Ensure that executable pages are properly guarded.

src/spaces.cc

 // Copyright 2011 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 57 matching lines @@
 
 HeapObjectIterator::HeapObjectIterator(Page* page,
                                        HeapObjectCallback size_func) {
   Space* owner = page->owner();
   ASSERT(owner == HEAP->old_pointer_space() ||
          owner == HEAP->old_data_space() ||
          owner == HEAP->map_space() ||
          owner == HEAP->cell_space() ||
          owner == HEAP->code_space());
   Initialize(reinterpret_cast<PagedSpace*>(owner),
-             page->ObjectAreaStart(),
-             page->ObjectAreaEnd(),
+             page->area_start(),
+             page->area_end(),
              kOnePageOnly,
              size_func);
   ASSERT(page->WasSweptPrecisely());
 }
 
 
 void HeapObjectIterator::Initialize(PagedSpace* space,
                                     Address cur, Address end,
                                     HeapObjectIterator::PageMode mode,
                                     HeapObjectCallback size_f) {
@@ skipping 11 matching lines @@
 // We have hit the end of the page and should advance to the next block of
 // objects.  This happens at the end of the page.
 bool HeapObjectIterator::AdvanceToNextPage() {
   ASSERT(cur_addr_ == cur_end_);
   if (page_mode_ == kOnePageOnly) return false;
   Page* cur_page;
   if (cur_addr_ == NULL) {
     cur_page = space_->anchor();
   } else {
     cur_page = Page::FromAddress(cur_addr_ - 1);
-    ASSERT(cur_addr_ == cur_page->ObjectAreaEnd());
+    ASSERT(cur_addr_ == cur_page->area_end());
   }
   cur_page = cur_page->next_page();
   if (cur_page == space_->anchor()) return false;
-  cur_addr_ = cur_page->ObjectAreaStart();
-  cur_end_ = cur_page->ObjectAreaEnd();
+  cur_addr_ = cur_page->area_start();
+  cur_end_ = cur_page->area_end();
   ASSERT(cur_page->WasSweptPrecisely());
   return true;
 }
 
 
 // -----------------------------------------------------------------------------
 // CodeRange
 
 
 CodeRange::CodeRange(Isolate* isolate)
@@ skipping 93 matching lines @@
   size_t aligned_requested = RoundUp(requested, MemoryChunk::kAlignment);
   FreeBlock current = allocation_list_[current_allocation_block_index_];
   if (aligned_requested >= (current.size - Page::kPageSize)) {
     // Don't leave a small free block, useless for a large object or chunk.
     *allocated = current.size;
   } else {
     *allocated = aligned_requested;
   }
   ASSERT(*allocated <= current.size);
   ASSERT(IsAddressAligned(current.start, MemoryChunk::kAlignment));
-  if (!code_range_->Commit(current.start, *allocated, true)) {
+  if (!MemoryAllocator::CommitCodePage(code_range_,
+                                       current.start,
+                                       *allocated)) {
     *allocated = 0;
     return NULL;
   }
   allocation_list_[current_allocation_block_index_].start += *allocated;
   allocation_list_[current_allocation_block_index_].size -= *allocated;
   if (*allocated == current.size) {
     GetNextAllocationBlock(0);  // This block is used up, get the next one.
   }
   return current.start;
 }
@@ skipping 110 matching lines @@
 }
 
 
 Address MemoryAllocator::AllocateAlignedMemory(size_t size,
                                                size_t alignment,
                                                Executability executable,
                                                VirtualMemory* controller) {
   VirtualMemory reservation;
   Address base = ReserveAlignedMemory(size, alignment, &reservation);
   if (base == NULL) return NULL;
-  if (!reservation.Commit(base,
-                          size,
-                          executable == EXECUTABLE)) {
-    return NULL;
+
+  if (executable == EXECUTABLE) {
+    CommitCodePage(&reservation, base, size);
+  } else {
+    if (!reservation.Commit(base,
+                            size,
+                            executable == EXECUTABLE)) {
+      return NULL;
+    }
   }
+
   controller->TakeControl(&reservation);
   return base;
 }
 
 
 void Page::InitializeAsAnchor(PagedSpace* owner) {
   set_owner(owner);
   set_prev_page(this);
   set_next_page(this);
 }
 
