Do not fire timers for finalizing objects.

Source/platform/heap/Heap.cpp

 /*
  * Copyright (C) 2013 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  *     * Redistributions in binary form must reproduce the above
@@ skipping 525 matching lines @@
 {
     HeapObjectHeader* header = heapObjectHeader();
     if (header->isMarked())
         header->unmark();
     else
         header->markDead();
 }
 
 void LargeObject::removeFromHeap(ThreadHeap* heap)
 {
+    markAsUnswept();

[haraken, 2015/01/16 17:29:49]

Isn't it guaranteed that the page is already marked as unswept at this point?
(because removeFromHeap is called when the page is swept.)

We can probably add ASSERT(!hasBeenSwept()) instead?

[sof, 2015/01/16 19:30:17]

Removed.

     heap->freeLargeObject(this);
 }
 
 ThreadHeap::ThreadHeap(ThreadState* state, int index)
     : m_currentAllocationPoint(nullptr)
     , m_remainingAllocationSize(0)
     , m_lastRemainingAllocationSize(0)
     , m_firstPage(nullptr)
     , m_firstLargeObject(nullptr)
     , m_firstUnsweptPage(nullptr)
@@ skipping 184 matching lines @@
         HeapPage* page = m_firstUnsweptPage;
         if (page->isEmpty()) {
             page->unlink(&m_firstUnsweptPage);
             page->removeFromHeap(this);
         } else {
             // Sweep a page and move the page from m_firstUnsweptPages to
             // m_firstPages.
             page->sweep();
             page->unlink(&m_firstUnsweptPage);
             page->link(&m_firstPage);
+            page->markAsSwept();
 
             result = allocateFromFreeList(allocationSize, gcInfoIndex);
-            if (result) {
+            if (result)
                 break;
-            }
         }
     }
 
     if (threadState()->isMainThread())
         ScriptForbiddenScope::exit();
     return result;
 }
 
 bool ThreadHeap::lazySweepLargeObjects(size_t allocationSize)
 {
@@ skipping 32 matching lines @@
             if (sweptSize >= allocationSize) {
                 result = true;
                 break;
             }
         } else {
             // Sweep a large object and move the large object from
             // m_firstUnsweptLargeObjects to m_firstLargeObjects.
             largeObject->sweep();
             largeObject->unlink(&m_firstUnsweptLargeObject);
             largeObject->link(&m_firstLargeObject);
+            largeObject->markAsSwept();
         }
     }
 
     if (threadState()->isMainThread())
         ScriptForbiddenScope::exit();
     return result;
 }
 
 void ThreadHeap::completeSweep()
 {
     RELEASE_ASSERT(threadState()->isSweepingInProgress());
     ASSERT(threadState()->sweepForbidden());
 
     if (threadState()->isMainThread())
         ScriptForbiddenScope::enter();
 
     // Sweep normal pages.
     while (m_firstUnsweptPage) {
         HeapPage* page = m_firstUnsweptPage;
         if (page->isEmpty()) {
             page->unlink(&m_firstUnsweptPage);
             page->removeFromHeap(this);
         } else {
             // Sweep a page and move the page from m_firstUnsweptPages to
             // m_firstPages.
             page->sweep();
             page->unlink(&m_firstUnsweptPage);
             page->link(&m_firstPage);
+            page->markAsSwept();
         }
     }
 
     // Sweep large objects.
     while (m_firstUnsweptLargeObject) {
         LargeObject* largeObject = m_firstUnsweptLargeObject;
         if (largeObject->isEmpty()) {
             largeObject->unlink(&m_firstUnsweptLargeObject);
             largeObject->removeFromHeap(this);
         } else {
             // Sweep a large object and move the large object from
             // m_firstUnsweptLargeObjects to m_firstLargeObjects.
             largeObject->sweep();
             largeObject->unlink(&m_firstUnsweptLargeObject);
             largeObject->link(&m_firstLargeObject);
+            largeObject->markAsSwept();
         }
     }
 
     if (threadState()->isMainThread())
         ScriptForbiddenScope::exit();
 }
 
 #if ENABLE(ASSERT)
 static bool isLargeObjectAligned(LargeObject* largeObject, Address address)
 {
@@ skipping 279 matching lines @@
     Address result = headerAddress + sizeof(*header);
     ASSERT(!(reinterpret_cast<uintptr_t>(result) & allocationMask));
     LargeObject* largeObject = new (largeObjectAddress) LargeObject(pageMemory, this, size);
     header->checkHeader();
 
     // Poison the object header and allocationGranularity bytes after the object
     ASAN_POISON_MEMORY_REGION(header, sizeof(*header));
     ASAN_POISON_MEMORY_REGION(largeObject->address() + largeObject->size(), allocationGranularity);
 
     largeObject->link(&m_firstLargeObject);
+    if (threadState()->isSweepingInProgress())
+        largeObject->markAsSwept();

[haraken, 2015/01/16 17:29:49]

It's a bit inconsistent that a page allocated during sweeping is marked as swept
but a page allocated not during sweeping is marked as unswept.

You might want to set m_swept(true) in BaseHeapPage's constructor. Then you can
remove these two lines, I think.

[sof, 2015/01/16 19:30:17]

We can flip defaults that way.

 
     Heap::increaseAllocatedSpace(largeObject->size());
     Heap::increaseAllocatedObjectSize(largeObject->size());
     return result;
 }
 
 void ThreadHeap::freeLargeObject(LargeObject* object)
 {
     object->heapObjectHeader()->finalize(object->payload(), object->payloadSize());
     Heap::decreaseAllocatedSpace(object->size());
@@ skipping 68 matching lines @@
         // We got some memory, but failed to commit it, try again.
         delete memory;
     }
     return nullptr;
 }
 
 BaseHeapPage::BaseHeapPage(PageMemory* storage, ThreadHeap* heap)
     : m_storage(storage)
     , m_heap(heap)
     , m_terminating(false)
+    , m_swept(false)

[haraken, 2015/01/16 17:29:49]

As commented above, m_swept(true) will make the code a bit tidier.

[sof, 2015/01/16 19:30:17]

Done.

 {
     ASSERT(isPageHeaderAddress(reinterpret_cast<Address>(this)));
 }
 
 void BaseHeapPage::markOrphaned()
 {
     m_heap = nullptr;
     m_terminating = false;
     // Since we zap the page payload for orphaned pages we need to mark it as
     // unused so a conservative pointer won't interpret the object headers.
@@ skipping 138 matching lines @@
                     delete memory;
             } else {
                 Heap::freePagePool()->addFreePage(m_index, memory);
             }
             offset += blinkPageSize;
         }
     }
     HeapPage* page = new (pageMemory->writableStart()) HeapPage(pageMemory, this);
 
     page->link(&m_firstPage);
+    if (threadState()->isSweepingInProgress())
+        page->markAsSwept();

[haraken, 2015/01/16 17:29:49]

Ditto. I think we can remove this code.

[sof, 2015/01/16 19:30:17]

Done.

 
     Heap::increaseAllocatedSpace(blinkPageSize);
     addToFreeList(page->payload(), page->payloadSize());
 }
 
 #if ENABLE(ASSERT)
 bool ThreadHeap::pagesToBeSweptContains(Address address)
 {
     for (HeapPage* page = m_firstUnsweptPage; page; page = page->next()) {
         if (page->contains(address))
@@ skipping 31 matching lines @@
     if (hasCurrentAllocationArea()) {
         if (pagesToBeSweptContains(currentAllocationPoint()))
             return false;
     }
     return true;
 }
 #endif
 
 void ThreadHeap::makeConsistentForSweeping()
 {
-    markUnmarkedObjectsDead();
+    preparePagesForSweeping();
     setAllocationPoint(nullptr, 0);
     clearFreeLists();
 }
 
-void ThreadHeap::markUnmarkedObjectsDead()
+void ThreadHeap::preparePagesForSweeping()
 {
     ASSERT(isConsistentForSweeping());
+    for (HeapPage* page = m_firstPage; page; page = page->next())

[haraken, 2015/01/16 17:29:49]

You can move this loop to after line 1484.

