Annotate Heap::FindAllocationMemento for MemorySanitizer.

src/heap/heap-inl.h

 // Copyright 2012 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef V8_HEAP_HEAP_INL_H_
 #define V8_HEAP_HEAP_INL_H_
 
 #include <cmath>
 
 #include "src/base/platform/platform.h"
 #include "src/cpu-profiler.h"
 #include "src/heap/heap.h"
 #include "src/heap/store-buffer.h"
 #include "src/heap/store-buffer-inl.h"
 #include "src/heap-profiler.h"
 #include "src/isolate.h"
 #include "src/list-inl.h"
+#include "src/msan.h"
 #include "src/objects.h"
 
 namespace v8 {
 namespace internal {
 
 void PromotionQueue::insert(HeapObject* target, int size) {
   if (emergency_stack_ != NULL) {
     emergency_stack_->Add(Entry(target, size));
     return;
   }
@@ skipping 460 matching lines @@
     MemMove(dst, src, static_cast<size_t>(byte_size));
   }
 }
 
 
 void Heap::ScavengePointer(HeapObject** p) { ScavengeObject(p, *p); }
 
 
 AllocationMemento* Heap::FindAllocationMemento(HeapObject* object) {
   // Check if there is potentially a memento behind the object. If
-  // the last word of the momento is on another page we return
+  // the last word of the memento is on another page we return
   // immediately.
   Address object_address = object->address();
   Address memento_address = object_address + object->Size();
   Address last_memento_word_address = memento_address + kPointerSize;
   if (!NewSpacePage::OnSamePage(object_address, last_memento_word_address)) {
     return NULL;
   }
 
   HeapObject* candidate = HeapObject::FromAddress(memento_address);
-  if (candidate->map() != allocation_memento_map()) return NULL;
+  Map* candidate_map = candidate->map();
+  // This fast check may peek at an uninitialized word. However, the slow check
+  // below (memento_address == top) ensures that this is safe. Mark the word as
+  // initialized to silence MemorySanitizer warnings.
+  MSAN_MEMORY_IS_INITIALIZED(&candidate_map, sizeof(candidate_map));
+  if (candidate_map != allocation_memento_map()) return NULL;
 
   // Either the object is the last object in the new space, or there is another
   // object of at least word size (the header map word) following it, so
   // suffices to compare ptr and top here. Note that technically we do not have
   // to compare with the current top pointer of the from space page during GC,
   // since we always install filler objects above the top pointer of a from
   // space page when performing a garbage collection. However, always performing
   // the test makes it possible to have a single, unified version of
   // FindAllocationMemento that is used both by the GC and the mutator.
   Address top = NewSpaceTop();
@@ skipping 246 matching lines @@
 
 void VerifySmisVisitor::VisitPointers(Object** start, Object** end) {
   for (Object** current = start; current < end; current++) {
     CHECK((*current)->IsSmi());
   }
 }
 }
 }  // namespace v8::internal
 
 #endif  // V8_HEAP_HEAP_INL_H_