 
 NewSpacePage* NewSpacePage::Initialize(Heap* heap,
                                        Address start,
                                        SemiSpace* semi_space) {
+  Address area_start = start + NewSpacePage::kObjectStartOffset;
+  Address area_end = start + Page::kPageSize;
+
   MemoryChunk* chunk = MemoryChunk::Initialize(heap,
                                                start,
                                                Page::kPageSize,
+                                               area_start,
+                                               area_end,
                                                NOT_EXECUTABLE,
                                                semi_space);
   chunk->set_next_chunk(NULL);
   chunk->set_prev_chunk(NULL);
   chunk->initialize_scan_on_scavenge(true);
   bool in_to_space = (semi_space->id() != kFromSpace);
   chunk->SetFlag(in_to_space ? MemoryChunk::IN_TO_SPACE
                              : MemoryChunk::IN_FROM_SPACE);
   ASSERT(!chunk->IsFlagSet(in_to_space ? MemoryChunk::IN_FROM_SPACE
                                        : MemoryChunk::IN_TO_SPACE));
   NewSpacePage* page = static_cast<NewSpacePage*>(chunk);
   heap->incremental_marking()->SetNewSpacePageFlags(page);
   return page;
 }
 
 
 void NewSpacePage::InitializeAsAnchor(SemiSpace* semi_space) {
   set_owner(semi_space);
   set_next_chunk(this);
   set_prev_chunk(this);
   // Flags marks this invalid page as not being in new-space.
   // All real new-space pages will be in new-space.
   SetFlags(0, ~0);
 }
 
 
 MemoryChunk* MemoryChunk::Initialize(Heap* heap,
                                      Address base,
                                      size_t size,
+                                     Address area_start,
+                                     Address area_end,
                                      Executability executable,
                                      Space* owner) {
   MemoryChunk* chunk = FromAddress(base);
 
   ASSERT(base == chunk->address());
 
   chunk->heap_ = heap;
   chunk->size_ = size;
+  chunk->area_start_ = area_start;
+  chunk->area_end_ = area_end;
   chunk->flags_ = 0;
   chunk->set_owner(owner);
   chunk->InitializeReservedMemory();
   chunk->slots_buffer_ = NULL;
   chunk->skip_list_ = NULL;
   chunk->ResetLiveBytes();
   Bitmap::Clear(chunk);
   chunk->initialize_scan_on_scavenge(false);
   chunk->SetFlag(WAS_SWEPT_PRECISELY);
 
   ASSERT(OFFSET_OF(MemoryChunk, flags_) == kFlagsOffset);
   ASSERT(OFFSET_OF(MemoryChunk, live_byte_count_) == kLiveBytesOffset);
 
-  if (executable == EXECUTABLE) chunk->SetFlag(IS_EXECUTABLE);
+  if (executable == EXECUTABLE) {
+    chunk->SetFlag(IS_EXECUTABLE);
+  }
 
-  if (owner == heap->old_data_space()) chunk->SetFlag(CONTAINS_ONLY_DATA);
+  if (owner == heap->old_data_space()) {
+    chunk->SetFlag(CONTAINS_ONLY_DATA);
+  }
 
   return chunk;
 }
 
 
 void MemoryChunk::InsertAfter(MemoryChunk* other) {
   next_chunk_ = other->next_chunk_;
   prev_chunk_ = other;
   other->next_chunk_->prev_chunk_ = this;
   other->next_chunk_ = this;
 }
 
 
 void MemoryChunk::Unlink() {
   if (!InNewSpace() && IsFlagSet(SCAN_ON_SCAVENGE)) {
     heap_->decrement_scan_on_scavenge_pages();
     ClearFlag(SCAN_ON_SCAVENGE);
   }
   next_chunk_->prev_chunk_ = prev_chunk_;
   prev_chunk_->next_chunk_ = next_chunk_;
   prev_chunk_ = NULL;
   next_chunk_ = NULL;
 }
 
