Reviewers: Michael Starzinger,
Message:
Given that ConstantPoolArrays can contain raw int32 or int64 values, I think
this change is necessary to ensure we don't confuse a raw int value as a
tagged
pointer when migrating a ConstantPoolArray. PTAL.
Description:
Special case ConstantPoolArray in MarkCompactCollector::MigrateObject.
Special case the ConstantPoolArray in MarkCompactCollector::MigrateObject
since
it could contain
integer value entires which look like tagged pointers.
Please review this at https://codereview.chromium.org/304223002/
SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files (+27, -7 lines):
M src/mark-compact.h
M src/mark-compact.cc
Index: src/mark-compact.cc
diff --git a/src/mark-compact.cc b/src/mark-compact.cc
index
8d9ec0cdefaa5b8357c1210a218e5333c1b4d791..043bc559061664df7baa6d2fe0ea7b084027e471
100644
--- a/src/mark-compact.cc
+++ b/src/mark-compact.cc
@@ -2822,6 +2822,19 @@ void MarkCompactCollector::ClearWeakCollections() {
}
+void MarkCompactCollector::RecordMigratedSlot(Object* value, Address slot)
{
+ if (heap_->InNewSpace(value)) {
+ heap_->store_buffer()->Mark(slot);
+ } else if (value->IsHeapObject() && IsOnEvacuationCandidate(value)) {
+ SlotsBuffer::AddTo(&slots_buffer_allocator_,
+ &migration_slots_buffer_,
+ reinterpret_cast<Object**>(slot),
+ SlotsBuffer::IGNORE_OVERFLOW);
+ }
+}
+
+
+
// We scavange new space simultaneously with sweeping. This is done in two
// passes.
//
@@ -2858,13 +2871,10 @@ void
MarkCompactCollector::MigrateObject(HeapObject* dst,
Memory::Object_at(dst_slot) = value;
- if (heap_->InNewSpace(value)) {
- heap_->store_buffer()->Mark(dst_slot);
- } else if (value->IsHeapObject() && IsOnEvacuationCandidate(value)) {
- SlotsBuffer::AddTo(&slots_buffer_allocator_,
- &migration_slots_buffer_,
- reinterpret_cast<Object**>(dst_slot),
- SlotsBuffer::IGNORE_OVERFLOW);
+ // We special case ConstantPoolArrays below since they could contain
+ // contain integers value entries which look like tagged pointers.
+ if (!(compacting_ && dst->IsConstantPoolArray())) {
+ RecordMigratedSlot(value, dst_slot);
}
src_slot += kPointerSize;
@@ -2898,6 +2908,13 @@ void MarkCompactCollector::MigrateObject(HeapObject*
dst,
SlotsBuffer::IGNORE_OVERFLOW);
}
}
+ ConstantPoolArray::Iterator heap_iter(array,
ConstantPoolArray::HEAP_PTR);
+ while (!heap_iter.is_finished()) {
+ Address heap_slot =
+ dst_addr + array->OffsetOfElementAt(heap_iter.next_index());
+ Object* value = Memory::Object_at(heap_slot);
+ RecordMigratedSlot(value, heap_slot);
+ }
}
} else if (dest == CODE_SPACE) {
PROFILE(isolate(), CodeMoveEvent(src_addr, dst_addr));
Index: src/mark-compact.h
diff --git a/src/mark-compact.h b/src/mark-compact.h
index
bd34d56c5dd9fbcc153b4e7c72e11069abab58ec..336ae55574d9afa1410a81c9cba8ffa76a3e507c
100644
--- a/src/mark-compact.h
+++ b/src/mark-compact.h
@@ -902,6 +902,9 @@ class MarkCompactCollector {
void ParallelSweepSpaceComplete(PagedSpace* space);
+ // Updates store buffer and slot buffer for a pointer in a migrating
object.
+ void RecordMigratedSlot(Object* value, Address slot);
+
#ifdef DEBUG
friend class MarkObjectVisitor;
static void VisitObject(HeapObject* obj);
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
