• Igor Sheludko's avatar
    Reland "[ptr-compr] Make on-heap JSTypedArrays smi-corrupting friendly" · dc1a93b8
    Igor Sheludko authored
    This is a reland of 6f9b2bd4
    
    We must load JSTypedArray::base_pointer in TurboFan as tagged value otherwise
    this value may become stale pointer after GC.
    
    Original change's description:
    > [ptr-compr] Make on-heap JSTypedArrays smi-corrupting friendly
    >
    > On-heap typed arrays contain HeapObject value in |base_pointer| field
    > and an offset in |external_pointer| field. When pointer compression is
    > enabled we want to combine decompression with the offset addition.
    > In order to do that we add an isolate root to the external_pointer value
    > and therefore the data pointer computation can is a simple addition of
    > a (potentially sign-extended) |base_pointer| loaded as Tagged_t value
    > and an |external_pointer| value.
    >
    > Bug: v8:9706
    > Change-Id: Id5c546c353c81fb25e3598921bc78165d10a9c44
    > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1807369
    > Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
    > Reviewed-by: Jakob Gruber <jgruber@chromium.org>
    > Reviewed-by: Toon Verwaest <verwaest@chromium.org>
    > Reviewed-by: Georg Neis <neis@chromium.org>
    > Commit-Queue: Igor Sheludko <ishell@chromium.org>
    > Cr-Commit-Position: refs/heads/master@{#63874}
    
