[webkit-changes] [WebKit/WebKit] d9c391: Change TZoneHeap so that it can be enabled/disable...
Commit Queue
noreply at github.com
Fri Jan 3 10:19:14 PST 2025
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: d9c39159eafe3a8353b8c3a03234905d9bb7ed1d
https://github.com/WebKit/WebKit/commit/d9c39159eafe3a8353b8c3a03234905d9bb7ed1d
Author: Mark Lam <mark.lam at apple.com>
Date: 2025-01-03 (Fri, 03 Jan 2025)
Changed paths:
M Source/JavaScriptCore/Sources.txt
M Source/JavaScriptCore/assembler/AbstractMacroAssembler.h
M Source/JavaScriptCore/assembler/MacroAssembler.cpp
M Source/JavaScriptCore/assembler/MacroAssembler.h
M Source/JavaScriptCore/assembler/MacroAssemblerARM64.h
M Source/JavaScriptCore/assembler/MacroAssemblerARM64E.h
M Source/JavaScriptCore/assembler/MacroAssemblerX86_64.h
M Source/JavaScriptCore/assembler/ProbeContext.cpp
M Source/JavaScriptCore/assembler/ProbeContext.h
M Source/JavaScriptCore/b3/air/AirLiveness.h
M Source/JavaScriptCore/b3/air/AirLivenessAdapter.h
R Source/JavaScriptCore/b3/air/AirTZoneImpls.cpp
M Source/JavaScriptCore/bytecode/BytecodeBasicBlock.h
M Source/JavaScriptCore/bytecode/CodeOrigin.cpp
M Source/JavaScriptCore/bytecode/ExecutionCounter.cpp
M Source/JavaScriptCore/bytecode/ExecutionCounter.h
M Source/JavaScriptCore/bytecode/LazyValueProfile.cpp
M Source/JavaScriptCore/bytecode/UnlinkedFunctionExecutable.cpp
M Source/JavaScriptCore/dfg/DFGAbstractInterpreter.h
M Source/JavaScriptCore/dfg/DFGBlockMap.h
M Source/JavaScriptCore/dfg/DFGCSEPhase.cpp
M Source/JavaScriptCore/dfg/DFGCombinedLiveness.cpp
M Source/JavaScriptCore/dfg/DFGDominators.h
M Source/JavaScriptCore/dfg/DFGFlowMap.h
M Source/JavaScriptCore/dfg/DFGNaturalLoops.h
M Source/JavaScriptCore/dfg/DFGTZoneImpls.cpp
M Source/JavaScriptCore/disassembler/ARM64/A64DOpcode.cpp
M Source/JavaScriptCore/heap/AbstractSlotVisitor.h
M Source/JavaScriptCore/heap/BlockDirectoryBits.h
M Source/JavaScriptCore/heap/GCSegmentedArray.cpp
M Source/JavaScriptCore/heap/GCSegmentedArray.h
M Source/JavaScriptCore/heap/VerifierSlotVisitor.cpp
M Source/JavaScriptCore/inspector/agents/InspectorDebuggerAgent.cpp
M Source/JavaScriptCore/inspector/remote/socket/RemoteInspectorSocketEndpoint.cpp
M Source/JavaScriptCore/interpreter/Interpreter.h
M Source/JavaScriptCore/interpreter/Register.h
M Source/JavaScriptCore/jit/AssemblyHelpers.cpp
M Source/JavaScriptCore/jit/AssemblyHelpers.h
M Source/JavaScriptCore/jit/ExecutableAllocator.cpp
M Source/JavaScriptCore/jit/ExecutableAllocator.h
M Source/JavaScriptCore/jit/JIT.cpp
M Source/JavaScriptCore/jit/JIT.h
M Source/JavaScriptCore/jit/JITMathIC.h
M Source/JavaScriptCore/jit/JITTZoneImpls.cpp
M Source/JavaScriptCore/jit/JSInterfaceJIT.h
M Source/JavaScriptCore/jit/PCToCodeOriginMap.h
M Source/JavaScriptCore/jit/SpecializedThunkJIT.h
M Source/JavaScriptCore/parser/Lexer.cpp
M Source/JavaScriptCore/parser/Lexer.h
M Source/JavaScriptCore/parser/Parser.h
M Source/JavaScriptCore/parser/VariableEnvironment.cpp
M Source/JavaScriptCore/runtime/ArrayBuffer.h
M Source/JavaScriptCore/runtime/DeferredWorkTimer.cpp
M Source/JavaScriptCore/runtime/GenericOffset.h
M Source/JavaScriptCore/runtime/InitializeThreading.cpp
M Source/JavaScriptCore/runtime/JSDateMath.h
M Source/JavaScriptCore/runtime/JSRunLoopTimer.cpp
M Source/JavaScriptCore/runtime/ObjectPropertyChangeAdaptiveWatchpoint.h
M Source/JavaScriptCore/runtime/Options.cpp
M Source/JavaScriptCore/runtime/RuntimeTZoneImpls.cpp
M Source/JavaScriptCore/runtime/WeakGCSet.h
M Source/JavaScriptCore/runtime/WriteBarrier.h
M Source/JavaScriptCore/tools/JSDollarVM.cpp
M Source/JavaScriptCore/wasm/WasmFunctionParser.h
M Source/JavaScriptCore/wasm/WasmMemory.cpp
M Source/JavaScriptCore/wasm/WasmOMGIRGenerator.cpp
M Source/JavaScriptCore/wasm/WasmOMGIRGenerator32_64.cpp
M Source/WTF/wtf/FastMalloc.h
M Source/WTF/wtf/IsoMallocInlines.h
M Source/WTF/wtf/TZoneMalloc.h
M Source/WTF/wtf/TZoneMallocInlines.h
M Source/WTF/wtf/Threading.cpp
M Source/WebCore/Headers.cmake
M Source/WebCore/Modules/fetch/FetchBodyOwner.cpp
M Source/WebCore/Modules/fetch/FetchResponse.cpp
M Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabaseManager.h
M Source/WebCore/Modules/mediastream/MediaStreamTrackProcessor.cpp
M Source/WebCore/Modules/webaudio/AudioParamTimeline.cpp
M Source/WebCore/Modules/websockets/WorkerThreadableWebSocketChannel.cpp
M Source/WebCore/PAL/pal/system/Clock.h
M Source/WebCore/Sources.txt
M Source/WebCore/WebCore.xcodeproj/project.pbxproj
