Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(115)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/platform/heap/TraceTraits.h

Issue 1155113002: Oilpan: HeapObjectHeader::checkHeader should not allow access on orphaned pages (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « Source/platform/heap/HeapAllocator.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef TraceTraits_h 5 #ifndef TraceTraits_h
6 #define TraceTraits_h 6 #define TraceTraits_h
7 7
8 #include "platform/heap/GCInfo.h" 8 #include "platform/heap/GCInfo.h"
9 #include "platform/heap/Heap.h" 9 #include "platform/heap/Heap.h"
10 #include "platform/heap/InlinedGlobalMarkingVisitor.h" 10 #include "platform/heap/InlinedGlobalMarkingVisitor.h"
(...skipping 381 matching lines...) Expand 10 before | Expand all | Expand 10 after
392 static_assert(!ShouldBeTraced<Traits>::value || Traits::canInitializeWit hMemset || WTF::IsPolymorphic<T>::value, "HeapVectorBacking doesn't support obje cts that cannot be initialized with memset."); 392 static_assert(!ShouldBeTraced<Traits>::value || Traits::canInitializeWit hMemset || WTF::IsPolymorphic<T>::value, "HeapVectorBacking doesn't support obje cts that cannot be initialized with memset.");
393 393
394 // This trace method is instantiated for vectors where 394 // This trace method is instantiated for vectors where
395 // ShouldBeTraced<Traits>::value is false, but the trace method 395 // ShouldBeTraced<Traits>::value is false, but the trace method
396 // should not be called. Thus we cannot static-assert 396 // should not be called. Thus we cannot static-assert
397 // ShouldBeTraced<Traits>::value but should runtime-assert it. 397 // ShouldBeTraced<Traits>::value but should runtime-assert it.
398 ASSERT(ShouldBeTraced<Traits>::value); 398 ASSERT(ShouldBeTraced<Traits>::value);
399 399
400 T* array = reinterpret_cast<T*>(self); 400 T* array = reinterpret_cast<T*>(self);
401 blink::HeapObjectHeader* header = blink::HeapObjectHeader::fromPayload(s elf); 401 blink::HeapObjectHeader* header = blink::HeapObjectHeader::fromPayload(s elf);
402 header->checkHeader();
402 // Use the payload size as recorded by the heap to determine how many 403 // Use the payload size as recorded by the heap to determine how many
403 // elements to trace. 404 // elements to trace.
404 size_t length = header->payloadSize() / sizeof(T); 405 size_t length = header->payloadSize() / sizeof(T);
405 if (WTF::IsPolymorphic<T>::value) { 406 if (WTF::IsPolymorphic<T>::value) {
406 for (size_t i = 0; i < length; ++i) { 407 for (size_t i = 0; i < length; ++i) {
407 if (blink::vTableInitialized(&array[i])) 408 if (blink::vTableInitialized(&array[i]))
408 blink::TraceIfEnabled<T, ShouldBeTraced<Traits>::value>::tra ce(visitor, array[i]); 409 blink::TraceIfEnabled<T, ShouldBeTraced<Traits>::value>::tra ce(visitor, array[i]);
409 } 410 }
410 } else { 411 } else {
411 #ifdef ANNOTATE_CONTIGUOUS_CONTAINER 412 #ifdef ANNOTATE_CONTIGUOUS_CONTAINER
(...skipping 15 matching lines...) Expand all
427 using Value = typename Table::ValueType; 428 using Value = typename Table::ValueType;
428 using Traits = typename Table::ValueTraits; 429 using Traits = typename Table::ValueTraits;
429 430
430 template<typename VisitorDispatcher> 431 template<typename VisitorDispatcher>
431 static bool trace(VisitorDispatcher visitor, void* self) 432 static bool trace(VisitorDispatcher visitor, void* self)
432 { 433 {
433 static_assert(strongify == WTF::WeakPointersActStrong, "An on-stack Heap HashTable needs to be visited strongly."); 434 static_assert(strongify == WTF::WeakPointersActStrong, "An on-stack Heap HashTable needs to be visited strongly.");
434 435
435 Value* array = reinterpret_cast<Value*>(self); 436 Value* array = reinterpret_cast<Value*>(self);
436 blink::HeapObjectHeader* header = blink::HeapObjectHeader::fromPayload(s elf); 437 blink::HeapObjectHeader* header = blink::HeapObjectHeader::fromPayload(s elf);
438 header->checkHeader();
437 // Use the payload size as recorded by the heap to determine how many 439 // Use the payload size as recorded by the heap to determine how many
438 // elements to trace. 440 // elements to trace.
