65585 2011-08-02 17:29:18 -0700 JSC GC may not be able to reuse partially-free blocks after a full collection 2011-08-02 18:48:31 -0700 1 1 1 Unclassified WebKit JavaScriptCore 528+ (Nightly build) All All RESOLVED FIXED P2 Normal --- 1 fpizlo webkit-unassigned barraclough fpizlo oliver webkit.review.bot oldest_to_newest 445633 0 fpizlo 2011-08-02 17:29:18 -0700 The JSC GC has a quirk in the management of free blocks, where when a free block is removed from a size class, all blocks prior to that one may also be removed from the size class's list of to-sweep blocks. The lazy sweep will then overlook these blocks and allocate fresh blocks instead of reusing free space in partially-free blocks. This pathology will persist only until the next non-full collection, so it only has two effects: 1) The next collection may come sooner than otherwise, if there is a lot of free space in partially-free blocks. 2) The allocator has fewer opportunities to "fill in" fragmentation. Oddly, this might be good for performance. But on the downside, it may lead to more fragmentation in the long run. Notably, other than the risk of fragmentation, this bug does not degrade memory usage - it only has the potential pathology of decreasing the time-to-next-collection after a full collection. 445635 1 102719 fpizlo 2011-08-02 17:32:03 -0700 Created attachment 102719 the patch Tests still running, will set flags to ? when they're done. 445642 2 102719 fpizlo 2011-08-02 17:45:15 -0700 Comment on attachment 102719 the patch All tests pass. No performance regression on either my Mac Pro or my iMac. It's ready for review. 445664 3 102719 webkit.review.bot 2011-08-02 18:48:27 -0700 Comment on attachment 102719 the patch Clearing flags on attachment: 102719 Committed r92251: <http://trac.webkit.org/changeset/92251> 445665 4 webkit.review.bot 2011-08-02 18:48:31 -0700 All reviewed patches have been landed. Closing bug. 102719 2011-08-02 17:32:03 -0700 2011-08-02 18:48:27 -0700 the patch freelistbug_patch_1.diff text/plain 1340 fpizlo SW5kZXg6IFNvdXJjZS9KYXZhU2NyaXB0Q29yZS9DaGFuZ2VMb2cKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291 cmNlL0phdmFTY3JpcHRDb3JlL0NoYW5nZUxvZwkocmV2aXNpb24gOTIyNDkpCisrKyBTb3VyY2Uv SmF2YVNjcmlwdENvcmUvQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBAIC0xLDMgKzEsMTcgQEAK KzIwMTEtMDgtMDIgIEZpbGlwIFBpemxvICA8ZnBpemxvQGFwcGxlLmNvbT4KKworICAgICAgICBK U0MgR0MgbWF5IG5vdCBiZSBhYmxlIHRvIHJldXNlIHBhcnRpYWxseS1mcmVlIGJsb2NrcyBhZnRl ciBhCisgICAgICAgIGZ1bGwgY29sbGVjdGlvbgorICAgICAgICBodHRwczovL2J1Z3Mud2Via2l0 Lm9yZy9zaG93X2J1Zy5jZ2k/aWQ9NjU1ODUKKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkg KE9PUFMhKS4KKyAgICAgICAgCisgICAgICAgIFRoaXMgZml4ZXMgdGhlIGxpbmtlZCBsaXN0IG1h bmFnZW1lbnQgYnVnLiAgVGhpcyBmaXggaXMgcGVyZm9ybWFuY2UKKyAgICAgICAgbmV1dHJhbCBv biBTdW5TcGlkZXIuCisKKyAgICAgICAgKiBoZWFwL05ld1NwYWNlLmNwcDoKKyAgICAgICAgKEpT Qzo6TmV3U3BhY2U6OnJlbW92ZUJsb2NrKToKKwogMjAxMS0wOC0wMiAgRmlsaXAgUGl6bG8gIDxm cGl6bG9AYXBwbGUuY29tPgogCiAgICAgICAgIEpTQyBHQyB1c2VzIGR1bW15IGNlbGxzIHRvIGF2 b2lkIGhhdmluZyB0byByZW1lbWJlciB3aGljaCBjZWxscwpJbmRleDogU291cmNlL0phdmFTY3Jp cHRDb3JlL2hlYXAvTmV3U3BhY2UuY3BwCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9KYXZhU2NyaXB0 Q29yZS9oZWFwL05ld1NwYWNlLmNwcAkocmV2aXNpb24gOTIyNDcpCisrKyBTb3VyY2UvSmF2YVNj cmlwdENvcmUvaGVhcC9OZXdTcGFjZS5jcHAJKHdvcmtpbmcgY29weSkKQEAgLTU4LDcgKzU4LDgg QEAgdm9pZCBOZXdTcGFjZTo6cmVtb3ZlQmxvY2soTWFya2VkQmxvY2sqIAogewogICAgIGJsb2Nr LT5zZXRJbk5ld1NwYWNlKGZhbHNlKTsKICAgICBTaXplQ2xhc3MmIHNpemVDbGFzcyA9IHNpemVD bGFzc0ZvcihibG9jay0+Y2VsbFNpemUoKSk7Ci0gICAgc2l6ZUNsYXNzLm5leHRCbG9jayA9IGJs b2NrLT5uZXh0KCk7CisgICAgaWYgKHNpemVDbGFzcy5uZXh0QmxvY2sgPT0gYmxvY2spCisgICAg ICAgIHNpemVDbGFzcy5uZXh0QmxvY2sgPSBibG9jay0+bmV4dCgpOwogICAgIHNpemVDbGFzcy5i bG9ja0xpc3QucmVtb3ZlKGJsb2NrKTsKIH0KIAo=