[v8-dev] Tests that the GC doesn't mistake non-pointer constant pool entries as poitners. (issue 396803009 by rmcilroy@chromium.org)

Thu, 17 Jul 2014 05:53:02 -0700 

Reviewers: Hannes Payer,

Message:
Please take a look, thanks.

Description:
Tests that the GC doesn't mistake non-pointer constant pool entries as poitners. 

Adds a test for ConstantPoolArray to ensure that the GC doesn't mistake non-
pointer entries as pointers and try to modify them during scavenge operations. 

Please review this at https://codereview.chromium.org/396803009/

SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge

Affected files (+39, -0 lines):
  M test/cctest/test-constantpool.cc


Index: test/cctest/test-constantpool.cc
diff --git a/test/cctest/test-constantpool.cc b/test/cctest/test-constantpool.cc index 67767a2f0ead7b68f1b29f1f1dd0562ed53fd970..5e27f229029f60659cd703c880fc922e59acc300 100644 
--- a/test/cctest/test-constantpool.cc
+++ b/test/cctest/test-constantpool.cc
@@ -242,3 +242,42 @@ TEST(ConstantPoolIteratorExtended) {
   int expected_int32_indexs[] = { 1, 2, 3, 4 };
   CheckIterator(array, ConstantPoolArray::INT32, expected_int32_indexs, 4);
 }
+
+
+TEST(ConstantPoolPreciseGC) {
+  LocalContext context;
+  Isolate* isolate = CcTest::i_isolate();
+  Heap* heap = isolate->heap();
+  Factory* factory = isolate->factory();
+  v8::HandleScope scope(context->GetIsolate());
+
+  ConstantPoolArray::NumberOfEntries small(1, 0, 1, 1);
+  Handle<ConstantPoolArray> array = factory->NewConstantPoolArray(small);
+
+ // Check that the store buffer knows which entries are pointers and which are 
+  // not.  To do this, make non-pointer entries which look like new space
+ // pointers but are actually invalid and ensure the GC doesn't try to move 
+  // them.
+  Handle<HeapObject> object = factory->NewHeapNumber(4.0);
+  Object* raw_ptr = *object;
+ // If interpreted as a pointer, this should be right inside the heap number 
+  // which will cause a crash when trying to lookup the 'map' pointer.
+ int32_t invalid_ptr_int32 = reinterpret_cast<int32_t>(raw_ptr) + kInt32Size; + int64_t invalid_ptr_int64 = reinterpret_cast<int64_t>(raw_ptr) + kInt32Size; 
+  array->set(0, invalid_ptr_int64);
+  array->set(1, *object);
+  array->set(2, invalid_ptr_int32);
+
+  // Ensure we perform a scan on scavenge for the constant pool's page.
+  MemoryChunk::FromAddress(array->address())->set_scan_on_scavenge(true);
+  heap->CollectGarbage(NEW_SPACE);
+
+  // Check the object was moved by GC.
+  Object* new_ptr = array->get_heap_ptr_entry(1);
+  CHECK_NE(*object, raw_ptr);
+  CHECK_EQ(*object, new_ptr);
+
+  // Check the non-pointer entries weren't changed.
+  CHECK_EQ(invalid_ptr_int64, array->get_int64_entry(0));
+  CHECK_EQ(invalid_ptr_int32, array->get_int32_entry(2));
+}


--
--
v8-dev mailing list
v8-dev@googlegroups.com
http://groups.google.com/group/v8-dev
--- You received this message because you are subscribed to the Google Groups "v8-dev" group. 
To unsubscribe from this group and stop receiving emails from it, send an email 
to v8-dev+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to