cppgc: Return wasted freelist entries creation

Returned LABs can be of size less than sizeof(FreeListEntry). Bug: chromium:1056170 Change-Id: Ib4094701472ce7cb5ee20b9fe632651570832dc9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2183051 Commit-Queue: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/master@{#67635}

cppgc: Return wasted freelist entries creation
Returned LABs can be of size less than sizeof(FreeListEntry). Bug: chromium:1056170 Change-Id: Ib4094701472ce7cb5ee20b9fe632651570832dc9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2183051 Commit-Queue: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/master@{#67635}
d06f9f09 · Anton Bikineev · Commit Bot · ef12c74b · d06f9f09 · d06f9f09
Commit d06f9f09 authored May 06, 2020 by Anton Bikineev Committed by Commit Bot May 07, 2020
Showing with 20 additions and 4 deletions

free-list.cc src/heap/cppgc/free-list.cc +8 -1

free-list_unittest.cc test/unittests/heap/cppgc/free-list_unittest.cc +10 -1

heap-page_unittest.cc test/unittests/heap/cppgc/heap-page_unittest.cc +2 -2

No files found.
--- a/src/heap/cppgc/free-list.cc
+++ b/src/heap/cppgc/free-list.cc
@@ -63,7 +63,14 @@ FreeList& FreeList::operator=(FreeList&& other) V8_NOEXCEPT {
 void FreeList::Add(FreeList::Block block) {
  const size_t size = block.size;
  DCHECK_GT(kPageSize, size);
-  DCHECK_LE(kFreeListEntrySize, size);
+  DCHECK_LE(sizeof(HeapObjectHeader), size);
+
+  if (block.size < sizeof(Entry)) {
+    // Create wasted entry. This can happen when an almost emptied linear
+    // allocation buffer is returned to the freelist.
+    new (block.address) HeapObjectHeader(size, kFreeListGCInfoIndex);
+    return;
+  }

  // Make sure the freelist header is writable.
  SET_MEMORY_ACCESIBLE(block.address, sizeof(Entry));

--- a/test/unittests/heap/cppgc/free-list_unittest.cc
+++ b/test/unittests/heap/cppgc/free-list_unittest.cc
@@ -2,12 +2,13 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

+#include "src/heap/cppgc/free-list.h"
+
 #include <memory>
 #include <numeric>
 #include <vector>

 #include "src/base/bits.h"
-#include "src/heap/cppgc/free-list.h"
 #include "src/heap/cppgc/globals.h"
 #include "src/heap/cppgc/heap-object-header.h"
 #include "testing/gtest/include/gtest/gtest.h"
@@ -86,6 +87,14 @@ TEST(FreeListTest, Add) {
  EXPECT_EQ(allocated_size, list.Size());
 }

+TEST(FreeListTest, AddWasted) {
+  FreeList list;
+  alignas(HeapObjectHeader) uint8_t buffer[sizeof(HeapObjectHeader)];
+  list.Add({buffer, sizeof(buffer)});
+  EXPECT_EQ(0u, list.Size());
+  EXPECT_TRUE(list.IsEmpty());
+}
+
 TEST(FreeListTest, Clear) {
  auto blocks = CreateEntries();
  FreeList list = CreatePopulatedFreeList(blocks);

--- a/test/unittests/heap/cppgc/heap-page_unittest.cc
+++ b/test/unittests/heap/cppgc/heap-page_unittest.cc
@@ -15,7 +15,6 @@
 #include "src/heap/cppgc/heap-object-header.h"
 #include "src/heap/cppgc/page-memory-inl.h"
 #include "src/heap/cppgc/raw-heap.h"
-
 #include "test/unittests/heap/cppgc/tests.h"
 #include "testing/gtest/include/gtest/gtest.h"

@@ -104,7 +103,8 @@ TEST_F(PageTest, NormalPageIndexing) {
  using Type = GCed<kObjectSize>;
  static const size_t kNumberOfObjects =
      (kExpectedNumberOfPages * NormalPage::PayloadSize() /
-       (sizeof(Type) + sizeof(HeapObjectHeader)));
+       (sizeof(Type) + sizeof(HeapObjectHeader))) -
+      kExpectedNumberOfPages;

  std::vector<Persistent<Type>> persistents(kNumberOfObjects);
  for (auto& p : persistents) {