• Samuel Groß's avatar
    Introduce CagedPointer · afd15549
    Samuel Groß authored
    A CagedPointer is guaranteed to point into the Virtual Memory Cage and
    will for example be used for ArrayBuffer backing stores when the heap
    sandbox is enabled. In the current implementation, CagedPointers are
    stored as offsets from the cage base, shifted to the left. Because the
    cage base address is usually available in a register, accessing a
    CagedPointer is very efficient, requiring only an additional shift and
    add operation.
    
    Bug: chromium:1218005
    Change-Id: Ifc8c088e3862400672051a8c52840514dee2911f
    Cq-Include-Trybots: luci.v8.try:v8_linux64_heap_sandbox_dbg_ng,v8_linux_arm64_sim_heap_sandbox_dbg_ng
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3123417Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
    Reviewed-by: 's avatarIgor Sheludko <ishell@chromium.org>
    Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
    Commit-Queue: Samuel Groß <saelo@chromium.org>
    Cr-Commit-Position: refs/heads/main@{#77614}
    afd15549
js-native-context-specialization.cc 148 KB