AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
45d4d220d2
v8/test/unittests/objects/roots-unittest.cc
Manos Koukoutos 45d4d220d2 [wasm] Move js-to-wasm wrappers to the isolate 
We move js-to-wasm wrappers to a WeakFixedArray in the isolate,
indexed by their canonical type index. This ensures that they are
reused across instances, and get GC'd when no longer needed.
We also remove eager compilation of wrappers.
This CL fixes some issues that were caused by out-of-bounds accesses
to wrapper arrays attached to module objects.

Bug: chromium:1363859, chromium:1363895

Change-Id: Idec0925e775f51fdfa7cd380379b0d1798295a0c
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3893860
Reviewed-by: Dominik Inführ <dinfuehr@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Manos Koukoutos <manoskouk@chromium.org>
Cr-Commit-Position: refs/heads/main@{#83275}
2022-09-16 15:08:53 +00:00

100 lines
3.5 KiB
C++
Raw Blame History

// Copyright 2018 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "src/common/globals.h"
#include "src/heap/basic-memory-chunk.h"
#include "src/heap/heap-inl.h"
#include "src/objects/cell.h"
#include "src/objects/feedback-cell.h"
#include "src/objects/script.h"
#include "src/roots/roots-inl.h"
#include "test/unittests/test-utils.h"
#include "testing/gtest/include/gtest/gtest.h"
namespace v8 {
namespace internal {
using RootsTest = TestWithIsolate;
namespace {
AllocationSpace GetSpaceFromObject(Object object) {
DCHECK(object.IsHeapObject());
BasicMemoryChunk* chunk =
BasicMemoryChunk::FromHeapObject(HeapObject::cast(object));
if (chunk->InReadOnlySpace()) return RO_SPACE;
return chunk->owner()->identity();
}
} // namespace
#define CHECK_IN_RO_SPACE(type, name, CamelName) \
HeapObject name = roots.name(); \
CHECK_EQ(RO_SPACE, GetSpaceFromObject(name));
// The following tests check that all the roots accessible via ReadOnlyRoots are
// in RO_SPACE.
TEST_F(RootsTest, TestReadOnlyRoots) {
ReadOnlyRoots roots(i_isolate());
READ_ONLY_ROOT_LIST(CHECK_IN_RO_SPACE)
}
#undef CHECK_IN_RO_SPACE
namespace {
bool IsInitiallyMutable(Factory* factory, Address object_address) {
// Entries in this list are in STRONG_MUTABLE_MOVABLE_ROOT_LIST, but may
// initially point to objects that are in RO_SPACE.
#define INITIALLY_READ_ONLY_ROOT_LIST(V) \
V(api_private_symbol_table) \
V(api_symbol_table) \
V(basic_block_profiling_data) \
V(builtins_constants_table) \
V(current_microtask) \
V(detached_contexts) \
V(feedback_vectors_for_profiling_tools) \
V(shared_wasm_memories) \
V(materialized_objects) \
V(public_symbol_table) \
V(retaining_path_targets) \
V(serialized_global_proxy_sizes) \
V(serialized_objects) \
IF_WASM(V, js_to_wasm_wrappers) \
IF_WASM(V, wasm_canonical_rtts) \
V(weak_refs_keep_during_job)
#define TEST_CAN_BE_READ_ONLY(name) \
if (factory->name().address() == object_address) return false;
INITIALLY_READ_ONLY_ROOT_LIST(TEST_CAN_BE_READ_ONLY)
#undef TEST_CAN_BE_READ_ONLY
#undef INITIALLY_READ_ONLY_ROOT_LIST
return true;
}
} // namespace
// The CHECK_EQ line is there just to ensure that the root is publicly
// accessible from Heap, but ultimately the factory is used as it provides
// handles that have the address in the root table.
#define CHECK_NOT_IN_RO_SPACE(type, name, CamelName) \
Handle<Object> name = factory->name(); \
CHECK_EQ(*name, heap->name()); \
if (name->IsHeapObject() && IsInitiallyMutable(factory, name.address()) && \
!name->IsUndefined(i_isolate())) { \
CHECK_NE(RO_SPACE, GetSpaceFromObject(HeapObject::cast(*name))); \
}
// The following tests check that all the roots accessible via public Heap
// accessors are not in RO_SPACE with the exception of the objects listed in
// INITIALLY_READ_ONLY_ROOT_LIST.
TEST_F(RootsTest, TestHeapRootsNotReadOnly) {
Factory* factory = i_isolate()->factory();
Heap* heap = i_isolate()->heap();
MUTABLE_ROOT_LIST(CHECK_NOT_IN_RO_SPACE)
}
#undef CHECK_NOT_IN_RO_SPACE
} // namespace internal
} // namespace v8
Reference in New Issue View Git Blame Copy Permalink