AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity

Mark HStringCompareAndBranch as potentially causing GCs.

Browse Source 
This also adds a %SetAllocationTimout runtime function which helps to
write regression tests that need to trigger a GC at a certain point in
program execution.

R=hpayer@chromium.org
BUG=chromium:274438
TEST=mjsunit/regress/regress-crbug-274438

Review URL: https://codereview.chromium.org/22933006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16205 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This commit is contained in:
mstarzinger@chromium.org 2013-08-16 15:10:07 +00:00
parent aabfd6d610
commit 3e4fbd0e85
6 changed files with 65 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/heap.cc
View File

@ -4013,10 +4013,10 @@ MaybeObject* Heap::AllocateByteArray(int length, PretenureFlag pretenure) {
return AllocateByteArray(length); return AllocateByteArray(length);
} }
int size = ByteArray::SizeFor(length); int size = ByteArray::SizeFor(length);
AllocationSpace space =
(size > Page::kMaxNonCodeHeapObjectSize) ? LO_SPACE : OLD_DATA_SPACE;
Object* result; Object* result;
{ MaybeObject* maybe_result = (size <= Page::kMaxNonCodeHeapObjectSize) { MaybeObject* maybe_result = AllocateRaw(size, space, space);
? old_data_space_->AllocateRaw(size)
: lo_space_->AllocateRaw(size, NOT_EXECUTABLE);
if (!maybe_result->ToObject(&result)) return maybe_result; if (!maybe_result->ToObject(&result)) return maybe_result;
} }

4
src/heap.h
View File

@ -1490,6 +1490,10 @@ class Heap {
inline bool IsInGCPostProcessing() { return gc_post_processing_depth_ > 0; } inline bool IsInGCPostProcessing() { return gc_post_processing_depth_ > 0; }
#ifdef DEBUG #ifdef DEBUG
void set_allocation_timeout(int timeout) {
allocation_timeout_ = timeout;
}
bool disallow_allocation_failure() { bool disallow_allocation_failure() {
return disallow_allocation_failure_; return disallow_allocation_failure_;
} }

1
src/hydrogen-instructions.h
View File

@ -4081,6 +4081,7 @@ class HStringCompareAndBranch: public HTemplateControlInstruction<2, 3> {
SetOperandAt(1, left); SetOperandAt(1, left);
SetOperandAt(2, right); SetOperandAt(2, right);
set_representation(Representation::Tagged()); set_representation(Representation::Tagged());
SetGVNFlag(kChangesNewSpacePromotion);
} }
HValue* context() { return OperandAt(0); } HValue* context() { return OperandAt(0); }

13
src/runtime.cc
View File

@ -8635,6 +8635,19 @@ RUNTIME_FUNCTION(MaybeObject*, Runtime_CompileForOnStackReplacement) {
} }
RUNTIME_FUNCTION(MaybeObject*, Runtime_SetAllocationTimeout) {
SealHandleScope shs(isolate);
ASSERT(args.length() == 2);
#ifdef DEBUG
CONVERT_SMI_ARG_CHECKED(interval, 0);
CONVERT_SMI_ARG_CHECKED(timeout, 1);
isolate->heap()->set_allocation_timeout(timeout);
FLAG_gc_interval = interval;
#endif
return isolate->heap()->undefined_value();
}
RUNTIME_FUNCTION(MaybeObject*, Runtime_CheckIsBootstrapping) { RUNTIME_FUNCTION(MaybeObject*, Runtime_CheckIsBootstrapping) {
SealHandleScope shs(isolate); SealHandleScope shs(isolate);
RUNTIME_ASSERT(isolate->bootstrapper()->IsActive()); RUNTIME_ASSERT(isolate->bootstrapper()->IsActive());

1
src/runtime.h
View File

@ -101,6 +101,7 @@ namespace internal {
F(GetOptimizationStatus, -1, 1) \ F(GetOptimizationStatus, -1, 1) \
F(GetOptimizationCount, 1, 1) \ F(GetOptimizationCount, 1, 1) \
F(CompileForOnStackReplacement, 1, 1) \ F(CompileForOnStackReplacement, 1, 1) \
F(SetAllocationTimeout, 2, 1) \
F(AllocateInNewSpace, 1, 1) \ F(AllocateInNewSpace, 1, 1) \
F(AllocateInOldPointerSpace, 1, 1) \ F(AllocateInOldPointerSpace, 1, 1) \
F(AllocateInOldDataSpace, 1, 1) \ F(AllocateInOldDataSpace, 1, 1) \

43
test/mjsunit/regress/regress-crbug-274438.js Normal file
View File

@ -0,0 +1,43 @@
// Copyright 2013 the V8 project authors. All rights reserved.
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
// met:
//
// * Redistributions of source code must retain the above copyright
// notice, this list of conditions and the following disclaimer.
// * Redistributions in binary form must reproduce the above
// copyright notice, this list of conditions and the following
// disclaimer in the documentation and/or other materials provided
// with the distribution.
// * Neither the name of Google Inc. nor the names of its
// contributors may be used to endorse or promote products derived
// from this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// Flags: --allow-natives-syntax
function f(a, b) {
var x = { a:a };
switch(b) { case "string": }
var y = { b:b };
return y;
}
f("a", "b");
f("a", "b");
%OptimizeFunctionOnNextCall(f);
f("a", "b");
%SetAllocationTimeout(100, 0);
var killer = f("bang", "bo" + "om");
assertEquals("boom", killer.b);