-
Samuel Groß authored
The main changes of this CL are: It should no longer be assumed that an empty ArrayBuffer has a nullptr backing store. This is in preparation for the move to caged pointers, which cannot represent nullptr, and will instead likely provide a EmptyBackingStore constant pointing inside the virtual memory cage. For that reason, a new JSArrayBuffer::IsEmpty() helper is introduced, which should be used instead of checking against nullptr. CodeStubAssembler::GetTypedArrayBuffer now checks for on-heap TypedArrays instead of comparing the backing store pointer to nullptr. This is consistent with the implementation in JSTypedArray::GetBuffer. v8::ArrayBufferView::CopyContents now uses JSTypedArray::DataPtr instead of relying on nullptr backing stores to handle on-heap TypedArrays. The serializer and deserializer now check for IsEmpty() and use the kEmptyBackingStoreRefSentinel value to serialize empty backing stores. Empty ArrayBuffers allocated for on-heap TypedArrays now have a byte_length of zero. This allows removing the allocation_length() (and allocation_buffer()) methods, which were only (incorrectly, as they don't account for GSABs) used for memory measurements. Bug: chromium:1218005 Change-Id: Ib889ccf855f68525f7a614f3963e46ea56865fa3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3297709Reviewed-by:
Leszek Swirski <leszeks@chromium.org> Reviewed-by:
Michael Lippautz <mlippautz@chromium.org> Reviewed-by:
Igor Sheludko <ishell@chromium.org> Reviewed-by:
Marja Hölttä <marja@chromium.org> Commit-Queue: Samuel Groß <saelo@chromium.org> Cr-Commit-Position: refs/heads/main@{#78069}
6e68daf7
