[SCM] WebKit Debian packaging branch, debian/unstable, updated. debian/1.1.15-1-40151-g37bb677
mjs
mjs at 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Sat Sep 26 07:07:30 UTC 2009
The following commit has been merged in the debian/unstable branch:
commit 1a9f113f16c15d33e635d964229046a6e39fa712
Author: mjs <mjs at 268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Sun Nov 24 07:49:26 2002 +0000
- completed Darin's mostly-fix for 3037795 - Resource use
increases when accessing very high index value in array
The two missing pieces were handling sparse properties when
shrinking the array, and when sorting. Thse are now both taken
care of.
* kjs/array_instance.h:
* kjs/array_object.cpp:
(ArrayInstanceImp::put):
(ArrayInstanceImp::deleteProperty):
(ArrayInstanceImp::resizeStorage):
(ArrayInstanceImp::setLength):
(ArrayInstanceImp::sort):
(ArrayInstanceImp::pushUndefinedObjectsToEnd):
* kjs/identifier.h:
* kjs/object.h:
* kjs/property_map.cpp:
* kjs/property_map.h:
* kjs/reference_list.cpp:
(ReferenceList::append):
(ReferenceList::length):
* kjs/reference_list.h:
* kjs/ustring.cpp:
(UString::toUInt32):
* kjs/ustring.h:
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@2846 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/JavaScriptCore/ChangeLog b/JavaScriptCore/ChangeLog
index a83a29b..5dddb55 100644
--- a/JavaScriptCore/ChangeLog
+++ b/JavaScriptCore/ChangeLog
@@ -1,5 +1,34 @@
2002-11-23 Maciej Stachowiak <mjs at apple.com>
+ - completed Darin's mostly-fix for 3037795 - Resource use
+ increases when accessing very high index value in array
+
+ The two missing pieces were handling sparse properties when
+ shrinking the array, and when sorting. Thse are now both taken
+ care of.
+
+ * kjs/array_instance.h:
+ * kjs/array_object.cpp:
+ (ArrayInstanceImp::put):
+ (ArrayInstanceImp::deleteProperty):
+ (ArrayInstanceImp::resizeStorage):
+ (ArrayInstanceImp::setLength):
+ (ArrayInstanceImp::sort):
+ (ArrayInstanceImp::pushUndefinedObjectsToEnd):
+ * kjs/identifier.h:
+ * kjs/object.h:
+ * kjs/property_map.cpp:
+ * kjs/property_map.h:
+ * kjs/reference_list.cpp:
+ (ReferenceList::append):
+ (ReferenceList::length):
+ * kjs/reference_list.h:
+ * kjs/ustring.cpp:
+ (UString::toUInt32):
+ * kjs/ustring.h:
+
+2002-11-23 Maciej Stachowiak <mjs at apple.com>
+
Numerous collector changes for a net gain of 3% on JS ibench:
- Replaced per-block bitmap with free list.
diff --git a/JavaScriptCore/ChangeLog-2002-12-03 b/JavaScriptCore/ChangeLog-2002-12-03
index a83a29b..5dddb55 100644
--- a/JavaScriptCore/ChangeLog-2002-12-03
+++ b/JavaScriptCore/ChangeLog-2002-12-03
@@ -1,5 +1,34 @@
2002-11-23 Maciej Stachowiak <mjs at apple.com>
+ - completed Darin's mostly-fix for 3037795 - Resource use
+ increases when accessing very high index value in array
+
+ The two missing pieces were handling sparse properties when
+ shrinking the array, and when sorting. Thse are now both taken
+ care of.
+
+ * kjs/array_instance.h:
+ * kjs/array_object.cpp:
+ (ArrayInstanceImp::put):
+ (ArrayInstanceImp::deleteProperty):
+ (ArrayInstanceImp::resizeStorage):
+ (ArrayInstanceImp::setLength):
+ (ArrayInstanceImp::sort):
+ (ArrayInstanceImp::pushUndefinedObjectsToEnd):
+ * kjs/identifier.h:
+ * kjs/object.h:
+ * kjs/property_map.cpp:
+ * kjs/property_map.h:
+ * kjs/reference_list.cpp:
+ (ReferenceList::append):
+ (ReferenceList::length):
+ * kjs/reference_list.h:
+ * kjs/ustring.cpp:
+ (UString::toUInt32):
+ * kjs/ustring.h:
+
+2002-11-23 Maciej Stachowiak <mjs at apple.com>
+
Numerous collector changes for a net gain of 3% on JS ibench:
- Replaced per-block bitmap with free list.
diff --git a/JavaScriptCore/ChangeLog-2003-10-25 b/JavaScriptCore/ChangeLog-2003-10-25
index a83a29b..5dddb55 100644
--- a/JavaScriptCore/ChangeLog-2003-10-25
+++ b/JavaScriptCore/ChangeLog-2003-10-25
@@ -1,5 +1,34 @@
2002-11-23 Maciej Stachowiak <mjs at apple.com>
+ - completed Darin's mostly-fix for 3037795 - Resource use
+ increases when accessing very high index value in array
+
+ The two missing pieces were handling sparse properties when
+ shrinking the array, and when sorting. Thse are now both taken
+ care of.
