Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(24)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/WebKit/Source/platform/heap/Heap.h

Issue 2015173003: Address ThreadHeap::willObjectBeLazilySwept() corner case. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: rebased Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | third_party/WebKit/Source/platform/heap/HeapPage.h » ('j') | third_party/WebKit/Source/platform/heap/HeapPage.cpp » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2013 Google Inc. All rights reserved. 2 * Copyright (C) 2013 Google Inc. All rights reserved.
3 * 3 *
4 * Redistribution and use in source and binary forms, with or without 4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions are 5 * modification, are permitted provided that the following conditions are
6 * met: 6 * met:
7 * 7 *
8 * * Redistributions of source code must retain the above copyright 8 * * Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer. 9 * notice, this list of conditions and the following disclaimer.
10 * * Redistributions in binary form must reproduce the above 10 * * Redistributions in binary form must reproduce the above
(...skipping 252 matching lines...) Expand 10 before | Expand all | Expand 10 after
263 static RecursiveMutex& allHeapsMutex(); 263 static RecursiveMutex& allHeapsMutex();
264 static HashSet<ThreadHeap*>& allHeaps(); 264 static HashSet<ThreadHeap*>& allHeaps();
265 265
266 // Is the finalizable GC object still alive, but slated for lazy sweeping? 266 // Is the finalizable GC object still alive, but slated for lazy sweeping?
267 // If a lazy sweep is in progress, returns true if the object was found 267 // If a lazy sweep is in progress, returns true if the object was found
268 // to be not reachable during the marking phase, but it has yet to be swept 268 // to be not reachable during the marking phase, but it has yet to be swept
269 // and finalized. The predicate returns false in all other cases. 269 // and finalized. The predicate returns false in all other cases.
270 // 270 //
271 // Holding a reference to an already-dead object is not a valid state 271 // Holding a reference to an already-dead object is not a valid state
272 // to be in; willObjectBeLazilySwept() has undefined behavior if passed 272 // to be in; willObjectBeLazilySwept() has undefined behavior if passed
273 // such a reference. 273 // such a reference.
haraken 2016/05/30 23:54:49 To check this, can we add objectPointer->checkHead
274 template<typename T> 274 template<typename T>
275 NO_LAZY_SWEEP_SANITIZE_ADDRESS 275 NO_LAZY_SWEEP_SANITIZE_ADDRESS
276 static bool willObjectBeLazilySwept(const T* objectPointer) 276 static bool willObjectBeLazilySwept(const T* objectPointer)
277 { 277 {
278 static_assert(IsGarbageCollectedType<T>::value, "only objects deriving f rom GarbageCollected can be used."); 278 static_assert(IsGarbageCollectedType<T>::value, "only objects deriving f rom GarbageCollected can be used.");
279 BasePage* page = pageFromObject(objectPointer); 279 BasePage* page = pageFromObject(objectPointer);
280 // Page has been swept and it is still alive.
280 if (page->hasBeenSwept()) 281 if (page->hasBeenSwept())
281 return false; 282 return false;
282 ASSERT(page->arena()->getThreadState()->isSweepingInProgress()); 283 ASSERT(page->arena()->getThreadState()->isSweepingInProgress());
283 284
284 return !ThreadHeap::isHeapObjectAlive(const_cast<T*>(objectPointer)); 285 // If marked and alive, the object hasn't yet been swept..and won't
286 // be once its page is processed.
287 if (ThreadHeap::isHeapObjectAlive(const_cast<T*>(objectPointer)))
288 return false;
289
290 if (page->isLargeObjectPage())
291 return true;
292
293 // If the object is unmarked, it may be on the page currently being
294 // lazily swept.
295 return page->arena()->willObjectBeLazilySwept(page, const_cast<T*>(objec tPointer));
285 } 296 }
286 297
287 // Push a trace callback on the marking stack. 298 // Push a trace callback on the marking stack.
288 void pushTraceCallback(void* containerObject, TraceCallback); 299 void pushTraceCallback(void* containerObject, TraceCallback);
289 300
290 // Push a trace callback on the post-marking callback stack. These 301 // Push a trace callback on the post-marking callback stack. These
291 // callbacks are called after normal marking (including ephemeron 302 // callbacks are called after normal marking (including ephemeron
292 // iteration). 303 // iteration).
293 void pushPostMarkingCallback(void*, TraceCallback); 304 void pushPostMarkingCallback(void*, TraceCallback);
294 305
(...skipping 314 matching lines...) Expand 10 before | Expand all | Expand 10 after
609 void VisitorHelper<Derived>::handleWeakCell(Visitor* self, void* object) 620 void VisitorHelper<Derived>::handleWeakCell(Visitor* self, void* object)
610 { 621 {
611 T** cell = reinterpret_cast<T**>(object); 622 T** cell = reinterpret_cast<T**>(object);
612 if (*cell && !ObjectAliveTrait<T>::isHeapObjectAlive(*cell)) 623 if (*cell && !ObjectAliveTrait<T>::isHeapObjectAlive(*cell))
613 *cell = nullptr; 624 *cell = nullptr;
614 } 625 }
615 626
616 } // namespace blink 627 } // namespace blink
617 628
618 #endif // Heap_h 629 #endif // Heap_h
OLDNEW
« no previous file with comments | « no previous file | third_party/WebKit/Source/platform/heap/HeapPage.h » ('j') | third_party/WebKit/Source/platform/heap/HeapPage.cpp » ('J')

Powered by Google App Engine
This is Rietveld 408576698