The allocator used to allocate memory for MarkedBlocks and LargeAllocations should...
authorfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 4 Aug 2017 20:50:51 +0000 (20:50 +0000)
committerfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 4 Aug 2017 20:50:51 +0000 (20:50 +0000)
https://bugs.webkit.org/show_bug.cgi?id=175141

Reviewed by Mark Lam.
Source/JavaScriptCore:

To make it easier to have multiple gigacages and maybe even fancier methods of allocating, this
decouples the allocator used to allocate memory from the GC Subspace. This means we no longer have
to create a new Subspace subclass to allocate memory a different way. Instead, the allocator is now
determined by the AlignedMemoryAllocator object.

This also simplifies trading of blocks. Before, Subspaces had to determine if other Subspaces could
trade blocks with them using canTradeBlocksWith(). This makes it difficult for two different
Subspaces that both use the same underlying allocator to realize that they can trade blocks with
each other. Now, you just need to ask the block being stolen and the subspace doing the stealing if
they use the same AlignedMemoryAllocator.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* heap/AlignedMemoryAllocator.cpp: Added.
(JSC::AlignedMemoryAllocator::AlignedMemoryAllocator):
(JSC::AlignedMemoryAllocator::~AlignedMemoryAllocator):
* heap/AlignedMemoryAllocator.h: Added.
* heap/FastMallocAlignedMemoryAllocator.cpp: Added.
(JSC::FastMallocAlignedMemoryAllocator::singleton):
(JSC::FastMallocAlignedMemoryAllocator::FastMallocAlignedMemoryAllocator):
(JSC::FastMallocAlignedMemoryAllocator::~FastMallocAlignedMemoryAllocator):
(JSC::FastMallocAlignedMemoryAllocator::tryAllocateAlignedMemory):
(JSC::FastMallocAlignedMemoryAllocator::freeAlignedMemory):
(JSC::FastMallocAlignedMemoryAllocator::dump const):
* heap/FastMallocAlignedMemoryAllocator.h: Added.
* heap/GigacageAlignedMemoryAllocator.cpp: Added.
(JSC::GigacageAlignedMemoryAllocator::singleton):
(JSC::GigacageAlignedMemoryAllocator::GigacageAlignedMemoryAllocator):
(JSC::GigacageAlignedMemoryAllocator::~GigacageAlignedMemoryAllocator):
(JSC::GigacageAlignedMemoryAllocator::tryAllocateAlignedMemory):
(JSC::GigacageAlignedMemoryAllocator::freeAlignedMemory):
(JSC::GigacageAlignedMemoryAllocator::dump const):
* heap/GigacageAlignedMemoryAllocator.h: Added.
* heap/GigacageSubspace.cpp: Removed.
* heap/GigacageSubspace.h: Removed.
* heap/LargeAllocation.cpp:
(JSC::LargeAllocation::tryCreate):
(JSC::LargeAllocation::destroy):
* heap/MarkedAllocator.cpp:
(JSC::MarkedAllocator::tryAllocateWithoutCollecting):
* heap/MarkedBlock.cpp:
(JSC::MarkedBlock::tryCreate):
(JSC::MarkedBlock::Handle::Handle):
(JSC::MarkedBlock::Handle::~Handle):
(JSC::MarkedBlock::Handle::didAddToAllocator):
(JSC::MarkedBlock::Handle::subspace const):
* heap/MarkedBlock.h:
(JSC::MarkedBlock::Handle::alignedMemoryAllocator const):
(JSC::MarkedBlock::Handle::subspace const): Deleted.
* heap/Subspace.cpp:
(JSC::Subspace::Subspace):
(JSC::Subspace::findEmptyBlockToSteal):
(JSC::Subspace::canTradeBlocksWith): Deleted.
(JSC::Subspace::tryAllocateAlignedMemory): Deleted.
(JSC::Subspace::freeAlignedMemory): Deleted.
* heap/Subspace.h:
(JSC::Subspace::name const):
(JSC::Subspace::alignedMemoryAllocator const):
* runtime/JSDestructibleObjectSubspace.cpp:
(JSC::JSDestructibleObjectSubspace::JSDestructibleObjectSubspace):
* runtime/JSDestructibleObjectSubspace.h:
* runtime/JSSegmentedVariableObjectSubspace.cpp:
(JSC::JSSegmentedVariableObjectSubspace::JSSegmentedVariableObjectSubspace):
* runtime/JSSegmentedVariableObjectSubspace.h:
* runtime/JSStringSubspace.cpp:
(JSC::JSStringSubspace::JSStringSubspace):
* runtime/JSStringSubspace.h:
* runtime/VM.cpp:
(JSC::VM::VM):
* runtime/VM.h:
* wasm/js/JSWebAssemblyCodeBlockSubspace.cpp:
(JSC::JSWebAssemblyCodeBlockSubspace::JSWebAssemblyCodeBlockSubspace):
* wasm/js/JSWebAssemblyCodeBlockSubspace.h:

Source/WebCore:

No new tests because no new behavior.

Just adapting to an API change.

* ForwardingHeaders/heap/FastMallocAlignedMemoryAllocator.h: Added.
* bindings/js/WebCoreJSClientData.cpp:
(WebCore::JSVMClientData::JSVMClientData):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@220291 268f45cc-cd09-0410-ab3c-d52691b4dbfc

28 files changed:
Source/JavaScriptCore/CMakeLists.txt
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
Source/JavaScriptCore/heap/AlignedMemoryAllocator.cpp [moved from Source/JavaScriptCore/heap/GigacageSubspace.cpp with 67% similarity]
Source/JavaScriptCore/heap/AlignedMemoryAllocator.h [new file with mode: 0644]
Source/JavaScriptCore/heap/FastMallocAlignedMemoryAllocator.cpp [new file with mode: 0644]
Source/JavaScriptCore/heap/FastMallocAlignedMemoryAllocator.h [moved from Source/JavaScriptCore/heap/GigacageSubspace.h with 82% similarity]
Source/JavaScriptCore/heap/GigacageAlignedMemoryAllocator.cpp [new file with mode: 0644]
Source/JavaScriptCore/heap/GigacageAlignedMemoryAllocator.h [new file with mode: 0644]
Source/JavaScriptCore/heap/LargeAllocation.cpp
Source/JavaScriptCore/heap/MarkedAllocator.cpp
Source/JavaScriptCore/heap/MarkedBlock.cpp
Source/JavaScriptCore/heap/MarkedBlock.h
Source/JavaScriptCore/heap/Subspace.cpp
Source/JavaScriptCore/heap/Subspace.h
Source/JavaScriptCore/runtime/JSDestructibleObjectSubspace.cpp
Source/JavaScriptCore/runtime/JSDestructibleObjectSubspace.h
Source/JavaScriptCore/runtime/JSSegmentedVariableObjectSubspace.cpp
Source/JavaScriptCore/runtime/JSSegmentedVariableObjectSubspace.h
Source/JavaScriptCore/runtime/JSStringSubspace.cpp
Source/JavaScriptCore/runtime/JSStringSubspace.h
Source/JavaScriptCore/runtime/VM.cpp
Source/JavaScriptCore/runtime/VM.h
Source/JavaScriptCore/wasm/js/JSWebAssemblyCodeBlockSubspace.cpp
Source/JavaScriptCore/wasm/js/JSWebAssemblyCodeBlockSubspace.h
Source/WebCore/ChangeLog
Source/WebCore/ForwardingHeaders/heap/FastMallocAlignedMemoryAllocator.h [new file with mode: 0644]
Source/WebCore/bindings/js/WebCoreJSClientData.cpp

index 9c11413..52de03e 100644 (file)
@@ -490,6 +490,7 @@ set(JavaScriptCore_SOURCES
     ftl/FTLThunks.cpp
     ftl/FTLValueRange.cpp
 