+
+ * kjs/array_instance.h:
+ * kjs/array_object.cpp:
+ (ArrayInstanceImp::put):
+ (ArrayInstanceImp::deleteProperty):
+ (ArrayInstanceImp::resizeStorage):
+ (ArrayInstanceImp::setLength):
+ (ArrayInstanceImp::sort):
+ (ArrayInstanceImp::pushUndefinedObjectsToEnd):
+ * kjs/identifier.h:
+ * kjs/object.h:
+ * kjs/property_map.cpp:
+ * kjs/property_map.h:
+ * kjs/reference_list.cpp:
+ (ReferenceList::append):
+ (ReferenceList::length):
+ * kjs/reference_list.h:
+ * kjs/ustring.cpp:
+ (UString::toUInt32):
+ * kjs/ustring.h:
+
+2002-11-23 Maciej Stachowiak <mjs at apple.com>
+
Numerous collector changes for a net gain of 3% on JS ibench:
- Replaced per-block bitmap with free list.
diff --git a/JavaScriptCore/kjs/array_instance.h b/JavaScriptCore/kjs/array_instance.h
index 860065f..d2b06a9 100644
--- a/JavaScriptCore/kjs/array_instance.h
+++ b/JavaScriptCore/kjs/array_instance.h
@@ -52,10 +52,12 @@ namespace KJS {
void sort(ExecState *exec, Object &compareFunction);
private:
- void setLength(unsigned newLength);
+ void setLength(unsigned newLength, ExecState *exec);
- unsigned pushUndefinedObjectsToEnd();
+ unsigned pushUndefinedObjectsToEnd(ExecState *exec);
+ void resizeStorage(unsigned);
+
unsigned length;
unsigned storageLength;
unsigned capacity;
diff --git a/JavaScriptCore/kjs/array_object.cpp b/JavaScriptCore/kjs/array_object.cpp
index 914e36f..f264f10 100644
--- a/JavaScriptCore/kjs/array_object.cpp
+++ b/JavaScriptCore/kjs/array_object.cpp
@@ -104,7 +104,7 @@ Value ArrayInstanceImp::get(ExecState *exec, unsigned index) const
void ArrayInstanceImp::put(ExecState *exec, const Identifier &propertyName, const Value &value, int attr)
{
if (propertyName == lengthPropertyName) {
- setLength(value.toUInt32(exec));
+ setLength(value.toUInt32(exec), exec);
return;
}
@@ -112,7 +112,7 @@ void ArrayInstanceImp::put(ExecState *exec, const Identifier &propertyName, cons
unsigned index = propertyName.toULong(&ok);
if (ok) {
if (length <= index)
- setLength(index + 1);
+ setLength(index + 1, exec);
if (index < storageLength) {
storage[index] = value.imp();
return;
@@ -125,7 +125,7 @@ void ArrayInstanceImp::put(ExecState *exec, const Identifier &propertyName, cons
void ArrayInstanceImp::put(ExecState *exec, unsigned index, const Value &value, int attr)
{
if (length <= index)
- setLength(index + 1);
+ setLength(index + 1, exec);
if (index < storageLength) {
storage[index] = value.imp();
return;
@@ -171,7 +171,7 @@ bool ArrayInstanceImp::deleteProperty(ExecState *exec, const Identifier &propert
return false;
bool ok;
- unsigned index = propertyName.toULong(&ok);
+ uint32_t index = propertyName.toUInt32(&ok);
if (ok) {
if (index >= length)
return true;
@@ -196,9 +196,8 @@ bool ArrayInstanceImp::deleteProperty(ExecState *exec, unsigned index)
return ObjectImp::deleteProperty(exec, Identifier::from(index));
}
-void ArrayInstanceImp::setLength(unsigned newLength)
+void ArrayInstanceImp::resizeStorage(unsigned newLength)
{
- if (newLength <= sparseArrayCutoff || newLength == length + 1) {
if (newLength < storageLength) {
memset(storage + newLength, 0, sizeof(ValueImp *) * (storageLength - newLength));
}
@@ -209,10 +208,28 @@ void ArrayInstanceImp::setLength(unsigned newLength)
capacity = newCapacity;
}
storageLength = newLength;
+}
+
+void ArrayInstanceImp::setLength(unsigned newLength, ExecState *exec)
+{
+ if (newLength <= MAX(sparseArrayCutoff,storageLength) || newLength == length + 1) {
+ resizeStorage(newLength);
+ }
+
+ if (newLength < length) {
+ ReferenceList sparseProperties;
+
+ _prop.addSparseArrayPropertiesToReferenceList(sparseProperties, Object(this));
+
+ ReferenceListIterator it = sparseProperties.begin();
+ while (it != sparseProperties.end()) {
+ Reference ref = it++;
+ bool ok;
+ if (ref.getPropertyName(exec).toULong(&ok) > newLength) {
+ ref.deleteValue(exec);
+ }
+ }
}
-
- // FIXME: Need to remove items from the property map when making a sparse
- // list shorter.
