Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: d9c39159eafe3a8353b8c3a03234905d9bb7ed1d
https://github.com/WebKit/WebKit/commit/d9c39159eafe3a8353b8c3a03234905d9bb7ed1d
Author: Mark Lam <[email protected]>
Date: 2025-01-03 (Fri, 03 Jan 2025)
Changed paths:
M Source/JavaScriptCore/Sources.txt
M Source/JavaScriptCore/assembler/AbstractMacroAssembler.h
M Source/JavaScriptCore/assembler/MacroAssembler.cpp
M Source/JavaScriptCore/assembler/MacroAssembler.h
M Source/JavaScriptCore/assembler/MacroAssemblerARM64.h
M Source/JavaScriptCore/assembler/MacroAssemblerARM64E.h
M Source/JavaScriptCore/assembler/MacroAssemblerX86_64.h
M Source/JavaScriptCore/assembler/ProbeContext.cpp
M Source/JavaScriptCore/assembler/ProbeContext.h
M Source/JavaScriptCore/b3/air/AirLiveness.h
M Source/JavaScriptCore/b3/air/AirLivenessAdapter.h
R Source/JavaScriptCore/b3/air/AirTZoneImpls.cpp
M Source/JavaScriptCore/bytecode/BytecodeBasicBlock.h
M Source/JavaScriptCore/bytecode/CodeOrigin.cpp
M Source/JavaScriptCore/bytecode/ExecutionCounter.cpp
M Source/JavaScriptCore/bytecode/ExecutionCounter.h
M Source/JavaScriptCore/bytecode/LazyValueProfile.cpp
M Source/JavaScriptCore/bytecode/UnlinkedFunctionExecutable.cpp
M Source/JavaScriptCore/dfg/DFGAbstractInterpreter.h
M Source/JavaScriptCore/dfg/DFGBlockMap.h
M Source/JavaScriptCore/dfg/DFGCSEPhase.cpp
M Source/JavaScriptCore/dfg/DFGCombinedLiveness.cpp
M Source/JavaScriptCore/dfg/DFGDominators.h
M Source/JavaScriptCore/dfg/DFGFlowMap.h
M Source/JavaScriptCore/dfg/DFGNaturalLoops.h
M Source/JavaScriptCore/dfg/DFGTZoneImpls.cpp
M Source/JavaScriptCore/disassembler/ARM64/A64DOpcode.cpp
M Source/JavaScriptCore/heap/AbstractSlotVisitor.h
M Source/JavaScriptCore/heap/BlockDirectoryBits.h
M Source/JavaScriptCore/heap/GCSegmentedArray.cpp
M Source/JavaScriptCore/heap/GCSegmentedArray.h
M Source/JavaScriptCore/heap/VerifierSlotVisitor.cpp
M Source/JavaScriptCore/inspector/agents/InspectorDebuggerAgent.cpp
M
Source/JavaScriptCore/inspector/remote/socket/RemoteInspectorSocketEndpoint.cpp
M Source/JavaScriptCore/interpreter/Interpreter.h
M Source/JavaScriptCore/interpreter/Register.h
M Source/JavaScriptCore/jit/AssemblyHelpers.cpp
M Source/JavaScriptCore/jit/AssemblyHelpers.h
M Source/JavaScriptCore/jit/ExecutableAllocator.cpp
M Source/JavaScriptCore/jit/ExecutableAllocator.h
M Source/JavaScriptCore/jit/JIT.cpp
M Source/JavaScriptCore/jit/JIT.h
M Source/JavaScriptCore/jit/JITMathIC.h
M Source/JavaScriptCore/jit/JITTZoneImpls.cpp
M Source/JavaScriptCore/jit/JSInterfaceJIT.h
M Source/JavaScriptCore/jit/PCToCodeOriginMap.h
M Source/JavaScriptCore/jit/SpecializedThunkJIT.h
M Source/JavaScriptCore/parser/Lexer.cpp
M Source/JavaScriptCore/parser/Lexer.h
M Source/JavaScriptCore/parser/Parser.h
M Source/JavaScriptCore/parser/VariableEnvironment.cpp
M Source/JavaScriptCore/runtime/ArrayBuffer.h
M Source/JavaScriptCore/runtime/DeferredWorkTimer.cpp
M Source/JavaScriptCore/runtime/GenericOffset.h
M Source/JavaScriptCore/runtime/InitializeThreading.cpp
M Source/JavaScriptCore/runtime/JSDateMath.h
M Source/JavaScriptCore/runtime/JSRunLoopTimer.cpp
M Source/JavaScriptCore/runtime/ObjectPropertyChangeAdaptiveWatchpoint.h
M Source/JavaScriptCore/runtime/Options.cpp
M Source/JavaScriptCore/runtime/RuntimeTZoneImpls.cpp
M Source/JavaScriptCore/runtime/WeakGCSet.h
M Source/JavaScriptCore/runtime/WriteBarrier.h
M Source/JavaScriptCore/tools/JSDollarVM.cpp
M Source/JavaScriptCore/wasm/WasmFunctionParser.h
M Source/JavaScriptCore/wasm/WasmMemory.cpp
M Source/JavaScriptCore/wasm/WasmOMGIRGenerator.cpp
M Source/JavaScriptCore/wasm/WasmOMGIRGenerator32_64.cpp
M Source/WTF/wtf/FastMalloc.h
M Source/WTF/wtf/IsoMallocInlines.h
M Source/WTF/wtf/TZoneMalloc.h
M Source/WTF/wtf/TZoneMallocInlines.h
M Source/WTF/wtf/Threading.cpp
M Source/WebCore/Headers.cmake
M Source/WebCore/Modules/fetch/FetchBodyOwner.cpp
M Source/WebCore/Modules/fetch/FetchResponse.cpp
M Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabaseManager.h
M Source/WebCore/Modules/mediastream/MediaStreamTrackProcessor.cpp
M Source/WebCore/Modules/webaudio/AudioParamTimeline.cpp
M Source/WebCore/Modules/websockets/WorkerThreadableWebSocketChannel.cpp
M Source/WebCore/PAL/pal/system/Clock.h
M Source/WebCore/Sources.txt
M Source/WebCore/WebCore.xcodeproj/project.pbxproj
M Source/WebCore/accessibility/AXTreeStore.h
M Source/WebCore/bindings/js/BindingsJSTZoneImpls.cpp
M Source/WebCore/bindings/js/DOMPromiseProxy.h
R Source/WebCore/bridge/Bridge.h
M Source/WebCore/bridge/jsc/BridgeJSC.cpp
M Source/WebCore/bridge/jsc/BridgeJSC.h
M Source/WebCore/css/CSSGroupingRule.cpp
M Source/WebCore/css/CSSKeyframesRule.cpp
M Source/WebCore/css/CSSRuleList.h
