From 053e54e784f94b918edd62236b7a92ef29ae0650 Mon Sep 17 00:00:00 2001
From: Reece Wilson <code@reece.sx>
Date: Sun, 29 Jan 2023 20:31:01 +0000
Subject: [PATCH] [-] (USE AFTER FREE) quick hack: removing a mutex guard on
 shared RemoveClient to temporarily mitigate a crash on deinit [*] Update
 default flags to internalize/canonlize more heap resources across isolate
 boundaries using the gross singleton hack [+] Added padding before the
 embedder name in the version string [-] Remove brand check from snapshot.
 Assuming this branch can only compile under my scripts, this isn't the place
 to worry about broken resource compiler actions. This is just going to
 pointlessly block trivial branding experiments. Gonna assume the nested blob
 we're linked against is fine.

(Last aurora commit: a27f18e3)
---
 include/v8-version-string.h      |  8 ++++++--
 src/flags/flag-definitions.h     |  8 ++++----
 src/heap/concurrent-allocator.cc |  6 +++++-
 src/heap/safepoint.cc            | 26 ++++++++++++++++++++++++--
 src/snapshot/snapshot.cc         | 30 +++++++++++++++---------------
 5 files changed, 54 insertions(+), 24 deletions(-)

diff --git a/include/v8-version-string.h b/include/v8-version-string.h
index 8faed2a740..f06d54aa7d 100644
--- a/include/v8-version-string.h
+++ b/include/v8-version-string.h
@@ -18,8 +18,12 @@
 
 #ifndef V8_EMBEDDER_STRING
 #define V8_EMBEDDER_STRING ""
+#define V8_EMBEDDER_STRING2 ""
+#else
+#define V8_EMBEDDER_STRING2 " " V8_EMBEDDER_STRING
 #endif
 
+
 #define V8_SX(x) #x
 #define V8_S(x) V8_SX(x)
 
@@ -27,12 +31,12 @@
 #define V8_VERSION_STRING                                        \
   V8_S(V8_MAJOR_VERSION)                                         \
   "." V8_S(V8_MINOR_VERSION) "." V8_S(V8_BUILD_NUMBER) "." V8_S( \
-      V8_PATCH_LEVEL) V8_EMBEDDER_STRING V8_CANDIDATE_STRING
+      V8_PATCH_LEVEL) V8_EMBEDDER_STRING2 V8_CANDIDATE_STRING
 #else
 #define V8_VERSION_STRING                              \
   V8_S(V8_MAJOR_VERSION)                               \
   "." V8_S(V8_MINOR_VERSION) "." V8_S(V8_BUILD_NUMBER) \
-      V8_EMBEDDER_STRING V8_CANDIDATE_STRING
+      V8_EMBEDDER_STRING2 V8_CANDIDATE_STRING
 #endif
 
 #endif  // V8_VERSION_STRING_H_
diff --git a/src/flags/flag-definitions.h b/src/flags/flag-definitions.h
index a5ea688504..5681b82ed6 100644
--- a/src/flags/flag-definitions.h
+++ b/src/flags/flag-definitions.h
@@ -725,15 +725,15 @@ DEFINE_BOOL(trace_baseline_concurrent_compilation, false,
 #define FLAG FLAG_FULL
 
 // Internalize into a shared string table in the shared isolate
-DEFINE_BOOL(shared_string_table, false, "internalize strings into shared table")
+DEFINE_BOOL(shared_string_table, true, "internalize strings into shared table")
 DEFINE_IMPLICATION(harmony_struct, shared_string_table)
-DEFINE_BOOL(shared_string_table_using_shared_space, false,
+DEFINE_BOOL(shared_string_table_using_shared_space, true,
             "internalize strings into shared table")
 DEFINE_IMPLICATION(shared_string_table_using_shared_space, shared_string_table)
 DEFINE_IMPLICATION(shared_string_table_using_shared_space, shared_space)
 DEFINE_IMPLICATION(harmony_struct, shared_string_table)
 DEFINE_BOOL(
-    always_use_string_forwarding_table, false,
+    always_use_string_forwarding_table, true,
     "use string forwarding table instead of thin strings for all strings")
 // With --always-use-string-forwarding-table, we can have young generation
 // string entries in the forwarding table, requiring table updates when these
@@ -1269,7 +1269,7 @@ DEFINE_BOOL(separate_gc_phases, false,
 DEFINE_BOOL(global_gc_scheduling, true,
             "enable GC scheduling based on global memory")
 DEFINE_BOOL(gc_global, false, "always perform global GCs")
-DEFINE_BOOL(shared_space, false,
+DEFINE_BOOL(shared_space, true,
             "Implement shared heap as shared space on a main isolate.")
 
