Oilpan: disable conservative GCs during initial GC mixin construction.

Source/platform/heap/Heap.h

 /*
  * Copyright (C) 2013 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  *     * Redistributions in binary form must reproduce the above
@@ skipping 1073 matching lines @@
 
 // FIXME: The forward declaration is layering violation.
 #define DEFINE_TYPED_HEAP_TRAIT(Type)                   \
     class Type;                                         \
     template <> struct HeapIndexTrait<class Type> {     \
         static int index() { return Type##HeapIndex; }; \
     };
 FOR_EACH_TYPED_HEAP(DEFINE_TYPED_HEAP_TRAIT)
 #undef DEFINE_TYPED_HEAP_TRAIT
 
-template<typename T, typename Enabled = void>
-class AllocateObjectTrait {
-public:
-    static Address allocate(size_t size)
-    {
-        ThreadState* state = ThreadStateFor<ThreadingTrait<T>::Affinity>::state();
-        return Heap::allocateOnHeapIndex(state, size, HeapIndexTrait<T>::index(), GCInfoTrait<T>::index());
-    }
-
-    static void constructor()
-    {
-    }
-};
-
-template<typename T>
-class AllocateObjectTrait<T, typename WTF::EnableIf<blink::IsGarbageCollectedMixin<T>::value>::Type> {
-public:
-    // An object which implements GarbageCollectedMixin is marked
-    // and traced during GC by first adjusting object references to
-    // it to refer to the leftmost base for the object (which would
-    // be a GarbageCollected-derived class.) The prefixed object header
-    // can be located after that adjustment and its trace() vtbl slot
-    // will be used to fully trace the object, if not already marked.
-    //
-    // A C++ object's vptr will be initialized to its leftmost base's
-    // vtable after the constructors of all its subclasses have run,
-    // so if a subclass constructor tries to access any of the vtbl
-    // entries of its leftmost base prematurely, it'll find an as-yet
-    // incorrect vptr and fail. Which is exactly what a garbage collector
-    // will try to do if it tries to access the leftmost base while one
-    // of the subclass constructors of a GC mixin object triggers a GC.
-    // It is consequently not safe to allow any GCs while these objects
-    // are under (sub constructor) construction.
-    //
-    // To achieve that, the construction of mixins are handled in a
-    // special manner:
-    //
-    //  - The initial allocation of the mixin object will enter a no GC scope.
-    //  - The constructor for the leftmost base, which is when the mixin
-    //    object is in a state ready for a GC, leaves that GC scope.
-    //  - no-GC scope entering/leaving must support nesting.
-    //
-    static Address allocate(size_t size)
-    {
-        ThreadState* state = ThreadStateFor<ThreadingTrait<T>::Affinity>::state();
-        Address object = Heap::allocateOnHeapIndex(state, size, HeapIndexTrait<T>::index(), GCInfoTrait<T>::index());
-        state->enterGCForbiddenScope();
-        return object;
-    }
-
-    static void constructor()
-    {
-        // FIXME: if prompt conservative GCs are needed, forced GCs that
-        // were denied while within this scope, could now be performed.
-        // For now, assume the next out-of-line allocation request will
-        // happen soon enough and take care of it. Mixin objects aren't
-        // overly common.
-        ThreadState* state = ThreadStateFor<ThreadingTrait<T>::Affinity>::state();
-        state->leaveGCForbiddenScope();
-    }
-};
-
 // Base class for objects allocated in the Blink garbage-collected heap.
 //
 // Defines a 'new' operator that allocates the memory in the heap.  'delete'
 // should not be called on objects that inherit from GarbageCollected.
 //
 // Instances of GarbageCollected will *NOT* get finalized.  Their destructor
 // will not be called.  Therefore, only classes that have trivial destructors
 // with no semantic meaning (including all their subclasses) should inherit from
 // GarbageCollected.  If there are non-trival destructors in a given class or
 // any of its subclasses, GarbageCollectedFinalized should be used which
@@ skipping 28 matching lines @@
     }
 
     void operator delete(void* p)
     {
         ASSERT_NOT_REACHED();
     }
 
 protected:
     GarbageCollected()
     {
-        AllocateObjectTrait<T>::constructor();
     }
 };
 
 // Base class for objects allocated in the Blink garbage-collected heap.
 //
 // Defines a 'new' operator that allocates the memory in the heap.  'delete'
 // should not be called on objects that inherit from GarbageCollected.
 //
 // Instances of GarbageCollectedFinalized will have their destructor called when
 // the garbage collector determines that the object is no longer reachable.
@@ skipping 268 matching lines @@
 {
     ASSERT(state->isAllocationAllowed());
     ASSERT(heapIndex != LargeObjectHeapIndex);
     NormalPageHeap* heap = static_cast<NormalPageHeap*>(state->heap(heapIndex));
     return heap->allocateObject(allocationSizeFromSize(size), gcInfoIndex);
 }
 
 template<typename T>
 Address Heap::allocate(size_t size)
 {
-    return AllocateObjectTrait<T>::allocate(size);
+    ThreadState* state = ThreadStateFor<ThreadingTrait<T>::Affinity>::state();
+    return Heap::allocateOnHeapIndex(state, size, HeapIndexTrait<T>::index(), GCInfoTrait<T>::index());
 }
 
 template<typename T>
 Address Heap::reallocate(void* previous, size_t size)
 {
     if (!size) {
         // If the new size is 0 this is equivalent to either free(previous) or
         // malloc(0).  In both cases we do nothing and return nullptr.
         return nullptr;
     }
@@ skipping 1060 matching lines @@
 template<typename T, size_t inlineCapacity>
 struct GCInfoTrait<HeapVector<T, inlineCapacity>> : public GCInfoTrait<Vector<T, inlineCapacity, HeapAllocator>> { };
 template<typename T, size_t inlineCapacity>
 struct GCInfoTrait<HeapDeque<T, inlineCapacity>> : public GCInfoTrait<Deque<T, inlineCapacity, HeapAllocator>> { };
 template<typename T, typename U, typename V>
 struct GCInfoTrait<HeapHashCountedSet<T, U, V>> : public GCInfoTrait<HashCountedSet<T, U, V, HeapAllocator>> { };
 
 } // namespace blink
 
 #endif // Heap_h