+    heap/AlignedMemoryAllocator.cpp
     heap/AllocatorAttributes.cpp
     heap/CellContainer.cpp
     heap/CodeBlockSet.cpp
@@ -499,13 +500,14 @@ set(JavaScriptCore_SOURCES
     heap/DeferGC.cpp
     heap/DestructionMode.cpp
     heap/EdenGCActivityCallback.cpp
+    heap/FastMallocAlignedMemoryAllocator.cpp
     heap/FullGCActivityCallback.cpp
     heap/FreeList.cpp
     heap/GCActivityCallback.cpp
     heap/GCConductor.cpp
     heap/GCLogging.cpp
     heap/GCRequest.cpp
-    heap/GigacageSubspace.cpp
+    heap/GigacageAlignedMemoryAllocator.cpp
     heap/HandleSet.cpp
     heap/HandleStack.cpp
     heap/Heap.cpp
index 93ccb01..86cc25e 100644 (file)
@@ -1,3 +1,84 @@
+2017-08-03  Filip Pizlo  <fpizlo@apple.com>
+
+        The allocator used to allocate memory for MarkedBlocks and LargeAllocations should not be the Subspace itself
+        https://bugs.webkit.org/show_bug.cgi?id=175141
+
+        Reviewed by Mark Lam.
+        
+        To make it easier to have multiple gigacages and maybe even fancier methods of allocating, this
+        decouples the allocator used to allocate memory from the GC Subspace. This means we no longer have
+        to create a new Subspace subclass to allocate memory a different way. Instead, the allocator is now
+        determined by the AlignedMemoryAllocator object.
+        
+        This also simplifies trading of blocks. Before, Subspaces had to determine if other Subspaces could
+        trade blocks with them using canTradeBlocksWith(). This makes it difficult for two different
+        Subspaces that both use the same underlying allocator to realize that they can trade blocks with
+        each other. Now, you just need to ask the block being stolen and the subspace doing the stealing if
+        they use the same AlignedMemoryAllocator.
+
+        * CMakeLists.txt:
+        * JavaScriptCore.xcodeproj/project.pbxproj:
+        * heap/AlignedMemoryAllocator.cpp: Added.
+        (JSC::AlignedMemoryAllocator::AlignedMemoryAllocator):
+        (JSC::AlignedMemoryAllocator::~AlignedMemoryAllocator):
+        * heap/AlignedMemoryAllocator.h: Added.
+        * heap/FastMallocAlignedMemoryAllocator.cpp: Added.
+        (JSC::FastMallocAlignedMemoryAllocator::singleton):
+        (JSC::FastMallocAlignedMemoryAllocator::FastMallocAlignedMemoryAllocator):
+        (JSC::FastMallocAlignedMemoryAllocator::~FastMallocAlignedMemoryAllocator):
+        (JSC::FastMallocAlignedMemoryAllocator::tryAllocateAlignedMemory):
+        (JSC::FastMallocAlignedMemoryAllocator::freeAlignedMemory):
+        (JSC::FastMallocAlignedMemoryAllocator::dump const):
+        * heap/FastMallocAlignedMemoryAllocator.h: Added.
+        * heap/GigacageAlignedMemoryAllocator.cpp: Added.
+        (JSC::GigacageAlignedMemoryAllocator::singleton):
+        (JSC::GigacageAlignedMemoryAllocator::GigacageAlignedMemoryAllocator):
+        (JSC::GigacageAlignedMemoryAllocator::~GigacageAlignedMemoryAllocator):
+        (JSC::GigacageAlignedMemoryAllocator::tryAllocateAlignedMemory):
+        (JSC::GigacageAlignedMemoryAllocator::freeAlignedMemory):
+        (JSC::GigacageAlignedMemoryAllocator::dump const):
+        * heap/GigacageAlignedMemoryAllocator.h: Added.
+        * heap/GigacageSubspace.cpp: Removed.
+        * heap/GigacageSubspace.h: Removed.
+        * heap/LargeAllocation.cpp:
+        (JSC::LargeAllocation::tryCreate):
+        (JSC::LargeAllocation::destroy):
+        * heap/MarkedAllocator.cpp:
+        (JSC::MarkedAllocator::tryAllocateWithoutCollecting):
+        * heap/MarkedBlock.cpp:
+        (JSC::MarkedBlock::tryCreate):
+        (JSC::MarkedBlock::Handle::Handle):
+        (JSC::MarkedBlock::Handle::~Handle):
+        (JSC::MarkedBlock::Handle::didAddToAllocator):
+        (JSC::MarkedBlock::Handle::subspace const):
+        * heap/MarkedBlock.h:
+        (JSC::MarkedBlock::Handle::alignedMemoryAllocator const):
+        (JSC::MarkedBlock::Handle::subspace const): Deleted.
+        * heap/Subspace.cpp:
+        (JSC::Subspace::Subspace):
+        (JSC::Subspace::findEmptyBlockToSteal):
+        (JSC::Subspace::canTradeBlocksWith): Deleted.
+        (JSC::Subspace::tryAllocateAlignedMemory): Deleted.
+        (JSC::Subspace::freeAlignedMemory): Deleted.
+        * heap/Subspace.h:
+        (JSC::Subspace::name const):
+        (JSC::Subspace::alignedMemoryAllocator const):
+        * runtime/JSDestructibleObjectSubspace.cpp:
+        (JSC::JSDestructibleObjectSubspace::JSDestructibleObjectSubspace):
+        * runtime/JSDestructibleObjectSubspace.h:
+        * runtime/JSSegmentedVariableObjectSubspace.cpp:
+        (JSC::JSSegmentedVariableObjectSubspace::JSSegmentedVariableObjectSubspace):
+        * runtime/JSSegmentedVariableObjectSubspace.h:
+        * runtime/JSStringSubspace.cpp:
+        (JSC::JSStringSubspace::JSStringSubspace):
+        * runtime/JSStringSubspace.h:
+        * runtime/VM.cpp:
+        (JSC::VM::VM):
+        * runtime/VM.h:
+        * wasm/js/JSWebAssemblyCodeBlockSubspace.cpp:
+        (JSC::JSWebAssemblyCodeBlockSubspace::JSWebAssemblyCodeBlockSubspace):
+        * wasm/js/JSWebAssemblyCodeBlockSubspace.h:
+
 2017-08-04  Oleksandr Skachkov  <gskachkov@gmail.com>
 