 // TODO(12950): The next two flags only have an effect if
diff --git a/src/heap/concurrent-allocator.cc b/src/heap/concurrent-allocator.cc
index 7f63bc09bd..359d9abe3d 100644
--- a/src/heap/concurrent-allocator.cc
+++ b/src/heap/concurrent-allocator.cc
@@ -100,7 +100,10 @@ void ConcurrentAllocator::FreeLinearAllocationArea() {
         ->DestroyBlackAreaBackground(lab_.top(), lab_.limit());
   }
 
-  MakeLabIterable();
+  if (!(context_ == Context::kNotGC && !owning_heap()->incremental_marking())) {
+    MakeLabIterable();
+  }
+
   ResetLab();
 }
 
@@ -283,6 +286,7 @@ AllocationResult ConcurrentAllocator::AllocateOutsideLab(
 
 bool ConcurrentAllocator::IsBlackAllocationEnabled() const {
   return context_ == Context::kNotGC &&
+         owning_heap()->incremental_marking() &&
          owning_heap()->incremental_marking()->black_allocation();
 }
 
diff --git a/src/heap/safepoint.cc b/src/heap/safepoint.cc
index 87a40837d0..9dfd95a5e5 100644
--- a/src/heap/safepoint.cc
+++ b/src/heap/safepoint.cc
@@ -315,9 +315,31 @@ void GlobalSafepoint::RemoveClient(Isolate* client) {
 
   // A shared heap may have already acquired the client mutex to perform a
   // shared GC. We need to park the Isolate here to allow for a shared GC.
+
+  if (!client) {
+    client->shared_isolate_ = nullptr;
+    return;
+  }
+
+  if (!client->heap()) {
+    client->shared_isolate_ = nullptr;
+    return;
+  }
+
   IgnoreLocalGCRequests ignore_gc_requests(client->heap());
-  ParkedRecursiveMutexGuard guard(client->main_thread_local_heap(),
-                                  &clients_mutex_);
+
+  if (!client->main_thread_local_heap()) {
+    client->shared_isolate_ = nullptr;
+    return;
+  }
+
+  if (!client->main_thread_local_heap()->heap()) {
+    client->shared_isolate_ = nullptr;
+    return;
+  }
+
+  //ParkedRecursiveMutexGuard guard(client->main_thread_local_heap(),
+  //                                &clients_mutex_);
 
   if (client->global_safepoint_next_client_isolate_) {
     client->global_safepoint_next_client_isolate_
diff --git a/src/snapshot/snapshot.cc b/src/snapshot/snapshot.cc
index 3af67804cf..0bccd7af37 100644
--- a/src/snapshot/snapshot.cc
+++ b/src/snapshot/snapshot.cc
@@ -703,21 +703,21 @@ base::Vector<const byte> SnapshotImpl::ExtractContextData(
 }
 
 void SnapshotImpl::CheckVersion(const v8::StartupData* data) {
-  if (!Snapshot::VersionIsValid(data)) {
-    char version[kVersionStringLength];
-    memset(version, 0, kVersionStringLength);
-    CHECK_LT(kVersionStringOffset + kVersionStringLength,
-             static_cast<uint32_t>(data->raw_size));
-    Version::GetString(base::Vector<char>(version, kVersionStringLength));
-    FATAL(
-        "Version mismatch between V8 binary and snapshot.\n"
-        "#   V8 binary version: %.*s\n"
-        "#    Snapshot version: %.*s\n"
-        "# The snapshot consists of %d bytes and contains %d context(s).",
-        kVersionStringLength, version, kVersionStringLength,
-        data->data + kVersionStringOffset, data->raw_size,
-        ExtractNumContexts(data));
-  }
+  //if (!Snapshot::VersionIsValid(data)) {
+  //  char version[kVersionStringLength];
+  //  memset(version, 0, kVersionStringLength);
+  //  CHECK_LT(kVersionStringOffset + kVersionStringLength,
+  //           static_cast<uint32_t>(data->raw_size));
+  //  Version::GetString(base::Vector<char>(version, kVersionStringLength));
+  //  FATAL(
+  //      "Version mismatch between V8 binary and snapshot.\n"
+  //      "#   V8 binary version: %.*s\n"
+  //      "#    Snapshot version: %.*s\n"
+  //      "# The snapshot consists of %d bytes and contains %d context(s).",
+  //      kVersionStringLength, version, kVersionStringLength,
+  //      data->data + kVersionStringOffset, data->raw_size,
+  //      ExtractNumContexts(data));
+  //}
 }
 
 namespace {