 
 MemoryChunk* MemoryAllocator::AllocateChunk(intptr_t body_size,
                                             Executability executable,
                                             Space* owner) {
-  size_t chunk_size = MemoryChunk::kObjectStartOffset + body_size;
+  size_t chunk_size;
   Heap* heap = isolate_->heap();
   Address base = NULL;
   VirtualMemory reservation;
+  Address area_start = NULL;
+  Address area_end = NULL;
   if (executable == EXECUTABLE) {
+    chunk_size = RoundUp(CodePageAreaStartOffset() + body_size,
+                         OS::CommitPageSize()) + CodePageGuardSize();
+
     // Check executable memory limit.
     if (size_executable_ + chunk_size > capacity_executable_) {
       LOG(isolate_,
           StringEvent("MemoryAllocator::AllocateRawMemory",
                       "V8 Executable Allocation capacity exceeded"));
       return NULL;
     }
 
     // Allocate executable memory either from code range or from the
     // OS.
     if (isolate_->code_range()->exists()) {
       base = isolate_->code_range()->AllocateRawMemory(chunk_size, &chunk_size);
       ASSERT(IsAligned(reinterpret_cast<intptr_t>(base),
                        MemoryChunk::kAlignment));
       if (base == NULL) return NULL;
       size_ += chunk_size;
       // Update executable memory size.
       size_executable_ += chunk_size;
     } else {
       base = AllocateAlignedMemory(chunk_size,
                                    MemoryChunk::kAlignment,
                                    executable,
                                    &reservation);
       if (base == NULL) return NULL;
       // Update executable memory size.
       size_executable_ += reservation.size();
     }
+
+#ifdef DEBUG
+    ZapBlock(base, CodePageGuardStartOffset());
+    ZapBlock(base + CodePageAreaStartOffset(), body_size);
+#endif
+    area_start = base + CodePageAreaStartOffset();
+    area_end = area_start + body_size;
   } else {
+    chunk_size = MemoryChunk::kObjectStartOffset + body_size;
     base = AllocateAlignedMemory(chunk_size,
                                  MemoryChunk::kAlignment,
                                  executable,
                                  &reservation);
 
     if (base == NULL) return NULL;
+
+#ifdef DEBUG
+    ZapBlock(base, chunk_size);
+#endif
+
+    area_start = base + Page::kObjectStartOffset;
+    area_end = base + chunk_size;
   }
 
-#ifdef DEBUG
-  ZapBlock(base, chunk_size);
-#endif
   isolate_->counters()->memory_allocated()->
       Increment(static_cast<int>(chunk_size));
 
   LOG(isolate_, NewEvent("MemoryChunk", base, chunk_size));
   if (owner != NULL) {
     ObjectSpace space = static_cast<ObjectSpace>(1 << owner->identity());
     PerformAllocationCallback(space, kAllocationActionAllocate, chunk_size);
   }
 
   MemoryChunk* result = MemoryChunk::Initialize(heap,
                                                 base,
                                                 chunk_size,
+                                                area_start,
+                                                area_end,
                                                 executable,
                                                 owner);
   result->set_reserved_memory(&reservation);
   return result;
 }
 
 
 Page* MemoryAllocator::AllocatePage(PagedSpace* owner,
                                     Executability executable) {
-  MemoryChunk* chunk = AllocateChunk(Page::kObjectAreaSize, executable, owner);
+  MemoryChunk* chunk = AllocateChunk(owner->AreaSize(),
+                                     executable,
+                                     owner);
 
   if (chunk == NULL) return NULL;
 
   return Page::Initialize(isolate_->heap(), chunk, executable, owner);
 }
 
 
 LargePage* MemoryAllocator::AllocateLargePage(intptr_t object_size,
                                               Executability executable,
                                               Space* owner) {
@@ skipping 100 matching lines @@
 #ifdef DEBUG
 void MemoryAllocator::ReportStatistics() {
   float pct = static_cast<float>(capacity_ - size_) / capacity_;
   PrintF("  capacity: %" V8_PTR_PREFIX "d"
              ", used: %" V8_PTR_PREFIX "d"
              ", available: %%%d\n\n",
          capacity_, size_, static_cast<int>(pct*100));
 }
 #endif
 
