Minor false positive fixes in ChakraCore

digitalinfinity · digitalinfinity · commit 746a9ec7f735 · 2016-09-14T11:20:42.000-07:00
1. BitVectors were not allocated as leaf, and this could cause the GC to interpret it's contents as pointer references. Switched to non-leaf
2. Temporary guest-arenas that were being cached could still get scanned, even if they weren't actively being used. Added a mechanism to unregister said arena when it wasn't used.
diff --git a/lib/Backend/NativeCodeData.cpp b/lib/Backend/NativeCodeData.cpp
@@ -67,6 +67,12 @@ NativeCodeData::Allocator::Alloc(size_t requestSize)
     return data;
 }
 
+char *
+NativeCodeData::Allocator::AllocLeaf(size_t requestSize)
+{
+    return Alloc(requestSize);
+}
+
 char *
 NativeCodeData::Allocator::AllocZero(size_t requestSize)
 {
diff --git a/lib/Backend/NativeCodeData.h b/lib/Backend/NativeCodeData.h
@@ -38,6 +38,8 @@ class NativeCodeData
 
         char * Alloc(DECLSPEC_GUARD_OVERFLOW size_t requestedBytes);
         char * AllocZero(DECLSPEC_GUARD_OVERFLOW size_t requestedBytes);
+        char * AllocLeaf(__declspec(guard(overflow)) size_t requestedBytes);
+
         NativeCodeData * Finalize();
         void Free(void * buffer, size_t byteSize);
 
diff --git a/lib/Common/DataStructures/FixedBitVector.h b/lib/Common/DataStructures/FixedBitVector.h
@@ -147,14 +147,14 @@ template <typename TAllocator>
 BVFixed * BVFixed::New(TAllocator * alloc, BVFixed * initBv)
 {
     BVIndex length = initBv->Length();
-    BVFixed *result = AllocatorNewPlus(TAllocator, alloc, sizeof(BVUnit) * BVFixed::WordCount(length), BVFixed, initBv);
+    BVFixed *result = AllocatorNewPlusLeaf(TAllocator, alloc, sizeof(BVUnit) * BVFixed::WordCount(length), BVFixed, initBv);
     return result;
 }
 
 template <typename TAllocator>
 BVFixed * BVFixed::New(DECLSPEC_GUARD_OVERFLOW BVIndex length, TAllocator * alloc, bool initialSet)
 {
-    BVFixed *result = AllocatorNewPlus(TAllocator, alloc, sizeof(BVUnit) * BVFixed::WordCount(length), BVFixed, length, initialSet);
+    BVFixed *result = AllocatorNewPlusLeaf(TAllocator, alloc, sizeof(BVUnit) * BVFixed::WordCount(length), BVFixed, length, initialSet);
     return result;
 }
 
diff --git a/lib/Runtime/Base/TempArenaAllocatorObject.cpp b/lib/Runtime/Base/TempArenaAllocatorObject.cpp
@@ -43,6 +43,31 @@ namespace Js
         Assert(allocator.AllocatedSize() == 0);
     }
 
+    template <bool isGuestArena>
+    void TempArenaAllocatorWrapper<isGuestArena>::AdviseInUse()
+    {
+        if (isGuestArena)
+        {
+            if (externalGuestArenaRef == nullptr)
+            {
+                externalGuestArenaRef = this->recycler->RegisterExternalGuestArena(this->GetAllocator());
+            }
+        }
+    }
+
+    template <bool isGuestArena>
+    void TempArenaAllocatorWrapper<isGuestArena>::AdviseNotInUse()
+    {
+        this->allocator.Reset();
+
+        if (isGuestArena)
+        {
+            Assert(externalGuestArenaRef != nullptr);
+            this->recycler->UnregisterExternalGuestArena(externalGuestArenaRef);
+            externalGuestArenaRef = nullptr;
+        }
+    }
+
     // Explicit instantiation
     template class TempArenaAllocatorWrapper<true>;
     template class TempArenaAllocatorWrapper<false>;
diff --git a/lib/Runtime/Base/TempArenaAllocatorObject.h b/lib/Runtime/Base/TempArenaAllocatorObject.h
@@ -18,6 +18,8 @@ namespace Js
 
     public:
 