[sof, 2015/01/16 19:30:17]

It's preferable to have this loop here & over these pages only; there's actually
no need to clear the sweep flag on the as-yet-unswept heap pages. By
construction these will be cleared/false already.

+        page->markAsUnswept();
+
     // If a new GC is requested before this thread got around to sweep,
     // ie. due to the thread doing a long running operation, we clear
     // the mark bits and mark any of the dead objects as dead. The latter
     // is used to ensure the next GC marking does not trace already dead
     // objects. If we trace a dead object we could end up tracing into
     // garbage or the middle of another object via the newly conservatively
     // found object.
     HeapPage* previousPage = nullptr;
     for (HeapPage* page = m_firstUnsweptPage; page; previousPage = page, page = page->next()) {
         page->markUnmarkedObjectsDead();
+        page->markAsUnswept();

[haraken, 2015/01/16 17:29:49]

Then you won't need this.

     }
     if (previousPage) {
         ASSERT(m_firstUnsweptPage);
         previousPage->m_next = m_firstPage;
         m_firstPage = m_firstUnsweptPage;
         m_firstUnsweptPage = nullptr;
     }
     ASSERT(!m_firstUnsweptPage);
 
+    for (LargeObject* largeObject = m_firstLargeObject; largeObject; largeObject = largeObject->next())

[haraken, 2015/01/16 17:29:49]

Ditto.

[sof, 2015/01/16 19:30:17]

See above.

+        largeObject->markAsUnswept();
+
     LargeObject* previousLargeObject = nullptr;
     for (LargeObject* largeObject = m_firstUnsweptLargeObject; largeObject; previousLargeObject = largeObject, largeObject = largeObject->next()) {
         largeObject->markUnmarkedObjectsDead();
+        largeObject->markAsUnswept();
     }
     if (previousLargeObject) {
         ASSERT(m_firstUnsweptLargeObject);
         previousLargeObject->m_next = m_firstLargeObject;
         m_firstLargeObject = m_firstUnsweptLargeObject;
         m_firstUnsweptLargeObject = nullptr;
     }
     ASSERT(!m_firstUnsweptLargeObject);
 }
 
@@ skipping 125 matching lines @@
         if (header->isMarked())
             header->unmark();
         else
             header->markDead();
         headerAddress += header->size();
     }
 }
 
 void HeapPage::removeFromHeap(ThreadHeap* heap)
 {
+    markAsUnswept();

[haraken, 2015/01/16 17:29:49]

I think the page is already marked as unswept. ASSERT(!hasBeenSwept()) instead?

[sof, 2015/01/16 19:30:17]

Removed.

     heap->freePage(this);
 }
 
 void HeapPage::populateObjectStartBitMap()
 {
     memset(&m_objectStartBitMap, 0, objectStartBitMapSize);
     Address start = payload();
     for (Address headerAddress = start; headerAddress < payloadEnd();) {
         HeapObjectHeader* header = reinterpret_cast<HeapObjectHeader*>(headerAddress);
         size_t objectOffset = headerAddress - start;
@@ skipping 1063 matching lines @@
 bool Heap::s_shutdownCalled = false;
 bool Heap::s_lastGCWasConservative = false;
 FreePagePool* Heap::s_freePagePool;
 OrphanedPagePool* Heap::s_orphanedPagePool;
 Heap::RegionTree* Heap::s_regionTree = nullptr;
 size_t Heap::s_allocatedObjectSize = 0;
 size_t Heap::s_allocatedSpace = 0;
 size_t Heap::s_markedObjectSize = 0;
 
 } // namespace blink