Reland "[compiler] Consider IsPendingAllocation in Ref construction"
This is the second reland of 4683d6fe Initial CL: crrev.com/c/2874663 First reland: crrev.com/c/2886861 The first reland fixes Ref construction failures in: - MapRef::instance_descriptors - NativeContext reads (see also crrev.com/c/2891575) The second reland (this CL): - Adds required infrastructure (e.g. kAssumeMemoryFence) but without enabling the IsPendingAllocation check. Enabling the check will be done separately to avoid further revert chains. Original change's description: > [compiler] Consider IsPendingAllocation in Ref construction > > The logic in JSHeapBroker::TryGetOrCreateData assumes that parts > of the object are safe to read. In particular, the instance type > must be readable for the chain of `Is##Name()` type checks. > > This is guaranteed if > > - a global memory fence happened after object initialization and > prior to the read by the compiler; or > - the object was published through a release store and read through > an acquire read. > > The former is protected by the new call to ObjectMayBeUninitialized > (which internally calls IsPendingAllocation) in TryGetOrCreateData. > > The latter must be marked explicitly by calling the new > MakeRefAssumeMemoryFence variant. > > Note that support in this CL is expected to be incomplete and will > have to be extended in the future as more cases show up in which > MakeRef calls must be converted to MakeRefAssumeMemoryFence or to > TryMakeRef. > > Bug: v8:7790,v8:11711 > Change-Id: Ic2f7d9fc46e4bfc3f6bbe42816f73fc5ec174337 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874663 > Commit-Queue: Jakob Gruber <jgruber@chromium.org> > Reviewed-by: Georg Neis <neis@chromium.org> > Cr-Commit-Position: refs/heads/master@{#74474} Bug: v8:7790,v8:11711,chromium:1207680,chromium:1207679 Change-Id: I123b2962df724a13dd2c7334ae949234bc3bf27a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2902738Reviewed-by: Georg Neis <neis@chromium.org> Commit-Queue: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#74638}
Showing
Please
register
or
sign in
to comment