length = newLength;
}
@@ -238,7 +255,7 @@ static int compareByStringForQSort(const void *a, const void *b)
void ArrayInstanceImp::sort(ExecState *exec)
{
- int lengthNotIncludingUndefined = pushUndefinedObjectsToEnd();
+ int lengthNotIncludingUndefined = pushUndefinedObjectsToEnd(exec);
execForCompareByStringForQSort = exec;
qsort(storage, lengthNotIncludingUndefined, sizeof(ValueImp *), compareByStringForQSort);
@@ -276,7 +293,7 @@ static int compareWithCompareFunctionForQSort(const void *a, const void *b)
void ArrayInstanceImp::sort(ExecState *exec, Object &compareFunction)
{
- int lengthNotIncludingUndefined = pushUndefinedObjectsToEnd();
+ int lengthNotIncludingUndefined = pushUndefinedObjectsToEnd(exec);
CompareWithCompareFunctionArguments args(exec, compareFunction.imp());
compareWithCompareFunctionArguments = &args;
@@ -284,7 +301,7 @@ void ArrayInstanceImp::sort(ExecState *exec, Object &compareFunction)
compareWithCompareFunctionArguments = 0;
}
-unsigned ArrayInstanceImp::pushUndefinedObjectsToEnd()
+unsigned ArrayInstanceImp::pushUndefinedObjectsToEnd(ExecState *exec)
{
ValueImp *undefined = UndefinedImp::staticUndefined;
@@ -299,9 +316,23 @@ unsigned ArrayInstanceImp::pushUndefinedObjectsToEnd()
}
}
- // FIXME: Get sparse items down here.
+ ReferenceList sparseProperties;
+ _prop.addSparseArrayPropertiesToReferenceList(sparseProperties, Object(this));
+ unsigned newLength = o + sparseProperties.length();
+
+ if (newLength > storageLength) {
+ resizeStorage(newLength);
+ }
+
+ ReferenceListIterator it = sparseProperties.begin();
+ while (it != sparseProperties.end()) {
+ Reference ref = it++;
+ storage[o] = ref.getValue(exec).imp();
+ ObjectImp::deleteProperty(exec, ref.getPropertyName(exec));
+ o++;
+ }
- if (o != storageLength)
+ if (newLength != storageLength)
memset(storage + o, 0, sizeof(ValueImp *) * (storageLength - o));
return o;
diff --git a/JavaScriptCore/kjs/identifier.h b/JavaScriptCore/kjs/identifier.h
index 2ff5ff6..e60f3d4 100644
--- a/JavaScriptCore/kjs/identifier.h
+++ b/JavaScriptCore/kjs/identifier.h
@@ -49,6 +49,7 @@ namespace KJS {
bool isEmpty() const { return _ustring.isEmpty(); }
unsigned long toULong(bool *ok) const { return _ustring.toULong(ok); }
+ uint32_t toUInt32(bool *ok) const { return _ustring.toUInt32(ok); }
double toDouble() const { return _ustring.toDouble(); }
static Identifier null;
diff --git a/JavaScriptCore/kjs/object.h b/JavaScriptCore/kjs/object.h
index 69d78d0..f1fad48 100644
--- a/JavaScriptCore/kjs/object.h
+++ b/JavaScriptCore/kjs/object.h
@@ -597,9 +597,10 @@ namespace KJS {
void saveProperties(SavedProperties &p) const { _prop.save(p); }
void restoreProperties(const SavedProperties &p) { _prop.restore(p); }
+ protected:
+ PropertyMap _prop;
private:
const HashEntry* findPropertyHashEntry( const Identifier& propertyName ) const;
- PropertyMap _prop;
ValueImp *_proto;
ValueImp *_internalValue;
NoRefScopeChain _scope;
diff --git a/JavaScriptCore/kjs/property_map.cpp b/JavaScriptCore/kjs/property_map.cpp
index 59bd9ee..093c72e 100644
--- a/JavaScriptCore/kjs/property_map.cpp
+++ b/JavaScriptCore/kjs/property_map.cpp
@@ -369,6 +369,36 @@ void PropertyMap::addEnumerablesToReferenceList(ReferenceList &list, const Objec
}
}
+void PropertyMap::addSparseArrayPropertiesToReferenceList(ReferenceList &list, const Object &base) const