M Source/WebCore/accessibility/AXTreeStore.h
M Source/WebCore/bindings/js/BindingsJSTZoneImpls.cpp
M Source/WebCore/bindings/js/DOMPromiseProxy.h
R Source/WebCore/bridge/Bridge.h
M Source/WebCore/bridge/jsc/BridgeJSC.cpp
M Source/WebCore/bridge/jsc/BridgeJSC.h
M Source/WebCore/css/CSSGroupingRule.cpp
M Source/WebCore/css/CSSKeyframesRule.cpp
M Source/WebCore/css/CSSRuleList.h
M Source/WebCore/css/CSSStyleRule.cpp
M Source/WebCore/css/FontFace.cpp
A Source/WebCore/dom/DOMTZoneImpls.cpp
M Source/WebCore/dom/Document.cpp
M Source/WebCore/dom/EventSender.h
M Source/WebCore/dom/LiveNodeList.h
M Source/WebCore/dom/ScriptExecutionContext.cpp
M Source/WebCore/dom/SlotAssignment.cpp
M Source/WebCore/dom/WritingSuggestionData.h
M Source/WebCore/editing/SelectionGeometryGatherer.cpp
M Source/WebCore/html/CachedHTMLCollection.h
M Source/WebCore/html/FormController.cpp
M Source/WebCore/html/FormListedElement.cpp
M Source/WebCore/html/GenericCachedHTMLCollection.cpp
M Source/WebCore/html/GenericCachedHTMLCollection.h
M Source/WebCore/html/HTMLCollection.cpp
M Source/WebCore/html/HTMLCollection.h
M Source/WebCore/html/HTMLInputElement.cpp
M Source/WebCore/html/HTMLLinkElement.cpp
M Source/WebCore/html/HTMLMediaElement.cpp
M Source/WebCore/html/HTMLNameCollection.h
M Source/WebCore/html/ImageBitmap.cpp
M Source/WebCore/html/MediaElementSession.cpp
M Source/WebCore/html/StepRange.cpp
M Source/WebCore/html/canvas/GPUBasedCanvasRenderingContext.h
M Source/WebCore/html/parser/HTMLElementStack.cpp
M Source/WebCore/inspector/CommandLineAPIHost.cpp
M Source/WebCore/inspector/InspectorFrontendClientLocal.cpp
M Source/WebCore/inspector/InspectorHistory.cpp
M Source/WebCore/inspector/InspectorStyleSheet.cpp
M Source/WebCore/inspector/NetworkResourcesData.cpp
M Source/WebCore/inspector/agents/InspectorDOMAgent.cpp
M Source/WebCore/inspector/agents/InspectorNetworkAgent.cpp
M Source/WebCore/inspector/agents/WebHeapAgent.cpp
M Source/WebCore/layout/layouttree/LayoutBox.cpp
M Source/WebCore/loader/EmptyClients.cpp
M Source/WebCore/page/ElementTargetingController.cpp
M Source/WebCore/page/writing-tools/WritingToolsController.mm
M Source/WebCore/platform/OrientationNotifier.h
M Source/WebCore/platform/PODIntervalTree.h
M Source/WebCore/platform/PODRedBlackTree.h
A Source/WebCore/platform/PlatformTZoneImpls.cpp
M Source/WebCore/platform/ScrollView.cpp
A Source/WebCore/platform/WebCoreHeapSupport.cpp
A Source/WebCore/platform/WebCoreHeapSupport.h
M Source/WebCore/platform/audio/AudioArray.h
M Source/WebCore/platform/audio/cocoa/AudioDecoderCocoa.cpp
M Source/WebCore/platform/audio/cocoa/AudioFileReaderCocoa.cpp
M Source/WebCore/platform/graphics/FloatPolygon.cpp
M Source/WebCore/platform/graphics/FloatRoundedRect.cpp
M Source/WebCore/platform/graphics/GlyphMetricsMap.h
A Source/WebCore/platform/graphics/GraphicsTZoneImpls.cpp
M Source/WebCore/platform/graphics/Region.cpp
M Source/WebCore/platform/graphics/TiledBacking.h
M Source/WebCore/platform/graphics/cocoa/SourceBufferParserWebM.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/AppendPipeline.cpp
M Source/WebCore/platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp
M Source/WebCore/platform/gstreamer/GStreamerElementHarness.cpp
M Source/WebCore/platform/ios/wak/WebCoreThread.mm
M Source/WebCore/platform/mediastream/cocoa/DisplayCaptureSourceCocoa.cpp
M Source/WebCore/rendering/FloatingObjects.cpp
M Source/WebCore/rendering/RenderFragmentedFlow.cpp
M Source/WebCore/rendering/RenderObject.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderBlock.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderBlockFlow.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderContinuation.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderFirstLetter.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderFormControls.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderInline.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderList.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderMathML.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderMultiColumn.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderRuby.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderSVG.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderTable.cpp
M Source/WebCore/rendering/updating/RenderTreeUpdaterGeneratedContent.cpp
M Source/WebCore/rendering/updating/RenderTreeUpdaterViewTransition.cpp
M Source/WebCore/svg/SVGElementRareData.h