         [ESNext] Async iteration - update feature.json
index c449f73..97e922c 100644 (file)
                0F5A6284188C98D40072C9DF /* FTLValueRange.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F5A6282188C98D40072C9DF /* FTLValueRange.h */; settings = {ATTRIBUTES = (Private, ); }; };
                0F5AE2C41DF4F2800066EFE1 /* VMInlines.h in Headers */ = {isa = PBXBuildFile; fileRef = FE90BB3A1B7CF64E006B3F03 /* VMInlines.h */; settings = {ATTRIBUTES = (Private, ); }; };
                0F5B4A331C84F0D600F1B17E /* SlowPathReturnType.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F5B4A321C84F0D600F1B17E /* SlowPathReturnType.h */; settings = {ATTRIBUTES = (Private, ); }; };
-               0F5BF1561F22EB170029D91D /* GigacageSubspace.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F5BF1541F22EB170029D91D /* GigacageSubspace.cpp */; };
-               0F5BF1571F22EB170029D91D /* GigacageSubspace.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F5BF1551F22EB170029D91D /* GigacageSubspace.h */; settings = {ATTRIBUTES = (Private, ); }; };
                0F5BF1631F2317120029D91D /* B3HoistLoopInvariantValues.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F5BF1611F2317120029D91D /* B3HoistLoopInvariantValues.cpp */; };
                0F5BF1641F2317120029D91D /* B3HoistLoopInvariantValues.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F5BF1621F2317120029D91D /* B3HoistLoopInvariantValues.h */; };
                0F5BF1671F23A0980029D91D /* B3BackwardsCFG.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F5BF1661F23A0980029D91D /* B3BackwardsCFG.h */; };
                0FEA0A33170D40BF00BB722C /* DFGJITCode.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0FEA0A2F170D40BF00BB722C /* DFGJITCode.cpp */; };
                0FEA0A34170D40BF00BB722C /* DFGJITCode.h in Headers */ = {isa = PBXBuildFile; fileRef = 0FEA0A30170D40BF00BB722C /* DFGJITCode.h */; };
                0FEB3ECF16237F6C00AB67AD /* MacroAssembler.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0FEB3ECE16237F6700AB67AD /* MacroAssembler.cpp */; };
+               0FEC3C521F33A41600F59B6C /* AlignedMemoryAllocator.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0FEC3C501F33A41600F59B6C /* AlignedMemoryAllocator.cpp */; };
+               0FEC3C531F33A41600F59B6C /* AlignedMemoryAllocator.h in Headers */ = {isa = PBXBuildFile; fileRef = 0FEC3C511F33A41600F59B6C /* AlignedMemoryAllocator.h */; settings = {ATTRIBUTES = (Private, ); }; };
+               0FEC3C561F33A45300F59B6C /* FastMallocAlignedMemoryAllocator.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0FEC3C541F33A45300F59B6C /* FastMallocAlignedMemoryAllocator.cpp */; };
+               0FEC3C571F33A45300F59B6C /* FastMallocAlignedMemoryAllocator.h in Headers */ = {isa = PBXBuildFile; fileRef = 0FEC3C551F33A45300F59B6C /* FastMallocAlignedMemoryAllocator.h */; settings = {ATTRIBUTES = (Private, ); }; };
+               0FEC3C5A1F33A48900F59B6C /* GigacageAlignedMemoryAllocator.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0FEC3C581F33A48900F59B6C /* GigacageAlignedMemoryAllocator.cpp */; };
+               0FEC3C5B1F33A48900F59B6C /* GigacageAlignedMemoryAllocator.h in Headers */ = {isa = PBXBuildFile; fileRef = 0FEC3C591F33A48900F59B6C /* GigacageAlignedMemoryAllocator.h */; };
                0FEC84FE1BDACDAC0080FF74 /* B3ArgumentRegValue.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0FEC84B41BDACDAC0080FF74 /* B3ArgumentRegValue.cpp */; };
                0FEC84FF1BDACDAC0080FF74 /* B3ArgumentRegValue.h in Headers */ = {isa = PBXBuildFile; fileRef = 0FEC84B51BDACDAC0080FF74 /* B3ArgumentRegValue.h */; };
                0FEC85001BDACDAC0080FF74 /* B3BasicBlock.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0FEC84B61BDACDAC0080FF74 /* B3BasicBlock.cpp */; };
                0F5A6281188C98D40072C9DF /* FTLValueRange.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = FTLValueRange.cpp; path = ftl/FTLValueRange.cpp; sourceTree = "<group>"; };
                0F5A6282188C98D40072C9DF /* FTLValueRange.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = FTLValueRange.h; path = ftl/FTLValueRange.h; sourceTree = "<group>"; };
                0F5B4A321C84F0D600F1B17E /* SlowPathReturnType.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SlowPathReturnType.h; sourceTree = "<group>"; };
-               0F5BF1541F22EB170029D91D /* GigacageSubspace.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = GigacageSubspace.cpp; sourceTree = "<group>"; };
-               0F5BF1551F22EB170029D91D /* GigacageSubspace.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = GigacageSubspace.h; sourceTree = "<group>"; };
                0F5BF1611F2317120029D91D /* B3HoistLoopInvariantValues.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; name = B3HoistLoopInvariantValues.cpp; path = b3/B3HoistLoopInvariantValues.cpp; sourceTree = "<group>"; };
                0F5BF1621F2317120029D91D /* B3HoistLoopInvariantValues.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; name = B3HoistLoopInvariantValues.h; path = b3/B3HoistLoopInvariantValues.h; sourceTree = "<group>"; };
                0F5BF1661F23A0980029D91D /* B3BackwardsCFG.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; name = B3BackwardsCFG.h; path = b3/B3BackwardsCFG.h; sourceTree = "<group>"; };
                0FEA0A2F170D40BF00BB722C /* DFGJITCode.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = DFGJITCode.cpp; path = dfg/DFGJITCode.cpp; sourceTree = "<group>"; };
                0FEA0A30170D40BF00BB722C /* DFGJITCode.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = DFGJITCode.h; path = dfg/DFGJITCode.h; sourceTree = "<group>"; };
                0FEB3ECE16237F6700AB67AD /* MacroAssembler.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = MacroAssembler.cpp; sourceTree = "<group>"; };
+               0FEC3C501F33A41600F59B6C /* AlignedMemoryAllocator.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = AlignedMemoryAllocator.cpp; sourceTree = "<group>"; };
+               0FEC3C511F33A41600F59B6C /* AlignedMemoryAllocator.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = AlignedMemoryAllocator.h; sourceTree = "<group>"; };
+               0FEC3C541F33A45300F59B6C /* FastMallocAlignedMemoryAllocator.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = FastMallocAlignedMemoryAllocator.cpp; sourceTree = "<group>"; };
+               0FEC3C551F33A45300F59B6C /* FastMallocAlignedMemoryAllocator.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = FastMallocAlignedMemoryAllocator.h; sourceTree = "<group>"; };
+               0FEC3C581F33A48900F59B6C /* GigacageAlignedMemoryAllocator.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = GigacageAlignedMemoryAllocator.cpp; sourceTree = "<group>"; };
+               0FEC3C591F33A48900F59B6C /* GigacageAlignedMemoryAllocator.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = GigacageAlignedMemoryAllocator.h; sourceTree = "<group>"; };
                0FEC84B41BDACDAC0080FF74 /* B3ArgumentRegValue.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = B3ArgumentRegValue.cpp; path = b3/B3ArgumentRegValue.cpp; sourceTree = "<group>"; };
                0FEC84B51BDACDAC0080FF74 /* B3ArgumentRegValue.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = B3ArgumentRegValue.h; path = b3/B3ArgumentRegValue.h; sourceTree = "<group>"; };
                0FEC84B61BDACDAC0080FF74 /* B3BasicBlock.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = B3BasicBlock.cpp; path = b3/B3BasicBlock.cpp; sourceTree = "<group>"; };