M Source/WebCore/css/CSSStyleRule.cpp
M Source/WebCore/css/FontFace.cpp
A Source/WebCore/dom/DOMTZoneImpls.cpp
M Source/WebCore/dom/Document.cpp
M Source/WebCore/dom/EventSender.h
M Source/WebCore/dom/LiveNodeList.h
M Source/WebCore/dom/ScriptExecutionContext.cpp
M Source/WebCore/dom/SlotAssignment.cpp
M Source/WebCore/dom/WritingSuggestionData.h
M Source/WebCore/editing/SelectionGeometryGatherer.cpp
M Source/WebCore/html/CachedHTMLCollection.h
M Source/WebCore/html/FormController.cpp
M Source/WebCore/html/FormListedElement.cpp
M Source/WebCore/html/GenericCachedHTMLCollection.cpp
M Source/WebCore/html/GenericCachedHTMLCollection.h
M Source/WebCore/html/HTMLCollection.cpp
M Source/WebCore/html/HTMLCollection.h
M Source/WebCore/html/HTMLInputElement.cpp
M Source/WebCore/html/HTMLLinkElement.cpp
M Source/WebCore/html/HTMLMediaElement.cpp
M Source/WebCore/html/HTMLNameCollection.h
M Source/WebCore/html/ImageBitmap.cpp
M Source/WebCore/html/MediaElementSession.cpp
M Source/WebCore/html/StepRange.cpp
M Source/WebCore/html/canvas/GPUBasedCanvasRenderingContext.h
M Source/WebCore/html/parser/HTMLElementStack.cpp
M Source/WebCore/inspector/CommandLineAPIHost.cpp
M Source/WebCore/inspector/InspectorFrontendClientLocal.cpp
M Source/WebCore/inspector/InspectorHistory.cpp
M Source/WebCore/inspector/InspectorStyleSheet.cpp
M Source/WebCore/inspector/NetworkResourcesData.cpp
M Source/WebCore/inspector/agents/InspectorDOMAgent.cpp
M Source/WebCore/inspector/agents/InspectorNetworkAgent.cpp
M Source/WebCore/inspector/agents/WebHeapAgent.cpp
M Source/WebCore/layout/layouttree/LayoutBox.cpp
M Source/WebCore/loader/EmptyClients.cpp
M Source/WebCore/page/ElementTargetingController.cpp
M Source/WebCore/page/writing-tools/WritingToolsController.mm
M Source/WebCore/platform/OrientationNotifier.h
M Source/WebCore/platform/PODIntervalTree.h
M Source/WebCore/platform/PODRedBlackTree.h
A Source/WebCore/platform/PlatformTZoneImpls.cpp
M Source/WebCore/platform/ScrollView.cpp
A Source/WebCore/platform/WebCoreHeapSupport.cpp
A Source/WebCore/platform/WebCoreHeapSupport.h
M Source/WebCore/platform/audio/AudioArray.h
M Source/WebCore/platform/audio/cocoa/AudioDecoderCocoa.cpp
M Source/WebCore/platform/audio/cocoa/AudioFileReaderCocoa.cpp
M Source/WebCore/platform/graphics/FloatPolygon.cpp
M Source/WebCore/platform/graphics/FloatRoundedRect.cpp
M Source/WebCore/platform/graphics/GlyphMetricsMap.h
A Source/WebCore/platform/graphics/GraphicsTZoneImpls.cpp
M Source/WebCore/platform/graphics/Region.cpp
M Source/WebCore/platform/graphics/TiledBacking.h
M Source/WebCore/platform/graphics/cocoa/SourceBufferParserWebM.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/AppendPipeline.cpp
M Source/WebCore/platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp
M Source/WebCore/platform/gstreamer/GStreamerElementHarness.cpp
M Source/WebCore/platform/ios/wak/WebCoreThread.mm
M Source/WebCore/platform/mediastream/cocoa/DisplayCaptureSourceCocoa.cpp
M Source/WebCore/rendering/FloatingObjects.cpp
M Source/WebCore/rendering/RenderFragmentedFlow.cpp
M Source/WebCore/rendering/RenderObject.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderBlock.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderBlockFlow.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderContinuation.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderFirstLetter.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderFormControls.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderInline.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderList.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderMathML.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderMultiColumn.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderRuby.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderSVG.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderTable.cpp
M Source/WebCore/rendering/updating/RenderTreeUpdaterGeneratedContent.cpp
M Source/WebCore/rendering/updating/RenderTreeUpdaterViewTransition.cpp
M Source/WebCore/svg/SVGElementRareData.h
M Source/WebCore/svg/SVGPathBlender.cpp
M Source/WebCore/svg/SVGPathBlender.h
M Source/WebCore/svg/SVGPathByteStream.h
M Source/WebCore/svg/SVGPathConsumer.h
M Source/WebCore/svg/SVGPathSource.h
A Source/WebCore/svg/SVGTZoneImpls.cpp
M Source/WebCore/svg/SVGURIReference.h
M Source/WebCore/svg/graphics/SVGImageClients.h
M Source/WebCore/svg/properties/SVGAnimatedPropertyAnimator.h
M Source/WebCore/svg/properties/SVGAnimatedPropertyAnimatorImpl.h
M Source/WebCore/svg/properties/SVGAnimatedPropertyPairAnimator.h
M Source/WebCore/svg/properties/SVGAnimatedPropertyPairAnimatorImpl.h
