https.git] / Source / JavaScriptCore / heap / WeakBlock.cpp
index f307e11..13ddbc7 100644 (file)
 #include "Heap.h"
 #include "HeapRootVisitor.h"
 #include "JSObject.h"
-#include "ScopeChain.h"
+#include "JSCInlines.h"
 #include "Structure.h"
 
 namespace JSC {
 
-WeakBlock* WeakBlock::create()
+WeakBlock* WeakBlock::create(MarkedBlock& markedBlock)
 {
-    PageAllocation allocation = PageAllocation::allocate(blockSize, OSAllocator::JSGCHeapPages);
-    if (!static_cast<bool>(allocation))
-        CRASH();
-    return new (NotNull, allocation.base()) WeakBlock(allocation);
+    return new (NotNull, fastMalloc(blockSize)) WeakBlock(markedBlock);
 }
 
 void WeakBlock::destroy(WeakBlock* block)
 {
-    block->m_allocation.deallocate();
+    block->~WeakBlock();
+    fastFree(block);
 }
 
-WeakBlock::WeakBlock(PageAllocation& allocation)
-    : m_allocation(allocation)
+WeakBlock::WeakBlock(MarkedBlock& markedBlock)
+    : DoublyLinkedListNode<WeakBlock>()
+    , m_markedBlock(&markedBlock)
 {
     for (size_t i = 0; i < weakImplCount(); ++i) {
         WeakImpl* weakImpl = &weakImpls()[i];
@@ -56,10 +55,10 @@ WeakBlock::WeakBlock(PageAllocation& allocation)
         addToFreeList(&m_sweepResult.freeList, weakImpl);
     }
 
-    ASSERT(!m_sweepResult.isNull() && m_sweepResult.blockIsFree);
+    ASSERT(isEmpty());
 }
 
-void WeakBlock::finalizeAll()
+void WeakBlock::lastChanceToFinalize()
 {
     for (size_t i = 0; i < weakImplCount(); ++i) {
         WeakImpl* weakImpl = &weakImpls()[i];
@@ -72,7 +71,8 @@ void WeakBlock::finalizeAll()
 
 void WeakBlock::sweep()
 {
-    if (!m_sweepResult.isNull())
+    // If a block is completely empty, a sweep won't have any effect.
+    if (isEmpty())
         return;
 
     SweepResult sweepResult;
@@ -82,18 +82,27 @@ void WeakBlock::sweep()
             finalize(weakImpl);
         if (weakImpl->state() == WeakImpl::Deallocated)
             addToFreeList(&sweepResult.freeList, weakImpl);
-        else
+        else {
             sweepResult.blockIsFree = false;
+            if (weakImpl->state() == WeakImpl::Live)
+                sweepResult.blockIsLogicallyEmpty = false;
+        }
     }
 
     m_sweepResult = sweepResult;
     ASSERT(!m_sweepResult.isNull());
 }
 
-void WeakBlock::visitLiveWeakImpls(HeapRootVisitor& heapRootVisitor)
+void WeakBlock::visit(HeapRootVisitor& heapRootVisitor)
 {
     // If a block is completely empty, a visit won't have any effect.
-    if (!m_sweepResult.isNull() && m_sweepResult.blockIsFree)
+    if (isEmpty())
+        return;
+
+    // If this WeakBlock doesn't belong to a MarkedBlock, we won't even be here.
+    ASSERT(m_markedBlock);
+
+    if (m_markedBlock->isAllocated())
         return;
 
     SlotVisitor& visitor = heapRootVisitor.visitor();
@@ -103,25 +112,30 @@ void WeakBlock::visitLiveWeakImpls(HeapRootVisitor& heapRootVisitor)
         if (weakImpl->state() != WeakImpl::Live)
             continue;
 
-        const JSValue& jsValue = weakImpl->jsValue();
-        if (Heap::isMarked(jsValue.asCell()))
+        if (m_markedBlock->isMarkedOrNewlyAllocated(weakImpl->m_cell))
             continue;
 
         WeakHandleOwner* weakHandleOwner = weakImpl->weakHandleOwner();
         if (!weakHandleOwner)
             continue;
 
-        if (!weakHandleOwner->isReachableFromOpaqueRoots(Handle<Unknown>::wrapSlot(&const_cast<JSValue&>(jsValue)), weakImpl->context(), visitor))
+        if (!weakHandleOwner->isReachableFromOpaqueRoots(*weakImpl->m_cell, weakImpl->context(), visitor))
             continue;
 
-        heapRootVisitor.visit(&const_cast<JSValue&>(jsValue));
+        heapRootVisitor.visit(&weakImpl->m_cell);
     }
 }
 
-void WeakBlock::visitDeadWeakImpls(HeapRootVisitor&)
+void WeakBlock::reap()
 {
-    // If a block is completely empty, a visit won't have any effect.
-    if (!m_sweepResult.isNull() && m_sweepResult.blockIsFree)
+    // If a block is completely empty, a reaping won't have any effect.
+    if (isEmpty())
+        return;
+
+    // If this WeakBlock doesn't belong to a MarkedBlock, we won't even be here.
+    ASSERT(m_markedBlock);
+
+    if (m_markedBlock->isAllocated())
         return;
 
     for (size_t i = 0; i < weakImplCount(); ++i) {
@@ -129,8 +143,10 @@ void WeakBlock::visitDeadWeakImpls(HeapRootVisitor&)
         if (weakImpl->state() > WeakImpl::Dead)
             continue;
 
-        if (Heap::isMarked(weakImpl->jsValue().asCell()))
+        if (m_markedBlock->isMarkedOrNewlyAllocated(weakImpl->cell())) {
+            ASSERT(weakImpl->state() == WeakImpl::Live);
             continue;
+        }
 
         weakImpl->setState(WeakImpl::Dead);
     }