Bug 1562550 - (part 3) Poison unused memory when we shrink the nursery r=jonco
authorPaul Bone <pbone@mozilla.com>
Thu, 11 Jul 2019 02:32:43 +0000
changeset 482316 0e662f79db6c8c33dc99714b15a0d6367693578f
parent 482315 111838e2b22f9dcbf64f56e522360126ff16735c
child 482317 89feefb6541ea7a4a18875c4153c8f03b8774b32
push id36274
push useropoprus@mozilla.com
push dateThu, 11 Jul 2019 09:51:12 +0000
treeherdermozilla-central@0c0766222909 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjonco
bugs1562550
milestone70.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1562550 - (part 3) Poison unused memory when we shrink the nursery r=jonco When we shrink the nursery below one chunk, poison and mark as inaccessible the now unused part of that chunk. This is the only patch in this patch series that adds extra memory poisoning. Differential Revision: https://phabricator.services.mozilla.com/D37348
js/src/gc/Nursery.cpp
--- a/js/src/gc/Nursery.cpp
+++ b/js/src/gc/Nursery.cpp
@@ -1480,24 +1480,29 @@ void js::Nursery::shrinkAllocableSpace(s
   }
   MOZ_ASSERT(newCapacity < capacity_);
 
   unsigned newCount = JS_HOWMANY(newCapacity, ChunkSize);
   if (newCount < allocatedChunkCount()) {
     freeChunksFrom(newCount);
   }
 
+  size_t oldCapacity = capacity_;
   capacity_ = newCapacity;
   MOZ_ASSERT(capacity_ >= ArenaSize);
 
   setCurrentEnd();
 
   if (isSubChunkMode()) {
+    MOZ_ASSERT(currentChunk_ == 0);
+    chunk(0).poisonRange(newCapacity,
+                         Min(oldCapacity, NurseryChunkUsableSize) - newCapacity,
+                         JS_SWEPT_NURSERY_PATTERN, MemCheckKind::MakeNoAccess);
+
     AutoLockHelperThreadState lock;
-    MOZ_ASSERT(currentChunk_ == 0);
     decommitTask.queueRange(capacity_, chunk(0), lock);
     decommitTask.startOrRunIfIdle(lock);
   }
 }
 
 void js::Nursery::minimizeAllocableSpace() {
   shrinkAllocableSpace(tunables().gcMinNurseryBytes());
 }