M Source/WebCore/svg/properties/SVGDecoratedPrimitive.h
M Source/WebCore/svg/properties/SVGDecoratedProperty.h
M Source/WebCore/svg/properties/SVGMemberAccessor.h
M Source/WebCore/svg/properties/SVGPrimitivePropertyAnimator.h
M Source/WebCore/svg/properties/SVGPropertyAnimator.h
M Source/WebCore/svg/properties/SVGPropertyAnimatorFactory.h
M Source/WebCore/svg/properties/SVGPropertyOwnerRegistry.h
M Source/WebCore/svg/properties/SVGValuePropertyAnimator.h
M Source/WebCore/svg/properties/SVGValuePropertyAnimatorImpl.h
M Source/WebCore/svg/properties/SVGValuePropertyListAnimator.h
M Source/WebCore/workers/WorkerRunLoop.cpp
M Source/WebCore/workers/service/background-fetch/BackgroundFetch.cpp
M Source/WebCore/workers/service/context/SWContextManager.cpp
M Source/WebCore/workers/service/server/SWServer.cpp
M Source/WebCore/workers/shared/context/SharedWorkerContextManager.cpp
M Source/WebCore/xml/XPathStep.cpp
M Source/WebGPU/WGSL/WGSLShaderModule.cpp
M Source/WebGPU/WGSL/WGSLShaderModule.h
M Source/WebKit/GPUProcess/media/RemoteMediaRecorderPrivateWriterManager.cpp
M Source/WebKit/NetworkProcess/NetworkLoadScheduler.cpp
M Source/WebKit/NetworkProcess/NetworkSession.cpp
M Source/WebKit/NetworkProcess/cache/NetworkCache.cpp
M Source/WebKit/NetworkProcess/cache/NetworkCacheSpeculativeLoadManager.cpp
M Source/WebKit/NetworkProcess/cache/NetworkCacheStorage.cpp
M Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm
M Source/WebKit/NetworkProcess/storage/OriginStorageManager.cpp
M Source/WebKit/Shared/API/Cocoa/RemoteObjectInvocation.mm
M
Source/WebKit/Shared/EntryPointUtilities/Cocoa/XPCService/XPCServiceEntryPoint.h
M
Source/WebKit/Shared/EntryPointUtilities/Cocoa/XPCService/XPCServiceEntryPoint.mm
M Source/WebKit/UIProcess/API/APIUIClient.cpp
M Source/WebKit/UIProcess/API/APIUIClient.h
M Source/WebKit/UIProcess/Cocoa/IconLoadingDelegate.mm
M Source/WebKit/UIProcess/Cocoa/NavigationState.mm
M Source/WebKit/UIProcess/Cocoa/ResourceLoadDelegate.mm
M Source/WebKit/UIProcess/Cocoa/UIDelegate.mm
M
Source/WebKit/UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.cpp
M Source/WebKit/UIProcess/DisplayLink.cpp
M Source/WebKit/UIProcess/Inspector/Cocoa/InspectorExtensionDelegate.mm
M Source/WebKit/UIProcess/ProcessThrottler.cpp
M Source/WebKit/UIProcess/WebProcessCache.cpp
M Source/WebKit/UIProcess/ios/WKTextInteractionWrapper.mm
M
Source/WebKit/WebProcess/EntryPoint/Cocoa/XPCService/WebContentServiceEntryPoint.mm
M Source/WebKit/WebProcess/GPU/media/RemoteAudioSourceProviderManager.cpp
M Source/WebKit/WebProcess/GPU/media/RemoteMediaRecorderPrivateWriter.cpp
M Source/WebKit/WebProcess/GPU/webrtc/LibWebRTCCodecs.cpp
M Source/WebKit/WebProcess/Storage/WebServiceWorkerFetchTaskClient.cpp
M Source/WebKit/WebProcess/WebPage/dmabuf/AcceleratedSurfaceDMABuf.cpp
M Source/WebKit/WebProcess/WebPage/wc/WCTileGrid.cpp
M Source/WebKit/WebProcess/cocoa/RemoteCaptureSampleManager.cpp
M Source/WebKitLegacy/WebCoreSupport/WebResourceLoadScheduler.cpp
M Source/bmalloc/CMakeLists.txt
M Source/bmalloc/bmalloc.xcodeproj/project.pbxproj
M Source/bmalloc/bmalloc/BCompiler.h
M Source/bmalloc/bmalloc/IsoHeap.h
M Source/bmalloc/bmalloc/IsoHeapInlines.h
M Source/bmalloc/bmalloc/Map.h
A Source/bmalloc/bmalloc/SegmentedVector.h
M Source/bmalloc/bmalloc/TZoneHeap.cpp
M Source/bmalloc/bmalloc/TZoneHeap.h
M Source/bmalloc/bmalloc/TZoneHeapInlines.h
M Source/bmalloc/bmalloc/TZoneHeapManager.cpp
M Source/bmalloc/bmalloc/TZoneHeapManager.h
M Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
Log Message:
-----------
Change TZoneHeap so that it can be enabled/disabled based on a runtime
configuration.
https://bugs.webkit.org/show_bug.cgi?id=284802
rdar://141311777
Reviewed by Yusuke Suzuki and Keith Miller.
This patch changes the TZoneHeap implementation but does not re-enable it yet.
We will re-enable it
in a separate patch later.
1. Changed the TZoneHeap implementation from being a template class to a set of
utility functions
that the WTF_MAKE_TZONE_OR_ISO_ALLOCATED macro (and peers) can call:
tzoneAllocateCompact
tzoneAllocateNonCompact
These fast path functions are only called if the Class' s_heapRef is
non-null. If the s_heapRef
is null, we'll call a slow path which will initialize the s_heapRef if
needed, and bottom out in
one of these:
tzoneAllocateNonCompactWithFastFallbackSlow
tzoneAllocateCompactWithFastFallbackSlow
tzoneAllocateNonCompactWithIsoFallbackSlow
tzoneAllocateCompactWithIsoFallbackSlow
These slow path functions serve as dispatchers that do a mode of allocation
based on the value of
the tzoneMallocFallback global. tzoneMallocFallback can be one of the
following:
a. DoNotFallBack: allocate using TZone buckets.
