[v8-dev] [v8] r21626 committed - Fix PathTracer....

Tue, 03 Jun 2014 01:29:12 -0700 

Revision: 21626
Author:   ish...@chromium.org
Date:     Tue Jun  3 08:28:38 2014 UTC
Log:      Fix PathTracer.

When tracing, we abuse the map for marking, thereby mutating it.
HeapObject::map() takes care of recovering unabused value.

R=yang...@chromium.org

Review URL: https://codereview.chromium.org/316533002
http://code.google.com/p/v8/source/detail?r=21626

Modified:
 /branches/bleeding_edge/src/heap.cc
 /branches/bleeding_edge/src/heap.h
 /branches/bleeding_edge/src/objects-inl.h
 /branches/bleeding_edge/test/cctest/test-heap.cc

=======================================
--- /branches/bleeding_edge/src/heap.cc Tue Jun  3 08:12:43 2014 UTC
+++ /branches/bleeding_edge/src/heap.cc Tue Jun  3 08:28:38 2014 UTC
@@ -5853,9 +5853,8 @@

   HeapObject* obj = HeapObject::cast(*p);

-  Object* map = obj->map();
-
-  if (!map->IsHeapObject()) return;  // visited before
+  MapWord map_word = obj->map_word();
+  if (!map_word.ToMap()->IsHeapObject()) return;  // visited before

   if (found_target_in_trace_) return;  // stop if target found
   object_stack_.Add(obj);
@@ -5869,11 +5868,11 @@
   bool is_native_context = SafeIsNativeContext(obj);

   // not visited yet
-  Map* map_p = reinterpret_cast<Map*>(HeapObject::cast(map));
+  Map* map = Map::cast(map_word.ToMap());

-  Address map_addr = map_p->address();
-
- obj->set_map_no_write_barrier(reinterpret_cast<Map*>(map_addr + kMarkTag)); 
+  MapWord marked_map_word =
+      MapWord::FromRawValue(obj->map_word().ToRawValue() + kMarkTag);
+  obj->set_map_word(marked_map_word);

   // Scan the object body.
   if (is_native_context && (visit_mode_ == VISIT_ONLY_STRONG)) {
@@ -5884,17 +5883,16 @@
         Context::kHeaderSize + Context::FIRST_WEAK_SLOT * kPointerSize);
     mark_visitor->VisitPointers(start, end);
   } else {
-    obj->IterateBody(map_p->instance_type(),
-                     obj->SizeFromMap(map_p),
-                     mark_visitor);
+ obj->IterateBody(map->instance_type(), obj->SizeFromMap(map), mark_visitor); 
   }

   // Scan the map after the body because the body is a lot more interesting
   // when doing leak detection.
-  MarkRecursively(&map, mark_visitor);
+  MarkRecursively(reinterpret_cast<Object**>(&map), mark_visitor);

-  if (!found_target_in_trace_)  // don't pop if found the target
+  if (!found_target_in_trace_) {  // don't pop if found the target
     object_stack_.RemoveLast();
+  }
 }


@@ -5903,25 +5901,18 @@

   HeapObject* obj = HeapObject::cast(*p);

-  Object* map = obj->map();
-
-  if (map->IsHeapObject()) return;  // unmarked already
-
-  Address map_addr = reinterpret_cast<Address>(map);
-
-  map_addr -= kMarkTag;
-
-  ASSERT_TAG_ALIGNED(map_addr);
+  MapWord map_word = obj->map_word();
+  if (map_word.ToMap()->IsHeapObject()) return;  // unmarked already

-  HeapObject* map_p = HeapObject::FromAddress(map_addr);
+  MapWord unmarked_map_word =
+      MapWord::FromRawValue(map_word.ToRawValue() - kMarkTag);
+  obj->set_map_word(unmarked_map_word);

-  obj->set_map_no_write_barrier(reinterpret_cast<Map*>(map_p));
+  Map* map = Map::cast(unmarked_map_word.ToMap());

-  UnmarkRecursively(reinterpret_cast<Object**>(&map_p), unmark_visitor);
+  UnmarkRecursively(reinterpret_cast<Object**>(&map), unmark_visitor);

-  obj->IterateBody(Map::cast(map_p)->instance_type(),
-                   obj->SizeFromMap(Map::cast(map_p)),
-                   unmark_visitor);
+ obj->IterateBody(map->instance_type(), obj->SizeFromMap(map), unmark_visitor); 
 }


=======================================
--- /branches/bleeding_edge/src/heap.h  Tue Jun  3 08:12:43 2014 UTC
+++ /branches/bleeding_edge/src/heap.h  Tue Jun  3 08:28:38 2014 UTC
@@ -2727,6 +2727,9 @@
     FIND_FIRST  // Will stop the search after first match.
   };

+  // Tags 0, 1, and 3 are used. Use 2 for marking visited HeapObject.
+  static const int kMarkTag = 2;
+
   // For the WhatToFind arg, if FIND_FIRST is specified, tracing will stop
   // after the first match.  If FIND_ALL is specified, then tracing will be
   // done for all matches.
@@ -2758,9 +2761,6 @@
   void UnmarkRecursively(Object** p, UnmarkVisitor* unmark_visitor);
   virtual void ProcessResults();

-  // Tags 0, 1, and 3 are used. Use 2 for marking visited HeapObject.
-  static const int kMarkTag = 2;
-
   Object* search_target_;
   bool found_target_;
   bool found_target_in_trace_;
=======================================
--- /branches/bleeding_edge/src/objects-inl.h   Tue Jun  3 08:12:43 2014 UTC
+++ /branches/bleeding_edge/src/objects-inl.h   Tue Jun  3 08:28:38 2014 UTC
@@ -1328,7 +1328,14 @@


 Map* HeapObject::map() {
+#ifdef DEBUG
+  // Clear mark potentially added by PathTracer.
+  uintptr_t raw_value =
+ map_word().ToRawValue() & ~static_cast<uintptr_t>(PathTracer::kMarkTag); 
+  return MapWord::FromRawValue(raw_value).ToMap();
+#else
   return map_word().ToMap();
+#endif
 }


=======================================
--- /branches/bleeding_edge/test/cctest/test-heap.cc Tue Jun 3 08:12:43 2014 UTC +++ /branches/bleeding_edge/test/cctest/test-heap.cc Tue Jun 3 08:28:38 2014 UTC 
@@ -4325,8 +4325,6 @@

 #ifdef DEBUG
 TEST(PathTracer) {
- // Type cast checks fail because the path tracer abuses the map for marking. 
-  if (i::FLAG_enable_slow_asserts) return;
   CcTest::InitializeVM();
   v8::HandleScope scope(CcTest::isolate());

--
--
v8-dev mailing list
v8-dev@googlegroups.com
http://groups.google.com/group/v8-dev
--- You received this message because you are subscribed to the Google Groups "v8-dev" group. 
To unsubscribe from this group and stop receiving emails from it, send an email 
to v8-dev+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to