Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(575)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: src/heap/heap.cc

Issue 2868053002: [heap] Verify remembered set for objects in the old generation. (Closed)
Patch Set: check Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « src/heap/heap.h ('k') | src/heap/spaces.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: src/heap/heap.cc
diff --git a/src/heap/heap.cc b/src/heap/heap.cc
index 4ef4c900b955b52ae03f425eda508d598785a9e6..c7083e7dbe1de480d0463c653964941502f88be8 100644
--- a/src/heap/heap.cc
+++ b/src/heap/heap.cc
@@ -4779,6 +4779,160 @@ void Heap::Verify() {
mark_compact_collector()->VerifyOmittedMapChecks();
}
}
+
+class SlotVerifyingVisitor : public ObjectVisitor {
+ public:
+ SlotVerifyingVisitor(std::set<Address>* untyped,
+ std::set<std::pair<SlotType, Address> >* typed)
+ : untyped_(untyped), typed_(typed) {}
+
+ virtual bool ShouldHaveBeenRecorded(HeapObject* host, Object* target) = 0;
+
+ void VisitPointers(HeapObject* host, Object** start, Object** end) override {
+ for (Object** slot = start; slot < end; slot++) {
+ if (ShouldHaveBeenRecorded(host, *slot)) {
+ CHECK_GT(untyped_->count(reinterpret_cast<Address>(slot)), 0);
+ }
+ }
+ }
+
+ void VisitCodeTarget(Code* host, RelocInfo* rinfo) override {
+ Object* target = Code::GetCodeFromTargetAddress(rinfo->target_address());
+ if (ShouldHaveBeenRecorded(host, target)) {
+ CHECK(InTypedSet(CODE_TARGET_SLOT, rinfo->pc()) ||
+ (rinfo->IsInConstantPool() &&
+ InTypedSet(CODE_ENTRY_SLOT, rinfo->pc())));
+ }
+ }
+
+ void VisitCodeAgeSequence(Code* host, RelocInfo* rinfo) override {
+ Object* target = rinfo->code_age_stub();
+ if (ShouldHaveBeenRecorded(host, target)) {
+ CHECK(InTypedSet(CODE_TARGET_SLOT, rinfo->pc()) ||
+ (rinfo->IsInConstantPool() &&
+ InTypedSet(CODE_ENTRY_SLOT, rinfo->pc())));
+ }
+ }
+
+ void VisitCodeEntry(JSFunction* host, Address entry_address) override {
+ Object* target = Code::GetObjectFromEntryAddress(entry_address);
+ if (ShouldHaveBeenRecorded(host, target)) {
+ CHECK(InTypedSet(CODE_ENTRY_SLOT, entry_address));
+ }
+ }
+
+ void VisitCellPointer(Code* host, RelocInfo* rinfo) override {
+ Object* target = rinfo->target_cell();
+ if (ShouldHaveBeenRecorded(host, target)) {
+ CHECK(
+ InTypedSet(CELL_TARGET_SLOT, rinfo->pc()) ||
+ (rinfo->IsInConstantPool() && InTypedSet(OBJECT_SLOT, rinfo->pc())));
+ }
+ }
+
+ void VisitDebugTarget(Code* host, RelocInfo* rinfo) override {
+ Object* target =
+ Code::GetCodeFromTargetAddress(rinfo->debug_call_address());
+ if (ShouldHaveBeenRecorded(host, target)) {
+ CHECK(InTypedSet(DEBUG_TARGET_SLOT, rinfo->pc()) ||
+ (rinfo->IsInConstantPool() &&
+ InTypedSet(CODE_ENTRY_SLOT, rinfo->pc())));
+ }
+ }
+
+ void VisitEmbeddedPointer(Code* host, RelocInfo* rinfo) override {
+ Object* target = rinfo->target_object();
+ if (ShouldHaveBeenRecorded(host, target)) {
+ CHECK(
+ InTypedSet(EMBEDDED_OBJECT_SLOT, rinfo->pc()) ||
+ (rinfo->IsInConstantPool() && InTypedSet(OBJECT_SLOT, rinfo->pc())));
+ }
+ }
+
+ private:
+ bool InTypedSet(SlotType type, Address slot) {
+ return typed_->count(std::make_pair(type, slot)) > 0;
+ }
+ std::set<Address>* untyped_;
+ std::set<std::pair<SlotType, Address> >* typed_;
+};
+
+class OldToNewSlotVerifyingVisitor : public SlotVerifyingVisitor {
+ public:
+ OldToNewSlotVerifyingVisitor(Heap* heap, std::set<Address>* untyped,
+ std::set<std::pair<SlotType, Address> >* typed)
+ : SlotVerifyingVisitor(untyped, typed), heap_(heap) {}
+
+ bool ShouldHaveBeenRecorded(HeapObject* host, Object* target) override {
+ return target->IsHeapObject() && heap_->InNewSpace(target) &&
+ !heap_->InNewSpace(host);
+ }
+
+ private:
+ Heap* heap_;
+};
+
+class OldToOldSlotVerifyingVisitor : public SlotVerifyingVisitor {
+ public:
+ OldToOldSlotVerifyingVisitor(std::set<Address>* untyped,
+ std::set<std::pair<SlotType, Address> >* typed)
+ : SlotVerifyingVisitor(untyped, typed) {}
+
+ bool ShouldHaveBeenRecorded(HeapObject* host, Object* target) override {
+ if (!target->IsHeapObject()) return false;
+ Page* target_page = Page::FromAddress(reinterpret_cast<Address>(target));
+ Page* source_page = Page::FromAddress(reinterpret_cast<Address>(host));
+ return target_page->IsEvacuationCandidate() &&
+ !source_page->ShouldSkipEvacuationSlotRecording() &&
+ ObjectMarking::IsBlack(host, MarkingState::Internal(host));
+ }
+};
+
+template <RememberedSetType direction>
+void CollectSlots(MemoryChunk* chunk, Address start, Address end,
+ std::set<Address>* untyped,
+ std::set<std::pair<SlotType, Address> >* typed) {
+ RememberedSet<direction>::Iterate(chunk, [start, end, untyped](Address slot) {
+ if (start <= slot && slot < end) {
+ untyped->insert(slot);
+ }
+ return KEEP_SLOT;
+ });
+ RememberedSet<direction>::IterateTyped(
+ chunk, [start, end, typed](SlotType type, Address host, Address slot) {
+ if (start <= slot && slot < end) {
+ typed->insert(std::make_pair(type, slot));
+ }
+ return KEEP_SLOT;
+ });
+}
+
+void Heap::VerifyRememberedSetFor(HeapObject* object) {
+ MemoryChunk* chunk = MemoryChunk::FromAddress(object->address());
+ base::LockGuard<base::RecursiveMutex> lock_guard(chunk->mutex());
+ Address start = object->address();
+ Address end = start + object->Size();
+ std::set<Address> old_to_new, old_to_old;
+ std::set<std::pair<SlotType, Address> > typed_old_to_new, typed_old_to_old;
+ if (!InNewSpace(object)) {
+ store_buffer()->MoveAllEntriesToRememberedSet();
+ CollectSlots<OLD_TO_NEW>(chunk, start, end, &old_to_new, &typed_old_to_new);
+ OldToNewSlotVerifyingVisitor visitor(this, &old_to_new, &typed_old_to_new);
+ object->IterateBody(&visitor);
+ }
+ // For some weak objects the slots are recorded in during the finalization
+ // of mark-compactor. Since there is precise check for DescriptorArray and
Michael Lippautz 2017/05/09 17:44:05 /is/is no/ That is unfortunate :/
+ // the backing store of a weak JS collection we have to ignore all fixed
+ // arrays and all hash tables.
+ // TODO(ulan): record slots for all weak objects.
+ if (ObjectMarking::IsBlack(object, MarkingState::Internal(object)) &&
+ !object->IsWeakCell() && !object->IsTransitionArray() &&
+ !object->IsFixedArray() && !object->IsHashTable()) {
+ CollectSlots<OLD_TO_OLD>(chunk, start, end, &old_to_old, &typed_old_to_old);
+ OldToOldSlotVerifyingVisitor visitor(&old_to_old, &typed_old_to_old);
+ object->IterateBody(&visitor);
+ }
+}
#endif
« no previous file with comments | « src/heap/heap.h ('k') | src/heap/spaces.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698