It also verifies the requested size against the expected size to handle
the case where an
allocated class is annotated as TZONE_ALLOCATED but its subclass (which
adds more fields, and
have a larger size) is not annotated accordingly. The allocator has to
handle this as a
fallback so that the behavior will be correct for the unannotated
subclass though its
performance will be slightly impacted.
b. ForceSpecifiedFallBack: fallback to FastMalloc or IsoHeaps depending on
whether the class'
annotation is WTF_MAKE_TZONE_ALLOCATED or WTF_MAKE_TZONE_OR_ISO_ALLOCATED.
This is a mode that we currently support as fallback option. Once we
have resolved all
TZoneHeap performance / memory issues, we can remove this fallback code
eventually.
In the previous IsoHeap implementation, it allocates 1 pas_heap_ref
storage for each client class.
This scheme does not work for the TZoneHeap because its pas_heap_ref
storage is now in the TZone
bucket data structure instead. The number of TZoneHeap buckets are less
than the number of client
classes types which are previously annotated as ISO_ALLOCATED.
Therefore, we cannot re-use the
TZoneHeap pas_heap_refs for the IsoHeap fallback.
Hence, if we're falling back to IsoHeap allocation, we'll need to
allocate the pas_heap_ref (and
the corresponding bmalloc_type) storage in a SegmentedVector managed by
the TZoneHeapManager.
Since IsoHeaps are immortal (within the life cycle of the process), these
allocated pas_heap_ref
storage are also immortal.
c. ForceDebugMalloc: use system malloc, malloc zones, ASAN malloc, guard
malloc, etc.
This option was actually previously broken. This commit makes the
allocation fall back
on IsoMallocFallback's allocator to reach the DebugHeap. However,
IsoMallocFallback's
allocator itself is not doing all the right things to reach the
DebugHeap. We will fix
IsoMallocFallback in a subsequent patch.
For free, there are 2 function pointers:
tzoneFreeWithFastFallback
tzoneFreeWithIsoFallback
More details on these free pointers in (d) below.
d. determineTZoneMallocFallback() is called by the client during process
initialization when the
TZoneHeapManager is initialized. tzoneMallocFallback only needs to be
set once, and is effectively
a constant thereafter for the lifetime of the process. This also means
that tzoneMallocFallback
checks in the slow path should be well predicted by the CPU, and the
check should be relatively fast.
determineTZoneMallocFallback() will set the free function pointers to
either point to tzoneFreeFast()
or tzoneFreeWithDebugMalloc() depending on tzoneMallocFallback's value
during its initialization.
e. The fast path new is inlinable, and checks only 2 things:
a. The class' s_heapref is non-null.
b. Checks if the requested size matches the expected size of the
allocator.
Since (b) tends to be inlined and the caller specifies the requested size
as a constant, (b) tends
to be elided. That leaves the single s_heapRef null check before it
calls directly into one of
the fast path allocators above.
The fast path function only handles IsoHeap allocations. If we're
falling back on FastMalloc, we
keep the s_heapRef null.
If the s_heapRef is null, then new calls the class' operatorNewSlow()
method which will initialize
the s_heapRef if appropriate. operatorNewSlow() will also dispatch to
the appropriate underying
allocator to do the needed allocation. If tzoneMallocFallback is
ForceDebugMalloc or if the fallback
allocation mode is FastMalloc, we'll leave s_heapRef as null, and always
take the slow path.
Division of responsibilities
============================
f. TZoneHeapManager is responsible for choosing the HeapRef that will be
used by the utility
functions to do their allocation work on.
TZoneHeapManager is also responsible for determining the
tzoneMallocFallback mode.
g. The TZoneHeap utility functions are responsible for executing the type of
allocation that
their client class requires e.g. NonCompact vs Compact, FastFallback vs
IsoFallback.
Some benefits of this change
============================
i. TZoneHeap.h, TZoneHeapInlines.h, TZoneMalloc.h, and TZoneMallocInlines.h
are now significantly
simpler. They also #include very few other files. This will help
improve build speeds.
j. It reduces the number of layers of abstraction between the allocated
class and the functions
doing the allocation work. There is no longer a need for 1 specialized
TZoneHeap class per
allocated class.
This makes it easier to reason about how the allocations work: 10 utility
functions vs
an unlimited number of specialized TZoneHeap classes, and with less
layers of abstraction.
2. Introduced WTF_MAKE_TZONE_ALLOCATED_TEMPLATE and
WTF_MAKE_TZONE_ALLOCATED_TEMPLATE_IMPL.
Instead of requiring a specialize version of the template to be declared in
a .cpp file, we now
let the compiler auto-specialize the template. These macros enables this
idiom, and reduces
the effort needed to make template classes TZONE_ALLOCATED.
With the previous idiom, it was very easy to get "explicit specialization
after instantiation"
errors that are difficult to workaround.
The WTF_MAKE_TZONE_ALLOCATED_TEMPLATE_IMPL macro does not support
multi-parameter templates.
For those cases, use
WTF_MAKE_TZONE_ALLOCATED_TEMPLATE_IMPL_WITH_MULTIPLE_OR_SPECIALIZED_PARAMETERS
instead.
WTF_MAKE_TZONE_ALLOCATED_TEMPLATE_IMPL_WITH_MULTIPLE_OR_SPECIALIZED_PARAMETERS
requires that
the client define these macros:
TZONE_TEMPLATE_PARAMS, TZONE_TYPE, TZONE_TYPE_NAME
Also introduced WTF_MAKE_TZONE_OR_ISO_ALLOCATED_TEMPLATE_IMPL. Moved
MAKE_BTZONE_MALLOCED_IMPL_TEMPLATE
from IsoHeapInlines.h to MAKE_BTZONE_MALLOCED_TEMPLATE_IMPL in TZoneHeap.h
in order to make
this work when building with !USE(TZONE_MALLOC). Template treatment for
IsoHeap now matches
the simpler TZoneHeap treatment.