                142E312A134FF0A600AFADB5 /* heap */ = {
                        isa = PBXGroup;
                        children = (
+                               0FEC3C501F33A41600F59B6C /* AlignedMemoryAllocator.cpp */,
+                               0FEC3C511F33A41600F59B6C /* AlignedMemoryAllocator.h */,
                                0FA7620A1DB959F600B7A2FD /* AllocatingScope.h */,
                                0F9630351D4192C3005609D9 /* AllocatorAttributes.cpp */,
                                0F9630361D4192C3005609D9 /* AllocatorAttributes.h */,
                                0F9630381D4192C3005609D9 /* DestructionMode.h */,
                                2A83638318D7D0EE0000EBCC /* EdenGCActivityCallback.cpp */,
                                2A83638418D7D0EE0000EBCC /* EdenGCActivityCallback.h */,
+                               0FEC3C541F33A45300F59B6C /* FastMallocAlignedMemoryAllocator.cpp */,
+                               0FEC3C551F33A45300F59B6C /* FastMallocAlignedMemoryAllocator.h */,
                                0F5513A71D5A68CB00C32BD8 /* FreeList.cpp */,
                                0F5513A51D5A682A00C32BD8 /* FreeList.h */,
                                0F6585E01EE080570095176D /* FreeListInlines.h */,
                                2A343F7418A1748B0039B085 /* GCSegmentedArray.h */,
                                2A343F7718A1749D0039B085 /* GCSegmentedArrayInlines.h */,
                                0F86A26E1D6F7B3100CB0C92 /* GCTypeMap.h */,
-                               0F5BF1541F22EB170029D91D /* GigacageSubspace.cpp */,
-                               0F5BF1551F22EB170029D91D /* GigacageSubspace.h */,
+                               0FEC3C581F33A48900F59B6C /* GigacageAlignedMemoryAllocator.cpp */,
+                               0FEC3C591F33A48900F59B6C /* GigacageAlignedMemoryAllocator.h */,
                                142E312B134FF0A600AFADB5 /* Handle.h */,
                                C28318FF16FE4B7D00157BFD /* HandleBlock.h */,
                                C283190116FE533E00157BFD /* HandleBlockInlines.h */,
                                7C184E2317BEE240007CB63A /* JSPromiseConstructor.h in Headers */,
                                996B731E1BDA08EF00331B84 /* JSPromiseConstructor.lut.h in Headers */,
                                7C008CDB187124BB00955C24 /* JSPromiseDeferred.h in Headers */,
+                               0FEC3C571F33A45300F59B6C /* FastMallocAlignedMemoryAllocator.h in Headers */,
                                7C184E1F17BEE22E007CB63A /* JSPromisePrototype.h in Headers */,
                                996B731F1BDA08EF00331B84 /* JSPromisePrototype.lut.h in Headers */,
                                2A05ABD61961DF2400341750 /* JSPropertyNameEnumerator.h in Headers */,
                                860161E60F3A83C100F84710 /* MacroAssemblerX86Common.h in Headers */,
                                A5EF13F91F073204000F0442 /* make-js-file-arrays.py in Headers */,
                                A700873A17CBE85300C3E643 /* MapConstructor.h in Headers */,
+                               0FEC3C531F33A41600F59B6C /* AlignedMemoryAllocator.h in Headers */,
                                A74DEF94182D991400522C22 /* MapIteratorPrototype.h in Headers */,
                                A700873E17CBE8D300C3E643 /* MapPrototype.h in Headers */,
                                C2B916C214DA014E00CBAC86 /* MarkedAllocator.h in Headers */,
                                0F5AE2C41DF4F2800066EFE1 /* VMInlines.h in Headers */,
                                FE3022D71E42857300BAC493 /* VMInspector.h in Headers */,
                                FE6F56DE1E64EAD600D17801 /* VMTraps.h in Headers */,
-                               0F5BF1571F22EB170029D91D /* GigacageSubspace.h in Headers */,
                                53F40E931D5A4AB30099A1B6 /* WasmB3IRGenerator.h in Headers */,
                                53CA730A1EA533D80076049D /* WasmBBQPlan.h in Headers */,
                                53F8D2001E8387D400D21116 /* WasmBBQPlanInlines.h in Headers */,
                                AD00659E1ECAC812000CA926 /* WasmLimits.h in Headers */,
                                53E9E0AC1EAE83DF00FEE251 /* WasmMachineThreads.h in Headers */,
                                535557141D9D9EA5006D583B /* WasmMemory.h in Headers */,
+                               0FEC3C5B1F33A48900F59B6C /* GigacageAlignedMemoryAllocator.h in Headers */,
                                79B759751DFA4C600052174C /* WasmMemoryInformation.h in Headers */,
                                790081391E95A8EC0052D7CD /* WasmModule.h in Headers */,
                                53E777E41E92E265007CBEC4 /* WasmModuleInformation.h in Headers */,
                                62EC9BB61B7EB07C00303AD1 /* CallFrameShuffleData.cpp in Sources */,
                                62D755D61B84FB46001801FA /* CallFrameShuffler.cpp in Sources */,
                                62D755D51B84FB40001801FA /* CallFrameShuffler32_64.cpp in Sources */,
+                               0FEC3C561F33A45300F59B6C /* FastMallocAlignedMemoryAllocator.cpp in Sources */,
                                62D755D41B84FB3D001801FA /* CallFrameShuffler64.cpp in Sources */,
                                0F0B83B014BCF71600885B4F /* CallLinkInfo.cpp in Sources */,
                                0F93329D14CA7DC30085F3C6 /* CallLinkStatus.cpp in Sources */,
                                A503FA1B188E0FB000110F14 /* JSJavaScriptCallFrame.cpp in Sources */,
                                A503FA1D188E0FB000110F14 /* JSJavaScriptCallFramePrototype.cpp in Sources */,
                                7013CA8B1B491A9400CAE613 /* JSJob.cpp in Sources */,
+                               0FEC3C521F33A41600F59B6C /* AlignedMemoryAllocator.cpp in Sources */,
                                140B7D1D0DC69AF7009C42B8 /* JSLexicalEnvironment.cpp in Sources */,
                                14280875107EC13E0013E7B2 /* JSLock.cpp in Sources */,
                                C25D709B16DE99F400FCA6BC /* JSManagedValue.mm in Sources */,
                                70EC0EC61AA0D7DA00B6AAFA /* StringIteratorPrototype.cpp in Sources */,
                                14469DEC107EC7E700650446 /* StringObject.cpp in Sources */,
                                14469DED107EC7E700650446 /* StringPrototype.cpp in Sources */,
-                               0F5BF1561F22EB170029D91D /* GigacageSubspace.cpp in Sources */,
                                9335F24D12E6765B002B5553 /* StringRecursionChecker.cpp in Sources */,
                                BCDE3B430E6C832D001453A7 /* Structure.cpp in Sources */,
                                7E4EE70F0EBB7A5B005934AA /* StructureChain.cpp in Sources */,
                                AD7438C11E0457AA00FD0C2A /* WasmSignature.cpp in Sources */,
                                5250D2D11E8DA05A0029A932 /* WasmThunks.cpp in Sources */,
                                53FF7F9B1DBFD2B900A26CCC /* WasmValidate.cpp in Sources */,
+                               0FEC3C5A1F33A48900F59B6C /* GigacageAlignedMemoryAllocator.cpp in Sources */,
                                530FB3041E7A1146003C19DD /* WasmWorklist.cpp in Sources */,
                                FED94F2E171E3E2300BE77A4 /* Watchdog.cpp in Sources */,
                                0F919D2515853CE0004A4E7D /* Watchpoint.cpp in Sources */,
  */
 
 #include "config.h"
-#include "GigacageSubspace.h"
+#include "AlignedMemoryAllocator.h"
 
-#include <wtf/Gigacage.h>
+namespace JSC { 
 
-namespace JSC {
-
-GigacageSubspace::GigacageSubspace(CString name, Heap& heap, AllocatorAttributes attributes)
-    : Subspace(name, heap, attributes)
-{
-    Gigacage::ensureGigacage();
-}
-
-GigacageSubspace::~GigacageSubspace()
+AlignedMemoryAllocator::AlignedMemoryAllocator()
 {
 }
 
-void* GigacageSubspace::tryAllocateAlignedMemory(size_t alignment, size_t size)
+AlignedMemoryAllocator::~AlignedMemoryAllocator()
 {
-    void* result = Gigacage::tryAlignedMalloc(alignment, size);
-    return result;
-}
-
-void GigacageSubspace::freeAlignedMemory(void* basePtr)
-{
-    Gigacage::alignedFree(basePtr);
-    WTF::compilerFence();
-}
-
-bool GigacageSubspace::canTradeBlocksWith(Subspace* other)
-{
-    return this == other;
 }
 
 } // namespace JSC
 
+
diff --git a/Source/JavaScriptCore/heap/AlignedMemoryAllocator.h b/Source/JavaScriptCore/heap/AlignedMemoryAllocator.h
new file mode 100644 (file)
index 0000000..c3129f3
--- /dev/null
@@ -0,0 +1,46 @@
+/*
+ * Copyright (C) 2017 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
+ */
+
+#pragma once
+
+#include <wtf/PrintStream.h>
+
+namespace JSC {
+
+class AlignedMemoryAllocator {
+    WTF_MAKE_NONCOPYABLE(AlignedMemoryAllocator);
+    WTF_MAKE_FAST_ALLOCATED;
+public:
+    AlignedMemoryAllocator();
+    virtual ~AlignedMemoryAllocator();
+    
+    virtual void* tryAllocateAlignedMemory(size_t alignment, size_t size) = 0;
+    virtual void freeAlignedMemory(void*) = 0;
+    
+    virtual void dump(PrintStream&) const = 0;
+};
+
+} // namespace WTF
+
diff --git a/Source/JavaScriptCore/heap/FastMallocAlignedMemoryAllocator.cpp b/Source/JavaScriptCore/heap/FastMallocAlignedMemoryAllocator.cpp
new file mode 100644 (file)
index 0000000..8d5d7b4
--- /dev/null
@@ -0,0 +1,70 @@
+/*
+ * Copyright (C) 2017 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
+ */
+
+#include "config.h"
+#include "FastMallocAlignedMemoryAllocator.h"
+
+#include <mutex>
+#include <wtf/FastMalloc.h>
+
+namespace JSC {
+
+FastMallocAlignedMemoryAllocator& FastMallocAlignedMemoryAllocator::instance()
+{
+    static FastMallocAlignedMemoryAllocator* result;
+    static std::once_flag onceFlag;
+    std::call_once(
+        onceFlag,
+        [] {
+            result = new FastMallocAlignedMemoryAllocator();
+        });
+    return *result;
+}
+
+FastMallocAlignedMemoryAllocator::FastMallocAlignedMemoryAllocator()
+{
+}
+
+FastMallocAlignedMemoryAllocator::~FastMallocAlignedMemoryAllocator()
+{
+}
+
+void* FastMallocAlignedMemoryAllocator::tryAllocateAlignedMemory(size_t alignment, size_t size)
+{
+    return tryFastAlignedMalloc(alignment, size);
+}
+
+void FastMallocAlignedMemoryAllocator::freeAlignedMemory(void* basePtr)
+{
+    fastAlignedFree(basePtr);
+}
+
+void FastMallocAlignedMemoryAllocator::dump(PrintStream& out) const
+{
+    out.print("FastMalloc");
+}
+
+} // namespace JSC
+
 
 #pragma once
 
-#include "Subspace.h"
-#include <wtf/Gigacage.h>
+#include "AlignedMemoryAllocator.h"
 
 namespace JSC {
 
-// We use a GigacageSubspace for the auxiliary space.
-class GigacageSubspace : public Subspace {
+class FastMallocAlignedMemoryAllocator : public AlignedMemoryAllocator {
 public:
-    GigacageSubspace(CString name, Heap&, AllocatorAttributes);
-    ~GigacageSubspace();
+    JS_EXPORT_PRIVATE static FastMallocAlignedMemoryAllocator& instance();
+
+    ~FastMallocAlignedMemoryAllocator();
     
-    bool canTradeBlocksWith(Subspace* other) override;
     void* tryAllocateAlignedMemory(size_t alignment, size_t size) override;
     void freeAlignedMemory(void*) override;
+    
+    void dump(PrintStream&) const override;
+
+private:
+    FastMallocAlignedMemoryAllocator();
 };
 
 } // namespace JSC
diff --git a/Source/JavaScriptCore/heap/GigacageAlignedMemoryAllocator.cpp b/Source/JavaScriptCore/heap/GigacageAlignedMemoryAllocator.cpp
new file mode 100644 (file)
index 0000000..dae2219
--- /dev/null
@@ -0,0 +1,70 @@
+/*
+ * Copyright (C) 2017 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
+ */
+
+#include "config.h"
+#include "GigacageAlignedMemoryAllocator.h"
+
+#include <mutex>
+#include <wtf/Gigacage.h>
+
+namespace JSC {
+
+GigacageAlignedMemoryAllocator& GigacageAlignedMemoryAllocator::instance()
+{
+    static GigacageAlignedMemoryAllocator* result;
+    static std::once_flag onceFlag;
+    std::call_once(
+        onceFlag,
+        [] {
+            result = new GigacageAlignedMemoryAllocator();
+        });
+    return *result;
+}
+
+GigacageAlignedMemoryAllocator::GigacageAlignedMemoryAllocator()
+{
+}
+
+GigacageAlignedMemoryAllocator::~GigacageAlignedMemoryAllocator()
+{
+}
+
+void* GigacageAlignedMemoryAllocator::tryAllocateAlignedMemory(size_t alignment, size_t size)
+{
+    return Gigacage::tryAlignedMalloc(alignment, size);
+}
+
+void GigacageAlignedMemoryAllocator::freeAlignedMemory(void* basePtr)
+{
+    Gigacage::alignedFree(basePtr);
+}
+
+void GigacageAlignedMemoryAllocator::dump(PrintStream& out) const
+{
+    out.print("Gigacage");
+}
+
+} // namespace JSC
+
diff --git a/Source/JavaScriptCore/heap/GigacageAlignedMemoryAllocator.h b/Source/JavaScriptCore/heap/GigacageAlignedMemoryAllocator.h
new file mode 100644 (file)
index 0000000..2b5fe04
--- /dev/null
@@ -0,0 +1,51 @@
+/*
+ * Copyright (C) 2017 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
+ */
+
+#pragma once
+
+#include "AlignedMemoryAllocator.h"
+
+namespace JSC {
+
+class GigacageAlignedMemoryAllocator : public AlignedMemoryAllocator {
+public:
+    // FIXME: This shouldn't be a singleton. There should be different instances for primaries, JSValues,
+    // and other things.
+    // https://bugs.webkit.org/show_bug.cgi?id=174919
+    static GigacageAlignedMemoryAllocator& instance();
+
+    ~GigacageAlignedMemoryAllocator();
+    
+    void* tryAllocateAlignedMemory(size_t alignment, size_t size) override;
+    void freeAlignedMemory(void*) override;
+    
+    void dump(PrintStream&) const override;
+
+private:
+    GigacageAlignedMemoryAllocator();
+};
+
+} // namespace JSC
+
index cdd694e..9176a6e 100644 (file)
@@ -26,6 +26,7 @@
 #include "config.h"
 #include "LargeAllocation.h"
 
+#include "AlignedMemoryAllocator.h"
 #include "Heap.h"
 #include "JSCInlines.h"
 #include "Operations.h"
@@ -34,7 +35,7 @@ namespace JSC {
 
