| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2013 Google Inc. All rights reserved. | 2 * Copyright (C) 2013 Google Inc. All rights reserved. |
| 3 * | 3 * |
| 4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
| 5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
| 6 * met: | 6 * met: |
| 7 * | 7 * |
| 8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
| (...skipping 108 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 119 ASSERT(!m_firstUnsweptPage); | 119 ASSERT(!m_firstUnsweptPage); |
| 120 } | 120 } |
| 121 | 121 |
| 122 void BaseArena::cleanupPages() | 122 void BaseArena::cleanupPages() |
| 123 { | 123 { |
| 124 clearFreeLists(); | 124 clearFreeLists(); |
| 125 | 125 |
| 126 ASSERT(!m_firstUnsweptPage); | 126 ASSERT(!m_firstUnsweptPage); |
| 127 // Add the BaseArena's pages to the orphanedPagePool. | 127 // Add the BaseArena's pages to the orphanedPagePool. |
| 128 for (BasePage* page = m_firstPage; page; page = page->next()) { | 128 for (BasePage* page = m_firstPage; page; page = page->next()) { |
| 129 ThreadHeap::heapStats().decreaseAllocatedSpace(page->size()); | 129 getThreadState()->heap().heapStats().decreaseAllocatedSpace(page->size()
); |
| 130 ThreadHeap::getOrphanedPagePool()->addOrphanedPage(arenaIndex(), page); | 130 getThreadState()->heap().getOrphanedPagePool()->addOrphanedPage(arenaInd
ex(), page); |
| 131 } | 131 } |
| 132 m_firstPage = nullptr; | 132 m_firstPage = nullptr; |
| 133 } | 133 } |
| 134 | 134 |
| 135 void BaseArena::takeSnapshot(const String& dumpBaseName, ThreadState::GCSnapshot
Info& info) | 135 void BaseArena::takeSnapshot(const String& dumpBaseName, ThreadState::GCSnapshot
Info& info) |
| 136 { | 136 { |
| 137 // |dumpBaseName| at this point is "blink_gc/thread_X/heaps/HeapName" | 137 // |dumpBaseName| at this point is "blink_gc/thread_X/heaps/HeapName" |
| 138 WebMemoryAllocatorDump* allocatorDump = BlinkGCMemoryDumpProvider::instance(
)->createMemoryAllocatorDumpForCurrentGC(dumpBaseName); | 138 WebMemoryAllocatorDump* allocatorDump = BlinkGCMemoryDumpProvider::instance(
)->createMemoryAllocatorDumpForCurrentGC(dumpBaseName); |
| 139 size_t pageCount = 0; | 139 size_t pageCount = 0; |
| 140 BasePage::HeapSnapshotInfo heapInfo; | 140 BasePage::HeapSnapshotInfo heapInfo; |
| (...skipping 250 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 391 if (m_freeList.takeSnapshot(dumpName)) { | 391 if (m_freeList.takeSnapshot(dumpName)) { |
| 392 WebMemoryAllocatorDump* bucketsDump = BlinkGCMemoryDumpProvider::instanc
e()->createMemoryAllocatorDumpForCurrentGC(dumpName + "/buckets"); | 392 WebMemoryAllocatorDump* bucketsDump = BlinkGCMemoryDumpProvider::instanc
e()->createMemoryAllocatorDumpForCurrentGC(dumpName + "/buckets"); |
| 393 WebMemoryAllocatorDump* pagesDump = BlinkGCMemoryDumpProvider::instance(
)->createMemoryAllocatorDumpForCurrentGC(dumpName + "/pages"); | 393 WebMemoryAllocatorDump* pagesDump = BlinkGCMemoryDumpProvider::instance(
)->createMemoryAllocatorDumpForCurrentGC(dumpName + "/pages"); |
| 394 BlinkGCMemoryDumpProvider::instance()->currentProcessMemoryDump()->addOw
nershipEdge(pagesDump->guid(), bucketsDump->guid()); | 394 BlinkGCMemoryDumpProvider::instance()->currentProcessMemoryDump()->addOw
nershipEdge(pagesDump->guid(), bucketsDump->guid()); |
| 395 } | 395 } |
| 396 } | 396 } |
| 397 | 397 |
| 398 void NormalPageArena::allocatePage() | 398 void NormalPageArena::allocatePage() |
| 399 { | 399 { |
| 400 getThreadState()->shouldFlushHeapDoesNotContainCache(); | 400 getThreadState()->shouldFlushHeapDoesNotContainCache(); |
| 401 PageMemory* pageMemory = ThreadHeap::getFreePagePool()->takeFreePage(arenaIn
dex()); | 401 PageMemory* pageMemory = getThreadState()->heap().getFreePagePool()->takeFre
ePage(arenaIndex()); |
| 402 | 402 |
| 403 if (!pageMemory) { | 403 if (!pageMemory) { |
| 404 // Allocate a memory region for blinkPagesPerRegion pages that | 404 // Allocate a memory region for blinkPagesPerRegion pages that |
| 405 // will each have the following layout. | 405 // will each have the following layout. |
| 406 // | 406 // |
| 407 // [ guard os page | ... payload ... | guard os page ] | 407 // [ guard os page | ... payload ... | guard os page ] |
| 408 // ^---{ aligned to blink page size } | 408 // ^---{ aligned to blink page size } |
| 409 PageMemoryRegion* region = PageMemoryRegion::allocateNormalPages(ThreadH
eap::getRegionTree()); | 409 PageMemoryRegion* region = PageMemoryRegion::allocateNormalPages(getThre
adState()->heap().getRegionTree()); |
| 410 | 410 |
| 411 // Setup the PageMemory object for each of the pages in the region. | 411 // Setup the PageMemory object for each of the pages in the region. |
| 412 for (size_t i = 0; i < blinkPagesPerRegion; ++i) { | 412 for (size_t i = 0; i < blinkPagesPerRegion; ++i) { |
| 413 PageMemory* memory = PageMemory::setupPageMemoryInRegion(region, i *
blinkPageSize, blinkPagePayloadSize()); | 413 PageMemory* memory = PageMemory::setupPageMemoryInRegion(region, i *
blinkPageSize, blinkPagePayloadSize()); |
| 414 // Take the first possible page ensuring that this thread actually | 414 // Take the first possible page ensuring that this thread actually |
| 415 // gets a page and add the rest to the page pool. | 415 // gets a page and add the rest to the page pool. |
| 416 if (!pageMemory) { | 416 if (!pageMemory) { |
| 417 bool result = memory->commit(); | 417 bool result = memory->commit(); |
| 418 // If you hit the ASSERT, it will mean that you're hitting | 418 // If you hit the ASSERT, it will mean that you're hitting |
| 419 // the limit of the number of mmapped regions OS can support | 419 // the limit of the number of mmapped regions OS can support |
| 420 // (e.g., /proc/sys/vm/max_map_count in Linux). | 420 // (e.g., /proc/sys/vm/max_map_count in Linux). |
| 421 RELEASE_ASSERT(result); | 421 RELEASE_ASSERT(result); |
| 422 pageMemory = memory; | 422 pageMemory = memory; |
| 423 } else { | 423 } else { |
| 424 ThreadHeap::getFreePagePool()->addFreePage(arenaIndex(), memory)
; | 424 getThreadState()->heap().getFreePagePool()->addFreePage(arenaInd
ex(), memory); |
| 425 } | 425 } |
| 426 } | 426 } |
| 427 } | 427 } |
| 428 | 428 |
| 429 NormalPage* page = new (pageMemory->writableStart()) NormalPage(pageMemory,
this); | 429 NormalPage* page = new (pageMemory->writableStart()) NormalPage(pageMemory,
this); |
| 430 page->link(&m_firstPage); | 430 page->link(&m_firstPage); |
| 431 | 431 |
| 432 ThreadHeap::heapStats().increaseAllocatedSpace(page->size()); | 432 getThreadState()->heap().heapStats().increaseAllocatedSpace(page->size()); |
| 433 #if ENABLE(ASSERT) || defined(LEAK_SANITIZER) || defined(ADDRESS_SANITIZER) | 433 #if ENABLE(ASSERT) || defined(LEAK_SANITIZER) || defined(ADDRESS_SANITIZER) |
| 434 // Allow the following addToFreeList() to add the newly allocated memory | 434 // Allow the following addToFreeList() to add the newly allocated memory |
| 435 // to the free list. | 435 // to the free list. |
| 436 ASAN_UNPOISON_MEMORY_REGION(page->payload(), page->payloadSize()); | 436 ASAN_UNPOISON_MEMORY_REGION(page->payload(), page->payloadSize()); |
| 437 Address address = page->payload(); | 437 Address address = page->payload(); |
| 438 for (size_t i = 0; i < page->payloadSize(); i++) | 438 for (size_t i = 0; i < page->payloadSize(); i++) |
| 439 address[i] = reuseAllowedZapValue; | 439 address[i] = reuseAllowedZapValue; |
| 440 ASAN_POISON_MEMORY_REGION(page->payload(), page->payloadSize()); | 440 ASAN_POISON_MEMORY_REGION(page->payload(), page->payloadSize()); |
| 441 #endif | 441 #endif |
| 442 addToFreeList(page->payload(), page->payloadSize()); | 442 addToFreeList(page->payload(), page->payloadSize()); |
| 443 } | 443 } |
| 444 | 444 |
| 445 void NormalPageArena::freePage(NormalPage* page) | 445 void NormalPageArena::freePage(NormalPage* page) |
| 446 { | 446 { |
| 447 ThreadHeap::heapStats().decreaseAllocatedSpace(page->size()); | 447 getThreadState()->heap().heapStats().decreaseAllocatedSpace(page->size()); |
| 448 | 448 |
| 449 if (page->terminating()) { | 449 if (page->terminating()) { |
| 450 // The thread is shutting down and this page is being removed as a part | 450 // The thread is shutting down and this page is being removed as a part |
| 451 // of the thread local GC. In that case the object could be traced in | 451 // of the thread local GC. In that case the object could be traced in |
| 452 // the next global GC if there is a dangling pointer from a live thread | 452 // the next global GC if there is a dangling pointer from a live thread |
| 453 // heap to this dead thread heap. To guard against this, we put the | 453 // heap to this dead thread heap. To guard against this, we put the |
| 454 // page into the orphaned page pool and zap the page memory. This | 454 // page into the orphaned page pool and zap the page memory. This |
| 455 // ensures that tracing the dangling pointer in the next global GC just | 455 // ensures that tracing the dangling pointer in the next global GC just |
| 456 // crashes instead of causing use-after-frees. After the next global | 456 // crashes instead of causing use-after-frees. After the next global |
| 457 // GC, the orphaned pages are removed. | 457 // GC, the orphaned pages are removed. |
| 458 ThreadHeap::getOrphanedPagePool()->addOrphanedPage(arenaIndex(), page); | 458 getThreadState()->heap().getOrphanedPagePool()->addOrphanedPage(arenaInd
ex(), page); |
| 459 } else { | 459 } else { |
| 460 PageMemory* memory = page->storage(); | 460 PageMemory* memory = page->storage(); |
| 461 page->~NormalPage(); | 461 page->~NormalPage(); |
| 462 ThreadHeap::getFreePagePool()->addFreePage(arenaIndex(), memory); | 462 getThreadState()->heap().getFreePagePool()->addFreePage(arenaIndex(), me
mory); |
| 463 } | 463 } |
| 464 } | 464 } |
| 465 | 465 |
| 466 bool NormalPageArena::coalesce() | 466 bool NormalPageArena::coalesce() |
| 467 { | 467 { |
| 468 // Don't coalesce arenas if there are not enough promptly freed entries | 468 // Don't coalesce arenas if there are not enough promptly freed entries |
| 469 // to be coalesced. | 469 // to be coalesced. |
| 470 // | 470 // |
| 471 // FIXME: This threshold is determined just to optimize blink_perf | 471 // FIXME: This threshold is determined just to optimize blink_perf |
| 472 // benchmarks. Coalescing is very sensitive to the threashold and | 472 // benchmarks. Coalescing is very sensitive to the threashold and |
| (...skipping 316 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 789 Address LargeObjectArena::doAllocateLargeObjectPage(size_t allocationSize, size_
t gcInfoIndex) | 789 Address LargeObjectArena::doAllocateLargeObjectPage(size_t allocationSize, size_
t gcInfoIndex) |
| 790 { | 790 { |
| 791 size_t largeObjectSize = LargeObjectPage::pageHeaderSize() + allocationSize; | 791 size_t largeObjectSize = LargeObjectPage::pageHeaderSize() + allocationSize; |
| 792 // If ASan is supported we add allocationGranularity bytes to the allocated | 792 // If ASan is supported we add allocationGranularity bytes to the allocated |
| 793 // space and poison that to detect overflows | 793 // space and poison that to detect overflows |
| 794 #if defined(ADDRESS_SANITIZER) | 794 #if defined(ADDRESS_SANITIZER) |
| 795 largeObjectSize += allocationGranularity; | 795 largeObjectSize += allocationGranularity; |
| 796 #endif | 796 #endif |
| 797 | 797 |
| 798 getThreadState()->shouldFlushHeapDoesNotContainCache(); | 798 getThreadState()->shouldFlushHeapDoesNotContainCache(); |
| 799 PageMemory* pageMemory = PageMemory::allocate(largeObjectSize, ThreadHeap::g
etRegionTree()); | 799 PageMemory* pageMemory = PageMemory::allocate(largeObjectSize, getThreadStat
e()->heap().getRegionTree()); |
| 800 Address largeObjectAddress = pageMemory->writableStart(); | 800 Address largeObjectAddress = pageMemory->writableStart(); |
| 801 Address headerAddress = largeObjectAddress + LargeObjectPage::pageHeaderSize
(); | 801 Address headerAddress = largeObjectAddress + LargeObjectPage::pageHeaderSize
(); |
| 802 #if ENABLE(ASSERT) | 802 #if ENABLE(ASSERT) |
| 803 // Verify that the allocated PageMemory is expectedly zeroed. | 803 // Verify that the allocated PageMemory is expectedly zeroed. |
| 804 for (size_t i = 0; i < largeObjectSize; ++i) | 804 for (size_t i = 0; i < largeObjectSize; ++i) |
| 805 ASSERT(!largeObjectAddress[i]); | 805 ASSERT(!largeObjectAddress[i]); |
| 806 #endif | 806 #endif |
| 807 ASSERT(gcInfoIndex > 0); | 807 ASSERT(gcInfoIndex > 0); |
| 808 HeapObjectHeader* header = new (NotNull, headerAddress) HeapObjectHeader(lar
geObjectSizeInHeader, gcInfoIndex); | 808 HeapObjectHeader* header = new (NotNull, headerAddress) HeapObjectHeader(lar
geObjectSizeInHeader, gcInfoIndex); |
| 809 Address result = headerAddress + sizeof(*header); | 809 Address result = headerAddress + sizeof(*header); |
| 810 ASSERT(!(reinterpret_cast<uintptr_t>(result) & allocationMask)); | 810 ASSERT(!(reinterpret_cast<uintptr_t>(result) & allocationMask)); |
| 811 LargeObjectPage* largeObject = new (largeObjectAddress) LargeObjectPage(page
Memory, this, allocationSize); | 811 LargeObjectPage* largeObject = new (largeObjectAddress) LargeObjectPage(page
Memory, this, allocationSize); |
| 812 ASSERT(header->checkHeader()); | 812 ASSERT(header->checkHeader()); |
| 813 | 813 |
| 814 // Poison the object header and allocationGranularity bytes after the object | 814 // Poison the object header and allocationGranularity bytes after the object |
| 815 ASAN_POISON_MEMORY_REGION(header, sizeof(*header)); | 815 ASAN_POISON_MEMORY_REGION(header, sizeof(*header)); |
| 816 ASAN_POISON_MEMORY_REGION(largeObject->getAddress() + largeObject->size(), a
llocationGranularity); | 816 ASAN_POISON_MEMORY_REGION(largeObject->getAddress() + largeObject->size(), a
llocationGranularity); |
| 817 | 817 |
| 818 largeObject->link(&m_firstPage); | 818 largeObject->link(&m_firstPage); |
| 819 | 819 |
| 820 ThreadHeap::heapStats().increaseAllocatedSpace(largeObject->size()); | 820 getThreadState()->heap().heapStats().increaseAllocatedSpace(largeObject->siz
e()); |
| 821 getThreadState()->increaseAllocatedObjectSize(largeObject->size()); | 821 getThreadState()->increaseAllocatedObjectSize(largeObject->size()); |
| 822 return result; | 822 return result; |
| 823 } | 823 } |
| 824 | 824 |
| 825 void LargeObjectArena::freeLargeObjectPage(LargeObjectPage* object) | 825 void LargeObjectArena::freeLargeObjectPage(LargeObjectPage* object) |
| 826 { | 826 { |
| 827 ASAN_UNPOISON_MEMORY_REGION(object->payload(), object->payloadSize()); | 827 ASAN_UNPOISON_MEMORY_REGION(object->payload(), object->payloadSize()); |
| 828 object->heapObjectHeader()->finalize(object->payload(), object->payloadSize(
)); | 828 object->heapObjectHeader()->finalize(object->payload(), object->payloadSize(
)); |
| 829 ThreadHeap::heapStats().decreaseAllocatedSpace(object->size()); | 829 getThreadState()->heap().heapStats().decreaseAllocatedSpace(object->size()); |
| 830 | 830 |
| 831 // Unpoison the object header and allocationGranularity bytes after the | 831 // Unpoison the object header and allocationGranularity bytes after the |
| 832 // object before freeing. | 832 // object before freeing. |
| 833 ASAN_UNPOISON_MEMORY_REGION(object->heapObjectHeader(), sizeof(HeapObjectHea
der)); | 833 ASAN_UNPOISON_MEMORY_REGION(object->heapObjectHeader(), sizeof(HeapObjectHea
der)); |
| 834 ASAN_UNPOISON_MEMORY_REGION(object->getAddress() + object->size(), allocatio
nGranularity); | 834 ASAN_UNPOISON_MEMORY_REGION(object->getAddress() + object->size(), allocatio
nGranularity); |
| 835 | 835 |
| 836 if (object->terminating()) { | 836 if (object->terminating()) { |
| 837 ASSERT(ThreadState::current()->isTerminating()); | 837 ASSERT(ThreadState::current()->isTerminating()); |
| 838 // The thread is shutting down and this page is being removed as a part | 838 // The thread is shutting down and this page is being removed as a part |
| 839 // of the thread local GC. In that case the object could be traced in | 839 // of the thread local GC. In that case the object could be traced in |
| 840 // the next global GC if there is a dangling pointer from a live thread | 840 // the next global GC if there is a dangling pointer from a live thread |
| 841 // heap to this dead thread heap. To guard against this, we put the | 841 // heap to this dead thread heap. To guard against this, we put the |
| 842 // page into the orphaned page pool and zap the page memory. This | 842 // page into the orphaned page pool and zap the page memory. This |
| 843 // ensures that tracing the dangling pointer in the next global GC just | 843 // ensures that tracing the dangling pointer in the next global GC just |
| 844 // crashes instead of causing use-after-frees. After the next global | 844 // crashes instead of causing use-after-frees. After the next global |
| 845 // GC, the orphaned pages are removed. | 845 // GC, the orphaned pages are removed. |
| 846 ThreadHeap::getOrphanedPagePool()->addOrphanedPage(arenaIndex(), object)
; | 846 getThreadState()->heap().getOrphanedPagePool()->addOrphanedPage(arenaInd
ex(), object); |
| 847 } else { | 847 } else { |
| 848 ASSERT(!ThreadState::current()->isTerminating()); | 848 ASSERT(!ThreadState::current()->isTerminating()); |
| 849 PageMemory* memory = object->storage(); | 849 PageMemory* memory = object->storage(); |
| 850 object->~LargeObjectPage(); | 850 object->~LargeObjectPage(); |
| 851 delete memory; | 851 delete memory; |
| 852 } | 852 } |
| 853 } | 853 } |
| 854 | 854 |
| 855 Address LargeObjectArena::lazySweepPages(size_t allocationSize, size_t gcInfoInd
ex) | 855 Address LargeObjectArena::lazySweepPages(size_t allocationSize, size_t gcInfoInd
ex) |
| 856 { | 856 { |
| (...skipping 704 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1561 | 1561 |
| 1562 m_hasEntries = true; | 1562 m_hasEntries = true; |
| 1563 size_t index = hash(address); | 1563 size_t index = hash(address); |
| 1564 ASSERT(!(index & 1)); | 1564 ASSERT(!(index & 1)); |
| 1565 Address cachePage = roundToBlinkPageStart(address); | 1565 Address cachePage = roundToBlinkPageStart(address); |
| 1566 m_entries[index + 1] = m_entries[index]; | 1566 m_entries[index + 1] = m_entries[index]; |
| 1567 m_entries[index] = cachePage; | 1567 m_entries[index] = cachePage; |
| 1568 } | 1568 } |
| 1569 | 1569 |
| 1570 } // namespace blink | 1570 } // namespace blink |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1892713003:
Prepare for multiple ThreadHeaps (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master