Oilpan: introduce eager finalization.

Source/platform/heap/Heap.cpp

Index: Source/platform/heap/Heap.cpp
diff --git a/Source/platform/heap/Heap.cpp b/Source/platform/heap/Heap.cpp
index 85a75d2994ce8d6e081e178d6246bdc652039355..5e9ea0c08c232c6545207e5ac835c95df603f051 100644
--- a/Source/platform/heap/Heap.cpp
+++ b/Source/platform/heap/Heap.cpp
@@ -346,8 +346,27 @@ void BaseHeap::poisonUnmarkedObjects()
 {
     // This method is called just before starting sweeping.
     // Thus all dead objects are in the list of m_firstUnsweptPage.
-    for (BasePage* page = m_firstUnsweptPage; page; page = page->next()) {
-        page->poisonUnmarkedObjects();
+    for (BasePage* page = m_firstUnsweptPage; page; page = page->next())
+        page->poisonObjects(UnmarkedOnly, SetPoison);
+}
+
+void BaseHeap::poisonHeap(Poisoning poisoning)

[haraken, 2015/06/01 08:42:52]

I'd call this function poisonUnmarkedAndMarkedObjects, in consistency with
poisonUnmarkedObjects().

[sof, 2015/06/01 14:51:36]

Addressed (see below.)

+{
+    // TODO(sof): support poisoning of all heaps.
+    ASSERT(heapIndex() == EagerSweepHeapIndex);
+    // This method is called with SetPoison just before starting sweeping
+    // of (eager) heaps. Hence, all objects will be in m_firstUnsweptPage
+    // before start.
+    if (poisoning == SetPoison) {
+        ASSERT(!m_firstPage);
+        for (BasePage* page = m_firstUnsweptPage; page; page = page->next()) {
+            page->poisonObjects(UnmarkedOrMarked, SetPoison);
+        }
+        return;
+    }
+    ASSERT(!m_firstUnsweptPage);
+    for (BasePage* page = m_firstPage; page; page = page->next()) {
+        page->poisonObjects(UnmarkedOnly, ClearPoison);

[haraken, 2015/06/01 08:42:52]

Nit: If we call the function poisonUnmarkedAndMarkedObjects, I'd use
UnmarkedOrMarked instead of UnmarkedOnly here. There would be no behavioral
difference though.

[sof, 2015/06/01 14:51:36]

There wouldn't, but that observation made me realize that we could simplify the
exposed methods. i.e., we can instead parameterize over ObjectsToPoison and only
provide one method; I've kept that named as poisonHeap().

     }
 }
 #endif
@@ -782,6 +801,8 @@ Address NormalPageHeap::outOfLineAllocate(size_t allocationSize, size_t gcInfoIn
 
     // 1. If this allocation is big enough, allocate a large object.
     if (allocationSize >= largeObjectSizeThreshold) {
+        // TODO(sof): support eagerly finalized large objects, if ever needed.
+        ASSERT(heapIndex() != EagerSweepHeapIndex);

[haraken, 2015/06/01 08:42:52]

I'd use RELEASE_ASSERT, since if we hit this, we'll have a real bug.

[sof, 2015/06/01 14:51:36]

switched; to the extent there's overhead, this isn't on any allocation hot path.

         LargeObjectHeap* largeObjectHeap = static_cast<LargeObjectHeap*>(threadState()->heap(LargeObjectHeapIndex));
         Address largeObject = largeObjectHeap->allocateLargeObjectPage(allocationSize, gcInfoIndex);
         ASAN_MARK_LARGE_VECTOR_CONTAINER(this, largeObject);
@@ -1152,7 +1173,6 @@ void NormalPage::sweep()
             headerAddress += size;
             continue;
         }
-
         if (startOfGap != headerAddress)
             heapForNormalPage()->addToFreeList(startOfGap, headerAddress - startOfGap);
         header->unmark();
@@ -1193,7 +1213,7 @@ void NormalPage::makeConsistentForGC()
 }
 
 #if defined(ADDRESS_SANITIZER)
-void NormalPage::poisonUnmarkedObjects()
+void NormalPage::poisonObjects(ObjectsToPoison objectsToPoison, Poisoning poisoning)
 {
     for (Address headerAddress = payload(); headerAddress < payloadEnd();) {
         HeapObjectHeader* header = reinterpret_cast<HeapObjectHeader*>(headerAddress);
@@ -1205,8 +1225,11 @@ void NormalPage::poisonUnmarkedObjects()
             continue;
         }
         header->checkHeader();
-        if (!header->isMarked()) {
-            ASAN_POISON_MEMORY_REGION(header->payload(), header->payloadSize());
+        if (objectsToPoison == UnmarkedOrMarked || !header->isMarked()) {
+            if (poisoning == SetPoison)
+                ASAN_POISON_MEMORY_REGION(header->payload(), header->payloadSize());
+            else
+                ASAN_UNPOISON_MEMORY_REGION(header->payload(), header->payloadSize());
         }
         headerAddress += header->size();
     }
@@ -1482,11 +1505,15 @@ void LargeObjectPage::makeConsistentForGC()
 }
 
 #if defined(ADDRESS_SANITIZER)
-void LargeObjectPage::poisonUnmarkedObjects()
+void LargeObjectPage::poisonObjects(ObjectsToPoison objectsToPoison, Poisoning poisoning)
 {
     HeapObjectHeader* header = heapObjectHeader();
-    if (!header->isMarked())
-        ASAN_POISON_MEMORY_REGION(header->payload(), header->payloadSize());
+    if (objectsToPoison == UnmarkedOrMarked || !header->isMarked()) {
+        if (poisoning == SetPoison)
+            ASAN_POISON_MEMORY_REGION(header->payload(), header->payloadSize());
+        else
+            ASAN_UNPOISON_MEMORY_REGION(header->payload(), header->payloadSize());
+    }
 }
 #endif