From: ricow@chromium.org Date: Wed, 19 Oct 2011 10:15:09 +0000 (+0000) Subject: Don't allow large object space to grow over the max oldspace limit (fixes issue 1717) X-Git-Tag: upstream/4.7.83~18166 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=1c21a9dc6ae48708d0767e302e0b191facc53aa4;p=platform%2Fupstream%2Fv8.git Don't allow large object space to grow over the max oldspace limit (fixes issue 1717) Review URL: http://codereview.chromium.org/8345040 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@9695 ce2b1a6d-e550-0410-aec6-3dcde31c8c00 --- diff --git a/src/heap.cc b/src/heap.cc index 3dde96d7c..218df79ff 100644 --- a/src/heap.cc +++ b/src/heap.cc @@ -5450,7 +5450,7 @@ bool Heap::Setup(bool create_heap_objects) { // The large object code space may contain code or data. We set the memory // to be non-executable here for safety, but this means we need to enable it // explicitly when allocating large code objects. - lo_space_ = new LargeObjectSpace(this, LO_SPACE); + lo_space_ = new LargeObjectSpace(this, max_old_generation_size_, LO_SPACE); if (lo_space_ == NULL) return false; if (!lo_space_->Setup()) return false; if (create_heap_objects) { diff --git a/src/spaces.cc b/src/spaces.cc index 861bc2786..2b933694b 100644 --- a/src/spaces.cc +++ b/src/spaces.cc @@ -2291,8 +2291,11 @@ HeapObject* LargeObjectIterator::Next() { // ----------------------------------------------------------------------------- // LargeObjectSpace -LargeObjectSpace::LargeObjectSpace(Heap* heap, AllocationSpace id) +LargeObjectSpace::LargeObjectSpace(Heap* heap, + intptr_t max_capacity, + AllocationSpace id) : Space(heap, id, NOT_EXECUTABLE), // Managed on a per-allocation basis + max_capacity_(max_capacity), first_page_(NULL), size_(0), page_count_(0), @@ -2332,6 +2335,10 @@ MaybeObject* LargeObjectSpace::AllocateRaw(int object_size, return Failure::RetryAfterGC(identity()); } + if (Size() + object_size > max_capacity_) { + return Failure::RetryAfterGC(identity()); + } + LargePage* page = heap()->isolate()->memory_allocator()-> AllocateLargePage(object_size, executable, this); if (page == NULL) return Failure::RetryAfterGC(identity()); diff --git a/src/spaces.h b/src/spaces.h index 2fddba577..8fa4d427e 100644 --- a/src/spaces.h +++ b/src/spaces.h @@ -2442,7 +2442,7 @@ class CellSpace : public FixedSpace { class LargeObjectSpace : public Space { public: - LargeObjectSpace(Heap* heap, AllocationSpace id); + LargeObjectSpace(Heap* heap, intptr_t max_capacity, AllocationSpace id); virtual ~LargeObjectSpace() {} // Initializes internal data structures. @@ -2512,6 +2512,7 @@ class LargeObjectSpace : public Space { bool SlowContains(Address addr) { return !FindObject(addr)->IsFailure(); } private: + intptr_t max_capacity_; // The head of the linked list of large object chunks. LargePage* first_page_; intptr_t size_; // allocated bytes