+
+int MemoryAllocator::CodePageGuardStartOffset() {
+  // We are guarding code pages: the first OS page after the header
+  // will be protected as non-writable.
+  return RoundUp(Page::kObjectStartOffset, OS::CommitPageSize());
+}
+
+
+int MemoryAllocator::CodePageGuardSize() {
+  return OS::CommitPageSize();
+}
+
+
+int MemoryAllocator::CodePageAreaStartOffset() {
+  // We are guarding code pages: the first OS page after the header
+  // will be protected as non-writable.
+  return CodePageGuardStartOffset() + CodePageGuardSize();
+}
+
+
+int MemoryAllocator::CodePageAreaEndOffset() {
+  // We are guarding code pages: the last OS page will be protected as
+  // non-writable.
+  return Page::kPageSize - OS::CommitPageSize();
+}
+
+
+bool MemoryAllocator::CommitCodePage(VirtualMemory* vm,
+                                     Address start,
+                                     size_t size) {
+  // Commit page header (not executable).
+  if (!vm->Commit(start,
+                  CodePageGuardStartOffset(),
+                  false)) {
+    return false;
+  }
+
+  // Create guard page after the header.
+  if (!vm->Guard(start + CodePageGuardStartOffset())) {
+    return false;
+  }
+
+  // Commit page body (executable).
+  size_t area_size = size - CodePageAreaStartOffset() - CodePageGuardSize();
+  if (!vm->Commit(start + CodePageAreaStartOffset(),
+                  area_size,
+                  true)) {
+    return false;
+  }
+
+  // Create guard page after the allocatable area.
+  if (!vm->Guard(start + CodePageAreaStartOffset() + area_size)) {
+    return false;
+  }
+
+  return true;
+}
+
+
 // -----------------------------------------------------------------------------
 // MemoryChunk implementation
 
 void MemoryChunk::IncrementLiveBytesFromMutator(Address address, int by) {
   MemoryChunk* chunk = MemoryChunk::FromAddress(address);
   if (!chunk->InNewSpace() && !static_cast<Page*>(chunk)->WasSwept()) {
     static_cast<PagedSpace*>(chunk->owner())->IncrementUnsweptFreeBytes(-by);
   }
   chunk->IncrementLiveBytes(by);
 }
 
 // -----------------------------------------------------------------------------
 // PagedSpace implementation
 
 PagedSpace::PagedSpace(Heap* heap,
                        intptr_t max_capacity,
                        AllocationSpace id,
                        Executability executable)
     : Space(heap, id, executable),
       free_list_(this),
       was_swept_conservatively_(false),
       first_unswept_page_(Page::FromAddress(NULL)),
       unswept_free_bytes_(0) {
+  if (id == CODE_SPACE) {
+    area_size_ = heap->isolate()->memory_allocator()->
+        CodePageAreaSize();
+  } else {
+    area_size_ = Page::kPageSize - Page::kObjectStartOffset;
+  }
   max_capacity_ = (RoundDown(max_capacity, Page::kPageSize) / Page::kPageSize)
-                  * Page::kObjectAreaSize;
+      * AreaSize();
   accounting_stats_.Clear();
 
   allocation_info_.top = NULL;
   allocation_info_.limit = NULL;
 
   anchor_.InitializeAsAnchor(this);
 }
 
 
 bool PagedSpace::SetUp() {
@@ skipping 29 matching lines @@
     Address cur = obj->address();
     Address next = cur + obj->Size();
     if ((cur <= addr) && (addr < next)) return obj;
   }
 
