Verify that code stubs and full code do not have pointers that can retain

context. BUG=v8:3629 LOG=N Review URL: https://codereview.chromium.org/879273004 Cr-Commit-Position: refs/heads/master@{#26412}

Verify that code stubs and full code do not have pointers that can retain
context. BUG=v8:3629 LOG=N Review URL: https://codereview.chromium.org/879273004 Cr-Commit-Position: refs/heads/master@{#26412}
cd203cd6 · ulan · Commit bot · 858b9b6a · cd203cd6 · cd203cd6
Commit cd203cd6 authored Feb 03, 2015 by ulan Committed by Commit bot Feb 03, 2015
6 changed files
--- a/src/code-stubs.cc
+++ b/src/code-stubs.cc
@@ -81,6 +81,9 @@ void CodeStub::RecordCodeGeneration(Handle<Code> code) {
          CodeCreateEvent(Logger::STUB_TAG, *code, os.str().c_str()));
  Counters* counters = isolate()->counters();
  counters->total_stubs_code_size()->Increment(code->instruction_size());
+#ifdef DEBUG
+  code->VerifyEmbeddedObjects();
+#endif
 }



--- a/src/full-codegen.cc
+++ b/src/full-codegen.cc
@@ -351,7 +351,7 @@ bool FullCodeGenerator::MakeCode(CompilationInfo* info) {

 #ifdef DEBUG
  // Check that no context-specific object has been embedded.
-  code->VerifyEmbeddedObjectsInFullCode();
+  code->VerifyEmbeddedObjects(Code::kNoContextSpecificPointers);
 #endif  // DEBUG
  return true;
 }

--- a/src/ic/handler-compiler.cc
+++ b/src/ic/handler-compiler.cc
@@ -75,6 +75,9 @@ Handle<Code> PropertyHandlerCompiler::GetCode(Code::Kind kind,
  Code::Flags flags = Code::ComputeHandlerFlags(kind, type, cache_holder());
  Handle<Code> code = GetCodeWithFlags(flags, name);
  PROFILE(isolate(), CodeCreateEvent(Logger::STUB_TAG, *code, *name));
+#ifdef DEBUG
+  code->VerifyEmbeddedObjects();
+#endif
  return code;
 }


--- a/src/ic/ic-compiler.cc
+++ b/src/ic/ic-compiler.cc
@@ -381,6 +381,9 @@ Handle<Code> PropertyICCompiler::GetCode(Code::Kind kind, Code::StubType type,
      Code::ComputeFlags(kind, state, extra_ic_state_, type, cache_holder());
  Handle<Code> code = GetCodeWithFlags(flags, name);
  PROFILE(isolate(), CodeCreateEvent(log_kind(code), *code, *name));
+#ifdef DEBUG
+  code->VerifyEmbeddedObjects();
+#endif
  return code;
 }


--- a/src/objects-debug.cc
+++ b/src/objects-debug.cc
@@ -1236,20 +1236,41 @@ bool TransitionArray::IsConsistentWithBackPointers(Map* current_map) {
 }


-void Code::VerifyEmbeddedObjectsInFullCode() {
-  // Check that no context-specific object has been embedded.
+// Estimates if there is a path from the object to a context.
+// This function is not precise, and can return false even if
+// there is a path to a context.
+bool CanLeak(Object* obj, Heap* heap, bool skip_weak_cell) {
+  if (!obj->IsHeapObject()) return false;
+  if (obj->IsWeakCell()) {
+    if (skip_weak_cell) return false;
+    return CanLeak(WeakCell::cast(obj)->value(), heap, skip_weak_cell);
+  }
+  if (obj->IsCell()) {
+    return CanLeak(Cell::cast(obj)->value(), heap, skip_weak_cell);
+  }
+  if (obj->IsPropertyCell()) {
+    return CanLeak(PropertyCell::cast(obj)->value(), heap, skip_weak_cell);
+  }
+  if (obj->IsContext()) return true;
+  if (obj->IsMap()) {
+    Map* map = Map::cast(obj);
+    for (int i = 0; i < Heap::kStrongRootListLength; i++) {
+      if (map == heap->roots_array_start()[i]) return false;
+    }
+    return true;
+  }
+  return CanLeak(HeapObject::cast(obj)->map(), heap, skip_weak_cell);
+}
+
+
+void Code::VerifyEmbeddedObjects(VerifyMode mode) {
+  if (kind() == OPTIMIZED_FUNCTION) return;
  Heap* heap = GetIsolate()->heap();
-  int mask = RelocInfo::ModeMask(RelocInfo::EMBEDDED_OBJECT);
+  int mask = RelocInfo::ModeMask(RelocInfo::EMBEDDED_OBJECT) |
+             RelocInfo::ModeMask(RelocInfo::CELL);
+  bool skip_weak_cell = (mode == kNoContextSpecificPointers) ? false : true;
  for (RelocIterator it(this, mask); !it.done(); it.next()) {
-    Object* obj = it.rinfo()->target_object();
-    if (obj->IsCell()) obj = Cell::cast(obj)->value();
-    if (obj->IsPropertyCell()) obj = PropertyCell::cast(obj)->value();
-    if (!obj->IsHeapObject()) continue;
-    Map* map = obj->IsMap() ? Map::cast(obj) : HeapObject::cast(obj)->map();
-    int i = 0;
-    while (map != heap->roots_array_start()[i++]) {
-      CHECK_LT(i, Heap::kStrongRootListLength);
-    }
+    CHECK(!CanLeak(it.rinfo()->target_object(), heap, skip_weak_cell));
  }
 }


--- a/src/objects.h
+++ b/src/objects.h
@@ -5401,7 +5401,8 @@ class Code: public HeapObject {
 #endif

 #ifdef DEBUG
-  void VerifyEmbeddedObjectsInFullCode();
+  enum VerifyMode { kNoContextSpecificPointers, kNoContextRetainingPointers };
+  void VerifyEmbeddedObjects(VerifyMode mode = kNoContextRetainingPointers);
 #endif  // DEBUG

  inline bool CanContainWeakObjects() {