 LargeAllocation* LargeAllocation::tryCreate(Heap& heap, size_t size, Subspace* subspace)
 {
-    void* space = subspace->tryAllocateAlignedMemory(alignment, headerSize() + size);
+    void* space = subspace->alignedMemoryAllocator()->tryAllocateAlignedMemory(alignment, headerSize() + size);
     if (!space)
         return nullptr;
     if (scribbleFreeCells())
@@ -106,9 +107,9 @@ void LargeAllocation::sweep()
 
 void LargeAllocation::destroy()
 {
-    Subspace* subspace = m_subspace;
+    AlignedMemoryAllocator* allocator = m_subspace->alignedMemoryAllocator();
     this->~LargeAllocation();
-    subspace->freeAlignedMemory(this);
+    allocator->freeAlignedMemory(this);
 }
 
 void LargeAllocation::dump(PrintStream& out) const
index 7352289..f6d203b 100644 (file)
@@ -104,8 +104,7 @@ void* MarkedAllocator::tryAllocateWithoutCollecting()
     
     if (Options::stealEmptyBlocksFromOtherAllocators()) {
         if (MarkedBlock::Handle* block = m_subspace->findEmptyBlockToSteal()) {
-            RELEASE_ASSERT(block->subspace()->canTradeBlocksWith(m_subspace));
-            RELEASE_ASSERT(m_subspace->canTradeBlocksWith(block->subspace()));
+            RELEASE_ASSERT(block->alignedMemoryAllocator() == m_subspace->alignedMemoryAllocator());
             
             block->sweep(nullptr);
             
@@ -243,7 +242,7 @@ MarkedBlock::Handle* MarkedAllocator::tryAllocateBlock()
 {
     SuperSamplerScope superSamplerScope(false);
     
-    MarkedBlock::Handle* handle = MarkedBlock::tryCreate(*m_heap, subspace());
+    MarkedBlock::Handle* handle = MarkedBlock::tryCreate(*m_heap, subspace()->alignedMemoryAllocator());
     if (!handle)
         return nullptr;
     
index a7c8593..7d167db 100644 (file)
@@ -26,6 +26,7 @@
 #include "config.h"
 #include "MarkedBlock.h"
 
+#include "AlignedMemoryAllocator.h"
 #include "FreeListInlines.h"
 #include "JSCell.h"
 #include "JSDestructibleObject.h"
@@ -43,23 +44,23 @@ const size_t MarkedBlock::blockSize;
 static const bool computeBalance = false;
 static size_t balance;
 
-MarkedBlock::Handle* MarkedBlock::tryCreate(Heap& heap, Subspace* subspace)
+MarkedBlock::Handle* MarkedBlock::tryCreate(Heap& heap, AlignedMemoryAllocator* alignedMemoryAllocator)
 {
     if (computeBalance) {
         balance++;
         if (!(balance % 10))
             dataLog("MarkedBlock Balance: ", balance, "\n");
     }
-    void* blockSpace = subspace->tryAllocateAlignedMemory(blockSize, blockSize);
+    void* blockSpace = alignedMemoryAllocator->tryAllocateAlignedMemory(blockSize, blockSize);
     if (!blockSpace)
         return nullptr;
     if (scribbleFreeCells())
         scribble(blockSpace, blockSize);
-    return new Handle(heap, subspace, blockSpace);
+    return new Handle(heap, alignedMemoryAllocator, blockSpace);
 }
 
-MarkedBlock::Handle::Handle(Heap& heap, Subspace* subspace, void* blockSpace)
-    : m_subspace(subspace)
+MarkedBlock::Handle::Handle(Heap& heap, AlignedMemoryAllocator* alignedMemoryAllocator, void* blockSpace)
+    : m_alignedMemoryAllocator(alignedMemoryAllocator)
     , m_weakSet(heap.vm(), CellContainer())
     , m_newlyAllocatedVersion(MarkedSpace::nullVersion)
 {
@@ -73,7 +74,6 @@ MarkedBlock::Handle::Handle(Heap& heap, Subspace* subspace, void* blockSpace)
 MarkedBlock::Handle::~Handle()
 {
     Heap& heap = *this->heap();
-    Subspace* subspace = this->subspace();
     if (computeBalance) {
         balance--;
         if (!(balance % 10))
@@ -81,7 +81,7 @@ MarkedBlock::Handle::~Handle()
     }
     removeFromAllocator();
     m_block->~MarkedBlock();
-    subspace->freeAlignedMemory(m_block);
+    m_alignedMemoryAllocator->freeAlignedMemory(m_block);
     heap.didFreeBlock(blockSize);
 }
 
@@ -331,14 +331,11 @@ void MarkedBlock::Handle::didAddToAllocator(MarkedAllocator* allocator, size_t i
     ASSERT(m_index == std::numeric_limits<size_t>::max());
     ASSERT(!m_allocator);
     
+    RELEASE_ASSERT(allocator->subspace()->alignedMemoryAllocator() == m_alignedMemoryAllocator);
+    
     m_index = index;
     m_allocator = allocator;
     
-    RELEASE_ASSERT(m_subspace->canTradeBlocksWith(allocator->subspace()));
-    RELEASE_ASSERT(allocator->subspace()->canTradeBlocksWith(m_subspace));
-    
-    m_subspace = allocator->subspace();
-    
     size_t cellSize = allocator->cellSize();
     m_atomsPerCell = (cellSize + atomSize - 1) / atomSize;
     m_endAtom = atomsPerBlock - m_atomsPerCell + 1;
@@ -397,6 +394,11 @@ void MarkedBlock::Handle::dumpState(PrintStream& out)
         });
 }
 
+Subspace* MarkedBlock::Handle::subspace() const
+{
+    return allocator()->subspace();
+}
+
 void MarkedBlock::Handle::sweep(FreeList* freeList)
 {
     SweepingScope sweepingScope(*heap());
index 879faee..5555069 100644 (file)
@@ -32,7 +32,8 @@
 #include <wtf/StdLibExtras.h>
 
 namespace JSC {
-    
+
+class AlignedMemoryAllocator;    
 class FreeList;
 class Heap;
 class JSCell;
@@ -110,6 +111,7 @@ public:
 
         MarkedAllocator* allocator() const;
         Subspace* subspace() const;
+        AlignedMemoryAllocator* alignedMemoryAllocator() const;
         Heap* heap() const;
         inline MarkedSpace* space() const;
         VM* vm() const;
@@ -199,7 +201,7 @@ public:
         void dumpState(PrintStream&);
         
     private:
-        Handle(Heap&, Subspace*, void*);
+        Handle(Heap&, AlignedMemoryAllocator*, void*);
         
         enum SweepDestructionMode { BlockHasNoDestructors, BlockHasDestructors, BlockHasDestructorsAndCollectorIsRunning };
         enum ScribbleMode { DontScribble, Scribble };
@@ -229,7 +231,7 @@ public:
         AllocatorAttributes m_attributes;
         bool m_isFreeListed { false };
 
-        Subspace* m_subspace { nullptr };
+        AlignedMemoryAllocator* m_alignedMemoryAllocator { nullptr };
         MarkedAllocator* m_allocator { nullptr };
         size_t m_index { std::numeric_limits<size_t>::max() };
         WeakSet m_weakSet;
@@ -239,7 +241,7 @@ public:
         MarkedBlock* m_block { nullptr };
     };
         
-    static MarkedBlock::Handle* tryCreate(Heap&, Subspace*);
+    static MarkedBlock::Handle* tryCreate(Heap&, AlignedMemoryAllocator*);
         
     Handle& handle();
         
@@ -396,9 +398,9 @@ inline MarkedAllocator* MarkedBlock::Handle::allocator() const
     return m_allocator;
 }
 
-inline Subspace* MarkedBlock::Handle::subspace() const
+inline AlignedMemoryAllocator* MarkedBlock::Handle::alignedMemoryAllocator() const
 {
-    return m_subspace;
+    return m_alignedMemoryAllocator;
 }
 
 inline Heap* MarkedBlock::Handle::heap() const
index 623a95f..40e5cb9 100644 (file)
@@ -54,10 +54,11 @@ struct DestroyFunc {
 
