cppgc: Fix allocation during sweeping

Lazy sweeping may have found a memory block not positioned at the head of the corresponding bucket. Such a block is not found during a subsequent free list allocation, as such allocations do not linearly walk the free list. Bug: chromium:1056170 Change-Id: I288b6ad768987705d86fc78d0aa6fe46e99417b9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2692822 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/master@{#72770}

cppgc: Fix allocation during sweeping
Lazy sweeping may have found a memory block not positioned at the head of the corresponding bucket. Such a block is not found during a subsequent free list allocation, as such allocations do not linearly walk the free list. Bug: chromium:1056170 Change-Id: I288b6ad768987705d86fc78d0aa6fe46e99417b9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2692822 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Cr-Commit-Position: refs/heads/master@{#72770}
fad52a70 · Michael Lippautz · Commit Bot · b38bf5b0 · fad52a70
Commit fad52a70 authored Feb 15, 2021 by Michael Lippautz Committed by Commit Bot Feb 16, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 14 additions and 3 deletions

object-allocator.cc src/heap/cppgc/object-allocator.cc +14 -3

No files found.
--- a/src/heap/cppgc/object-allocator.cc
+++ b/src/heap/cppgc/object-allocator.cc
@@ -137,14 +137,25 @@ void* ObjectAllocator::OutOfLineAllocateImpl(NormalPageSpace* space,
  // 3. Lazily sweep pages of this heap until we find a freed area for
  // this allocation or we finish sweeping all pages of this heap.
  Sweeper& sweeper = raw_heap_->heap()->sweeper();
+  // TODO(chromium:1056170): Investigate whether this should be a loop which
+  // would result in more agressive re-use of memory at the expense of
+  // potentially larger allocation time.
  if (sweeper.SweepForAllocationIfRunning(space, size)) {
-    void* result = AllocateFromFreeList(space, size, gcinfo);
+    // Sweeper found a block of at least `size` bytes. Allocation from the free
-    DCHECK_NOT_NULL(result);
+    // list may still fail as actual  buckets are not exhaustively searched for
-    return result;
+    // a suitable block. Instead, buckets are tested from larger sizes that are
+    // guaranteed to fit the block to smaller bucket sizes that may only
+    // potentially fit the block. For the bucket that may exactly fit the
+    // allocation of `size` bytes (no overallocation), only the first entry is
+    // checked.
+    if (void* result = AllocateFromFreeList(space, size, gcinfo)) {
+      return result;
+    }
  }
  // 4. Complete sweeping.
  sweeper.FinishIfRunning();
+  // TODO(chromium:1056170): Make use of the synchronously freed memory.
  // 5. Add a new page to this heap.
  auto* new_page = NormalPage::Create(page_backend_, space);