-
Michael Lippautz authored
Previously, we would set embedder fields and do type checks (on embedder fields) in the GC. This does not work nicely as embedder fields contain system pointers whereas we can only operate with tag-aligned reads/writes. The end result of assembling pointers was somtimes broken for concurrent marking. In this CL we reverse the mode and check assumptions when writing the fields. From Blink we generally only write once and use the fields in the GC and via reads multiple times. We assume, that when running with CppHeap, any pointer on an instance field that points into CppHeap, also has the type field set with the appropriate tracing information. In debug builds we also verify that the embedder field indeed points to the start of an Oilpan object. Bug: chromium:1337690 Change-Id: I9f9a8e691cdcf666861a455dcf8f65f2fe80b034 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3788206 Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Dominik Inführ <dinfuehr@chromium.org> Reviewed-by:
Omer Katz <omerkatz@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Cr-Commit-Position: refs/heads/main@{#82120}
61193620
