For large (but not direct mapped) allocations, track the real allocation size.

Source/wtf/PartitionAlloc.cpp

 /*
  * Copyright (C) 2013 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  *     * Redistributions in binary form must reproduce the above
@@ skipping 472 matching lines @@
 
     uint16_t numPartitionPages = partitionBucketPartitionPages(bucket);
     char* pageCharPtr = reinterpret_cast<char*>(page);
     for (uint16_t i = 1; i < numPartitionPages; ++i) {
         pageCharPtr += kPageMetadataSize;
         PartitionPage* secondaryPage = reinterpret_cast<PartitionPage*>(pageCharPtr);
         secondaryPage->pageOffset = i;
     }
 }
 
+static ALWAYS_INLINE size_t partitionRoundUpToSystemPage(size_t size)
+{
+    return (size + kSystemPageOffsetMask) & kSystemPageBaseMask;
+}
+
 static ALWAYS_INLINE char* partitionPageAllocAndFillFreelist(PartitionPage* page)
 {
     ASSERT(page != &PartitionRootGeneric::gSeedPage);
     uint16_t numSlots = page->numUnprovisionedSlots;
     ASSERT(numSlots);
     PartitionBucket* bucket = page->bucket;
     // We should only get here when _every_ slot is either used or unprovisioned.
     // (The third state is "on the freelist". If we have a non-empty freelist, we should not get here.)
     ASSERT(numSlots + page->numAllocatedSlots == partitionBucketSlots(bucket));
     // Similarly, make explicitly sure that the freelist is empty.
     ASSERT(!page->freelistHead);
     ASSERT(page->numAllocatedSlots >= 0);
 
     size_t size = bucket->slotSize;
     char* base = reinterpret_cast<char*>(partitionPageToPointer(page));
     char* returnObject = base + (size * page->numAllocatedSlots);
     char* firstFreelistPointer = returnObject + size;
     char* firstFreelistPointerExtent = firstFreelistPointer + sizeof(PartitionFreelistEntry*);
     // Our goal is to fault as few system pages as possible. We calculate the
     // page containing the "end" of the returned slot, and then allow freelist
     // pointers to be written up to the end of that page.
-    char* subPageLimit = reinterpret_cast<char*>((reinterpret_cast<uintptr_t>(firstFreelistPointer) + kSystemPageOffsetMask) & kSystemPageBaseMask);
+    char* subPageLimit = reinterpret_cast<char*>(partitionRoundUpToSystemPage(reinterpret_cast<size_t>(firstFreelistPointer)));
     char* slotsLimit = returnObject + (size * numSlots);
     char* freelistLimit = subPageLimit;
     if (UNLIKELY(slotsLimit < freelistLimit))
         freelistLimit = slotsLimit;
 
     uint16_t numNewFreelistEntries = 0;
     if (LIKELY(firstFreelistPointerExtent <= freelistLimit)) {
         // Only consider used space in the slot span. If we consider wasted
         // space, we may get an off-by-one when a freelist pointer fits in the
         // wasted space, but a slot does not.
@@ skipping 196 matching lines @@
     ASSERT(!(unmapSize & kPageAllocationGranularityOffsetMask));
 
     char* ptr = reinterpret_cast<char*>(partitionPageToPointer(page));
     // Account for the mapping starting a partition page before the actual
     // allocation address.
     ptr -= kPartitionPageSize;
 
     freePages(ptr, unmapSize);
 }
 
+static ALWAYS_INLINE size_t* partitionPageGetRawSizePtr(PartitionPage* page)
+{
+    // For single-slot buckets which span more than one partition page, we
+    // have some spare metadata space to store the raw allocation size. We
+    // can use this to report better statistics.
+    PartitionBucket* bucket = page->bucket;
+    if (bucket->slotSize <= kMaxSystemPagesPerSlotSpan * kSystemPageSize)
+        return nullptr;
+
+    ASSERT(partitionBucketSlots(bucket) == 1);
+    page++;
+    return reinterpret_cast<size_t*>(&page->freelistHead);
+}
+
 void* partitionAllocSlowPath(PartitionRootBase* root, int flags, size_t size, PartitionBucket* bucket)
 {
     // The slow path is called when the freelist is empty.
     ASSERT(!bucket->activePagesHead->freelistHead);
 
+    void* ret = nullptr;
     PartitionPage* newPage = nullptr;
+    size_t* rawSizePtr;
 
     // For the partitionAllocGeneric API, we have a bunch of buckets marked
     // as special cases. We bounce them through to the slow path so that we
     // can still have a blazing fast hot path due to lack of corner-case
     // branches.
     bool returnNull = flags & PartitionAllocReturnNull;
     if (UNLIKELY(partitionBucketIsDirectMapped(bucket))) {
         ASSERT(size > kGenericMaxBucketed);
         ASSERT(bucket == &PartitionRootBase::gPagedBucket);
         if (size > kGenericMaxDirectMapped) {
             if (returnNull)
                 return 0;
             partitionExcessiveAllocationSize();
         }
-        void* ptr = partitionDirectMap(root, flags, size);
-        if (ptr)
-            return ptr;
+        ret = partitionDirectMap(root, flags, size);
+        if (ret)
+            return ret;
         goto partitionAllocSlowPathFailed;
     }
 
-    // First, look for a usable page in the existing active pages list.
-    // Change active page, accepting the current page as a candidate.
     if (LIKELY(partitionSetNewActivePage(bucket->activePagesHead))) {
+        // First, look for a usable page in the existing active pages list.
+        // Change active page, accepting the current page as a candidate.
         newPage = bucket->activePagesHead;
         if (LIKELY(newPage->freelistHead != 0)) {
-            PartitionFreelistEntry* ret = newPage->freelistHead;
-            newPage->freelistHead = partitionFreelistMask(ret->next);
+            PartitionFreelistEntry* entry = newPage->freelistHead;
+            newPage->freelistHead = partitionFreelistMask(entry->next);
             newPage->numAllocatedSlots++;
-            return ret;
+            ret = entry;
         }
-        ASSERT(newPage->numUnprovisionedSlots);
-        return partitionPageAllocAndFillFreelist(newPage);
-    }
-
-    // Second, look in our list of freed but reserved pages.
-    newPage = bucket->emptyPagesHead;
-    if (LIKELY(newPage != 0)) {
+    } else if (LIKELY(bucket->emptyPagesHead != nullptr)) {
+        // Second, look in our list of freed but reserved pages.
+        newPage = bucket->emptyPagesHead;
         bucket->emptyPagesHead = newPage->nextPage;
         void* addr = partitionPageToPointer(newPage);
         partitionRecommitSystemPages(root, addr, partitionBucketBytes(newPage->bucket));
         partitionPageReset(newPage, bucket);
     } else {
         // Third. If we get here, we need a brand new page.
         uint16_t numPartitionPages = partitionBucketPartitionPages(bucket);
         void* rawNewPage = partitionAllocPartitionPages(root, flags, numPartitionPages);
         if (UNLIKELY(!rawNewPage))
             goto partitionAllocSlowPathFailed;
         // Skip the alignment check because it depends on page->bucket, which is not yet set.
         newPage = partitionPointerToPageNoAlignmentCheck(rawNewPage);
         partitionPageSetup(newPage, bucket);
     }
 
     bucket->activePagesHead = newPage;
+
+    rawSizePtr = partitionPageGetRawSizePtr(newPage);
+    if (UNLIKELY(rawSizePtr != nullptr))

[haraken, 2015/06/06 15:07:54]

Given that this is a alow path, we might want to drop the UNLIKELY (unless it
really matters for performance).

+        *rawSizePtr = size;
+
+    if (LIKELY(ret != nullptr))

[haraken, 2015/06/06 15:07:53]

This looks a bit weird. Maybe we can create a helper function like
partitionPageSetRawSize() and call it at line 786 and line 808. Then we can just
return immediately after line 786.

+        return ret;
     return partitionPageAllocAndFillFreelist(newPage);
 
 partitionAllocSlowPathFailed:
     if (returnNull) {
         // If we get here, we will set the active page to null, which is an
         // invalid state. To support continued use of this bucket, we need to
         // restore a valid state, by setting the active page to the seed page.
         bucket->activePagesHead = &PartitionRootGeneric::gSeedPage;
         return nullptr;
     }
@@ skipping 238 matching lines @@
 }
 
 static void partitionDumpPageStats(PartitionBucketMemoryStats* statsOut, const PartitionPage* page)
 {
     uint16_t bucketNumSlots = partitionBucketSlots(page->bucket);
 
     if (!page->freelistHead && page->numAllocatedSlots == 0) {
         ASSERT(!page->numUnprovisionedSlots);
         ++statsOut->numDecommittedPages;
     } else {
-        statsOut->activeBytes += (page->numAllocatedSlots * statsOut->bucketSlotSize);
+        size_t* rawSizePtr = partitionPageGetRawSizePtr(const_cast<PartitionPage*>(page));
+        if (rawSizePtr)
+            statsOut->activeBytes += static_cast<uint32_t>(partitionRoundUpToSystemPage(*rawSizePtr));

[haraken, 2015/06/06 15:07:54]

Help me understand: Why is this more accurate than "page->numAllocatedSlots *
statsOut->bucketSlotSize"? For activeBytes, we want to report the size that is
actually used by objects. Then shouldn't we just report "page->numAllocatedSlots
* statsOut->bucketSlotSize" for >64 KB slots as well?

+        else
+            statsOut->activeBytes += (page->numAllocatedSlots * statsOut->bucketSlotSize);
         size_t pageBytesResident = (bucketNumSlots - page->numUnprovisionedSlots) * statsOut->bucketSlotSize;
         // Round up to system page size.
-        size_t pageBytesResidentRounded = (pageBytesResident + kSystemPageOffsetMask) & kSystemPageBaseMask;
+        size_t pageBytesResidentRounded = partitionRoundUpToSystemPage(pageBytesResident);
         statsOut->residentBytes += pageBytesResidentRounded;
         if (!page->numAllocatedSlots) {
             statsOut->freeableBytes += pageBytesResidentRounded;
             ++statsOut->numEmptyPages;
         } else if (page->numAllocatedSlots == bucketNumSlots) {
             ++statsOut->numFullPages;
         } else {
             ++statsOut->numActivePages;
         }
     }
@@ skipping 103 matching lines @@
     // partitionsDumpBucketStats is called after collecting stats because it
     // can use PartitionAlloc to allocate and this can affect the statistics.
     for (size_t i = 0; i < partitionNumBuckets; ++i) {
         if (memoryStats[i].isValid)
             partitionStatsDumper->partitionsDumpBucketStats(partitionName, &memoryStats[i]);
     }
 }
 
 } // namespace WTF