3. Removed the need for NESTED IMPL macros. The WTF_MAKE_TZONE_ALLOCATED_IMPL
macro now just works
for fully qualified class names e.g.
WTF_MAKE_TZONE_ALLOCATED_IMPL_NESTED(CodeOrigin, OutOfLineCodeOrigin);
is not expressed as:
WTF_MAKE_TZONE_ALLOCATED_IMPL(CodeOrigin::OutOfLineCodeOrigin);
4. Added the ability to disable TZoneHeap for a given process using an
entitlement.
This is meant as a means to facilitate temporary recovery of some memory due
to TZoneHeap
enablement. Once TZoneHeap's memory issue can be resolved without this,
this feature should
be removed.
5. Removed a lot of uses of WTF_MAKE_TZONE_ALLOCATED_INLINE in .h files.
This in turn allows to stop #include'ing TZoneMallocInlines.h in .h files.
There are still
many WTF_MAKE_TZONE_ALLOCATED_INLINE in .h files. This commit does not
remove them all yet.
6. Also introduced TZoneSpecification, which is annotated as belonging in the
"__DATA_CONST,__tzone_spec"
section. This allows the linker to co-locate them, and gives us the ability
to iterate through
them. We use this to eagerly initialize all the TZone HeapRefs during
process initialization.
On my M1 Max, this initialization takes on the order of 100us. This means
we almost take the
slow paths for new operations when TZone is enabled for classes that are
properly declared as
TZONE_ALLOCATED. This feature is an optimization, and only enabled for
BCOMPILER(CLANG).
7. Fixed some bugs:
a. The shift in nameForType() should be be '>>=' instead of '<<='.
That said, nameForType() is now only used for debugging when
TZONE_VERBOSE_DEBUG is enabled.
For production builds, we use setNextTypeName() instead that just quickly
creates the shortest
string it can with minimal work based on a static monotonically
increasing counter.
b. We were previously creating a TZone size class for every 8 byte increment
in the client class'
size. We now round the size up based on the sizeClassFor() function in
TZoneHeap.h.
sizeClassFor() defines size class buckets losely based on how libpas
defines buckets for its
small, mid, and large heaps. This change resolved all the memory
regressions exception for
RAMification. It significantly reduced the regression on RAMification,
but does not resolve
it completely.
c. Previously, TZoneHeapManager::tzoneBucketForKey() chooses a TZone bucket
(within a size class)
by doing a SHA256 hash on a TZone Key. The TZone Key itself was computed
using a SHA256 of
a per boot seed. The per boot seed is what introduces randomness into
the TZone bucket selection.
Thereafter, he bucket selection in tzoneBucketForKey() is deterministic.
Using a SHA256 in
tzoneBucketForKey() does not make it more random.
tzoneBucketForKey() now uses a WeakRandom algorithm seeded by the TZone
Key to choose the
bucket. We also now store the TZone Key as a number in m_tzoneKeySeed
instead of as a string
of the SHA256 hash characters. This helps speed up tzoneBucketForKey()
further.
8. Misc other changes to fix the build after the above changes.
Note: git is confused about some file changes:
1. DOMTZoneImpls.cpp is NOT copied from AirTZoneImpls.cpp. AirTZoneImpls.cpp
has been deleted,
and DOMTZoneImpls.cpp is a new unrelated file.
2. PlatformTZoneImpls.cpp is NOT renamed from Bridge.h. The contents of
Bridge.h has been moved
into BridgeJSC.h where they belong. Bridge.h has been deleted, and
PlatformTZoneImpls.cpp is
a new unrelated file.
3. GraphicsTZoneImpls.cpp is NOT renamed from AirTZoneImpls.cpp.
AirTZoneImpls.cpp has been deleted,
and GraphicsTZoneImpls.cpp is a new unrelated file.
* Source/JavaScriptCore/Sources.txt:
* Source/JavaScriptCore/b3/air/AirLiveness.h:
* Source/JavaScriptCore/b3/air/AirLivenessAdapter.h:
* Source/JavaScriptCore/bytecode/BytecodeBasicBlock.h:
* Source/JavaScriptCore/bytecode/CodeOrigin.cpp:
* Source/JavaScriptCore/bytecode/ExecutionCounter.cpp:
* Source/JavaScriptCore/bytecode/ExecutionCounter.h:
* Source/JavaScriptCore/bytecode/LazyValueProfile.cpp:
* Source/JavaScriptCore/bytecode/UnlinkedFunctionExecutable.cpp:
* Source/JavaScriptCore/dfg/DFGAbstractInterpreter.h:
* Source/JavaScriptCore/dfg/DFGBlockMap.h:
* Source/JavaScriptCore/dfg/DFGCSEPhase.cpp:
* Source/JavaScriptCore/dfg/DFGCombinedLiveness.cpp:
* Source/JavaScriptCore/dfg/DFGDominators.h:
* Source/JavaScriptCore/dfg/DFGFlowMap.h:
* Source/JavaScriptCore/dfg/DFGNaturalLoops.h:
* Source/JavaScriptCore/dfg/DFGTZoneImpls.cpp:
* Source/JavaScriptCore/disassembler/ARM64/A64DOpcode.cpp:
* Source/JavaScriptCore/heap/BlockDirectoryBits.h:
* Source/JavaScriptCore/heap/GCSegmentedArray.cpp:
* Source/JavaScriptCore/heap/GCSegmentedArray.h:
* Source/JavaScriptCore/heap/VerifierSlotVisitor.cpp:
* Source/JavaScriptCore/inspector/agents/InspectorDebuggerAgent.cpp:
*
Source/JavaScriptCore/inspector/remote/socket/RemoteInspectorSocketEndpoint.cpp:
* Source/JavaScriptCore/jit/ExecutableAllocator.cpp:
* Source/JavaScriptCore/jit/JITMathIC.h:
* Source/JavaScriptCore/parser/Lexer.cpp:
* Source/JavaScriptCore/parser/Lexer.h:
* Source/JavaScriptCore/parser/Parser.h:
* Source/JavaScriptCore/parser/VariableEnvironment.cpp:
* Source/JavaScriptCore/runtime/ArrayBuffer.h:
* Source/JavaScriptCore/runtime/DeferredWorkTimer.cpp:
* Source/JavaScriptCore/runtime/GenericOffset.h:
* Source/JavaScriptCore/runtime/JSDateMath.h:
* Source/JavaScriptCore/runtime/JSRunLoopTimer.cpp:
* Source/JavaScriptCore/runtime/ObjectPropertyChangeAdaptiveWatchpoint.h:
* Source/JavaScriptCore/runtime/RuntimeTZoneImpls.cpp:
* Source/JavaScriptCore/runtime/WeakGCSet.h:
* Source/JavaScriptCore/runtime/WriteBarrier.h:
* Source/JavaScriptCore/tools/JSDollarVM.cpp:
* Source/JavaScriptCore/wasm/WasmFunctionParser.h:
* Source/JavaScriptCore/wasm/WasmMemory.cpp:
* Source/JavaScriptCore/wasm/WasmOMGIRGenerator.cpp:
* Source/JavaScriptCore/wasm/WasmOMGIRGenerator32_64.cpp:
* Source/WTF/wtf/FastMalloc.h:
* Source/WTF/wtf/IsoMallocInlines.h:
* Source/WTF/wtf/TZoneMalloc.h:
* Source/WTF/wtf/TZoneMallocInlines.h:
* Source/WTF/wtf/Threading.cpp:
(WTF::hasDisableTZoneEntitlement):
(WTF::initialize):
* Source/WebCore/Headers.cmake:
* Source/WebCore/Modules/fetch/FetchBodyOwner.cpp:
* Source/WebCore/Modules/fetch/FetchResponse.cpp:
* Source/WebCore/Modules/mediastream/MediaStreamTrackProcessor.cpp:
* Source/WebCore/Modules/webaudio/AudioParamTimeline.cpp:
* Source/WebCore/Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
* Source/WebCore/Sources.txt:
* Source/WebCore/WebCore.xcodeproj/project.pbxproj:
* Source/WebCore/bindings/js/BindingsJSTZoneImpls.cpp:
* Source/WebCore/bindings/js/DOMPromiseProxy.h:
* Source/WebCore/bridge/jsc/BridgeJSC.cpp:
* Source/WebCore/bridge/jsc/BridgeJSC.h:
* Source/WebCore/css/CSSGroupingRule.cpp:
* Source/WebCore/css/CSSKeyframesRule.cpp:
* Source/WebCore/css/CSSRuleList.h:
* Source/WebCore/css/CSSStyleRule.cpp:
* Source/WebCore/css/FontFace.cpp:
* Source/WebCore/dom/DOMTZoneImpls.cpp: Copied from
Source/JavaScriptCore/b3/air/AirTZoneImpls.cpp.
* Source/WebCore/dom/Document.cpp:
* Source/WebCore/dom/EventSender.h:
* Source/WebCore/dom/ScriptExecutionContext.cpp:
* Source/WebCore/dom/SlotAssignment.cpp:
* Source/WebCore/dom/WritingSuggestionData.h:
* Source/WebCore/editing/SelectionGeometryGatherer.cpp:
* Source/WebCore/html/FormController.cpp:
* Source/WebCore/html/FormListedElement.cpp:
* Source/WebCore/html/GenericCachedHTMLCollection.cpp:
* Source/WebCore/html/GenericCachedHTMLCollection.h:
* Source/WebCore/html/HTMLCollection.cpp:
* Source/WebCore/html/HTMLCollection.h:
* Source/WebCore/html/HTMLInputElement.cpp:
* Source/WebCore/html/HTMLLinkElement.cpp:
* Source/WebCore/html/HTMLMediaElement.cpp:
* Source/WebCore/html/ImageBitmap.cpp:
* Source/WebCore/html/MediaElementSession.cpp:
* Source/WebCore/html/StepRange.cpp:
* Source/WebCore/html/parser/HTMLElementStack.cpp:
* Source/WebCore/inspector/CommandLineAPIHost.cpp:
* Source/WebCore/inspector/InspectorFrontendClientLocal.cpp:
* Source/WebCore/inspector/InspectorHistory.cpp:
* Source/WebCore/inspector/InspectorStyleSheet.cpp:
* Source/WebCore/inspector/NetworkResourcesData.cpp:
* Source/WebCore/inspector/agents/InspectorDOMAgent.cpp:
* Source/WebCore/inspector/agents/InspectorNetworkAgent.cpp:
* Source/WebCore/inspector/agents/WebHeapAgent.cpp:
* Source/WebCore/layout/layouttree/LayoutBox.cpp:
* Source/WebCore/loader/EmptyClients.cpp:
* Source/WebCore/page/ElementTargetingController.cpp:
* Source/WebCore/page/writing-tools/WritingToolsController.mm:
* Source/WebCore/platform/OrientationNotifier.h:
* Source/WebCore/platform/PODRedBlackTree.h:
* Source/WebCore/platform/PlatformTZoneImpls.cpp: Renamed from
Source/WebCore/bridge/Bridge.h.
* Source/WebCore/platform/ScrollView.cpp:
* Source/WebCore/platform/audio/AudioArray.h:
* Source/WebCore/platform/audio/cocoa/AudioDecoderCocoa.cpp:
* Source/WebCore/platform/audio/cocoa/AudioFileReaderCocoa.cpp:
* Source/WebCore/platform/graphics/FloatPolygon.cpp:
* Source/WebCore/platform/graphics/FloatRoundedRect.cpp:
* Source/WebCore/platform/graphics/GlyphMetricsMap.h:
* Source/WebCore/platform/graphics/GraphicsTZoneImpls.cpp: Renamed from
Source/JavaScriptCore/b3/air/AirTZoneImpls.cpp.