   UNREACHABLE();
   return Failure::Exception();
 }
 
 bool PagedSpace::CanExpand() {
-  ASSERT(max_capacity_ % Page::kObjectAreaSize == 0);
-  ASSERT(Capacity() % Page::kObjectAreaSize == 0);
+  ASSERT(max_capacity_ % AreaSize() == 0);
+  ASSERT(Capacity() % AreaSize() == 0);
 
   if (Capacity() == max_capacity_) return false;
 
   ASSERT(Capacity() < max_capacity_);
 
   // Are we going to exceed capacity for this space?
   if ((Capacity() + Page::kPageSize) > max_capacity_) return false;
 
   return true;
 }
@@ skipping 19 matching lines @@
   while (it.has_next()) {
     it.next();
     count++;
   }
   return count;
 }
 
 
 void PagedSpace::ReleasePage(Page* page) {
   ASSERT(page->LiveBytes() == 0);
+  ASSERT(AreaSize() == page->area_size());
 
   // Adjust list of unswept pages if the page is the head of the list.
   if (first_unswept_page_ == page) {
     first_unswept_page_ = page->next_page();
     if (first_unswept_page_ == anchor()) {
       first_unswept_page_ = Page::FromAddress(NULL);
     }
   }
 
   if (page->WasSwept()) {
     intptr_t size = free_list_.EvictFreeListItems(page);
     accounting_stats_.AllocateBytes(size);
-    ASSERT_EQ(Page::kObjectAreaSize, static_cast<int>(size));
+    ASSERT_EQ(AreaSize(), static_cast<int>(size));
   } else {
     DecreaseUnsweptFreeBytes(page);
   }
 
   if (Page::FromAllocationTop(allocation_info_.top) == page) {
     allocation_info_.top = allocation_info_.limit = NULL;
   }
 
   page->Unlink();
   if (page->IsFlagSet(MemoryChunk::CONTAINS_ONLY_DATA)) {
     heap()->isolate()->memory_allocator()->Free(page);
   } else {
     heap()->QueueMemoryChunkForFree(page);
   }
 
   ASSERT(Capacity() > 0);
-  ASSERT(Capacity() % Page::kObjectAreaSize == 0);
-  accounting_stats_.ShrinkSpace(Page::kObjectAreaSize);
+  ASSERT(Capacity() % AreaSize() == 0);
+  accounting_stats_.ShrinkSpace(AreaSize());
 }
 
 
 void PagedSpace::ReleaseAllUnusedPages() {
   PageIterator it(this);
   while (it.has_next()) {
     Page* page = it.next();
     if (!page->WasSwept()) {
       if (page->LiveBytes() == 0) ReleasePage(page);
     } else {
-      HeapObject* obj = HeapObject::FromAddress(page->body());
+      HeapObject* obj = HeapObject::FromAddress(page->area_start());
       if (obj->IsFreeSpace() &&
-          FreeSpace::cast(obj)->size() == Page::kObjectAreaSize) {
+          FreeSpace::cast(obj)->size() == AreaSize()) {
         // Sometimes we allocate memory from free list but don't
         // immediately initialize it (e.g. see PagedSpace::ReserveSpace
         // called from Heap::ReserveSpace that can cause GC before
         // reserved space is actually initialized).
         // Thus we can't simply assume that obj represents a valid
         // node still owned by a free list
         // Instead we should verify that the page is fully covered
         // by free list items.
         FreeList::SizeStats sizes;
         free_list_.CountFreeListItems(page, &sizes);
-        if (sizes.Total() == Page::kObjectAreaSize) {
+        if (sizes.Total() == AreaSize()) {
           ReleasePage(page);
         }
       }
     }
   }
   heap()->FreeQueuedChunks();
 }
 
