• Ulan Degenbaev's avatar
    [heap] Decouple the lifetime of a TracedNode from the target object · d7160560
    Ulan Degenbaev authored
    Currently a TracedNode of a TracedReference is freed only if its target
    V8 object is unreachable. This is problematic for TracedNodes created for
    long-living (or immortal) V8 objects and leads to memory leaks.
    
    This CL adds logic for collecting unreachable TracedNodes:
    1) Each TracedNode gets a markbit. Initially the markbit is set (i.e.
       we have black allocation for TracedNodes).
    2) During marking RegisterEmbedderReference sets the markbit of the
       corresonding TracedNode.
    3) In the atomic pause of Mark-Compact when TracedNodes are iterated,
       we check the markbits and free TracedNodes with cleared markbits.
       After this processing all markbits are cleared for the next GC.
    
    Note that the new logic does not apply to TracedNode that have
    callbacks and/or destructors.
    
    Bug: chromium:1029738
    Change-Id: I38e76a8b4a84170793998988b1a7962e40874428
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1948722
    Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
    Reviewed-by: 's avatarOmer Katz <omerkatz@chromium.org>
    Reviewed-by: 's avatarHannes Payer <hpayer@chromium.org>
    Cr-Commit-Position: refs/heads/master@{#65347}
    d7160560
test-embedder-tracing.cc 32.1 KB