* Source/WebCore/platform/graphics/Region.cpp:
* Source/WebCore/platform/graphics/TiledBacking.h:
* Source/WebCore/platform/graphics/cocoa/SourceBufferParserWebM.cpp:
* Source/WebCore/platform/graphics/gstreamer/mse/AppendPipeline.cpp:
* Source/WebCore/platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
* Source/WebCore/platform/gstreamer/GStreamerElementHarness.cpp:
* Source/WebCore/platform/mediastream/cocoa/DisplayCaptureSourceCocoa.cpp:
* Source/WebCore/platform/mediastream/libwebrtc/LibWebRTCLogSink.h:
* Source/WebCore/rendering/FloatingObjects.cpp:
* Source/WebCore/rendering/RenderFragmentedFlow.cpp:
* Source/WebCore/rendering/RenderObject.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderBlock.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderBlockFlow.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderContinuation.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderFirstLetter.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderFormControls.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderInline.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderList.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderMathML.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderMultiColumn.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderRuby.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderSVG.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderTable.cpp:
* Source/WebCore/rendering/updating/RenderTreeUpdaterGeneratedContent.cpp:
* Source/WebCore/rendering/updating/RenderTreeUpdaterViewTransition.cpp:
* Source/WebCore/svg/SVGElementRareData.h:
* Source/WebCore/svg/SVGPathBlender.cpp:
* Source/WebCore/svg/SVGPathBlender.h:
* Source/WebCore/svg/SVGPathByteStream.h:
* Source/WebCore/svg/SVGPathConsumer.h:
* Source/WebCore/svg/SVGPathSource.h:
* Source/WebCore/svg/SVGTZoneImpls.cpp: Added.
* Source/WebCore/svg/SVGURIReference.h:
* Source/WebCore/svg/graphics/SVGImageClients.h:
* Source/WebCore/svg/properties/SVGAnimatedPropertyAnimator.h:
* Source/WebCore/svg/properties/SVGAnimatedPropertyAnimatorImpl.h:
* Source/WebCore/svg/properties/SVGAnimatedPropertyPairAnimator.h:
* Source/WebCore/svg/properties/SVGAnimatedPropertyPairAnimatorImpl.h:
* Source/WebCore/svg/properties/SVGDecoratedPrimitive.h:
* Source/WebCore/svg/properties/SVGDecoratedProperty.h:
* Source/WebCore/svg/properties/SVGMemberAccessor.h:
* Source/WebCore/svg/properties/SVGPrimitivePropertyAnimator.h:
* Source/WebCore/svg/properties/SVGPropertyAnimator.h:
* Source/WebCore/svg/properties/SVGPropertyAnimatorFactory.h:
* Source/WebCore/svg/properties/SVGPropertyOwnerRegistry.h:
* Source/WebCore/svg/properties/SVGValuePropertyAnimator.h:
* Source/WebCore/svg/properties/SVGValuePropertyAnimatorImpl.h:
* Source/WebCore/svg/properties/SVGValuePropertyListAnimator.h:
* Source/WebCore/workers/WorkerRunLoop.cpp:
* Source/WebCore/workers/service/background-fetch/BackgroundFetch.cpp:
* Source/WebCore/workers/service/context/SWContextManager.cpp:
* Source/WebCore/workers/service/server/SWServer.cpp:
* Source/WebCore/workers/shared/context/SharedWorkerContextManager.cpp:
* Source/WebCore/xml/XPathStep.cpp:
* Source/WebGPU/WGSL/WGSLShaderModule.cpp:
* Source/WebGPU/WGSL/WGSLShaderModule.h:
* Source/WebKit/GPUProcess/media/RemoteMediaRecorderPrivateWriterManager.cpp:
* Source/WebKit/NetworkProcess/NetworkLoadScheduler.cpp:
* Source/WebKit/NetworkProcess/NetworkSession.cpp:
* Source/WebKit/NetworkProcess/cache/NetworkCache.cpp:
* Source/WebKit/NetworkProcess/cache/NetworkCacheSpeculativeLoadManager.cpp:
* Source/WebKit/NetworkProcess/cache/NetworkCacheStorage.cpp:
* Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm:
* Source/WebKit/NetworkProcess/storage/OriginStorageManager.cpp:
* Source/WebKit/Shared/API/Cocoa/RemoteObjectInvocation.mm:
* Source/WebKit/UIProcess/API/APIUIClient.cpp:
* Source/WebKit/UIProcess/API/APIUIClient.h:
* Source/WebKit/UIProcess/Cocoa/IconLoadingDelegate.mm:
* Source/WebKit/UIProcess/Cocoa/NavigationState.mm:
* Source/WebKit/UIProcess/Cocoa/ResourceLoadDelegate.mm:
* Source/WebKit/UIProcess/Cocoa/UIDelegate.mm:
*
Source/WebKit/UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.cpp:
* Source/WebKit/UIProcess/DisplayLink.cpp:
* Source/WebKit/UIProcess/Inspector/Cocoa/InspectorExtensionDelegate.mm:
* Source/WebKit/UIProcess/ProcessThrottler.cpp:
* Source/WebKit/UIProcess/WebProcessCache.cpp:
* Source/WebKit/UIProcess/ios/WKTextInteractionWrapper.mm:
*
Source/WebKit/WebProcess/EntryPoint/Cocoa/XPCService/WebContentServiceEntryPoint.mm:
(WEBCONTENT_SERVICE_INITIALIZER):
* Source/WebKit/WebProcess/GPU/media/RemoteAudioSourceProviderManager.cpp:
* Source/WebKit/WebProcess/GPU/media/RemoteMediaRecorderPrivateWriter.cpp:
* Source/WebKit/WebProcess/GPU/webrtc/LibWebRTCCodecs.cpp:
* Source/WebKit/WebProcess/Storage/WebServiceWorkerFetchTaskClient.cpp:
* Source/WebKit/WebProcess/WebPage/dmabuf/AcceleratedSurfaceDMABuf.cpp:
* Source/WebKit/WebProcess/WebPage/wc/WCTileGrid.cpp:
* Source/WebKit/WebProcess/cocoa/RemoteCaptureSampleManager.cpp:
* Source/WebKitLegacy/WebCoreSupport/WebResourceLoadScheduler.cpp:
* Source/bmalloc/CMakeLists.txt:
* Source/bmalloc/bmalloc.xcodeproj/project.pbxproj:
* Source/bmalloc/bmalloc/BCompiler.h:
* Source/bmalloc/bmalloc/IsoHeap.h:
* Source/bmalloc/bmalloc/IsoHeapInlines.h:
* Source/bmalloc/bmalloc/SegmentedVector.h: Added.