    Bug: v8:9706, chromium:1005599
    Cq-Include-Trybots: luci.chromium.try:gpu-fyi-try-win10-nvidia-rel-64
    Change-Id: I7bbd2a439306cdd11f2bb0dab5863498624d9740
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1813744Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
    Reviewed-by: 's avatarToon Verwaest <verwaest@chromium.org>
    Reviewed-by: 's avatarJakob Gruber <jgruber@chromium.org>
    Reviewed-by: 's avatarGeorg Neis <neis@chromium.org>
    Commit-Queue: Igor Sheludko <ishell@chromium.org>
    Cr-Commit-Position: refs/heads/master@{#63898}
    dc1a93b8
Name
Last commit
Last update
..
arm Loading commit data...
arm64 Loading commit data...
ia32 Loading commit data...
mips Loading commit data...
mips64 Loading commit data...
ppc Loading commit data...
s390 Loading commit data...
x64 Loading commit data...
OWNERS Loading commit data...
accessors.cc Loading commit data...
accessors.h Loading commit data...
arguments.tq Loading commit data...
array-copywithin.tq Loading commit data...
array-every.tq Loading commit data...
array-filter.tq Loading commit data...
array-find.tq Loading commit data...
array-findindex.tq Loading commit data...
array-foreach.tq Loading commit data...
array-join.tq Loading commit data...
array-lastindexof.tq Loading commit data...
array-map.tq Loading commit data...
array-of.tq Loading commit data...
array-reduce-right.tq Loading commit data...
array-reduce.tq Loading commit data...
array-reverse.tq Loading commit data...
array-shift.tq Loading commit data...
array-slice.tq Loading commit data...
array-some.tq Loading commit data...
array-splice.tq Loading commit data...
array-unshift.tq Loading commit data...
array.tq Loading commit data...
base.tq Loading commit data...
bigint.tq Loading commit data...
boolean.tq Loading commit data...
builtins-api.cc Loading commit data...
builtins-arguments-gen.cc Loading commit data...
builtins-arguments-gen.h Loading commit data...
builtins-array-gen.cc Loading commit data...
builtins-array-gen.h Loading commit data...
builtins-array.cc Loading commit data...
builtins-arraybuffer.cc Loading commit data...
builtins-async-function-gen.cc Loading commit data...
builtins-async-gen.cc Loading commit data...
builtins-async-gen.h Loading commit data...
builtins-async-generator-gen.cc Loading commit data...
builtins-async-iterator-gen.cc Loading commit data...
builtins-async-module.cc Loading commit data...
builtins-bigint-gen.cc Loading commit data...
builtins-bigint-gen.h Loading commit data...
builtins-bigint.cc Loading commit data...
builtins-boolean-gen.cc Loading commit data...
builtins-call-gen.cc Loading commit data...
builtins-call-gen.h Loading commit data...
builtins-call.cc Loading commit data...
builtins-callsite.cc Loading commit data...
builtins-collections-gen.cc Loading commit data...
builtins-collections-gen.h Loading commit data...
builtins-collections.cc Loading commit data...
builtins-console-gen.cc Loading commit data...
builtins-console.cc Loading commit data...
builtins-constructor-gen.cc Loading commit data...
builtins-constructor-gen.h Loading commit data...
builtins-constructor.h Loading commit data...
builtins-conversion-gen.cc Loading commit data...
builtins-data-view-gen.h Loading commit data...
builtins-dataview.cc Loading commit data...
builtins-date-gen.cc Loading commit data...
builtins-date.cc Loading commit data...
builtins-debug-gen.cc Loading commit data...
builtins-definitions.h Loading commit data...
builtins-descriptors.h Loading commit data...
builtins-error.cc Loading commit data...
builtins-extras-utils.cc Loading commit data...
builtins-function-gen.cc Loading commit data...
builtins-function.cc Loading commit data...
builtins-generator-gen.cc Loading commit data...
builtins-global-gen.cc Loading commit data...
builtins-global.cc Loading commit data...
builtins-handler-gen.cc Loading commit data...
builtins-ic-gen.cc Loading commit data...
builtins-internal-gen.cc Loading commit data...
builtins-internal.cc Loading commit data...
builtins-interpreter-gen.cc Loading commit data...
builtins-intl-gen.cc Loading commit data...
builtins-intl.cc Loading commit data...
builtins-iterator-gen.cc Loading commit data...
builtins-iterator-gen.h Loading commit data...
builtins-json.cc Loading commit data...
builtins-lazy-gen.cc Loading commit data...
builtins-lazy-gen.h Loading commit data...
builtins-math-gen.cc Loading commit data...
builtins-math-gen.h Loading commit data...
builtins-microtask-queue-gen.cc Loading commit data...
builtins-number-gen.cc Loading commit data...
builtins-number.cc Loading commit data...
builtins-object-gen.cc Loading commit data...
builtins-object-gen.h Loading commit data...
builtins-object.cc Loading commit data...
builtins-promise-gen.cc Loading commit data...
builtins-promise-gen.h Loading commit data...
builtins-promise.cc Loading commit data...
builtins-promise.h Loading commit data...
builtins-proxy-gen.cc Loading commit data...
builtins-proxy-gen.h Loading commit data...
builtins-reflect-gen.cc Loading commit data...
builtins-reflect.cc Loading commit data...
builtins-regexp-gen.cc Loading commit data...
builtins-regexp-gen.h Loading commit data...
builtins-regexp.cc Loading commit data...
builtins-sharedarraybuffer-gen.cc Loading commit data...
builtins-sharedarraybuffer.cc Loading commit data...
builtins-string-gen.cc Loading commit data...
builtins-string-gen.h Loading commit data...
builtins-string.cc Loading commit data...
builtins-symbol-gen.cc Loading commit data...
builtins-symbol.cc Loading commit data...
builtins-trace.cc Loading commit data...
builtins-typed-array-gen.cc Loading commit data...
builtins-typed-array-gen.h Loading commit data...
builtins-typed-array.cc Loading commit data...
builtins-utils-gen.h Loading commit data...
builtins-utils-inl.h Loading commit data...
builtins-utils.h Loading commit data...
builtins-wasm-gen.cc Loading commit data...
builtins-weak-refs.cc Loading commit data...
builtins.cc Loading commit data...
builtins.h Loading commit data...
collections.tq Loading commit data...
constants-table-builder.cc Loading commit data...
constants-table-builder.h Loading commit data...
data-view.tq Loading commit data...
extras-utils.tq Loading commit data...
frames.tq Loading commit data...
generate-bytecodes-builtins-list.cc Loading commit data...
growable-fixed-array-gen.cc Loading commit data...
growable-fixed-array-gen.h Loading commit data...
growable-fixed-array.tq Loading commit data...
internal-coverage.tq Loading commit data...
iterator.tq Loading commit data...
math.tq Loading commit data...
object-fromentries.tq Loading commit data...
object.tq Loading commit data...
proxy-constructor.tq Loading commit data...
proxy-delete-property.tq Loading commit data...
proxy-get-property.tq Loading commit data...
proxy-get-prototype-of.tq Loading commit data...
proxy-has-property.tq Loading commit data...
proxy-is-extensible.tq Loading commit data...
proxy-prevent-extensions.tq Loading commit data...
proxy-revocable.tq Loading commit data...
proxy-revoke.tq Loading commit data...
proxy-set-property.tq Loading commit data...
proxy-set-prototype-of.tq Loading commit data...
proxy.tq Loading commit data...
reflect.tq Loading commit data...
regexp-exec.tq Loading commit data...
regexp-match.tq Loading commit data...
regexp-replace.tq Loading commit data...
regexp-search.tq Loading commit data...
regexp-source.tq Loading commit data...
regexp-split.tq Loading commit data...
regexp-test.tq Loading commit data...
regexp.tq Loading commit data...
setup-builtins-internal.cc Loading commit data...
string-endswith.tq Loading commit data...
string-html.tq Loading commit data...
string-iterator.tq Loading commit data...
string-pad.tq Loading commit data...
string-repeat.tq Loading commit data...
string-slice.tq Loading commit data...
string-startswith.tq Loading commit data...
string-substring.tq Loading commit data...
string.tq Loading commit data...
torque-internal.tq Loading commit data...
typed-array-createtypedarray.tq Loading commit data...
typed-array-every.tq Loading commit data...
typed-array-filter.tq Loading commit data...
typed-array-find.tq Loading commit data...
typed-array-findindex.tq Loading commit data...
typed-array-foreach.tq Loading commit data...
typed-array-reduce.tq Loading commit data...
typed-array-reduceright.tq Loading commit data...
typed-array-slice.tq Loading commit data...
typed-array-some.tq Loading commit data...
typed-array-subarray.tq Loading commit data...
typed-array.tq Loading commit data...