Title: [207199] branches/safari-602-branch/Source/bmalloc
- Revision
- 207199
- Author
- matthew_han...@apple.com
- Date
- 2016-10-12 01:41:08 -0700 (Wed, 12 Oct 2016)
Log Message
Merge r204091. rdar://problem/28476960
Modified Paths
Diff
Modified: branches/safari-602-branch/Source/bmalloc/ChangeLog (207198 => 207199)
--- branches/safari-602-branch/Source/bmalloc/ChangeLog 2016-10-12 08:41:06 UTC (rev 207198)
+++ branches/safari-602-branch/Source/bmalloc/ChangeLog 2016-10-12 08:41:08 UTC (rev 207199)
@@ -1,3 +1,35 @@
+2016-10-12 Matthew Hanson <matthew_han...@apple.com>
+
+ Merge r204091. rdar://problem/28476960
+
+ 2016-08-03 Geoffrey Garen <gga...@apple.com>
+
+ [bmalloc] Merging of XLargeRanges can leak the upper range
+ https://bugs.webkit.org/show_bug.cgi?id=160403
+
+ Reviewed by Michael Saboff.
+
+ * bmalloc/Heap.cpp:
+ (bmalloc::Heap::scavengeLargeObjects): Don't use removePhysical().
+ Recorded physical size is a performance optimization. It is not the
+ truth. So it might be zero even if a range contains physical pages.
+
+ Instead, iterate each range in the map unconditionally.
+
+ The map can shrink when we release the lock, so we must clamp our
+ iterator each time through the loop.
+
+ The map can grow when we release the lock, but we don't care because
+ growth restarts the scavenger from the beginning.
+
+ * bmalloc/XLargeMap.cpp:
+ (bmalloc::XLargeMap::removePhysical): Deleted. Not used anymore.
+
+ * bmalloc/XLargeMap.h:
+ (bmalloc::XLargeMap::ranges): Added direct access for the sake of
+ scavengeLargeObjects. (This violates our naming conventions -- I'll do
+ a rename in a follow-up patch.)
+
2016-07-13 Enrica Casucci <enr...@apple.com>
Update supported platforms in xcconfig files to match the sdk names.
Modified: branches/safari-602-branch/Source/bmalloc/bmalloc/Heap.cpp (207198 => 207199)
--- branches/safari-602-branch/Source/bmalloc/bmalloc/Heap.cpp 2016-10-12 08:41:06 UTC (rev 207198)
+++ branches/safari-602-branch/Source/bmalloc/bmalloc/Heap.cpp 2016-10-12 08:41:08 UTC (rev 207199)
@@ -131,13 +131,16 @@
void Heap::scavengeLargeObjects(std::unique_lock<StaticMutex>& lock, std::chrono::milliseconds sleepDuration)
{
- while (XLargeRange range = m_largeFree.removePhysical()) {
+ auto& ranges = m_largeFree.ranges();
+ for (size_t i = ranges.size(); i-- > 0; i = std::min(i, ranges.size())) {
+ auto range = ranges.pop(i);
+
lock.unlock();
vmDeallocatePhysicalPagesSloppy(range.begin(), range.size());
lock.lock();
-
+
range.setPhysicalSize(0);
- m_largeFree.add(range);
+ ranges.push(range);
waitUntilFalse(lock, sleepDuration, m_isAllocatingPages);
}
Modified: branches/safari-602-branch/Source/bmalloc/bmalloc/XLargeMap.cpp (207198 => 207199)
--- branches/safari-602-branch/Source/bmalloc/bmalloc/XLargeMap.cpp 2016-10-12 08:41:06 UTC (rev 207198)
+++ branches/safari-602-branch/Source/bmalloc/bmalloc/XLargeMap.cpp 2016-10-12 08:41:08 UTC (rev 207199)
@@ -76,16 +76,4 @@
m_free.push(merged);
}
-XLargeRange XLargeMap::removePhysical()
-{
- auto it = std::find_if(m_free.begin(), m_free.end(), [](const XLargeRange& range) {
- return range.physicalSize();
- });
-
- if (it == m_free.end())
- return XLargeRange();
-
- return m_free.pop(it);
-}
-
} // namespace bmalloc
Modified: branches/safari-602-branch/Source/bmalloc/bmalloc/XLargeMap.h (207198 => 207199)
--- branches/safari-602-branch/Source/bmalloc/bmalloc/XLargeMap.h 2016-10-12 08:41:06 UTC (rev 207198)
+++ branches/safari-602-branch/Source/bmalloc/bmalloc/XLargeMap.h 2016-10-12 08:41:08 UTC (rev 207199)
@@ -36,7 +36,7 @@
public:
void add(const XLargeRange&);
XLargeRange remove(size_t alignment, size_t);
- XLargeRange removePhysical();
+ Vector<XLargeRange>& ranges() { return m_free; }
private:
Vector<XLargeRange> m_free;
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes