55d00c95b0
The tracker needs to maintain the byte length as there is no order guarantee when sweeping pages and the byte length may be a HeapNumber that is stored on a different page. The abstraction for ArrayBuffers is left untouched. We distinguish between the following cases: 1. Regular AB (backing_store and bye_length should be used) 2. AB allocated using kReservation but not part of wasm 3. AB allocated using kReservation and part of wasm In practice, 2. does not exist, but we still maintain "allocation_base" and "allocation_length" which fall back to backing_store and byte_length in this case. The problematic part is that they look like innocent getters on the object but actually refer to different data structures or on-heap objects. Since 2. does not exist, and 3. looks up the bounds in its own tracker, it is fine for ArrayBufferTracker to pass backing_store and tracked byte_length. Bug: v8:7701 Change-Id: Ib89d5fe94fce5cef8e5d8343a5415a3b9ad0deba Reviewed-on: https://chromium-review.googlesource.com/1039385 Reviewed-by: Ben Titzer <titzer@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#52923} |
||
|---|---|---|
| .. | ||
| benchmarks | ||
| cctest | ||
| common | ||
| debugger | ||
| fuzzer | ||
| inspector | ||
| intl | ||
| js-perf-test | ||
| memory | ||
| message | ||
| mjsunit | ||
| mkgrokdump | ||
| mozilla | ||
| preparser | ||
| test262 | ||
| unittests | ||
| wasm-spec-tests | ||
| webkit | ||
| BUILD.gn | ||