M Source/WebCore/svg/SVGPathBlender.cpp
M Source/WebCore/svg/SVGPathBlender.h
M Source/WebCore/svg/SVGPathByteStream.h
M Source/WebCore/svg/SVGPathConsumer.h
M Source/WebCore/svg/SVGPathSource.h
A Source/WebCore/svg/SVGTZoneImpls.cpp
M Source/WebCore/svg/SVGURIReference.h
M Source/WebCore/svg/graphics/SVGImageClients.h
M Source/WebCore/svg/properties/SVGAnimatedPropertyAnimator.h
M Source/WebCore/svg/properties/SVGAnimatedPropertyAnimatorImpl.h
M Source/WebCore/svg/properties/SVGAnimatedPropertyPairAnimator.h
M Source/WebCore/svg/properties/SVGAnimatedPropertyPairAnimatorImpl.h
M Source/WebCore/svg/properties/SVGDecoratedPrimitive.h
M Source/WebCore/svg/properties/SVGDecoratedProperty.h
M Source/WebCore/svg/properties/SVGMemberAccessor.h
M Source/WebCore/svg/properties/SVGPrimitivePropertyAnimator.h
M Source/WebCore/svg/properties/SVGPropertyAnimator.h
M Source/WebCore/svg/properties/SVGPropertyAnimatorFactory.h
M Source/WebCore/svg/properties/SVGPropertyOwnerRegistry.h
M Source/WebCore/svg/properties/SVGValuePropertyAnimator.h
M Source/WebCore/svg/properties/SVGValuePropertyAnimatorImpl.h
M Source/WebCore/svg/properties/SVGValuePropertyListAnimator.h
M Source/WebCore/workers/WorkerRunLoop.cpp
M Source/WebCore/workers/service/background-fetch/BackgroundFetch.cpp
M Source/WebCore/workers/service/context/SWContextManager.cpp
M Source/WebCore/workers/service/server/SWServer.cpp
M Source/WebCore/workers/shared/context/SharedWorkerContextManager.cpp
M Source/WebCore/xml/XPathStep.cpp
M Source/WebGPU/WGSL/WGSLShaderModule.cpp
M Source/WebGPU/WGSL/WGSLShaderModule.h
M Source/WebKit/GPUProcess/media/RemoteMediaRecorderPrivateWriterManager.cpp
M Source/WebKit/NetworkProcess/NetworkLoadScheduler.cpp
M Source/WebKit/NetworkProcess/NetworkSession.cpp
M Source/WebKit/NetworkProcess/cache/NetworkCache.cpp
M Source/WebKit/NetworkProcess/cache/NetworkCacheSpeculativeLoadManager.cpp
M Source/WebKit/NetworkProcess/cache/NetworkCacheStorage.cpp
M Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm
M Source/WebKit/NetworkProcess/storage/OriginStorageManager.cpp
M Source/WebKit/Shared/API/Cocoa/RemoteObjectInvocation.mm
M Source/WebKit/Shared/EntryPointUtilities/Cocoa/XPCService/XPCServiceEntryPoint.h
M Source/WebKit/Shared/EntryPointUtilities/Cocoa/XPCService/XPCServiceEntryPoint.mm
M Source/WebKit/UIProcess/API/APIUIClient.cpp
M Source/WebKit/UIProcess/API/APIUIClient.h
M Source/WebKit/UIProcess/Cocoa/IconLoadingDelegate.mm
M Source/WebKit/UIProcess/Cocoa/NavigationState.mm
M Source/WebKit/UIProcess/Cocoa/ResourceLoadDelegate.mm
M Source/WebKit/UIProcess/Cocoa/UIDelegate.mm
M Source/WebKit/UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.cpp
M Source/WebKit/UIProcess/DisplayLink.cpp
M Source/WebKit/UIProcess/Inspector/Cocoa/InspectorExtensionDelegate.mm
M Source/WebKit/UIProcess/ProcessThrottler.cpp
M Source/WebKit/UIProcess/WebProcessCache.cpp
M Source/WebKit/UIProcess/ios/WKTextInteractionWrapper.mm
M Source/WebKit/WebProcess/EntryPoint/Cocoa/XPCService/WebContentServiceEntryPoint.mm
M Source/WebKit/WebProcess/GPU/media/RemoteAudioSourceProviderManager.cpp
M Source/WebKit/WebProcess/GPU/media/RemoteMediaRecorderPrivateWriter.cpp
M Source/WebKit/WebProcess/GPU/webrtc/LibWebRTCCodecs.cpp
M Source/WebKit/WebProcess/Storage/WebServiceWorkerFetchTaskClient.cpp
M Source/WebKit/WebProcess/WebPage/dmabuf/AcceleratedSurfaceDMABuf.cpp
M Source/WebKit/WebProcess/WebPage/wc/WCTileGrid.cpp
M Source/WebKit/WebProcess/cocoa/RemoteCaptureSampleManager.cpp
M Source/WebKitLegacy/WebCoreSupport/WebResourceLoadScheduler.cpp
M Source/bmalloc/CMakeLists.txt
M Source/bmalloc/bmalloc.xcodeproj/project.pbxproj
M Source/bmalloc/bmalloc/BCompiler.h
M Source/bmalloc/bmalloc/IsoHeap.h
M Source/bmalloc/bmalloc/IsoHeapInlines.h
M Source/bmalloc/bmalloc/Map.h
A Source/bmalloc/bmalloc/SegmentedVector.h
M Source/bmalloc/bmalloc/TZoneHeap.cpp
M Source/bmalloc/bmalloc/TZoneHeap.h
M Source/bmalloc/bmalloc/TZoneHeapInlines.h
M Source/bmalloc/bmalloc/TZoneHeapManager.cpp
M Source/bmalloc/bmalloc/TZoneHeapManager.h
M Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
Log Message:
-----------
Change TZoneHeap so that it can be enabled/disabled based on a runtime configuration.
https://bugs.webkit.org/show_bug.cgi?id=284802
rdar://141311777
Reviewed by Yusuke Suzuki and Keith Miller.
This patch changes the TZoneHeap implementation but does not re-enable it yet. We will re-enable it
in a separate patch later.
