[heap] Initialize free space memory in the sweeper.

Bug: chromium:829771 Change-Id: Ia3b6221cdc54c5102760665076f1cb2541d16fb4 Reviewed-on: https://chromium-review.googlesource.com/999634 Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Hannes Payer <hpayer@chromium.org> Cr-Commit-Position: refs/heads/master@{#52463}
2018-04-06 16:12:23 +02:00 · 2018-04-06 16:12:23 +02:00 · 001814ee90
commit 001814ee90
parent b7b9ad61ba
4 changed files with 27 additions and 8 deletions
--- a/src/globals.h
+++ b/src/globals.h
@ -420,6 +420,7 @@ const intptr_t kClearedWeakHeapObject = 3;
 // Zap-value: The value used for zapping dead objects.
 // Should be a recognizable hex value tagged as a failure.
 #ifdef V8_HOST_ARCH_64_BIT
+constexpr uint64_t kClearedFreeMemoryValue = 0;
 constexpr uint64_t kZapValue = uint64_t{0xdeadbeedbeadbeef};
 constexpr uint64_t kHandleZapValue = uint64_t{0x1baddead0baddeaf};
 constexpr uint64_t kGlobalHandleZapValue = uint64_t{0x1baffed00baffedf};
@ -428,6 +429,7 @@ constexpr uint64_t kDebugZapValue = uint64_t{0xbadbaddbbadbaddb};
 constexpr uint64_t kSlotsZapValue = uint64_t{0xbeefdeadbeefdeef};
 constexpr uint64_t kFreeListZapValue = 0xfeed1eaffeed1eaf;
 #else
+constexpr uint32_t kClearedFreeMemoryValue = 0;
 constexpr uint32_t kZapValue = 0xdeadbeef;
 constexpr uint32_t kHandleZapValue = 0xbaddeaf;
 constexpr uint32_t kGlobalHandleZapValue = 0xbaffedf;
--- a/src/heap/heap.cc
+++ b/src/heap/heap.cc
@ -3028,7 +3028,8 @@ AllocationResult Heap::AllocateBytecodeArray(int length,
 }

 HeapObject* Heap::CreateFillerObjectAt(Address addr, int size,
-                                       ClearRecordedSlots mode) {
+                                       ClearRecordedSlots clear_slots_mode,
+                                       ClearFreedMemoryMode clear_memory_mode) {
  if (size == 0) return nullptr;
  HeapObject* filler = HeapObject::FromAddress(addr);
  if (size == kPointerSize) {
@ -3039,14 +3040,22 @@ HeapObject* Heap::CreateFillerObjectAt(Address addr, int size,
    filler->set_map_after_allocation(
        reinterpret_cast<Map*>(root(kTwoPointerFillerMapRootIndex)),
        SKIP_WRITE_BARRIER);
+    if (clear_memory_mode == ClearFreedMemoryMode::kClearFreedMemory) {
+      Memory::Address_at(addr + kPointerSize) =
+          reinterpret_cast<Address>(kClearedFreeMemoryValue);
+    }
  } else {
    DCHECK_GT(size, 2 * kPointerSize);
    filler->set_map_after_allocation(
        reinterpret_cast<Map*>(root(kFreeSpaceMapRootIndex)),
        SKIP_WRITE_BARRIER);
    FreeSpace::cast(filler)->relaxed_write_size(size);
+    if (clear_memory_mode == ClearFreedMemoryMode::kClearFreedMemory) {
+      memset(reinterpret_cast<void*>(addr + 2 * kPointerSize),
+             kClearedFreeMemoryValue, size - 2 * kPointerSize);
    }
-  if (mode == ClearRecordedSlots::kYes) {
+  }
+  if (clear_slots_mode == ClearRecordedSlots::kYes) {
    ClearRecordedSlotRange(addr, addr + size);
  }

--- a/src/heap/heap.h
+++ b/src/heap/heap.h
@ -453,6 +453,8 @@ enum ArrayStorageAllocationMode {

 enum class ClearRecordedSlots { kYes, kNo };

+enum class ClearFreedMemoryMode { kClearFreedMemory, kDontClearFreedMemory };
+
 enum class FixedArrayVisitationMode { kRegular, kIncremental };

 enum class TraceRetainingPathMode { kEnabled, kDisabled };
@ -758,9 +760,13 @@ class Heap {
  // Initialize a filler object to keep the ability to iterate over the heap
  // when introducing gaps within pages. If slots could have been recorded in
  // the freed area, then pass ClearRecordedSlots::kYes as the mode. Otherwise,
-  // pass ClearRecordedSlots::kNo.
-  V8_EXPORT_PRIVATE HeapObject* CreateFillerObjectAt(Address addr, int size,
-                                                     ClearRecordedSlots mode);
+  // pass ClearRecordedSlots::kNo. If the memory after the object header of
+  // the filler should be cleared, pass in kClearFreedMemory. The default is
+  // kDontClearFreedMemory.
+  V8_EXPORT_PRIVATE HeapObject* CreateFillerObjectAt(
+      Address addr, int size, ClearRecordedSlots clear_slots_mode,
+      ClearFreedMemoryMode clear_memory_mode =
+          ClearFreedMemoryMode::kDontClearFreedMemory);

  bool CanMoveObjectStart(HeapObject* object);

--- a/src/heap/sweeper.cc
+++ b/src/heap/sweeper.cc
@ -288,8 +288,9 @@ int Sweeper::RawSweep(Page* p, FreeListRebuildingMode free_list_mode,
            free_start, size, SpaceAccountingMode::kSpaceUnaccounted);
        max_freed_bytes = Max(freed_bytes, max_freed_bytes);
      } else {
-        p->heap()->CreateFillerObjectAt(free_start, static_cast<int>(size),
-                                        ClearRecordedSlots::kNo);
+        p->heap()->CreateFillerObjectAt(
+            free_start, static_cast<int>(size), ClearRecordedSlots::kNo,
+            ClearFreedMemoryMode::kClearFreedMemory);
      }
      RememberedSet<OLD_TO_NEW>::RemoveRange(p, free_start, free_end,
                                             SlotSet::KEEP_EMPTY_BUCKETS);
@ -328,7 +329,8 @@ int Sweeper::RawSweep(Page* p, FreeListRebuildingMode free_list_mode,
      max_freed_bytes = Max(freed_bytes, max_freed_bytes);
    } else {
      p->heap()->CreateFillerObjectAt(free_start, static_cast<int>(size),
-                                      ClearRecordedSlots::kNo);
+                                      ClearRecordedSlots::kNo,
+                                      ClearFreedMemoryMode::kClearFreedMemory);
    }

    RememberedSet<OLD_TO_NEW>::RemoveRange(p, free_start, p->area_end(),