306cf40344
This is a reland ofbc33f5aeba
Original change's description: > Reland "[arraybuffer] Rearchitect backing store ownership" > > This is a reland of31cd5d83d3
> > Original change's description: > > [arraybuffer] Rearchitect backing store ownership > > > > This CL completely rearchitects the ownership of array buffer backing stores, > > consolidating ownership into a {BackingStore} C++ object that is tracked > > throughout V8 using unique_ptr and shared_ptr where appropriate. > > > > Overall, lifetime management is simpler and more explicit. The numerous > > ways that array buffers were initialized have been streamlined to one > > Attach() method on JSArrayBuffer. The array buffer tracker in the > > GC implementation now manages std::shared_ptr<BackingStore> pointers, > > and the construction and destruction of the BackingStore object itself > > handles the underlying page or embedder-allocated memory. > > > > The embedder API remains unchanged for now. We use the > > v8::ArrayBuffer::Contents struct to hide an additional shared_ptr to > > keep the backing store alive properly, even in the case of aliases > > from live heap objects. Thus the embedder has a lower chance of making > > a mistake. Long-term, we should move the embedder to a model where they > > manage backing stores using shared_ptr to an opaque backing store object. > > > > R=mlippautz@chromium.org > > BUG=v8:9380,v8:9221 > > > > Change-Id: I48fae5ac85dcf6172a83f252439e77e7c1a16ccd > > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1584323 > > Commit-Queue: Ben Titzer <titzer@chromium.org> > > Reviewed-by: Ben Titzer <titzer@chromium.org> > > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > > Reviewed-by: Yang Guo <yangguo@chromium.org> > > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > > Cr-Commit-Position: refs/heads/master@{#62572} > > Bug: v8:9380, v8:9221 > Change-Id: If3f72967a8ebeb067c0edcfc16ed631e36829dbc > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1691906 > Commit-Queue: Ben Titzer <titzer@chromium.org> > Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> > Reviewed-by: Yang Guo <yangguo@chromium.org> > Reviewed-by: Ulan Degenbaev <ulan@chromium.org> > Cr-Commit-Position: refs/heads/master@{#62809} Bug: v8:9380, v8:9221 Change-Id: I9a2525753ae2424108d074fa81df5f25d945c824 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1709409 Commit-Queue: Ben Titzer <titzer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#62847}
132 lines
4.5 KiB
C++
132 lines
4.5 KiB
C++
// Copyright 2019 the V8 project authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
#include "src/wasm/wasm-objects-inl.h"
|
|
#include "src/wasm/wasm-opcodes.h"
|
|
|
|
#include "src/wasm/wasm-module-builder.h"
|
|
#include "test/cctest/cctest.h"
|
|
#include "test/cctest/manually-externalized-buffer.h"
|
|
#include "test/common/wasm/flag-utils.h"
|
|
#include "test/common/wasm/test-signatures.h"
|
|
#include "test/common/wasm/wasm-macro-gen.h"
|
|
#include "test/common/wasm/wasm-module-runner.h"
|
|
|
|
namespace v8 {
|
|
namespace internal {
|
|
namespace wasm {
|
|
namespace test_grow_memory {
|
|
|
|
using testing::CompileAndInstantiateForTesting;
|
|
using v8::internal::testing::ManuallyExternalizedBuffer;
|
|
|
|
namespace {
|
|
void ExportAsMain(WasmFunctionBuilder* f) {
|
|
f->builder()->AddExport(CStrVector("main"), f);
|
|
}
|
|
#define EMIT_CODE_WITH_END(f, code) \
|
|
do { \
|
|
f->EmitCode(code, sizeof(code)); \
|
|
f->Emit(kExprEnd); \
|
|
} while (false)
|
|
|
|
void Cleanup(Isolate* isolate = CcTest::InitIsolateOnce()) {
|
|
// By sending a low memory notifications, we will try hard to collect all
|
|
// garbage and will therefore also invoke all weak callbacks of actually
|
|
// unreachable persistent handles.
|
|
reinterpret_cast<v8::Isolate*>(isolate)->LowMemoryNotification();
|
|
}
|
|
} // namespace
|
|
|
|
TEST(GrowMemDetaches) {
|
|
{
|
|
Isolate* isolate = CcTest::InitIsolateOnce();
|
|
HandleScope scope(isolate);
|
|
Handle<WasmMemoryObject> memory_object =
|
|
WasmMemoryObject::New(isolate, 16, 100, SharedFlag::kNotShared)
|
|
.ToHandleChecked();
|
|
Handle<JSArrayBuffer> buffer(memory_object->array_buffer(), isolate);
|
|
int32_t result = WasmMemoryObject::Grow(isolate, memory_object, 0);
|
|
CHECK_EQ(16, result);
|
|
CHECK_NE(*buffer, memory_object->array_buffer());
|
|
CHECK(buffer->was_detached());
|
|
}
|
|
Cleanup();
|
|
}
|
|
|
|
TEST(Externalized_GrowMemMemSize) {
|
|
{
|
|
Isolate* isolate = CcTest::InitIsolateOnce();
|
|
HandleScope scope(isolate);
|
|
Handle<WasmMemoryObject> memory_object =
|
|
WasmMemoryObject::New(isolate, 16, 100, SharedFlag::kNotShared)
|
|
.ToHandleChecked();
|
|
ManuallyExternalizedBuffer external(
|
|
handle(memory_object->array_buffer(), isolate));
|
|
int32_t result = WasmMemoryObject::Grow(isolate, memory_object, 0);
|
|
CHECK_EQ(16, result);
|
|
CHECK_NE(*external.buffer_, memory_object->array_buffer());
|
|
CHECK(external.buffer_->was_detached());
|
|
}
|
|
Cleanup();
|
|
}
|
|
|
|
TEST(Run_WasmModule_Buffer_Externalized_GrowMem) {
|
|
{
|
|
Isolate* isolate = CcTest::InitIsolateOnce();
|
|
HandleScope scope(isolate);
|
|
TestSignatures sigs;
|
|
v8::internal::AccountingAllocator allocator;
|
|
Zone zone(&allocator, ZONE_NAME);
|
|
|
|
WasmModuleBuilder* builder = new (&zone) WasmModuleBuilder(&zone);
|
|
WasmFunctionBuilder* f = builder->AddFunction(sigs.i_v());
|
|
ExportAsMain(f);
|
|
byte code[] = {WASM_GROW_MEMORY(WASM_I32V_1(6)), WASM_DROP,
|
|
WASM_MEMORY_SIZE};
|
|
EMIT_CODE_WITH_END(f, code);
|
|
|
|
ZoneBuffer buffer(&zone);
|
|
builder->WriteTo(&buffer);
|
|
testing::SetupIsolateForWasmModule(isolate);
|
|
ErrorThrower thrower(isolate, "Test");
|
|
const Handle<WasmInstanceObject> instance =
|
|
CompileAndInstantiateForTesting(
|
|
isolate, &thrower, ModuleWireBytes(buffer.begin(), buffer.end()))
|
|
.ToHandleChecked();
|
|
Handle<WasmMemoryObject> memory_object(instance->memory_object(), isolate);
|
|
|
|
// Fake the Embedder flow by externalizing the array buffer.
|
|
ManuallyExternalizedBuffer external1(
|
|
handle(memory_object->array_buffer(), isolate));
|
|
|
|
// Grow using the API.
|
|
uint32_t result = WasmMemoryObject::Grow(isolate, memory_object, 4);
|
|
CHECK_EQ(16, result);
|
|
CHECK(external1.buffer_->was_detached()); // growing always detaches
|
|
CHECK_EQ(0, external1.buffer_->byte_length());
|
|
|
|
CHECK_NE(*external1.buffer_, memory_object->array_buffer());
|
|
|
|
// Fake the Embedder flow by externalizing the array buffer.
|
|
ManuallyExternalizedBuffer external2(
|
|
handle(memory_object->array_buffer(), isolate));
|
|
|
|
// Grow using an internal WASM bytecode.
|
|
result = testing::RunWasmModuleForTesting(isolate, instance, 0, nullptr);
|
|
CHECK_EQ(26, result);
|
|
CHECK(external2.buffer_->was_detached()); // growing always detaches
|
|
CHECK_EQ(0, external2.buffer_->byte_length());
|
|
CHECK_NE(*external2.buffer_, memory_object->array_buffer());
|
|
}
|
|
Cleanup();
|
|
}
|
|
|
|
} // namespace test_grow_memory
|
|
} // namespace wasm
|
|
} // namespace internal
|
|
} // namespace v8
|
|
|
|
#undef EMIT_CODE_WITH_END
|