1. Changed the TZoneHeap implementation from being a template class to a set of utility functions
that the WTF_MAKE_TZONE_OR_ISO_ALLOCATED macro (and peers) can call:
tzoneAllocateCompact
tzoneAllocateNonCompact
These fast path functions are only called if the Class' s_heapRef is non-null. If the s_heapRef
is null, we'll call a slow path which will initialize the s_heapRef if needed, and bottom out in
one of these:
tzoneAllocateNonCompactWithFastFallbackSlow
tzoneAllocateCompactWithFastFallbackSlow
tzoneAllocateNonCompactWithIsoFallbackSlow
tzoneAllocateCompactWithIsoFallbackSlow
These slow path functions serve as dispatchers that do a mode of allocation based on the value of
the tzoneMallocFallback global. tzoneMallocFallback can be one of the following:
a. DoNotFallBack: allocate using TZone buckets.
It also verifies the requested size against the expected size to handle the case where an
allocated class is annotated as TZONE_ALLOCATED but its subclass (which adds more fields, and
have a larger size) is not annotated accordingly. The allocator has to handle this as a
fallback so that the behavior will be correct for the unannotated subclass though its
performance will be slightly impacted.
b. ForceSpecifiedFallBack: fallback to FastMalloc or IsoHeaps depending on whether the class'
annotation is WTF_MAKE_TZONE_ALLOCATED or WTF_MAKE_TZONE_OR_ISO_ALLOCATED.
This is a mode that we currently support as fallback option. Once we have resolved all
TZoneHeap performance / memory issues, we can remove this fallback code eventually.
In the previous IsoHeap implementation, it allocates 1 pas_heap_ref storage for each client class.
This scheme does not work for the TZoneHeap because its pas_heap_ref storage is now in the TZone
bucket data structure instead. The number of TZoneHeap buckets are less than the number of client
classes types which are previously annotated as ISO_ALLOCATED. Therefore, we cannot re-use the
TZoneHeap pas_heap_refs for the IsoHeap fallback.
Hence, if we're falling back to IsoHeap allocation, we'll need to allocate the pas_heap_ref (and
the corresponding bmalloc_type) storage in a SegmentedVector managed by the TZoneHeapManager.
Since IsoHeaps are immortal (within the life cycle of the process), these allocated pas_heap_ref
storage are also immortal.
c. ForceDebugMalloc: use system malloc, malloc zones, ASAN malloc, guard malloc, etc.
This option was actually previously broken. This commit makes the allocation fall back
on IsoMallocFallback's allocator to reach the DebugHeap. However, IsoMallocFallback's
allocator itself is not doing all the right things to reach the DebugHeap. We will fix
IsoMallocFallback in a subsequent patch.
For free, there are 2 function pointers:
tzoneFreeWithFastFallback
tzoneFreeWithIsoFallback
More details on these free pointers in (d) below.
d. determineTZoneMallocFallback() is called by the client during process initialization when the
TZoneHeapManager is initialized. tzoneMallocFallback only needs to be set once, and is effectively
a constant thereafter for the lifetime of the process. This also means that tzoneMallocFallback
checks in the slow path should be well predicted by the CPU, and the check should be relatively fast.
determineTZoneMallocFallback() will set the free function pointers to either point to tzoneFreeFast()
or tzoneFreeWithDebugMalloc() depending on tzoneMallocFallback's value during its initialization.
e. The fast path new is inlinable, and checks only 2 things:
a. The class' s_heapref is non-null.
b. Checks if the requested size matches the expected size of the allocator.
Since (b) tends to be inlined and the caller specifies the requested size as a constant, (b) tends
to be elided. That leaves the single s_heapRef null check before it calls directly into one of
the fast path allocators above.
The fast path function only handles IsoHeap allocations. If we're falling back on FastMalloc, we
keep the s_heapRef null.
If the s_heapRef is null, then new calls the class' operatorNewSlow() method which will initialize
the s_heapRef if appropriate. operatorNewSlow() will also dispatch to the appropriate underying
allocator to do the needed allocation. If tzoneMallocFallback is ForceDebugMalloc or if the fallback
allocation mode is FastMalloc, we'll leave s_heapRef as null, and always take the slow path.
Division of responsibilities
============================
f. TZoneHeapManager is responsible for choosing the HeapRef that will be used by the utility
functions to do their allocation work on.
TZoneHeapManager is also responsible for determining the tzoneMallocFallback mode.
g. The TZoneHeap utility functions are responsible for executing the type of allocation that
their client class requires e.g. NonCompact vs Compact, FastFallback vs IsoFallback.
Some benefits of this change
============================
i. TZoneHeap.h, TZoneHeapInlines.h, TZoneMalloc.h, and TZoneMallocInlines.h are now significantly
simpler. They also #include very few other files. This will help improve build speeds.
j. It reduces the number of layers of abstraction between the allocated class and the functions
doing the allocation work. There is no longer a need for 1 specialized TZoneHeap class per
allocated class.
This makes it easier to reason about how the allocations work: 10 utility functions vs
an unlimited number of specialized TZoneHeap classes, and with less layers of abstraction.
2. Introduced WTF_MAKE_TZONE_ALLOCATED_TEMPLATE and WTF_MAKE_TZONE_ALLOCATED_TEMPLATE_IMPL.
Instead of requiring a specialize version of the template to be declared in a .cpp file, we now
let the compiler auto-specialize the template. These macros enables this idiom, and reduces
the effort needed to make template classes TZONE_ALLOCATED.
With the previous idiom, it was very easy to get "explicit specialization after instantiation"
errors that are difficult to workaround.
The WTF_MAKE_TZONE_ALLOCATED_TEMPLATE_IMPL macro does not support multi-parameter templates.
For those cases, use WTF_MAKE_TZONE_ALLOCATED_TEMPLATE_IMPL_WITH_MULTIPLE_OR_SPECIALIZED_PARAMETERS
instead. WTF_MAKE_TZONE_ALLOCATED_TEMPLATE_IMPL_WITH_MULTIPLE_OR_SPECIALIZED_PARAMETERS requires that
the client define these macros:
TZONE_TEMPLATE_PARAMS, TZONE_TYPE, TZONE_TYPE_NAME
Also introduced WTF_MAKE_TZONE_OR_ISO_ALLOCATED_TEMPLATE_IMPL. Moved MAKE_BTZONE_MALLOCED_IMPL_TEMPLATE
from IsoHeapInlines.h to MAKE_BTZONE_MALLOCED_TEMPLATE_IMPL in TZoneHeap.h in order to make
this work when building with !USE(TZONE_MALLOC). Template treatment for IsoHeap now matches
the simpler TZoneHeap treatment.
