Bug 236894 - Explain visit children and opaque roots in Introduction.md
Summary: Explain visit children and opaque roots in Introduction.md
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Ryosuke Niwa
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2022-02-19 14:17 PST by Ryosuke Niwa
Modified: 2022-02-24 14:35 PST (History)
8 users (show)

See Also:


Attachments
Patch (18.75 KB, patch)
2022-02-19 14:18 PST, Ryosuke Niwa
no flags Details | Formatted Diff | Diff
Addresed review comments (19.12 KB, patch)
2022-02-24 12:28 PST, Ryosuke Niwa
ews-feeder: commit-queue-
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Ryosuke Niwa 2022-02-19 14:17:11 PST
Add descriptions for these.
Comment 1 Ryosuke Niwa 2022-02-19 14:18:23 PST
Created attachment 452655 [details]
Patch
Comment 2 Alexey Shvayka 2022-02-19 14:27:30 PST
Comment on attachment 452655 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=452655&action=review

Wow, this is so useful, thank you for the write-up!

> Introduction.md:731
> +[WebCore](https://github.com/WebKit/WebKit/tree/main/Source/WebCore) contains hundreds of [Web IDL](https://heycam.github.io/webidl/) (.idl) files.

nit: Web IDL spec was moved to more canonical URL: https://webidl.spec.whatwg.org
Comment 3 Ryosuke Niwa 2022-02-19 17:08:33 PST
Comment on attachment 452655 [details]
Patch

There is a zero chance this patch would have caused the reported test failures.
Comment 4 Saam Barati 2022-02-21 09:43:44 PST
Comment on attachment 452655 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=452655&action=review

> Introduction.md:807
> +*Visit Children* is useful when a JS wrapper needs to keep another JS wrapper or JS object alive.

I'd say something like:
Visit Children is the mechanism we use when a JS Wrapper needs to keep another JS wrapper or JS cell alive.

Particularly, using "useful" doesn't quite capture the necessity.

> Introduction.md:846
> +Note that [JSValueInWrappedObject](https://github.com/WebKit/WebKit/blob/main/Source/WebCore/bindings/js/JSValueInWrappedObject.h)
> +is a weak reference to an JS object.
> +We can't use a strong reference here since the stored JS object may also have a reference back to this object,
> +and such a back reference would also strongly keep this `ErrorEvent` object alive.
> +Because the garbage collector has no way of knowing or clearing such a strong reference in this hypothetical version of `ErrorEvent`,
> +it would never be able to collect either object, resulting in memory leak.

I think we need to come up with different terminology when speaking of GC references. Notably, really aren't using a weak reference here, since we're visiting it (and presumably we're also emitting a write barrier when storing to it).

So, saying this is Weak is wrong. I'm not sure what the exact terminology we should use is, but I don't think the language here is right. Maybe we can do something like:
- "Weak reference". Actual weak reference. We make no attempts to keep this reference alive. (Notably, not the "m_error" field above, since we visit it.)
- "GC reference". We keep the thing pointed to alive as long as the thing pointing to it is alive. If X points to Y, and X is alive, then Y must also be alive. (I think a lot of literature might actually use the terminology "Strong" to refer to this kind of reference.)
- "Root reference" or "Strong" reference. This means that we keep the thing being pointed to alive as long as the C++ reference is alive. JSC implements this via the "Strong<T>" class. This is a "Root" in the classical GC sense.

We should probably define what we mean in this document before using the terminology.

> Introduction.md:859
> +*Reachable from Opaque Roots* is useful when we have an underlying C++ object and want to keep JS wrappers of other C++ objects alive.

nit: again, I'd find a different way of saying this than "useful". Maybe just "... is used when we have..."

> Introduction.md:874
> +*Opaque roots* avoid these problems by letting the garbage collector know that a particular JavaScript wrapper needs to be kept alive

nit: "avoid these problems" => "allows us to solve these problems"?

> Introduction.md:929
> + 1. Add opque roots in `visitAdditionalChildren`.

opque => opaque

> Introduction.md:996
> +Similar to visiting children or adding opaque roots,

nit: this sentence is kinda confusing with starting with how they're similar and ending the sentence with how they're different. I think I'd just call out the differences. Or perhaps break it up into two sentences?

> Introduction.md:997
> +**an opaque root is reachable or not is checked in parallel** but **while the main is paused**

an => whether an
main is => main thread is
Comment 5 Ryosuke Niwa 2022-02-24 12:26:28 PST
(In reply to Saam Barati from comment #4)
> Comment on attachment 452655 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=452655&action=review
> 
> > Introduction.md:807
> > +*Visit Children* is useful when a JS wrapper needs to keep another JS wrapper or JS object alive.
> 
> I'd say something like:
> Visit Children is the mechanism we use when a JS Wrapper needs to keep
> another JS wrapper or JS cell alive.
> 
> Particularly, using "useful" doesn't quite capture the necessity.

Sure, I'm gonna stick to "JS object" here though since most people working on WebCore aren't (and they don't need to be) familiar with the notion of a cell.

> > Introduction.md:846
> > +Note that [JSValueInWrappedObject](https://github.com/WebKit/WebKit/blob/main/Source/WebCore/bindings/js/JSValueInWrappedObject.h)
> > +is a weak reference to an JS object.
> > +We can't use a strong reference here since the stored JS object may also have a reference back to this object,
> > +and such a back reference would also strongly keep this `ErrorEvent` object alive.
> > +Because the garbage collector has no way of knowing or clearing such a strong reference in this hypothetical version of `ErrorEvent`,
> > +it would never be able to collect either object, resulting in memory leak.
> 
> I think we need to come up with different terminology when speaking of GC
> references. Notably, really aren't using a weak reference here, since we're
> visiting it (and presumably we're also emitting a write barrier when storing
> to it).
> 
> So, saying this is Weak is wrong. I'm not sure what the exact terminology we
> should use is, but I don't think the language here is right. Maybe we can do
> something like:
> - "Weak reference". Actual weak reference. We make no attempts to keep this
> reference alive. (Notably, not the "m_error" field above, since we visit it.)
> - "GC reference". We keep the thing pointed to alive as long as the thing
> pointing to it is alive. If X points to Y, and X is alive, then Y must also
> be alive. (I think a lot of literature might actually use the terminology
> "Strong" to refer to this kind of reference.)
> - "Root reference" or "Strong" reference. This means that we keep the thing
> being pointed to alive as long as the C++ reference is alive. JSC implements
> this via the "Strong<T>" class. This is a "Root" in the classical GC sense.

That's an interesting point. I guess there is a reference that's weak in its conceptual level vs. what's mechanically Weak vs. Strong.

I've rephrased as follows:
Note that [`JSValueInWrappedObject`](https://github.com/WebKit/WebKit/blob/main/Source/WebCore/bindings/js/JSValueInWrappedObject.h)
uses [`Weak`](https://github.com/WebKit/WebKit/blob/main/Source/JavaScriptCore/heap/Weak.h),
which does not keep the referenced object alive on its own.
We can't use a reference type such as [`Strong`](https://github.com/WebKit/WebKit/blob/main/Source/JavaScriptCore/heap/Strong.h)
which keeps the referenced object alive on its own since the stored JS object may also have this `ErrorEvent` object stored as its property.
Because the garbage collector has no way of knowing or clearing the `Strong` reference
or the property to `ErrorEvent` in this hypothetical version of `ErrorEvent`,
it would never be able to collect either object, resulting in a memory leak.

> > Introduction.md:859
> > +*Reachable from Opaque Roots* is useful when we have an underlying C++ object and want to keep JS wrappers of other C++ objects alive.
> 
> nit: again, I'd find a different way of saying this than "useful". Maybe
> just "... is used when we have..."

Sure, fixed.

> > Introduction.md:874
> > +*Opaque roots* avoid these problems by letting the garbage collector know that a particular JavaScript wrapper needs to be kept alive
> 
> nit: "avoid these problems" => "allows us to solve these problems"?

I'd just say "*Opaque roots* solves these problems by"

> > Introduction.md:929
> > + 1. Add opque roots in `visitAdditionalChildren`.
> 
> opque => opaque

Fixed.

> > Introduction.md:996
> > +Similar to visiting children or adding opaque roots,
> 
> nit: this sentence is kinda confusing with starting with how they're similar
> and ending the sentence with how they're different. I think I'd just call
> out the differences. Or perhaps break it up into two sentences?

Okay, split into two sentences:

Similar to visiting children or adding opaque roots, **an opaque root is reachable or not is checked in parallel**.
However, it happens **while the main is paused** unlike visiting children or adding opaque roots,
which happen concurrently while the main thread is running.

> > Introduction.md:997
> > +**an opaque root is reachable or not is checked in parallel** but **while the main is paused**
> 
> an => whether an
> main is => main thread is

Fixed.
Comment 6 Ryosuke Niwa 2022-02-24 12:28:15 PST
Created attachment 453126 [details]
Addresed review comments
Comment 7 Saam Barati 2022-02-24 12:46:54 PST
Comment on attachment 453126 [details]
Addresed review comments

r=me
Comment 8 EWS 2022-02-24 14:33:49 PST
Committed r290463 (247762@main): <https://commits.webkit.org/247762@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 453126 [details].
Comment 9 Radar WebKit Bug Importer 2022-02-24 14:34:23 PST
<rdar://problem/89439787>