Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(128)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/platform/heap/HeapAllocator.h

Issue 1155113002: Oilpan: HeapObjectHeader::checkHeader should not allow access on orphaned pages (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « Source/platform/heap/Heap.cpp ('k') | Source/platform/heap/TraceTraits.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef HeapAllocator_h 5 #ifndef HeapAllocator_h
6 #define HeapAllocator_h 6 #define HeapAllocator_h
7 7
8 #include "platform/heap/Heap.h" 8 #include "platform/heap/Heap.h"
9 #include "platform/heap/TraceTraits.h" 9 #include "platform/heap/TraceTraits.h"
10 #include "wtf/Assertions.h" 10 #include "wtf/Assertions.h"
(...skipping 259 matching lines...) Expand 10 before | Expand all | Expand 10 after
270 270
271 template<typename T, typename Traits> 271 template<typename T, typename Traits>
272 void HeapVectorBacking<T, Traits>::finalize(void* pointer) 272 void HeapVectorBacking<T, Traits>::finalize(void* pointer)
273 { 273 {
274 static_assert(Traits::needsDestruction, "Only vector buffers with items requ iring destruction should be finalized"); 274 static_assert(Traits::needsDestruction, "Only vector buffers with items requ iring destruction should be finalized");
275 // See the comment in HeapVectorBacking::trace. 275 // See the comment in HeapVectorBacking::trace.
276 static_assert(Traits::canInitializeWithMemset || WTF::IsPolymorphic<T>::valu e, "HeapVectorBacking doesn't support objects that cannot be initialized with me mset or don't have a vtable"); 276 static_assert(Traits::canInitializeWithMemset || WTF::IsPolymorphic<T>::valu e, "HeapVectorBacking doesn't support objects that cannot be initialized with me mset or don't have a vtable");
277 277
278 ASSERT(!WTF::IsTriviallyDestructible<T>::value); 278 ASSERT(!WTF::IsTriviallyDestructible<T>::value);
279 HeapObjectHeader* header = HeapObjectHeader::fromPayload(pointer); 279 HeapObjectHeader* header = HeapObjectHeader::fromPayload(pointer);
280 header->checkHeader();
280 // Use the payload size as recorded by the heap to determine how many 281 // Use the payload size as recorded by the heap to determine how many
281 // elements to finalize. 282 // elements to finalize.
282 size_t length = header->payloadSize() / sizeof(T); 283 size_t length = header->payloadSize() / sizeof(T);
283 T* buffer = reinterpret_cast<T*>(pointer); 284 T* buffer = reinterpret_cast<T*>(pointer);
284 #ifdef ANNOTATE_CONTIGUOUS_CONTAINER 285 #ifdef ANNOTATE_CONTIGUOUS_CONTAINER
285 // As commented above, HeapVectorBacking calls finalizers for unused slots 286 // As commented above, HeapVectorBacking calls finalizers for unused slots
286 // (which are already zeroed out). 287 // (which are already zeroed out).
287 ANNOTATE_CHANGE_SIZE(buffer, length, 0, length); 288 ANNOTATE_CHANGE_SIZE(buffer, length, 0, length);
288 #endif 289 #endif
289 if (WTF::IsPolymorphic<T>::value) { 290 if (WTF::IsPolymorphic<T>::value) {
(...skipping 13 matching lines...) Expand all
303 static void finalize(void* pointer); 304 static void finalize(void* pointer);
304 void finalizeGarbageCollectedObject() { finalize(this); } 305 void finalizeGarbageCollectedObject() { finalize(this); }
305 }; 306 };
306 307
307 template<typename Table> 308 template<typename Table>
308 void HeapHashTableBacking<Table>::finalize(void* pointer) 309 void HeapHashTableBacking<Table>::finalize(void* pointer)
309 { 310 {
310 using Value = typename Table::ValueType; 311 using Value = typename Table::ValueType;
311 ASSERT(!WTF::IsTriviallyDestructible<Value>::value); 312 ASSERT(!WTF::IsTriviallyDestructible<Value>::value);
312 HeapObjectHeader* header = HeapObjectHeader::fromPayload(pointer); 313 HeapObjectHeader* header = HeapObjectHeader::fromPayload(pointer);
314 header->checkHeader();
313 // Use the payload size as recorded by the heap to determine how many 315 // Use the payload size as recorded by the heap to determine how many
314 // elements to finalize. 316 // elements to finalize.
315 size_t length = header->payloadSize() / sizeof(Value); 317 size_t length = header->payloadSize() / sizeof(Value);
316 Value* table = reinterpret_cast<Value*>(pointer); 318 Value* table = reinterpret_cast<Value*>(pointer);
317 for (unsigned i = 0; i < length; ++i) { 319 for (unsigned i = 0; i < length; ++i) {
318 if (!Table::isEmptyOrDeletedBucket(table[i])) 320 if (!Table::isEmptyOrDeletedBucket(table[i]))
319 table[i].~Value(); 321 table[i].~Value();
320 } 322 }
321 } 323 }
322 324
(...skipping 126 matching lines...) Expand 10 before | Expand all | Expand 10 after
449 template<typename T, size_t i, typename U> 451 template<typename T, size_t i, typename U>
450 inline void swap(HeapListHashSet<T, i, U>& a, HeapListHashSet<T, i, U>& b) { a.s wap(b); } 452 inline void swap(HeapListHashSet<T, i, U>& a, HeapListHashSet<T, i, U>& b) { a.s wap(b); }
451 template<typename T, typename U, typename V> 453 template<typename T, typename U, typename V>
452 inline void swap(HeapLinkedHashSet<T, U, V>& a, HeapLinkedHashSet<T, U, V>& b) { a.swap(b); } 454 inline void swap(HeapLinkedHashSet<T, U, V>& a, HeapLinkedHashSet<T, U, V>& b) { a.swap(b); }
453 template<typename T, typename U, typename V> 455 template<typename T, typename U, typename V>
454 inline void swap(HeapHashCountedSet<T, U, V>& a, HeapHashCountedSet<T, U, V>& b) { a.swap(b); } 456 inline void swap(HeapHashCountedSet<T, U, V>& a, HeapHashCountedSet<T, U, V>& b) { a.swap(b); }
455 457
456 } // namespace blink 458 } // namespace blink
457 459
458 #endif 460 #endif
OLDNEW
« no previous file with comments | « Source/platform/heap/Heap.cpp ('k') | Source/platform/heap/TraceTraits.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698