439 size_t length = header->payloadSize() / sizeof(Value); 441 size_t length = header->payloadSize() / sizeof(Value);
440 for (size_t i = 0; i < length; ++i) { 442 for (size_t i = 0; i < length; ++i) {
441 if (!HashTableHelper<Value, typename Table::ExtractorType, typename Table::KeyTraitsType>::isEmptyOrDeletedBucket(array[i])) 443 if (!HashTableHelper<Value, typename Table::ExtractorType, typename Table::KeyTraitsType>::isEmptyOrDeletedBucket(array[i]))
442 blink::TraceCollectionIfEnabled<ShouldBeTraced<Traits>::value, T raits::weakHandlingFlag, strongify, Value, Traits>::trace(visitor, array[i]); 444 blink::TraceCollectionIfEnabled<ShouldBeTraced<Traits>::value, T raits::weakHandlingFlag, strongify, Value, Traits>::trace(visitor, array[i]);
443 } 445 }
444 return false; 446 return false;
445 } 447 }
446 }; 448 };
447 449
448 // This specialization of TraceInCollectionTrait is for the backing of 450 // This specialization of TraceInCollectionTrait is for the backing of
449 // HeapListHashSet. This is for the case that we find a reference to the 451 // HeapListHashSet. This is for the case that we find a reference to the
450 // backing from the stack. That probably means we have a GC while we are in a 452 // backing from the stack. That probably means we have a GC while we are in a
451 // ListHashSet method since normal API use does not put pointers to the backing 453 // ListHashSet method since normal API use does not put pointers to the backing
452 // on the stack. 454 // on the stack.
453 template<ShouldWeakPointersBeMarkedStrongly strongify, typename NodeContents, si ze_t inlineCapacity, typename T, typename U, typename V, typename W, typename X, typename Y> 455 template<ShouldWeakPointersBeMarkedStrongly strongify, typename NodeContents, si ze_t inlineCapacity, typename T, typename U, typename V, typename W, typename X, typename Y>
454 struct TraceInCollectionTrait<NoWeakHandlingInCollections, strongify, blink::Hea pHashTableBacking<HashTable<ListHashSetNode<NodeContents, blink::HeapListHashSet Allocator<T, inlineCapacity>>*, U, V, W, X, Y, blink::HeapAllocator>>, void> { 456 struct TraceInCollectionTrait<NoWeakHandlingInCollections, strongify, blink::Hea pHashTableBacking<HashTable<ListHashSetNode<NodeContents, blink::HeapListHashSet Allocator<T, inlineCapacity>>*, U, V, W, X, Y, blink::HeapAllocator>>, void> {
455 using Node = ListHashSetNode<NodeContents, blink::HeapListHashSetAllocator<T , inlineCapacity>>; 457 using Node = ListHashSetNode<NodeContents, blink::HeapListHashSetAllocator<T , inlineCapacity>>;
456 using Table = HashTable<Node*, U, V, W, X, Y, blink::HeapAllocator>; 458 using Table = HashTable<Node*, U, V, W, X, Y, blink::HeapAllocator>;
457 459
458 template<typename VisitorDispatcher> 460 template<typename VisitorDispatcher>
459 static bool trace(VisitorDispatcher visitor, void* self) 461 static bool trace(VisitorDispatcher visitor, void* self)
460 { 462 {
461 Node** array = reinterpret_cast<Node**>(self); 463 Node** array = reinterpret_cast<Node**>(self);
462 blink::HeapObjectHeader* header = blink::HeapObjectHeader::fromPayload(s elf); 464 blink::HeapObjectHeader* header = blink::HeapObjectHeader::fromPayload(s elf);
465 header->checkHeader();
463 size_t length = header->payloadSize() / sizeof(Node*); 466 size_t length = header->payloadSize() / sizeof(Node*);
464 for (size_t i = 0; i < length; ++i) { 467 for (size_t i = 0; i < length; ++i) {
465 if (!HashTableHelper<Node*, typename Table::ExtractorType, typename Table::KeyTraitsType>::isEmptyOrDeletedBucket(array[i])) { 468 if (!HashTableHelper<Node*, typename Table::ExtractorType, typename Table::KeyTraitsType>::isEmptyOrDeletedBucket(array[i])) {
466 traceListHashSetValue(visitor, array[i]->m_value); 469 traceListHashSetValue(visitor, array[i]->m_value);
467 // Just mark the node without tracing because we already traced 470 // Just mark the node without tracing because we already traced
468 // the contents, and there is no need to trace the next and 471 // the contents, and there is no need to trace the next and
469 // prev fields since iterating over the hash table backing will 472 // prev fields since iterating over the hash table backing will
470 // find the whole chain. 473 // find the whole chain.
471 visitor->markNoTracing(array[i]); 474 visitor->markNoTracing(array[i]);
472 } 475 }
(...skipping 93 matching lines...) Expand 10 before | Expand all | Expand 10 after
566 // since iterating over the hash table backing will find the whole 569 // since iterating over the hash table backing will find the whole
567 // chain. 570 // chain.
568 visitor->markNoTracing(node); 571 visitor->markNoTracing(node);
569 return false; 572 return false;
570 } 573 }
571 }; 574 };
572 575
573 } // namespace WTF 576 } // namespace WTF
574 577
575 #endif 578 #endif
OLDNEW
« no previous file with comments | « Source/platform/heap/HeapAllocator.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698