// pointer of the new space page. We store a filler object there to
// identify the unused space.
Address from_top = new_space_.top();
- Address from_limit = new_space_.limit();
- if (from_top < from_limit) {
- int remaining_in_page = static_cast<int>(from_limit - from_top);
- CreateFillerObjectAt(from_top, remaining_in_page);
+ // Check that from_top is inside its page (i.e., not at the end).
+ Address space_end = new_space_.ToSpaceEnd();
+ if (from_top < space_end) {
+ Page* page = Page::FromAddress(from_top);
+ if (page->Contains(from_top)) {
+ int remaining_in_page = static_cast<int>(page->area_end() - from_top);
+ CreateFillerObjectAt(from_top, remaining_in_page);
+ }
}
}
if (!i::FLAG_allocation_site_pretenuring) return;
v8::HandleScope scope(CcTest::isolate());
+ SetUpNewSpaceWithPoisonedMementoAtTop();
+
+ // Call GC to see if we can handle a poisonous memento right after the
+ // current new space top pointer.
+ CcTest::i_isolate()->heap()->CollectAllGarbage(
+ Heap::kAbortIncrementalMarkingMask);
+}
+
+
+TEST(Regress470390) {
+ CcTest::InitializeVM();
+ if (!i::FLAG_allocation_site_pretenuring) return;
+ v8::HandleScope scope(CcTest::isolate());
SetUpNewSpaceWithPoisonedMementoAtTop();
+ // Set the new space limit to be equal to the top.
+ Address top = CcTest::i_isolate()->heap()->new_space()->top();
+ *(CcTest::i_isolate()->heap()->new_space()->allocation_limit_address()) = top;
+
// Call GC to see if we can handle a poisonous memento right after the
// current new space top pointer.
CcTest::i_isolate()->heap()->CollectAllGarbage(
projects / platform / upstream / v8.git / commitdiff