Chromium Code Reviews Chromium Code Reviews
Issue 2179033005:
[heap] Don't consider mementos on pages below age mark (Closed)
Base URL: https://chromium.googlesource.com/v8/v8.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2012 the V8 project authors. All rights reserved. | 1 // Copyright 2012 the V8 project authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef V8_HEAP_HEAP_INL_H_ | 5 #ifndef V8_HEAP_HEAP_INL_H_ |
| 6 #define V8_HEAP_HEAP_INL_H_ | 6 #define V8_HEAP_HEAP_INL_H_ |
| 7 | 7 |
| 8 #include <cmath> | 8 #include <cmath> |
| 9 | 9 |
| 10 #include "src/base/platform/platform.h" | 10 #include "src/base/platform/platform.h" |
| (...skipping 461 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 472 return false; | 472 return false; |
| 473 } | 473 } |
| 474 | 474 |
| 475 void Heap::CopyBlock(Address dst, Address src, int byte_size) { | 475 void Heap::CopyBlock(Address dst, Address src, int byte_size) { |
| 476 CopyWords(reinterpret_cast<Object**>(dst), reinterpret_cast<Object**>(src), | 476 CopyWords(reinterpret_cast<Object**>(dst), reinterpret_cast<Object**>(src), |
| 477 static_cast<size_t>(byte_size / kPointerSize)); | 477 static_cast<size_t>(byte_size / kPointerSize)); |
| 478 } | 478 } |
| 479 | 479 |
| 480 template <Heap::FindMementoMode mode> | 480 template <Heap::FindMementoMode mode> |
| 481 AllocationMemento* Heap::FindAllocationMemento(HeapObject* object) { | 481 AllocationMemento* Heap::FindAllocationMemento(HeapObject* object) { |
| 482 // Check if there is potentially a memento behind the object. If | |
| 483 // the last word of the memento is on another page we return | |
| 484 // immediately. | |
| 485 Address object_address = object->address(); | 482 Address object_address = object->address(); |
| 486 Address memento_address = object_address + object->Size(); | 483 Address memento_address = object_address + object->Size(); |
| 487 Address last_memento_word_address = memento_address + kPointerSize; | 484 Address last_memento_word_address = memento_address + kPointerSize; |
| 485 // If the memento would be on another page, bail out immediately. | |
| 488 if (!Page::OnSamePage(object_address, last_memento_word_address)) { | 486 if (!Page::OnSamePage(object_address, last_memento_word_address)) { |
| 489 return nullptr; | 487 return nullptr; |
| 490 } | 488 } |
| 491 HeapObject* candidate = HeapObject::FromAddress(memento_address); | 489 HeapObject* candidate = HeapObject::FromAddress(memento_address); |
| 492 Map* candidate_map = candidate->map(); | 490 Map* candidate_map = candidate->map(); |
| 493 // This fast check may peek at an uninitialized word. However, the slow check | 491 // This fast check may peek at an uninitialized word. However, the slow check |
| 494 // below (memento_address == top) ensures that this is safe. Mark the word as | 492 // below (memento_address == top) ensures that this is safe. Mark the word as |
| 495 // initialized to silence MemorySanitizer warnings. | 493 // initialized to silence MemorySanitizer warnings. |
| 496 MSAN_MEMORY_IS_INITIALIZED(&candidate_map, sizeof(candidate_map)); | 494 MSAN_MEMORY_IS_INITIALIZED(&candidate_map, sizeof(candidate_map)); |
| 497 if (candidate_map != allocation_memento_map()) { | 495 if (candidate_map != allocation_memento_map()) { |
| 498 return nullptr; | 496 return nullptr; |
| 499 } | 497 } |
| 498 | |
| 499 // Bail out if the memento is below the age mark, which can happen when | |
| 500 // mementos survived because a page got moved within new space. | |
| 501 Page* object_page = Page::FromAddress(object_address); | |
| 502 if (object_page->IsFlagSet(Page::NEW_SPACE_BELOW_AGE_MARK)) { | |
| 503 Address age_mark = | |
| 504 reinterpret_cast<SemiSpace*>(object_page->owner())->age_mark(); | |
|
Michael Lippautz
2016/07/27 11:12:08
This is tricky: We need to pick the right age_mark
| |
| 505 if (!object_page->Contains(age_mark)) { | |
| 506 return nullptr; | |
| 507 } | |
| 508 // Do an exact check in the case where the age mark is on the same page. | |
| 509 if (object_address < age_mark) { | |
| 510 return nullptr; | |
| 511 } | |
| 512 } | |
| 513 | |
| 500 AllocationMemento* memento_candidate = AllocationMemento::cast(candidate); | 514 AllocationMemento* memento_candidate = AllocationMemento::cast(candidate); |
| 501 | 515 |
| 502 // Depending on what the memento is used for, we might need to perform | 516 // Depending on what the memento is used for, we might need to perform |
| 503 // additional checks. | 517 // additional checks. |
| 504 Address top; | 518 Address top; |
| 505 switch (mode) { | 519 switch (mode) { |
| 506 case Heap::kForGC: | 520 case Heap::kForGC: |
| 507 return memento_candidate; | 521 return memento_candidate; |
| 508 case Heap::kForRuntime: | 522 case Heap::kForRuntime: |
| 509 if (memento_candidate == nullptr) return nullptr; | 523 if (memento_candidate == nullptr) return nullptr; |
| (...skipping 252 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 762 | 776 |
| 763 void VerifySmisVisitor::VisitPointers(Object** start, Object** end) { | 777 void VerifySmisVisitor::VisitPointers(Object** start, Object** end) { |
| 764 for (Object** current = start; current < end; current++) { | 778 for (Object** current = start; current < end; current++) { |
| 765 CHECK((*current)->IsSmi()); | 779 CHECK((*current)->IsSmi()); |
| 766 } | 780 } |
| 767 } | 781 } |
| 768 } // namespace internal | 782 } // namespace internal |
| 769 } // namespace v8 | 783 } // namespace v8 |
| 770 | 784 |
| 771 #endif // V8_HEAP_HEAP_INL_H_ | 785 #endif // V8_HEAP_HEAP_INL_H_ |
| OLD | NEW |