 
 #ifdef DEBUG
@@ skipping 10 matching lines @@
       (allocation_info_.top == allocation_info_.limit);
   PageIterator page_iterator(this);
   while (page_iterator.has_next()) {
     Page* page = page_iterator.next();
     ASSERT(page->owner() == this);
     if (page == Page::FromAllocationTop(allocation_info_.top)) {
       allocation_pointer_found_in_space = true;
     }
     ASSERT(page->WasSweptPrecisely());
     HeapObjectIterator it(page, NULL);
-    Address end_of_previous_object = page->ObjectAreaStart();
-    Address top = page->ObjectAreaEnd();
+    Address end_of_previous_object = page->area_start();
+    Address top = page->area_end();
     int black_size = 0;
     for (HeapObject* object = it.Next(); object != NULL; object = it.Next()) {
       ASSERT(end_of_previous_object <= object->address());
 
       // The first word should be a map, and we expect all map pointers to
       // be in map space.
       Map* map = object->map();
       ASSERT(map->IsMap());
       ASSERT(heap()->map_space()->Contains(map));
 
@@ skipping 191 matching lines @@
     // TODO(gc): Change the limit on new-space allocation to prevent this
     // from happening (all such allocations should go directly to LOSpace).
     return false;
   }
   if (!to_space_.AdvancePage()) {
     // Failed to get a new page in to-space.
     return false;
   }
 
   // Clear remainder of current page.
-  Address limit = NewSpacePage::FromLimit(top)->body_limit();
+  Address limit = NewSpacePage::FromLimit(top)->area_end();
   if (heap()->gc_state() == Heap::SCAVENGE) {
     heap()->promotion_queue()->SetNewLimit(limit);
     heap()->promotion_queue()->ActivateGuardIfOnTheSamePage();
   }
 
   int remaining_in_page = static_cast<int>(limit - top);
   heap()->CreateFillerObjectAt(top, remaining_in_page);
   pages_used_++;
   UpdateAllocationInfo();
 
@@ skipping 29 matching lines @@
 
 #ifdef DEBUG
 // We do not use the SemiSpaceIterator because verification doesn't assume
 // that it works (it depends on the invariants we are checking).
 void NewSpace::Verify() {
   // The allocation pointer should be in the space or at the very end.
   ASSERT_SEMISPACE_ALLOCATION_INFO(allocation_info_, to_space_);
 
   // There should be objects packed in from the low address up to the
   // allocation pointer.
-  Address current = to_space_.first_page()->body();
+  Address current = to_space_.first_page()->area_start();
   CHECK_EQ(current, to_space_.space_start());
 
   while (current != top()) {
     if (!NewSpacePage::IsAtEnd(current)) {
       // The allocation pointer should not be in the middle of an object.
       CHECK(!NewSpacePage::FromLimit(current)->ContainsLimit(top()) ||
             current < top());
 
       HeapObject* object = HeapObject::FromAddress(current);
 
@@ skipping 14 matching lines @@
       VerifyPointersVisitor visitor;
       int size = object->Size();
       object->IterateBody(map->instance_type(), size, &visitor);
 
       current += size;
     } else {
       // At end of page, switch to next page.
       NewSpacePage* page = NewSpacePage::FromLimit(current)->next_page();
       // Next page should be valid.
       CHECK(!page->is_anchor());
-      current = page->body();
+      current = page->area_start();
     }
   }
 
   // Check semi-spaces.
   ASSERT_EQ(from_space_.id(), kFromSpace);
   ASSERT_EQ(to_space_.id(), kToSpace);
   from_space_.Verify();
   to_space_.Verify();
 }
 #endif
@@ skipping 765 matching lines @@
       sum += free_space->Size();
     }
     n = n->next();
   }
   return sum;
 }
 
 
 void FreeList::CountFreeListItems(Page* p, SizeStats* sizes) {
   sizes->huge_size_ = CountFreeListItemsInList(huge_list_, p);
-  if (sizes->huge_size_ < Page::kObjectAreaSize) {
+  if (sizes->huge_size_ < p->area_size()) {
     sizes->small_size_ = CountFreeListItemsInList(small_list_, p);
     sizes->medium_size_ = CountFreeListItemsInList(medium_list_, p);
     sizes->large_size_ = CountFreeListItemsInList(large_list_, p);
   } else {
     sizes->small_size_ = 0;
     sizes->medium_size_ = 0;
     sizes->large_size_ = 0;
   }
 }
 
