cppgc: Relax Member checks

Member is sometimes still used from off-heap storage which prohibits getting the heap from the Member's slot address. Bug: v8:11756 Change-Id: I61658ce07a8b02a8c400232ff21c75f0d8b95dcb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2886879 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Auto-Submit: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/master@{#74496}

cppgc: Relax Member checks
Member is sometimes still used from off-heap storage which prohibits getting the heap from the Member's slot address. Bug: v8:11756 Change-Id: I61658ce07a8b02a8c400232ff21c75f0d8b95dcb Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2886879 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Auto-Submit: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/master@{#74496}
c29395ae · Michael Lippautz · V8 LUCI CQ · 8a9129ef · c29395ae · c29395ae
Commit c29395ae authored May 11, 2021 by Michael Lippautz Committed by V8 LUCI CQ May 11, 2021
Showing with 9 additions and 57 deletions

pointer-policies.h include/cppgc/internal/pointer-policies.h +5 -16

pointer-policies.cc src/heap/cppgc/pointer-policies.cc +4 -26

member-unittest.cc test/unittests/heap/cppgc/member-unittest.cc +0 -15

No files found.
--- a/include/cppgc/internal/pointer-policies.h
+++ b/include/cppgc/internal/pointer-policies.h
@@ -50,11 +50,8 @@ struct NoWriteBarrierPolicy {
  static void AssigningBarrier(const void*, const void*) {}
 };
-class V8_EXPORT EnabledCheckingPolicyBase {
+class V8_EXPORT EnabledCheckingPolicy {
 protected:
-  EnabledCheckingPolicyBase() = default;
-  explicit EnabledCheckingPolicyBase(void* state) : state_(state) {}
  template <typename T>
  void CheckPointer(const T* ptr) {
    if (!ptr || (kSentinelPointer == ptr)) return;
@@ -67,14 +64,14 @@ class V8_EXPORT EnabledCheckingPolicyBase {
  template <typename T, bool = IsCompleteV<T>>
  struct CheckPointersImplTrampoline {
-    static void Call(EnabledCheckingPolicyBase* policy, const T* ptr) {
+    static void Call(EnabledCheckingPolicy* policy, const T* ptr) {
      policy->CheckPointerImpl(ptr, false);
    }
  };
  template <typename T>
  struct CheckPointersImplTrampoline<T, true> {
-    static void Call(EnabledCheckingPolicyBase* policy, const T* ptr) {
+    static void Call(EnabledCheckingPolicy* policy, const T* ptr) {
      policy->CheckPointerImpl(ptr, IsGarbageCollectedTypeV<T>);
    }
  };
@@ -82,22 +79,14 @@ class V8_EXPORT EnabledCheckingPolicyBase {
  void* state_ = nullptr;
 };
-class V8_EXPORT EnabledMemberCheckingPolicy : public EnabledCheckingPolicyBase {
- protected:
-  EnabledMemberCheckingPolicy();
-};
-class V8_EXPORT EnabledPersistentCheckingPolicy
-    : public EnabledCheckingPolicyBase {};
 class DisabledCheckingPolicy {
 protected:
  void CheckPointer(const void* raw) {}
 };
 #if V8_ENABLE_CHECKS
-using DefaultMemberCheckingPolicy = EnabledMemberCheckingPolicy;
+using DefaultMemberCheckingPolicy = EnabledCheckingPolicy;
-using DefaultPersistentCheckingPolicy = EnabledPersistentCheckingPolicy;
+using DefaultPersistentCheckingPolicy = EnabledCheckingPolicy;
 #else
 using DefaultMemberCheckingPolicy = DisabledCheckingPolicy;
 using DefaultPersistentCheckingPolicy = DisabledCheckingPolicy;

--- a/src/heap/cppgc/pointer-policies.cc
+++ b/src/heap/cppgc/pointer-policies.cc
@@ -18,39 +18,17 @@ namespace internal {
 namespace {
-#if defined(CPPGC_CAGED_HEAP) || defined(DEBUG)
+#if defined(DEBUG)
 bool IsOnStack(const void* address) {
  return v8::base::Stack::GetCurrentStackPosition() <= address &&
         address < v8::base::Stack::GetStackStart();
 }
-#endif  // defined(CPPGC_CAGED_HEAP) || defined(DEBUG)
+#endif  // defined(DEBUG)
-// Gets the state (HeapBase) for on-heap slots.
-void* TryGetStateFromSlot(void* slot) {
-#ifdef CPPGC_CAGED_HEAP
-  if (IsOnStack(slot)) return nullptr;
-  // `slot` may reside in a regular or large object. Get to the heap using the
-  // cage.
-  return reinterpret_cast<CagedHeapLocalData*>(
-             reinterpret_cast<uintptr_t>(slot) &
-             ~(api_constants::kCagedHeapReservationAlignment - 1))
-      ->heap_base;
-#else   // !CPPGC_CAGED_HEAP
-  return nullptr;
-#endif  // !CPPGC_CAGED_HEAP
-}
 }  // namespace
-// We know that Member is only allowed on heap and on-stack in rare cases. Use
+void EnabledCheckingPolicy::CheckPointerImpl(const void* ptr,
-// this information to eagerly populate a verification state already on policy
+                                             bool points_to_payload) {
-// creation.
-EnabledMemberCheckingPolicy::EnabledMemberCheckingPolicy()
-    : EnabledCheckingPolicyBase(TryGetStateFromSlot(this)) {}
-void EnabledCheckingPolicyBase::CheckPointerImpl(const void* ptr,
-                                                 bool points_to_payload) {
  // `ptr` must not reside on stack.
  DCHECK(!IsOnStack(ptr));
  auto* base_page = BasePage::FromPayload(ptr);

--- a/test/unittests/heap/cppgc/member-unittest.cc
+++ b/test/unittests/heap/cppgc/member-unittest.cc
@@ -535,21 +535,6 @@ TEST_F(MemberHeapDeathTest, AssignDifferentHeapValues) {
  }
 }
-#ifdef CPPGC_CAGED_HEAP
-TEST_F(MemberHeapDeathTest, VerificationStateDoesNotRequireValue) {
-  // For caged heap setups the verification state is constructed from Member
-  // itself and does not require an initial value.
-  auto* o1 = MakeGarbageCollected<LinkedNode>(GetAllocationHandle(), nullptr);
-  {
-    auto tmp_heap = cppgc::Heap::Create(platform_);
-    EXPECT_DEATH_IF_SUPPORTED(
-        MakeGarbageCollected<LinkedNode>(tmp_heap->GetAllocationHandle(), o1),
-        "");
-  }
-}
-#endif  // CPPGC_CAGED_HEAP
 #endif  // V8_ENABLE_CHECKS
 }  // namespace internal