(bmalloc::SegmentedVectorIterator::~SegmentedVectorIterator):
(bmalloc::SegmentedVectorIterator::operator* const):
(bmalloc::SegmentedVectorIterator::operator-> const):
(bmalloc::SegmentedVectorIterator::operator++):
(bmalloc::SegmentedVectorIterator::operator== const):
(bmalloc::SegmentedVectorIterator::operator=):
(bmalloc::SegmentedVectorIterator::SegmentedVectorIterator):
* Source/bmalloc/bmalloc/TZoneHeap.cpp:
(bmalloc::api::tzoneHeapFor):
(bmalloc::api::tzoneAllocateNonCompactWithFastFallback):
(bmalloc::api::tzoneAllocateCompactWithFastFallback):
(bmalloc::api::tzoneAllocateNonCompactWithIsoFallback):
(bmalloc::api::tzoneAllocateCompactWithIsoFallback):
(bmalloc::api::tzoneFreeWithFastFallback):
(bmalloc::api::tzoneFreeWithIsoFallback):
(bmalloc::api::tzoneAllocate): Deleted.
(bmalloc::api::tzoneTryAllocate): Deleted.
(bmalloc::api::tzoneAllocateCompact): Deleted.
(bmalloc::api::tzoneTryAllocateCompact): Deleted.
(bmalloc::api::tzoneDeallocate): Deleted.
* Source/bmalloc/bmalloc/TZoneHeap.h:
(bmalloc::api::roundUpToMulipleOf8): Deleted.
(bmalloc::api::TZoneHeapBase::TZoneHeapBase): Deleted.
(bmalloc::api::TZoneHeapBase::scavenge): Deleted.
(bmalloc::api::TZoneHeapBase::initialize): Deleted.
(bmalloc::api::TZoneHeapBase::isInitialized): Deleted.
(bmalloc::api::TZoneHeapBase::provideHeap): Deleted.
(bmalloc::api::TZoneHeap::TZoneHeap): Deleted.
(bmalloc::api::TZoneHeap::allocate): Deleted.
(bmalloc::api::TZoneHeap::tryAllocate): Deleted.
(bmalloc::api::TZoneHeap::deallocate): Deleted.
(bmalloc::api::CompactTZoneHeap::CompactTZoneHeap): Deleted.
(bmalloc::api::CompactTZoneHeap::allocate): Deleted.
(bmalloc::api::CompactTZoneHeap::tryAllocate): Deleted.
(bmalloc::api::CompactTZoneHeap::deallocate): Deleted.
(bmalloc::api::TZoneHeapBase::TZoneHeap): Deleted.
(bmalloc::api::TZoneHeapBase::allocatorOffset): Deleted.
(bmalloc::api::TZoneHeapBase::setAllocatorOffset): Deleted.
(bmalloc::api::TZoneHeapBase::deallocatorOffset): Deleted.
(bmalloc::api::TZoneHeapBase::setDeallocatorOffset): Deleted.
(): Deleted.
* Source/bmalloc/bmalloc/TZoneHeapInlines.h:
(bmalloc::api::TZoneHeapBase<Type>::TZoneHeapBase): Deleted.
(bmalloc::api::TZoneHeapBase<Type>::allocate): Deleted.
(bmalloc::api::TZoneHeapBase<Type>::tryAllocate): Deleted.
(bmalloc::api::TZoneHeapBase<Type>::deallocate): Deleted.
(bmalloc::api::TZoneHeapBase<Type>::scavenge): Deleted.
(bmalloc::api::TZoneHeapBase<Type>::isInitialized): Deleted.
(bmalloc::api::TZoneHeapBase<Type>::initialize): Deleted.
(bmalloc::api::TZoneHeapBase<Type>::impl): Deleted.
* Source/bmalloc/bmalloc/TZoneHeapManager.cpp:
(bmalloc::api::TZoneHeapManager::setHasDisableTZoneEntitlementCallback):
(bmalloc::api::TZoneHeapManager::TZoneHeapManager):
(bmalloc::api::TZoneHeapManager::determineFallbackState):
(bmalloc::api::TZoneHeapManager::setBucketParams):
(bmalloc::api::TZoneHeapManager::init):
(bmalloc::api::TZoneHeapManager::isReady):
(bmalloc::api::TZoneHeapManager::dumpRegisteredTypes):
(bmalloc::api::TZoneHeapManager::ensureSingleton):
(bmalloc::api::TZoneHeapManager::populateBucketsForSizeClass):
(bmalloc::api::TZoneHeapManager::heapRefForIsoFallback):
(bmalloc::api::TZoneHeapManager::heapRefForTZoneType):
(bmalloc::api::TZoneHeapManager::TZoneHeapManager::heapRefForTZoneTypeDifferentSize):
(bmalloc::api::TZoneHeapManager::initTypenameTemplate): Deleted.
* Source/bmalloc/bmalloc/TZoneHeapManager.h:
(bmalloc::api::TZoneHeapManager::singleton):
(bmalloc::api::TZoneHeapManager::TZoneHeapManager): Deleted.
(bmalloc::api::TZoneHeapManager::initWithBucketSettings): Deleted.
* Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
Canonical link: https://commits.webkit.org/288407@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