 } // anonymous namespace
 
-Subspace::Subspace(CString name, Heap& heap, AllocatorAttributes attributes)
+Subspace::Subspace(CString name, Heap& heap, AllocatorAttributes attributes, AlignedMemoryAllocator* alignedMemoryAllocator)
     : m_space(heap.objectSpace())
     , m_name(name)
     , m_attributes(attributes)
+    , m_alignedMemoryAllocator(alignedMemoryAllocator)
     , m_allocatorForEmptyAllocation(m_space.firstAllocator())
 {
     // It's remotely possible that we're GCing right now even if the client is careful to only
@@ -88,23 +89,6 @@ void Subspace::destroy(VM& vm, JSCell* cell)
     DestroyFunc()(vm, cell);
 }
 
-bool Subspace::canTradeBlocksWith(Subspace*)
-{
-    return true;
-}
-
-void* Subspace::tryAllocateAlignedMemory(size_t alignment, size_t size)
-{
-    void* result = tryFastAlignedMalloc(alignment, size);
-    return result;
-}
-
-void Subspace::freeAlignedMemory(void* basePtr)
-{
-    fastAlignedFree(basePtr);
-    WTF::compilerFence();
-}
-
 // The reason why we distinguish between allocate and tryAllocate is to minimize the number of
 // checks on the allocation path in both cases. Likewise, the reason why we have overloads with and
 // without deferralContext is to minimize the amount of code for calling allocate when you don't
@@ -167,9 +151,7 @@ MarkedBlock::Handle* Subspace::findEmptyBlockToSteal()
 {
     for (; m_allocatorForEmptyAllocation; m_allocatorForEmptyAllocation = m_allocatorForEmptyAllocation->nextAllocator()) {
         Subspace* otherSubspace = m_allocatorForEmptyAllocation->subspace();
-        if (!canTradeBlocksWith(otherSubspace))
-            continue;
-        if (!otherSubspace->canTradeBlocksWith(this))
+        if (otherSubspace->alignedMemoryAllocator() != alignedMemoryAllocator())
             continue;
         
         if (MarkedBlock::Handle* block = m_allocatorForEmptyAllocation->findEmptyBlockToSteal())
index 4fa7517..899ae3c 100644 (file)
@@ -31,6 +31,8 @@
 
 namespace JSC {
 
+class AlignedMemoryAllocator;
+
 // The idea of subspaces is that you can provide some custom behavior for your objects if you
 // allocate them from a custom Subspace in which you override some of the virtual methods. This
 // class is the baseclass of Subspaces and it provides a reasonable default implementation, where
@@ -44,13 +46,14 @@ class Subspace {
     WTF_MAKE_NONCOPYABLE(Subspace);
     WTF_MAKE_FAST_ALLOCATED;
 public:
-    JS_EXPORT_PRIVATE Subspace(CString name, Heap&, AllocatorAttributes);
+    JS_EXPORT_PRIVATE Subspace(CString name, Heap&, AllocatorAttributes, AlignedMemoryAllocator*);
     JS_EXPORT_PRIVATE virtual ~Subspace();
     
-    const char *name() const { return m_name.data(); }
+    const charname() const { return m_name.data(); }
     MarkedSpace& space() const { return m_space; }
     
     const AllocatorAttributes& attributes() const { return m_attributes; }
+    AlignedMemoryAllocator* alignedMemoryAllocator() const { return m_alignedMemoryAllocator; }
     
     // The purpose of overriding this is to specialize the sweep for your destructors. This won't
     // be called for no-destructor blocks. This must call MarkedBlock::finishSweepKnowingSubspace.
@@ -59,10 +62,6 @@ public:
     // These get called for large objects.
     virtual void destroy(VM&, JSCell*);
     
-    virtual bool canTradeBlocksWith(Subspace* other);
-    virtual void* tryAllocateAlignedMemory(size_t alignment, size_t size);
-    virtual void freeAlignedMemory(void*);
-    
     MarkedAllocator* tryAllocatorFor(size_t);
     MarkedAllocator* allocatorFor(size_t);
     
@@ -115,6 +114,8 @@ private:
     CString m_name;
     AllocatorAttributes m_attributes;
     
+    AlignedMemoryAllocator* m_alignedMemoryAllocator;
+    
     std::array<MarkedAllocator*, MarkedSpace::numSizeClasses> m_allocatorForSizeStep;
     MarkedAllocator* m_firstAllocator { nullptr };
     MarkedAllocator* m_allocatorForEmptyAllocation { nullptr }; // Uses the MarkedSpace linked list of blocks.
index 023c600..3ee3817 100644 (file)
@@ -43,8 +43,8 @@ struct DestroyFunc {
 
 } // anonymous namespace
 
-JSDestructibleObjectSubspace::JSDestructibleObjectSubspace(CString name, Heap& heap)
-    : Subspace(name, heap, AllocatorAttributes(NeedsDestruction, HeapCell::JSCell))
+JSDestructibleObjectSubspace::JSDestructibleObjectSubspace(CString name, Heap& heap, AlignedMemoryAllocator* allocator)
+    : Subspace(name, heap, AllocatorAttributes(NeedsDestruction, HeapCell::JSCell), allocator)
 {
 }
 
index 511056a..05ddd02 100644 (file)
@@ -31,7 +31,7 @@ namespace JSC {
 
 class JSDestructibleObjectSubspace : public Subspace {
 public:
-    JS_EXPORT_PRIVATE JSDestructibleObjectSubspace(CString name, Heap&);
+    JS_EXPORT_PRIVATE JSDestructibleObjectSubspace(CString name, Heap&, AlignedMemoryAllocator*);
     JS_EXPORT_PRIVATE virtual ~JSDestructibleObjectSubspace();
     
     void finishSweep(MarkedBlock::Handle&, FreeList*) override;
index 0af20ba..e41a7f7 100644 (file)
@@ -43,8 +43,8 @@ struct DestroyFunc {
 
 } // anonymous namespace
 
-JSSegmentedVariableObjectSubspace::JSSegmentedVariableObjectSubspace(CString name, Heap& heap)
-    : Subspace(name, heap, AllocatorAttributes(NeedsDestruction, HeapCell::JSCell))
+JSSegmentedVariableObjectSubspace::JSSegmentedVariableObjectSubspace(CString name, Heap& heap, AlignedMemoryAllocator* allocator)
+    : Subspace(name, heap, AllocatorAttributes(NeedsDestruction, HeapCell::JSCell), allocator)
 {
 }
 
index c717492..797641e 100644 (file)
@@ -31,7 +31,7 @@ namespace JSC {
 
 class JSSegmentedVariableObjectSubspace : public Subspace {
 public:
-    JS_EXPORT_PRIVATE JSSegmentedVariableObjectSubspace(CString name, Heap&);
+    JS_EXPORT_PRIVATE JSSegmentedVariableObjectSubspace(CString name, Heap&, AlignedMemoryAllocator*);
     JS_EXPORT_PRIVATE virtual ~JSSegmentedVariableObjectSubspace();
     
     void finishSweep(MarkedBlock::Handle&, FreeList*) override;
index 9b138d6..4833f9c 100644 (file)
@@ -43,8 +43,8 @@ struct DestroyFunc {
 
 } // anonymous namespace
 
-JSStringSubspace::JSStringSubspace(CString name, Heap& heap)
-    : Subspace(name, heap, AllocatorAttributes(NeedsDestruction, HeapCell::JSCell))
+JSStringSubspace::JSStringSubspace(CString name, Heap& heap, AlignedMemoryAllocator* allocator)
+    : Subspace(name, heap, AllocatorAttributes(NeedsDestruction, HeapCell::JSCell), allocator)
 {
 }
 
index 3728c51..9839f90 100644 (file)
@@ -31,7 +31,7 @@ namespace JSC {
 
 class JSStringSubspace : public Subspace {
 public:
-    JS_EXPORT_PRIVATE JSStringSubspace(CString name, Heap&);
+    JS_EXPORT_PRIVATE JSStringSubspace(CString name, Heap&, AlignedMemoryAllocator*);
     JS_EXPORT_PRIVATE virtual ~JSStringSubspace();
     
     void finishSweep(MarkedBlock::Handle&, FreeList*) override;
index af2271c..9e3fafd 100644 (file)
 #include "EvalCodeBlock.h"
 #include "Exception.h"
 #include "FTLThunks.h"
+#include "FastMallocAlignedMemoryAllocator.h"
 #include "FunctionCodeBlock.h"
 #include "FunctionConstructor.h"
 #include "GCActivityCallback.h"
 #include "GetterSetter.h"
+#include "GigacageAlignedMemoryAllocator.h"
 #include "HasOwnPropertyCache.h"
 #include "Heap.h"
 #include "HeapIterationScope.h"
@@ -161,15 +163,15 @@ VM::VM(VMType vmType, HeapType heapType)
     , m_runLoop(CFRunLoopGetCurrent())
 #endif // USE(CF)
     , heap(this, heapType)
-    , auxiliarySpace("Auxiliary", heap, AllocatorAttributes(DoesNotNeedDestruction, HeapCell::Auxiliary))
-    , cellSpace("JSCell", heap, AllocatorAttributes(DoesNotNeedDestruction, HeapCell::JSCell))
-    , destructibleCellSpace("Destructible JSCell", heap, AllocatorAttributes(NeedsDestruction, HeapCell::JSCell))
-    , stringSpace("JSString", heap)
-    , destructibleObjectSpace("JSDestructibleObject", heap)
-    , eagerlySweptDestructibleObjectSpace("Eagerly Swept JSDestructibleObject", heap)
-    , segmentedVariableObjectSpace("JSSegmentedVariableObjectSpace", heap)
+    , auxiliarySpace("Auxiliary", heap, AllocatorAttributes(DoesNotNeedDestruction, HeapCell::Auxiliary), &GigacageAlignedMemoryAllocator::instance())
+    , cellSpace("JSCell", heap, AllocatorAttributes(DoesNotNeedDestruction, HeapCell::JSCell), &FastMallocAlignedMemoryAllocator::instance())
+    , destructibleCellSpace("Destructible JSCell", heap, AllocatorAttributes(NeedsDestruction, HeapCell::JSCell), &FastMallocAlignedMemoryAllocator::instance())
+    , stringSpace("JSString", heap, &FastMallocAlignedMemoryAllocator::instance())
+    , destructibleObjectSpace("JSDestructibleObject", heap, &FastMallocAlignedMemoryAllocator::instance())
+    , eagerlySweptDestructibleObjectSpace("Eagerly Swept JSDestructibleObject", heap, &FastMallocAlignedMemoryAllocator::instance())
+    , segmentedVariableObjectSpace("JSSegmentedVariableObjectSpace", heap, &FastMallocAlignedMemoryAllocator::instance())
 #if ENABLE(WEBASSEMBLY)
-    , webAssemblyCodeBlockSpace("JSWebAssemblyCodeBlockSpace", heap)
+    , webAssemblyCodeBlockSpace("JSWebAssemblyCodeBlockSpace", heap, &FastMallocAlignedMemoryAllocator::instance())
 #endif
     , vmType(vmType)
     , clientData(0)
index 4848cae..18a3b41 100644 (file)
@@ -36,7 +36,6 @@
 #include "ExceptionEventLocation.h"
 #include "ExecutableAllocator.h"
 #include "FunctionHasExecutedCache.h"
-#include "GigacageSubspace.h"
 #include "Heap.h"
 #include "Intrinsic.h"
 #include "JITThunks.h"
@@ -286,7 +285,7 @@ private:
 public:
     Heap heap;
     
-    GigacageSubspace auxiliarySpace;
+    Subspace auxiliarySpace;
     
     // Whenever possible, use subspaceFor<CellType>(vm) to get one of these subspaces.
     Subspace cellSpace;
index 1a423d0..2403751 100644 (file)
@@ -47,8 +47,8 @@ struct DestroyFunc {
 
 } // anonymous namespace
 
-JSWebAssemblyCodeBlockSubspace::JSWebAssemblyCodeBlockSubspace(CString name, Heap& heap)
-    : Subspace(name, heap, AllocatorAttributes(NeedsDestruction, HeapCell::JSCell))
+JSWebAssemblyCodeBlockSubspace::JSWebAssemblyCodeBlockSubspace(CString name, Heap& heap, AlignedMemoryAllocator* allocator)
+    : Subspace(name, heap, AllocatorAttributes(NeedsDestruction, HeapCell::JSCell), allocator)
 {
 }
 
index 8776057..6e731f4 100644 (file)
@@ -33,7 +33,7 @@ namespace JSC {
 
 class JSWebAssemblyCodeBlockSubspace : public Subspace {
 public:
-    JSWebAssemblyCodeBlockSubspace(CString name, Heap&);
+    JSWebAssemblyCodeBlockSubspace(CString name, Heap&, AlignedMemoryAllocator*);
     virtual ~JSWebAssemblyCodeBlockSubspace();
     
     void finishSweep(MarkedBlock::Handle&, FreeList*) override;
index 519eb6c..1152e19 100644 (file)
@@ -1,3 +1,18 @@
+2017-08-03  Filip Pizlo  <fpizlo@apple.com>
+
+        The allocator used to allocate memory for MarkedBlocks and LargeAllocations should not be the Subspace itself
+        https://bugs.webkit.org/show_bug.cgi?id=175141
+
+        Reviewed by Mark Lam.
+
+        No new tests because no new behavior.
+        
+        Just adapting to an API change.
+
+        * ForwardingHeaders/heap/FastMallocAlignedMemoryAllocator.h: Added.
+        * bindings/js/WebCoreJSClientData.cpp:
+        (WebCore::JSVMClientData::JSVMClientData):
+
 2017-08-04  Chris Dumez  <cdumez@apple.com>
 
         Match newly-clarified spec on textarea defaultValue/value/child text content
diff --git a/Source/WebCore/ForwardingHeaders/heap/FastMallocAlignedMemoryAllocator.h b/Source/WebCore/ForwardingHeaders/heap/FastMallocAlignedMemoryAllocator.h
new file mode 100644 (file)
index 0000000..9d7f05e
--- /dev/null
@@ -0,0 +1,2 @@
+#pragma once
+#include <JavaScriptCore/FastMallocAlignedMemoryAllocator.h>
index d87931f..2974a55 100644 (file)
@@ -27,6 +27,7 @@
 #include "WebCoreJSClientData.h"
 
 #include "JSDOMBinding.h"
+#include <heap/FastMallocAlignedMemoryAllocator.h>
 #include <heap/HeapInlines.h>
 #include <heap/MarkingConstraint.h>
 #include <heap/MarkedAllocatorInlines.h>
@@ -43,8 +44,8 @@ namespace WebCore {
 JSVMClientData::JSVMClientData(VM& vm)
     : m_builtinFunctions(vm)
     , m_builtinNames(&vm)
-    , m_outputConstraintSpace("WebCore Wrapper w/ Output Constraint", vm.heap)
-    , m_globalObjectOutputConstraintSpace("WebCore Global Object w/ Output Constraint", vm.heap)
+    , m_outputConstraintSpace("WebCore Wrapper w/ Output Constraint", vm.heap, &FastMallocAlignedMemoryAllocator::instance())
+    , m_globalObjectOutputConstraintSpace("WebCore Global Object w/ Output Constraint", vm.heap, &FastMallocAlignedMemoryAllocator::instance())
 {
 }