+        void AdviseInUse();
+        void AdviseNotInUse();
 
         static TempArenaAllocatorWrapper* Create(ThreadContext * threadContext);
 
diff --git a/lib/Runtime/Base/ThreadContext.cpp b/lib/Runtime/Base/ThreadContext.cpp
@@ -2142,6 +2142,7 @@ ThreadContext::GetTemporaryGuestAllocator(LPCWSTR name)
     {
         temporaryGuestArenaAllocatorCount--;
         Js::TempGuestArenaAllocatorObject * allocator = recyclableData->temporaryGuestArenaAllocators[temporaryGuestArenaAllocatorCount];
+        allocator->AdviseInUse();
         recyclableData->temporaryGuestArenaAllocators[temporaryGuestArenaAllocatorCount] = nullptr;
         return allocator;
     }
@@ -2154,7 +2155,7 @@ ThreadContext::ReleaseTemporaryGuestAllocator(Js::TempGuestArenaAllocatorObject
 {
     if (temporaryGuestArenaAllocatorCount < MaxTemporaryArenaAllocators)
     {
-        tempGuestAllocator->GetAllocator()->Reset();
+        tempGuestAllocator->AdviseNotInUse();
         recyclableData->temporaryGuestArenaAllocators[temporaryGuestArenaAllocatorCount] = tempGuestAllocator;
         temporaryGuestArenaAllocatorCount++;
         return;

Original file line number	Diff line number	Diff line change
`@@ -67,6 +67,12 @@ NativeCodeData::Allocator::Alloc(size_t requestSize)`
`67`	`67`	`return data;`
`68`	`68`	`}`
`69`	`69`
	`70`	`+char *`
	`71`	`+NativeCodeData::Allocator::AllocLeaf(size_t requestSize)`
	`72`	`+{`
	`73`	`+ return Alloc(requestSize);`
	`74`	`+}`
	`75`	`+`
`70`	`76`	`char *`
`71`	`77`	`NativeCodeData::Allocator::AllocZero(size_t requestSize)`
`72`	`78`	`{`
Original file line number	Diff line number	Diff line change
`@@ -147,14 +147,14 @@ template <typename TAllocator>`
`147`	`147`	`BVFixed * BVFixed::New(TAllocator * alloc, BVFixed * initBv)`
`148`	`148`	`{`
`149`	`149`	`BVIndex length = initBv->Length();`
`150`		`- BVFixed result = AllocatorNewPlus(TAllocator, alloc, sizeof(BVUnit) BVFixed::WordCount(length), BVFixed, initBv);`
	`150`	`+ BVFixed result = AllocatorNewPlusLeaf(TAllocator, alloc, sizeof(BVUnit) BVFixed::WordCount(length), BVFixed, initBv);`
`151`	`151`	`return result;`
`152`	`152`	`}`
`153`	`153`
`154`	`154`	`template <typename TAllocator>`
`155`	`155`	`BVFixed * BVFixed::New(DECLSPEC_GUARD_OVERFLOW BVIndex length, TAllocator * alloc, bool initialSet)`
`156`	`156`	`{`
`157`		`- BVFixed result = AllocatorNewPlus(TAllocator, alloc, sizeof(BVUnit) BVFixed::WordCount(length), BVFixed, length, initialSet);`
	`157`	`+ BVFixed result = AllocatorNewPlusLeaf(TAllocator, alloc, sizeof(BVUnit) BVFixed::WordCount(length), BVFixed, length, initialSet);`
`158`	`158`	`return result;`
`159`	`159`	`}`
`160`	`160`
Original file line number	Diff line number	Diff line change
`@@ -2142,6 +2142,7 @@ ThreadContext::GetTemporaryGuestAllocator(LPCWSTR name)`
`2142`	`2142`	`{`
`2143`	`2143`	`temporaryGuestArenaAllocatorCount--;`
`2144`	`2144`	`Js::TempGuestArenaAllocatorObject * allocator = recyclableData->temporaryGuestArenaAllocators[temporaryGuestArenaAllocatorCount];`
	`2145`	`+ allocator->AdviseInUse();`
`2145`	`2146`	`recyclableData->temporaryGuestArenaAllocators[temporaryGuestArenaAllocatorCount] = nullptr;`
`2146`	`2147`	`return allocator;`
`2147`	`2148`	`}`
`@@ -2154,7 +2155,7 @@ ThreadContext::ReleaseTemporaryGuestAllocator(Js::TempGuestArenaAllocatorObject`
`2154`	`2155`	`{`
`2155`	`2156`	`if (temporaryGuestArenaAllocatorCount < MaxTemporaryArenaAllocators)`
`2156`	`2157`	`{`
`2157`		`- tempGuestAllocator->GetAllocator()->Reset();`
	`2158`	`+ tempGuestAllocator->AdviseNotInUse();`
`2158`	`2159`	`recyclableData->temporaryGuestArenaAllocators[temporaryGuestArenaAllocatorCount] = tempGuestAllocator;`
`2159`	`2160`	`temporaryGuestArenaAllocatorCount++;`
`2160`	`2161`	`return;`