[webkit-changes] [WebKit/WebKit] 416a9c: [JSC] Remove JSValue Gigacage and donate region to...

Yusuke Suzuki noreply at github.com
Thu Mar 14 21:51:21 PDT 2024 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 416a9ccb3e0c77d9dccdf2d10689ba7c98b1738b
      https://github.com/WebKit/WebKit/commit/416a9ccb3e0c77d9dccdf2d10689ba7c98b1738b
  Author: Yusuke Suzuki <ysuzuki at apple.com>
  Date:   2024-03-14 (Thu, 14 Mar 2024)

  Changed paths:
    M Source/JavaScriptCore/API/MarkedJSValueRefArray.cpp
    M Source/JavaScriptCore/API/MarkedJSValueRefArray.h
    M Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp
    M Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
    M Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
    M Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
    M Source/JavaScriptCore/heap/Heap.cpp
    M Source/JavaScriptCore/heap/Heap.h
    M Source/JavaScriptCore/jsc.cpp
    M Source/JavaScriptCore/llint/LowLevelInterpreter.asm
    M Source/JavaScriptCore/llint/LowLevelInterpreter64.asm
    M Source/JavaScriptCore/runtime/ArgList.cpp
    M Source/JavaScriptCore/runtime/ArgList.h
    M Source/JavaScriptCore/runtime/ButterflyInlines.h
    M Source/JavaScriptCore/runtime/HashMapImpl.h
    M Source/JavaScriptCore/runtime/JSArray.cpp
    M Source/JavaScriptCore/runtime/JSArray.h
    M Source/JavaScriptCore/runtime/JSImmutableButterfly.h
    M Source/JavaScriptCore/runtime/JSPropertyNameEnumerator.cpp
    M Source/JavaScriptCore/runtime/ScopedArguments.cpp
    M Source/JavaScriptCore/runtime/StructureChain.cpp
    M Source/JavaScriptCore/runtime/VM.h
    M Source/JavaScriptCore/runtime/WeakMapImpl.h
    M Source/JavaScriptCore/runtime/WeakMapImplInlines.h
    M Source/JavaScriptCore/tools/Integrity.cpp
    M Source/WTF/WTF.xcodeproj/project.pbxproj
    M Source/WTF/wtf/CMakeLists.txt
    M Source/WTF/wtf/Gigacage.h
    R Source/WTF/wtf/JSValueMalloc.cpp
    M Source/WTF/wtf/JSValueMalloc.h
    M Source/bmalloc/bmalloc/Gigacage.cpp
    M Source/bmalloc/bmalloc/Gigacage.h
    M Source/bmalloc/bmalloc/GigacageKind.h
    M Source/bmalloc/bmalloc/HeapKind.h
    M Source/bmalloc/bmalloc/bmalloc.cpp

  Log Message:
  -----------
  [JSC] Remove JSValue Gigacage and donate region to Primitive Gigacage on iOS
https://bugs.webkit.org/show_bug.cgi?id=271006
rdar://124638480

Reviewed by Justin Michaud.

This patch removes JSValue gigacage since we no longer see much value on this.
And we donate the reserved region to Primitive Gigacage on iOS.

* Source/JavaScriptCore/API/MarkedJSValueRefArray.cpp:
(JSC::MarkedJSValueRefArray::MarkedJSValueRefArray):
* Source/JavaScriptCore/API/MarkedJSValueRefArray.h:
* Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp:
(JSC::InlineCacheCompiler::generateImpl):
* Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::emitAllocateRawObject):
* Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compileCreateClonedArguments):
* Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileCreateClonedArguments):
(JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEq):
* Source/JavaScriptCore/heap/Heap.cpp:
(JSC::Heap::Heap):
* Source/JavaScriptCore/heap/Heap.h:
(JSC::Heap::gigacageAuxiliarySpace):
* Source/JavaScriptCore/jsc.cpp:
(JSC_DEFINE_HOST_FUNCTION):
* Source/JavaScriptCore/llint/LowLevelInterpreter.asm:
* Source/JavaScriptCore/llint/LowLevelInterpreter64.asm:
* Source/JavaScriptCore/runtime/ArgList.cpp:
(JSC::MarkedVectorBase::expandCapacity):
* Source/JavaScriptCore/runtime/ArgList.h:
* Source/JavaScriptCore/runtime/ButterflyInlines.h:
(JSC::Butterfly::tryCreateUninitialized):
(JSC::Butterfly::createUninitialized):
(JSC::Butterfly::tryCreate):
(JSC::Butterfly::growArrayRight):
(JSC::Butterfly::reallocArrayRightIfPossible):
* Source/JavaScriptCore/runtime/HashMapImpl.h:
(JSC::HashMapBuffer::tryCreate):
* Source/JavaScriptCore/runtime/JSArray.cpp:
(JSC::JSArray::tryCreateUninitializedRestricted):
* Source/JavaScriptCore/runtime/JSArray.h:
(JSC::JSArray::tryCreate):
* Source/JavaScriptCore/runtime/JSImmutableButterfly.h:
(JSC::JSImmutableButterfly::subspaceFor):
* Source/JavaScriptCore/runtime/JSPropertyNameEnumerator.cpp:
(JSC::JSPropertyNameEnumerator::create):
* Source/JavaScriptCore/runtime/ScopedArguments.cpp:
(JSC::ScopedArguments::createUninitialized):
* Source/JavaScriptCore/runtime/StructureChain.cpp:
(JSC::StructureChain::create):
* Source/JavaScriptCore/runtime/VM.h:
(JSC::VM::auxiliarySpace):
(JSC::VM::immutableButterflyAuxiliarySpace):
(JSC::VM::jsValueGigacageAuxiliarySpace): Deleted.
(JSC::VM::immutableButterflyJSValueGigacageAuxiliarySpace): Deleted.
* Source/JavaScriptCore/tools/Integrity.cpp:
(JSC::Integrity::Analyzer::analyzeCell):
* Source/WTF/WTF.xcodeproj/project.pbxproj:
* Source/WTF/wtf/CMakeLists.txt:
* Source/WTF/wtf/Gigacage.h:
(Gigacage::name):
* Source/WTF/wtf/JSValueMalloc.cpp: Removed.
* Source/WTF/wtf/JSValueMalloc.h:
(WTF::JSValueMalloc::malloc): Deleted.
(WTF::JSValueMalloc::tryMalloc): Deleted.
(WTF::JSValueMalloc::realloc): Deleted.
(WTF::JSValueMalloc::free): Deleted.
* Source/bmalloc/bmalloc/Gigacage.cpp:
(Gigacage::bmalloc::runwaySize):
* Source/bmalloc/bmalloc/Gigacage.h:
(Gigacage::name):
(Gigacage::maxSize):
(Gigacage::forEachKind):
* Source/bmalloc/bmalloc/GigacageKind.h:
* Source/bmalloc/bmalloc/HeapKind.h:
(bmalloc::isGigacage):
(bmalloc::gigacageKind):
(bmalloc::heapKind):
(bmalloc::isActiveHeapKindAfterEnsuringGigacage):
(bmalloc::mapToActiveHeapKindAfterEnsuringGigacage):
* Source/bmalloc/bmalloc/bmalloc.cpp:
(bmalloc::api::mallocOutOfLine):

Canonical link: https://commits.webkit.org/276137@main



To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications

More information about the webkit-changes mailing list