3. Removed the need for NESTED IMPL macros. The WTF_MAKE_TZONE_ALLOCATED_IMPL macro now just works
for fully qualified class names e.g.
WTF_MAKE_TZONE_ALLOCATED_IMPL_NESTED(CodeOrigin, OutOfLineCodeOrigin);
is not expressed as:
WTF_MAKE_TZONE_ALLOCATED_IMPL(CodeOrigin::OutOfLineCodeOrigin);
4. Added the ability to disable TZoneHeap for a given process using an entitlement.
This is meant as a means to facilitate temporary recovery of some memory due to TZoneHeap
enablement. Once TZoneHeap's memory issue can be resolved without this, this feature should
be removed.
5. Removed a lot of uses of WTF_MAKE_TZONE_ALLOCATED_INLINE in .h files.
This in turn allows to stop #include'ing TZoneMallocInlines.h in .h files. There are still
many WTF_MAKE_TZONE_ALLOCATED_INLINE in .h files. This commit does not remove them all yet.
6. Also introduced TZoneSpecification, which is annotated as belonging in the "__DATA_CONST,__tzone_spec"
section. This allows the linker to co-locate them, and gives us the ability to iterate through
them. We use this to eagerly initialize all the TZone HeapRefs during process initialization.
On my M1 Max, this initialization takes on the order of 100us. This means we almost take the
slow paths for new operations when TZone is enabled for classes that are properly declared as
TZONE_ALLOCATED. This feature is an optimization, and only enabled for BCOMPILER(CLANG).
7. Fixed some bugs:
a. The shift in nameForType() should be be '>>=' instead of '<<='.
That said, nameForType() is now only used for debugging when TZONE_VERBOSE_DEBUG is enabled.
For production builds, we use setNextTypeName() instead that just quickly creates the shortest
string it can with minimal work based on a static monotonically increasing counter.
b. We were previously creating a TZone size class for every 8 byte increment in the client class'
size. We now round the size up based on the sizeClassFor() function in TZoneHeap.h.
sizeClassFor() defines size class buckets losely based on how libpas defines buckets for its
small, mid, and large heaps. This change resolved all the memory regressions exception for
RAMification. It significantly reduced the regression on RAMification, but does not resolve
it completely.
c. Previously, TZoneHeapManager::tzoneBucketForKey() chooses a TZone bucket (within a size class)
by doing a SHA256 hash on a TZone Key. The TZone Key itself was computed using a SHA256 of
a per boot seed. The per boot seed is what introduces randomness into the TZone bucket selection.
Thereafter, he bucket selection in tzoneBucketForKey() is deterministic. Using a SHA256 in
tzoneBucketForKey() does not make it more random.
tzoneBucketForKey() now uses a WeakRandom algorithm seeded by the TZone Key to choose the
bucket. We also now store the TZone Key as a number in m_tzoneKeySeed instead of as a string
of the SHA256 hash characters. This helps speed up tzoneBucketForKey() further.
8. Misc other changes to fix the build after the above changes.
Note: git is confused about some file changes:
1. DOMTZoneImpls.cpp is NOT copied from AirTZoneImpls.cpp. AirTZoneImpls.cpp has been deleted,
and DOMTZoneImpls.cpp is a new unrelated file.
2. PlatformTZoneImpls.cpp is NOT renamed from Bridge.h. The contents of Bridge.h has been moved
into BridgeJSC.h where they belong. Bridge.h has been deleted, and PlatformTZoneImpls.cpp is
a new unrelated file.
3. GraphicsTZoneImpls.cpp is NOT renamed from AirTZoneImpls.cpp. AirTZoneImpls.cpp has been deleted,
and GraphicsTZoneImpls.cpp is a new unrelated file.
* Source/JavaScriptCore/Sources.txt:
* Source/JavaScriptCore/b3/air/AirLiveness.h:
* Source/JavaScriptCore/b3/air/AirLivenessAdapter.h:
* Source/JavaScriptCore/bytecode/BytecodeBasicBlock.h:
* Source/JavaScriptCore/bytecode/CodeOrigin.cpp:
* Source/JavaScriptCore/bytecode/ExecutionCounter.cpp:
* Source/JavaScriptCore/bytecode/ExecutionCounter.h:
* Source/JavaScriptCore/bytecode/LazyValueProfile.cpp:
* Source/JavaScriptCore/bytecode/UnlinkedFunctionExecutable.cpp:
* Source/JavaScriptCore/dfg/DFGAbstractInterpreter.h:
* Source/JavaScriptCore/dfg/DFGBlockMap.h:
* Source/JavaScriptCore/dfg/DFGCSEPhase.cpp:
* Source/JavaScriptCore/dfg/DFGCombinedLiveness.cpp:
* Source/JavaScriptCore/dfg/DFGDominators.h:
* Source/JavaScriptCore/dfg/DFGFlowMap.h:
* Source/JavaScriptCore/dfg/DFGNaturalLoops.h:
* Source/JavaScriptCore/dfg/DFGTZoneImpls.cpp:
* Source/JavaScriptCore/disassembler/ARM64/A64DOpcode.cpp:
* Source/JavaScriptCore/heap/BlockDirectoryBits.h:
* Source/JavaScriptCore/heap/GCSegmentedArray.cpp:
* Source/JavaScriptCore/heap/GCSegmentedArray.h:
* Source/JavaScriptCore/heap/VerifierSlotVisitor.cpp:
* Source/JavaScriptCore/inspector/agents/InspectorDebuggerAgent.cpp:
* Source/JavaScriptCore/inspector/remote/socket/RemoteInspectorSocketEndpoint.cpp:
* Source/JavaScriptCore/jit/ExecutableAllocator.cpp:
* Source/JavaScriptCore/jit/JITMathIC.h:
* Source/JavaScriptCore/parser/Lexer.cpp:
* Source/JavaScriptCore/parser/Lexer.h:
* Source/JavaScriptCore/parser/Parser.h:
* Source/JavaScriptCore/parser/VariableEnvironment.cpp:
* Source/JavaScriptCore/runtime/ArrayBuffer.h:
* Source/JavaScriptCore/runtime/DeferredWorkTimer.cpp:
* Source/JavaScriptCore/runtime/GenericOffset.h:
* Source/JavaScriptCore/runtime/JSDateMath.h:
* Source/JavaScriptCore/runtime/JSRunLoopTimer.cpp:
* Source/JavaScriptCore/runtime/ObjectPropertyChangeAdaptiveWatchpoint.h:
* Source/JavaScriptCore/runtime/RuntimeTZoneImpls.cpp:
* Source/JavaScriptCore/runtime/WeakGCSet.h:
* Source/JavaScriptCore/runtime/WriteBarrier.h:
* Source/JavaScriptCore/tools/JSDollarVM.cpp:
* Source/JavaScriptCore/wasm/WasmFunctionParser.h:
* Source/JavaScriptCore/wasm/WasmMemory.cpp:
* Source/JavaScriptCore/wasm/WasmOMGIRGenerator.cpp:
* Source/JavaScriptCore/wasm/WasmOMGIRGenerator32_64.cpp:
* Source/WTF/wtf/FastMalloc.h:
* Source/WTF/wtf/IsoMallocInlines.h:
* Source/WTF/wtf/TZoneMalloc.h:
* Source/WTF/wtf/TZoneMallocInlines.h:
* Source/WTF/wtf/Threading.cpp:
(WTF::hasDisableTZoneEntitlement):
(WTF::initialize):
* Source/WebCore/Headers.cmake:
* Source/WebCore/Modules/fetch/FetchBodyOwner.cpp:
* Source/WebCore/Modules/fetch/FetchResponse.cpp:
* Source/WebCore/Modules/mediastream/MediaStreamTrackProcessor.cpp:
* Source/WebCore/Modules/webaudio/AudioParamTimeline.cpp:
* Source/WebCore/Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
* Source/WebCore/Sources.txt:
* Source/WebCore/WebCore.xcodeproj/project.pbxproj:
* Source/WebCore/bindings/js/BindingsJSTZoneImpls.cpp:
* Source/WebCore/bindings/js/DOMPromiseProxy.h:
* Source/WebCore/bridge/jsc/BridgeJSC.cpp:
* Source/WebCore/bridge/jsc/BridgeJSC.h:
* Source/WebCore/css/CSSGroupingRule.cpp:
* Source/WebCore/css/CSSKeyframesRule.cpp:
* Source/WebCore/css/CSSRuleList.h:
* Source/WebCore/css/CSSStyleRule.cpp:
* Source/WebCore/css/FontFace.cpp:
* Source/WebCore/dom/DOMTZoneImpls.cpp: Copied from Source/JavaScriptCore/b3/air/AirTZoneImpls.cpp.
* Source/WebCore/dom/Document.cpp:
* Source/WebCore/dom/EventSender.h:
* Source/WebCore/dom/ScriptExecutionContext.cpp:
* Source/WebCore/dom/SlotAssignment.cpp:
* Source/WebCore/dom/WritingSuggestionData.h:
* Source/WebCore/editing/SelectionGeometryGatherer.cpp:
* Source/WebCore/html/FormController.cpp:
* Source/WebCore/html/FormListedElement.cpp:
* Source/WebCore/html/GenericCachedHTMLCollection.cpp:
* Source/WebCore/html/GenericCachedHTMLCollection.h:
* Source/WebCore/html/HTMLCollection.cpp:
* Source/WebCore/html/HTMLCollection.h:
* Source/WebCore/html/HTMLInputElement.cpp:
* Source/WebCore/html/HTMLLinkElement.cpp:
* Source/WebCore/html/HTMLMediaElement.cpp:
* Source/WebCore/html/ImageBitmap.cpp:
* Source/WebCore/html/MediaElementSession.cpp:
* Source/WebCore/html/StepRange.cpp:
* Source/WebCore/html/parser/HTMLElementStack.cpp:
* Source/WebCore/inspector/CommandLineAPIHost.cpp:
* Source/WebCore/inspector/InspectorFrontendClientLocal.cpp:
* Source/WebCore/inspector/InspectorHistory.cpp:
* Source/WebCore/inspector/InspectorStyleSheet.cpp:
* Source/WebCore/inspector/NetworkResourcesData.cpp:
* Source/WebCore/inspector/agents/InspectorDOMAgent.cpp:
* Source/WebCore/inspector/agents/InspectorNetworkAgent.cpp:
* Source/WebCore/inspector/agents/WebHeapAgent.cpp:
* Source/WebCore/layout/layouttree/LayoutBox.cpp:
* Source/WebCore/loader/EmptyClients.cpp:
* Source/WebCore/page/ElementTargetingController.cpp:
* Source/WebCore/page/writing-tools/WritingToolsController.mm:
* Source/WebCore/platform/OrientationNotifier.h:
* Source/WebCore/platform/PODRedBlackTree.h:
* Source/WebCore/platform/PlatformTZoneImpls.cpp: Renamed from Source/WebCore/bridge/Bridge.h.
* Source/WebCore/platform/ScrollView.cpp:
* Source/WebCore/platform/audio/AudioArray.h:
* Source/WebCore/platform/audio/cocoa/AudioDecoderCocoa.cpp:
* Source/WebCore/platform/audio/cocoa/AudioFileReaderCocoa.cpp:
* Source/WebCore/platform/graphics/FloatPolygon.cpp:
* Source/WebCore/platform/graphics/FloatRoundedRect.cpp:
* Source/WebCore/platform/graphics/GlyphMetricsMap.h:
* Source/WebCore/platform/graphics/GraphicsTZoneImpls.cpp: Renamed from Source/JavaScriptCore/b3/air/AirTZoneImpls.cpp.