+{
+#if USE_SINGLE_ENTRY
+ UString::Rep *key = _singleEntry.key;
+ if (key) {
+ UString k(key);
+ bool fitsInUInt32;
+ k.toUInt32(&fitsInUInt32);
+ if (fitsInUInt32) {
+ list.append(Reference(base, Identifier(key)));
+ }
+ }
+#endif
+ if (!_table) {
+ return;
+ }
+
+ for (int i = 0; i != _table->size; ++i) {
+ UString::Rep *key = _table->entries[i].key;
+ if (key) {
+ UString k(key);
+ bool fitsInUInt32;
+ k.toUInt32(&fitsInUInt32);
+ if (fitsInUInt32) {
+ list.append(Reference(base, Identifier(key)));
+ }
+ }
+ }
+}
+
void PropertyMap::save(SavedProperties &p) const
{
int count = 0;
diff --git a/JavaScriptCore/kjs/property_map.h b/JavaScriptCore/kjs/property_map.h
index 697312c..7ed3cf0 100644
--- a/JavaScriptCore/kjs/property_map.h
+++ b/JavaScriptCore/kjs/property_map.h
@@ -71,6 +71,7 @@ namespace KJS {
void mark() const;
void addEnumerablesToReferenceList(ReferenceList &, const Object &) const;
+ void addSparseArrayPropertiesToReferenceList(ReferenceList &, const Object &) const;
void save(SavedProperties &) const;
void restore(const SavedProperties &p);
diff --git a/JavaScriptCore/kjs/reference_list.cpp b/JavaScriptCore/kjs/reference_list.cpp
index 655644a..3b956c3 100644
--- a/JavaScriptCore/kjs/reference_list.cpp
+++ b/JavaScriptCore/kjs/reference_list.cpp
@@ -41,6 +41,7 @@ namespace KJS {
ReferenceListHeadNode(const Reference &ref) : ReferenceListNode(ref), refcount(1) {}
int refcount;
+ int length;
};
}
@@ -92,6 +93,12 @@ void ReferenceList::append(const Reference& ref)
tail->next = new ReferenceListNode(ref);
tail = tail->next;
}
+ head->length++;
+}
+
+int ReferenceList::length()
+{
+ return head ? head->length : 0;
}
ReferenceList::~ReferenceList()
diff --git a/JavaScriptCore/kjs/reference_list.h b/JavaScriptCore/kjs/reference_list.h
index 09e11d9..340f3d2 100644
--- a/JavaScriptCore/kjs/reference_list.h
+++ b/JavaScriptCore/kjs/reference_list.h
@@ -53,7 +53,8 @@ namespace KJS {
~ReferenceList();
void append(const Reference& val);
-
+ int length();
+
ReferenceListIterator begin() const;
ReferenceListIterator end() const;
diff --git a/JavaScriptCore/kjs/ustring.cpp b/JavaScriptCore/kjs/ustring.cpp
index 46d5f82..a3cea72 100644
--- a/JavaScriptCore/kjs/ustring.cpp
+++ b/JavaScriptCore/kjs/ustring.cpp
@@ -551,6 +551,22 @@ unsigned long UString::toULong(bool *ok) const
return static_cast<unsigned long>(d);
}
+uint32_t UString::toUInt32(bool *ok) const
+{
+ double d = toDouble();
+ bool b = true;
+
+ if (isNaN(d) || d != static_cast<uint32_t>(d)) {
+ b = false;
+ d = 0;
+ }
+
+ if (ok)
+ *ok = b;
+
+ return static_cast<uint32_t>(d);
+}
+
int UString::find(const UString &f, int pos) const
{
int sz = size();
diff --git a/JavaScriptCore/kjs/ustring.h b/JavaScriptCore/kjs/ustring.h
index f33ac11..f1913d4 100644
--- a/JavaScriptCore/kjs/ustring.h
+++ b/JavaScriptCore/kjs/ustring.h
@@ -32,6 +32,8 @@ typedef unsigned long ulong;
#endif
#endif
+#include <stdint.h>
+
/**
* @internal
*/
@@ -383,6 +385,9 @@ namespace KJS {
* according to the success.
*/
unsigned long toULong(bool *ok = 0L) const;
+
+ uint32_t toUInt32(bool *ok = 0L) const;
+
/**
* @return Position of first occurence of f starting at position pos.
* -1 if the search was not successful.
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list