From ff748cb6a443372ea54a8bc1d6208b69164fe6b8 Mon Sep 17 00:00:00 2001 From: Deepti Gandluri Date: Tue, 31 Jan 2023 18:38:27 +0000 Subject: [PATCH] Revert "[heap] Move the likeliest case of GcSafeTryFindCodeForInnerPointer up" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit 9901a041444538233d208ca8a094456e08df76df. Reason for revert: Crashes on the CFI bots https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20-%20cfi/38573/overview Original change's description: > [heap] Move the likeliest case of GcSafeTryFindCodeForInnerPointer up > > It's much more likely to find the code object in CODE_SPACE than in LO > space (or the THIRD_PARTY_HEAP). Also, remove an obsolete and misleading > comment. > > Bug: v8:13654 > Change-Id: Ia6c2a28a8eb5b0fb3f5951a9018fac0c0683a96e > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4205914 > Reviewed-by: Dominik Inführ > Commit-Queue: Jakob Linke > Cr-Commit-Position: refs/heads/main@{#85564} Bug: v8:13654 Change-Id: Id2941c5b98289fdcc30efb47172d266bfd43de0e No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4210628 Commit-Queue: Deepti Gandluri Bot-Commit: Rubber Stamper Owners-Override: Deepti Gandluri Auto-Submit: Deepti Gandluri Cr-Commit-Position: refs/heads/main@{#85571} --- src/heap/heap.cc | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/src/heap/heap.cc b/src/heap/heap.cc index 37db4d7afb..1446e45d78 100644 --- a/src/heap/heap.cc +++ b/src/heap/heap.cc @@ -6853,32 +6853,33 @@ bool Heap::GcSafeInstructionStreamContains(InstructionStream instruction_stream, base::Optional Heap::GcSafeTryFindCodeForInnerPointer( Address inner_pointer) { - // Embedded builtins. Builtin maybe_builtin = OffHeapInstructionStream::TryLookupCode(isolate(), inner_pointer); if (Builtins::IsBuiltinId(maybe_builtin)) { return GcSafeCode::cast(isolate()->builtins()->code(maybe_builtin)); } - // Code space. - if (V8_LIKELY(code_space()->Contains(inner_pointer))) { - Address start = Page::FromAddress(inner_pointer) - ->GetCodeObjectRegistry() - ->GetCodeObjectStartFromInnerAddress(inner_pointer); + if (V8_ENABLE_THIRD_PARTY_HEAP_BOOL) { + Address start = tp_heap_->GetObjectFromInnerPointer(inner_pointer); return GcSafeGetCodeFromInstructionStream(HeapObject::FromAddress(start), inner_pointer); } - // Code large object space. + // Check if the inner pointer points into a large object chunk. LargePage* large_page = code_lo_space()->FindPage(inner_pointer); if (large_page != nullptr) { return GcSafeGetCodeFromInstructionStream(large_page->GetObject(), inner_pointer); } - // Third-party heap. - if (V8_ENABLE_THIRD_PARTY_HEAP_BOOL) { - Address start = tp_heap_->GetObjectFromInnerPointer(inner_pointer); + if (V8_LIKELY(code_space()->Contains(inner_pointer))) { + // Iterate through the page until we reach the end or find an object + // starting after the inner pointer. + Page* page = Page::FromAddress(inner_pointer); + + Address start = + page->GetCodeObjectRegistry()->GetCodeObjectStartFromInnerAddress( + inner_pointer); return GcSafeGetCodeFromInstructionStream(HeapObject::FromAddress(start), inner_pointer); }