* Source/WebCore/platform/graphics/Region.cpp:
* Source/WebCore/platform/graphics/TiledBacking.h:
* Source/WebCore/platform/graphics/cocoa/SourceBufferParserWebM.cpp:
* Source/WebCore/platform/graphics/gstreamer/mse/AppendPipeline.cpp:
* Source/WebCore/platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
* Source/WebCore/platform/gstreamer/GStreamerElementHarness.cpp:
* Source/WebCore/platform/mediastream/cocoa/DisplayCaptureSourceCocoa.cpp:
* Source/WebCore/platform/mediastream/libwebrtc/LibWebRTCLogSink.h:
* Source/WebCore/rendering/FloatingObjects.cpp:
* Source/WebCore/rendering/RenderFragmentedFlow.cpp:
* Source/WebCore/rendering/RenderObject.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderBlock.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderBlockFlow.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderContinuation.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderFirstLetter.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderFormControls.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderInline.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderList.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderMathML.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderMultiColumn.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderRuby.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderSVG.cpp:
* Source/WebCore/rendering/updating/RenderTreeBuilderTable.cpp:
* Source/WebCore/rendering/updating/RenderTreeUpdaterGeneratedContent.cpp:
* Source/WebCore/rendering/updating/RenderTreeUpdaterViewTransition.cpp:
* Source/WebCore/svg/SVGElementRareData.h:
* Source/WebCore/svg/SVGPathBlender.cpp:
* Source/WebCore/svg/SVGPathBlender.h:
* Source/WebCore/svg/SVGPathByteStream.h:
* Source/WebCore/svg/SVGPathConsumer.h:
* Source/WebCore/svg/SVGPathSource.h:
* Source/WebCore/svg/SVGTZoneImpls.cpp: Added.
* Source/WebCore/svg/SVGURIReference.h:
* Source/WebCore/svg/graphics/SVGImageClients.h:
* Source/WebCore/svg/properties/SVGAnimatedPropertyAnimator.h:
* Source/WebCore/svg/properties/SVGAnimatedPropertyAnimatorImpl.h:
* Source/WebCore/svg/properties/SVGAnimatedPropertyPairAnimator.h:
* Source/WebCore/svg/properties/SVGAnimatedPropertyPairAnimatorImpl.h:
* Source/WebCore/svg/properties/SVGDecoratedPrimitive.h:
* Source/WebCore/svg/properties/SVGDecoratedProperty.h:
* Source/WebCore/svg/properties/SVGMemberAccessor.h:
* Source/WebCore/svg/properties/SVGPrimitivePropertyAnimator.h:
* Source/WebCore/svg/properties/SVGPropertyAnimator.h:
* Source/WebCore/svg/properties/SVGPropertyAnimatorFactory.h:
* Source/WebCore/svg/properties/SVGPropertyOwnerRegistry.h:
* Source/WebCore/svg/properties/SVGValuePropertyAnimator.h:
* Source/WebCore/svg/properties/SVGValuePropertyAnimatorImpl.h:
* Source/WebCore/svg/properties/SVGValuePropertyListAnimator.h:
* Source/WebCore/workers/WorkerRunLoop.cpp:
* Source/WebCore/workers/service/background-fetch/BackgroundFetch.cpp:
* Source/WebCore/workers/service/context/SWContextManager.cpp:
* Source/WebCore/workers/service/server/SWServer.cpp:
* Source/WebCore/workers/shared/context/SharedWorkerContextManager.cpp:
* Source/WebCore/xml/XPathStep.cpp:
* Source/WebGPU/WGSL/WGSLShaderModule.cpp:
* Source/WebGPU/WGSL/WGSLShaderModule.h:
* Source/WebKit/GPUProcess/media/RemoteMediaRecorderPrivateWriterManager.cpp:
* Source/WebKit/NetworkProcess/NetworkLoadScheduler.cpp:
* Source/WebKit/NetworkProcess/NetworkSession.cpp:
* Source/WebKit/NetworkProcess/cache/NetworkCache.cpp:
* Source/WebKit/NetworkProcess/cache/NetworkCacheSpeculativeLoadManager.cpp:
* Source/WebKit/NetworkProcess/cache/NetworkCacheStorage.cpp:
* Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm:
* Source/WebKit/NetworkProcess/storage/OriginStorageManager.cpp:
* Source/WebKit/Shared/API/Cocoa/RemoteObjectInvocation.mm:
* Source/WebKit/UIProcess/API/APIUIClient.cpp:
* Source/WebKit/UIProcess/API/APIUIClient.h:
* Source/WebKit/UIProcess/Cocoa/IconLoadingDelegate.mm:
* Source/WebKit/UIProcess/Cocoa/NavigationState.mm:
* Source/WebKit/UIProcess/Cocoa/ResourceLoadDelegate.mm:
* Source/WebKit/UIProcess/Cocoa/UIDelegate.mm:
* Source/WebKit/UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.cpp:
* Source/WebKit/UIProcess/DisplayLink.cpp:
* Source/WebKit/UIProcess/Inspector/Cocoa/InspectorExtensionDelegate.mm:
* Source/WebKit/UIProcess/ProcessThrottler.cpp:
* Source/WebKit/UIProcess/WebProcessCache.cpp:
* Source/WebKit/UIProcess/ios/WKTextInteractionWrapper.mm:
* Source/WebKit/WebProcess/EntryPoint/Cocoa/XPCService/WebContentServiceEntryPoint.mm:
(WEBCONTENT_SERVICE_INITIALIZER):
* Source/WebKit/WebProcess/GPU/media/RemoteAudioSourceProviderManager.cpp:
* Source/WebKit/WebProcess/GPU/media/RemoteMediaRecorderPrivateWriter.cpp:
* Source/WebKit/WebProcess/GPU/webrtc/LibWebRTCCodecs.cpp:
* Source/WebKit/WebProcess/Storage/WebServiceWorkerFetchTaskClient.cpp:
* Source/WebKit/WebProcess/WebPage/dmabuf/AcceleratedSurfaceDMABuf.cpp:
* Source/WebKit/WebProcess/WebPage/wc/WCTileGrid.cpp:
* Source/WebKit/WebProcess/cocoa/RemoteCaptureSampleManager.cpp:
* Source/WebKitLegacy/WebCoreSupport/WebResourceLoadScheduler.cpp:
* Source/bmalloc/CMakeLists.txt:
* Source/bmalloc/bmalloc.xcodeproj/project.pbxproj:
* Source/bmalloc/bmalloc/BCompiler.h:
* Source/bmalloc/bmalloc/IsoHeap.h:
* Source/bmalloc/bmalloc/IsoHeapInlines.h:
* Source/bmalloc/bmalloc/SegmentedVector.h: Added.