 
 static intptr_t EvictFreeListItemsInList(FreeListNode** n, Page* p) {
   intptr_t sum = 0;
   while (*n != NULL) {
     if (Page::FromAddress((*n)->address()) == p) {
       FreeSpace* free_space = reinterpret_cast<FreeSpace*>(*n);
       sum += free_space->Size();
       *n = (*n)->next();
     } else {
       n = (*n)->next_address();
     }
   }
   return sum;
 }
 
 
 intptr_t FreeList::EvictFreeListItems(Page* p) {
   intptr_t sum = EvictFreeListItemsInList(&huge_list_, p);
 
-  if (sum < Page::kObjectAreaSize) {
+  if (sum < p->area_size()) {
     sum += EvictFreeListItemsInList(&small_list_, p) +
         EvictFreeListItemsInList(&medium_list_, p) +
         EvictFreeListItemsInList(&large_list_, p);
   }
 
   available_ -= static_cast<int>(sum);
 
   return sum;
 }
 
@@ skipping 101 matching lines @@
   }
   first_unswept_page_ = Page::FromAddress(NULL);
   unswept_free_bytes_ = 0;
 
   // Clear the free list before a full GC---it will be rebuilt afterward.
   free_list_.Reset();
 }
 
 
 bool PagedSpace::ReserveSpace(int size_in_bytes) {
-  ASSERT(size_in_bytes <= Page::kMaxHeapObjectSize);
+  ASSERT(size_in_bytes <= AreaSize());
   ASSERT(size_in_bytes == RoundSizeDownToObjectAlignment(size_in_bytes));
   Address current_top = allocation_info_.top;
   Address new_top = current_top + size_in_bytes;
   if (new_top <= allocation_info_.limit) return true;
 
   HeapObject* new_area = free_list_.Allocate(size_in_bytes);
   if (new_area == NULL) new_area = SlowAllocateRaw(size_in_bytes);
   if (new_area == NULL) return false;
 
   int old_linear_size = static_cast<int>(limit() - top());
@@ skipping 359 matching lines @@
     return Failure::RetryAfterGC(identity());
   }
 
   if (Size() + object_size > max_capacity_) {
     return Failure::RetryAfterGC(identity());
   }
 
   LargePage* page = heap()->isolate()->memory_allocator()->
       AllocateLargePage(object_size, executable, this);
   if (page == NULL) return Failure::RetryAfterGC(identity());
-  ASSERT(page->body_size() >= object_size);
+  ASSERT(page->area_size() >= object_size);
 
   size_ += static_cast<int>(page->size());
   objects_size_ += object_size;
   page_count_++;
   page->set_next_page(first_page_);
   first_page_ = page;
 
   HeapObject* object = page->GetObject();
 
 #ifdef DEBUG
@@ skipping 95 matching lines @@
 // We do not assume that the large object iterator works, because it depends
 // on the invariants we are checking during verification.
 void LargeObjectSpace::Verify() {
   for (LargePage* chunk = first_page_;
        chunk != NULL;
        chunk = chunk->next_page()) {
     // Each chunk contains an object that starts at the large object page's
     // object area start.
     HeapObject* object = chunk->GetObject();
     Page* page = Page::FromAddress(object->address());
-    ASSERT(object->address() == page->ObjectAreaStart());
+    ASSERT(object->address() == page->area_start());
 
     // The first word should be a map, and we expect all map pointers to be
     // in map space.
     Map* map = object->map();
     ASSERT(map->IsMap());
     ASSERT(heap()->map_space()->Contains(map));
 
     // We have only code, sequential strings, external strings
     // (sequential strings that have been morphed into external
     // strings), fixed arrays, and byte arrays in large object space.
@@ skipping 80 matching lines @@
     object->ShortPrint();
     PrintF("\n");
   }
   printf(" --------------------------------------\n");
   printf(" Marked: %x, LiveCount: %x\n", mark_size, LiveBytes());
 }
 
 #endif  // DEBUG
 
 } }  // namespace v8::internal