WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
87180
CopiedSpace::contains doesn't check for oversize blocks
https://bugs.webkit.org/show_bug.cgi?id=87180
Summary
CopiedSpace::contains doesn't check for oversize blocks
Mark Hahnenberg
Reported
2012-05-22 16:42:49 PDT
When doing a conservative scan we use CopiedSpace::contains to determine if a particular address points into the CopiedSpace. Currently contains() only checks if the address points to a block in to-space, which means that pointers to oversize blocks may not get scanned. We even have a BloomFilter for oversize blocks that I believe was originally intended to be used like the one for to-space.
Attachments
Patch
(6.45 KB, patch)
2012-05-22 17:37 PDT
,
Mark Hahnenberg
ggaren
: review+
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Mark Hahnenberg
Comment 1
2012-05-22 17:37:27 PDT
Created
attachment 143413
[details]
Patch
Geoffrey Garen
Comment 2
2012-05-22 18:02:43 PDT
Comment on
attachment 143413
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=143413&action=review
r=me
> Source/JavaScriptCore/heap/CopiedSpaceInlineMethods.h:52 > inline bool CopiedSpace::contains(void* ptr, CopiedBlock*& result) > { > CopiedBlock* block = blockFor(ptr); > + if (contains(block)) { > + result = block; > + return true; > + } > + block = oversizeBlockFor(ptr); > result = block; > - return !m_toSpaceFilter.ruleOut(reinterpret_cast<Bits>(block)) && m_toSpaceSet.contains(block); > + return contains(block);
You could simplify this code by giving oversized and normal blocks the same alignment -- then, one mask always gets you back to the block metadata. That's for another day, though.
Mark Hahnenberg
Comment 3
2012-05-22 18:39:53 PDT
Committed
r118093
: <
http://trac.webkit.org/changeset/118093
>
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug