Files · 6119362077322c37f36c932520a90bbafdb434dc · Linshizhi / V8

[heap, api] Check assumptions for embedder fields on set · 61193620

Michael Lippautz authored Aug 01, 2022

Previously, we would set embedder fields and do type checks (on
embedder fields) in the GC. This does not work nicely as embedder
fields contain system pointers whereas we can only operate with
tag-aligned reads/writes. The end result of assembling pointers was
somtimes broken for concurrent marking.

In this CL we reverse the mode and check assumptions when writing the
fields. From Blink we generally only write once and use the fields in
the GC and via reads multiple times.

We assume, that when running with CppHeap, any pointer on an instance
field that points into CppHeap, also has the type field set with the
appropriate tracing information. In debug builds we also verify that
the embedder field indeed points to the start of an Oilpan object.

Bug: chromium:1337690
Change-Id: I9f9a8e691cdcf666861a455dcf8f65f2fe80b034
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3788206
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/main@{#82120}

61193620

Name	Last commit	Last update
.github		Loading commit data...
bazel		Loading commit data...
build_overrides		Loading commit data...
custom_deps		Loading commit data...
docs		Loading commit data...
gni		Loading commit data...
include		Loading commit data...
infra		Loading commit data...
samples		Loading commit data...
src		Loading commit data...
test		Loading commit data...
testing		Loading commit data...
third_party		Loading commit data...
tools		Loading commit data...
.bazelrc		Loading commit data...
.clang-format		Loading commit data...
.clang-tidy		Loading commit data...
.editorconfig		Loading commit data...
.flake8		Loading commit data...
.git-blame-ignore-revs		Loading commit data...
.gitattributes		Loading commit data...
.gitignore		Loading commit data...
.gn		Loading commit data...
.mailmap		Loading commit data...
.style.yapf		Loading commit data...
.vpython		Loading commit data...
.vpython3		Loading commit data...
.ycm_extra_conf.py		Loading commit data...
AUTHORS		Loading commit data...
BUILD.bazel		Loading commit data...
BUILD.gn		Loading commit data...
CODE_OF_CONDUCT.md		Loading commit data...
COMMON_OWNERS		Loading commit data...
DEPS		Loading commit data...
DIR_METADATA		Loading commit data...
ENG_REVIEW_OWNERS		Loading commit data...
INFRA_OWNERS		Loading commit data...
INTL_OWNERS		Loading commit data...
LICENSE		Loading commit data...
LICENSE.fdlibm		Loading commit data...
LICENSE.strongtalk		Loading commit data...
LICENSE.v8		Loading commit data...
LOONG_OWNERS		Loading commit data...
MIPS_OWNERS		Loading commit data...
OWNERS		Loading commit data...
PPC_OWNERS		Loading commit data...
PRESUBMIT.py		Loading commit data...
README.md		Loading commit data...
RISCV_OWNERS		Loading commit data...
S390_OWNERS		Loading commit data...
WATCHLISTS		Loading commit data...
WORKSPACE		Loading commit data...
codereview.settings		Loading commit data...

README.md