(bmalloc::SegmentedVectorIterator::~SegmentedVectorIterator):
(bmalloc::SegmentedVectorIterator::operator* const):
(bmalloc::SegmentedVectorIterator::operator-> const):
(bmalloc::SegmentedVectorIterator::operator++):
(bmalloc::SegmentedVectorIterator::operator== const):
(bmalloc::SegmentedVectorIterator::operator=):
(bmalloc::SegmentedVectorIterator::SegmentedVectorIterator):
* Source/bmalloc/bmalloc/TZoneHeap.cpp:
(bmalloc::api::tzoneHeapFor):
(bmalloc::api::tzoneAllocateNonCompactWithFastFallback):
(bmalloc::api::tzoneAllocateCompactWithFastFallback):
(bmalloc::api::tzoneAllocateNonCompactWithIsoFallback):
(bmalloc::api::tzoneAllocateCompactWithIsoFallback):
(bmalloc::api::tzoneFreeWithFastFallback):
(bmalloc::api::tzoneFreeWithIsoFallback):
(bmalloc::api::tzoneAllocate): Deleted.
(bmalloc::api::tzoneTryAllocate): Deleted.
(bmalloc::api::tzoneAllocateCompact): Deleted.
(bmalloc::api::tzoneTryAllocateCompact): Deleted.
(bmalloc::api::tzoneDeallocate): Deleted.
* Source/bmalloc/bmalloc/TZoneHeap.h:
(bmalloc::api::roundUpToMulipleOf8): Deleted.
(bmalloc::api::TZoneHeapBase::TZoneHeapBase): Deleted.
(bmalloc::api::TZoneHeapBase::scavenge): Deleted.
(bmalloc::api::TZoneHeapBase::initialize): Deleted.
(bmalloc::api::TZoneHeapBase::isInitialized): Deleted.
(bmalloc::api::TZoneHeapBase::provideHeap): Deleted.
(bmalloc::api::TZoneHeap::TZoneHeap): Deleted.
(bmalloc::api::TZoneHeap::allocate): Deleted.
(bmalloc::api::TZoneHeap::tryAllocate): Deleted.
(bmalloc::api::TZoneHeap::deallocate): Deleted.
(bmalloc::api::CompactTZoneHeap::CompactTZoneHeap): Deleted.
(bmalloc::api::CompactTZoneHeap::allocate): Deleted.
(bmalloc::api::CompactTZoneHeap::tryAllocate): Deleted.
(bmalloc::api::CompactTZoneHeap::deallocate): Deleted.
(bmalloc::api::TZoneHeapBase::TZoneHeap): Deleted.
(bmalloc::api::TZoneHeapBase::allocatorOffset): Deleted.
(bmalloc::api::TZoneHeapBase::setAllocatorOffset): Deleted.
(bmalloc::api::TZoneHeapBase::deallocatorOffset): Deleted.
(bmalloc::api::TZoneHeapBase::setDeallocatorOffset): Deleted.
(): Deleted.
* Source/bmalloc/bmalloc/TZoneHeapInlines.h:
(bmalloc::api::TZoneHeapBase<Type>::TZoneHeapBase): Deleted.
(bmalloc::api::TZoneHeapBase<Type>::allocate): Deleted.
(bmalloc::api::TZoneHeapBase<Type>::tryAllocate): Deleted.
(bmalloc::api::TZoneHeapBase<Type>::deallocate): Deleted.
(bmalloc::api::TZoneHeapBase<Type>::scavenge): Deleted.
(bmalloc::api::TZoneHeapBase<Type>::isInitialized): Deleted.
(bmalloc::api::TZoneHeapBase<Type>::initialize): Deleted.
(bmalloc::api::TZoneHeapBase<Type>::impl): Deleted.
* Source/bmalloc/bmalloc/TZoneHeapManager.cpp:
(bmalloc::api::TZoneHeapManager::setHasDisableTZoneEntitlementCallback):
(bmalloc::api::TZoneHeapManager::TZoneHeapManager):
(bmalloc::api::TZoneHeapManager::determineFallbackState):
(bmalloc::api::TZoneHeapManager::setBucketParams):
(bmalloc::api::TZoneHeapManager::init):
(bmalloc::api::TZoneHeapManager::isReady):
(bmalloc::api::TZoneHeapManager::dumpRegisteredTypes):
(bmalloc::api::TZoneHeapManager::ensureSingleton):
(bmalloc::api::TZoneHeapManager::populateBucketsForSizeClass):
(bmalloc::api::TZoneHeapManager::heapRefForIsoFallback):
(bmalloc::api::TZoneHeapManager::heapRefForTZoneType):
(bmalloc::api::TZoneHeapManager::TZoneHeapManager::heapRefForTZoneTypeDifferentSize):
(bmalloc::api::TZoneHeapManager::initTypenameTemplate): Deleted.
* Source/bmalloc/bmalloc/TZoneHeapManager.h:
(bmalloc::api::TZoneHeapManager::singleton):
(bmalloc::api::TZoneHeapManager::TZoneHeapManager): Deleted.
(bmalloc::api::TZoneHeapManager::initWithBucketSettings): Deleted.
* Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
Canonical link: https://commits.webkit.org/288407@main
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list