Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(68)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/wasm/wasm-module.cc

Issue 2653183003: [wasm] Memory buffer should be detached after Memory.Grow (Closed)
Patch Set: Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« src/wasm/wasm-js.cc ('K') | « src/wasm/wasm-js.cc ('k') | test/mjsunit/wasm/import-memory.js » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 the V8 project authors. All rights reserved. 1 // Copyright 2015 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include <memory> 5 #include <memory>
6 6
7 #include "src/assembler-inl.h" 7 #include "src/assembler-inl.h"
8 #include "src/base/adapters.h" 8 #include "src/base/adapters.h"
9 #include "src/base/atomic-utils.h" 9 #include "src/base/atomic-utils.h"
10 #include "src/code-stubs.h" 10 #include "src/code-stubs.h"
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after
54 it.rinfo()->set_target_object(*new_ref); 54 it.rinfo()->set_target_object(*new_ref);
55 } 55 }
56 } 56 }
57 } 57 }
58 58
59 static void MemoryFinalizer(const v8::WeakCallbackInfo<void>& data) { 59 static void MemoryFinalizer(const v8::WeakCallbackInfo<void>& data) {
60 DisallowHeapAllocation no_gc; 60 DisallowHeapAllocation no_gc;
61 JSArrayBuffer** p = reinterpret_cast<JSArrayBuffer**>(data.GetParameter()); 61 JSArrayBuffer** p = reinterpret_cast<JSArrayBuffer**>(data.GetParameter());
62 JSArrayBuffer* buffer = *p; 62 JSArrayBuffer* buffer = *p;
63 63
64 void* memory = buffer->backing_store(); 64 if (!buffer->was_neutered()) {
65 base::OS::Free(memory, 65 void* memory = buffer->backing_store();
Eric Holk 2017/01/25 18:16:57 `DCHECK(memory != nullptr)` would probably be good
gdeepti 2017/01/25 18:59:19 Done.
66 RoundUp(kWasmMaxHeapOffset, base::OS::CommitPageSize())); 66 base::OS::Free(memory,
67 RoundUp(kWasmMaxHeapOffset, base::OS::CommitPageSize()));
67 68
68 data.GetIsolate()->AdjustAmountOfExternalAllocatedMemory( 69 data.GetIsolate()->AdjustAmountOfExternalAllocatedMemory(
69 -buffer->byte_length()->Number()); 70 -buffer->byte_length()->Number());
71 }
70 72
71 GlobalHandles::Destroy(reinterpret_cast<Object**>(p)); 73 GlobalHandles::Destroy(reinterpret_cast<Object**>(p));
72 } 74 }
73 75
74 #if V8_TARGET_ARCH_64_BIT 76 #if V8_TARGET_ARCH_64_BIT
75 const bool kGuardRegionsSupported = true; 77 const bool kGuardRegionsSupported = true;
76 #else 78 #else
77 const bool kGuardRegionsSupported = false; 79 const bool kGuardRegionsSupported = false;
78 #endif 80 #endif
79 81
(...skipping 2262 matching lines...) Expand 10 before | Expand all | Expand 10 after
2342 old_size = old_buffer->byte_length()->Number(); 2344 old_size = old_buffer->byte_length()->Number();
2343 } 2345 }
2344 DCHECK(old_size + pages * WasmModule::kPageSize <= 2346 DCHECK(old_size + pages * WasmModule::kPageSize <=
2345 std::numeric_limits<uint32_t>::max()); 2347 std::numeric_limits<uint32_t>::max());
2346 uint32_t new_size = old_size + pages * WasmModule::kPageSize; 2348 uint32_t new_size = old_size + pages * WasmModule::kPageSize;
2347 if (new_size <= old_size || max_pages * WasmModule::kPageSize < new_size || 2349 if (new_size <= old_size || max_pages * WasmModule::kPageSize < new_size ||
2348 FLAG_wasm_max_mem_pages * WasmModule::kPageSize < new_size) { 2350 FLAG_wasm_max_mem_pages * WasmModule::kPageSize < new_size) {
2349 return Handle<JSArrayBuffer>::null(); 2351 return Handle<JSArrayBuffer>::null();
2350 } 2352 }
2351 2353
2352 Handle<JSArrayBuffer> new_buffer; 2354 const bool enable_guard_regions =
2353 if (!old_buffer.is_null() && old_buffer->has_guard_region()) { 2355 (!old_buffer.is_null() && old_buffer->has_guard_region()) ? true : false;
titzer 2017/01/25 09:28:57 You don't need to do the {x ? true : false}, you c
gdeepti 2017/01/25 21:05:24 Done.
2354 // We don't move the backing store, we simply change the protection to make 2356 Handle<JSArrayBuffer> new_buffer =
2355 // more of it accessible. 2357 NewArrayBuffer(isolate, new_size, enable_guard_regions);
titzer 2017/01/25 09:28:57 I think should adjust the old logic here (just cha
gdeepti 2017/01/25 21:05:24 After offline discussions with Eric (summarized he
2356 base::OS::Unprotect(old_buffer->backing_store(), new_size); 2358 if (new_buffer.is_null()) return new_buffer;
2357 reinterpret_cast<v8::Isolate*>(isolate) 2359 Address new_mem_start = static_cast<Address>(new_buffer->backing_store());
2358 ->AdjustAmountOfExternalAllocatedMemory(pages * WasmModule::kPageSize); 2360 if (old_size != 0) {
2359 Handle<Object> new_size_object = 2361 memcpy(new_mem_start, old_mem_start, old_size);
2360 isolate->factory()->NewNumberFromSize(new_size);
2361 old_buffer->set_byte_length(*new_size_object);
2362 new_buffer = old_buffer;
2363 } else {
2364 const bool enable_guard_regions = false;
2365 new_buffer = NewArrayBuffer(isolate, new_size, enable_guard_regions);
2366 if (new_buffer.is_null()) return new_buffer;
2367 Address new_mem_start = static_cast<Address>(new_buffer->backing_store());
2368 if (old_size != 0) {
2369 memcpy(new_mem_start, old_mem_start, old_size);
2370 }
2371 } 2362 }
2372 return new_buffer; 2363 return new_buffer;
2373 } 2364 }
2374 2365
2375 void UncheckedUpdateInstanceMemory(Isolate* isolate, 2366 void UncheckedUpdateInstanceMemory(Isolate* isolate,
2376 Handle<WasmInstanceObject> instance, 2367 Handle<WasmInstanceObject> instance,
2377 Address old_mem_start, uint32_t old_size) { 2368 Address old_mem_start, uint32_t old_size) {
2378 DCHECK(instance->has_memory_buffer()); 2369 DCHECK(instance->has_memory_buffer());
2379 Handle<JSArrayBuffer> new_buffer(instance->memory_buffer()); 2370 Handle<JSArrayBuffer> new_buffer(instance->memory_buffer());
2380 uint32_t new_size = new_buffer->byte_length()->Number(); 2371 uint32_t new_size = new_buffer->byte_length()->Number();
(...skipping 373 matching lines...) Expand 10 before | Expand all | Expand 10 after
2754 Handle<FixedArray> storage = factory->NewFixedArray(num_custom_sections); 2745 Handle<FixedArray> storage = factory->NewFixedArray(num_custom_sections);
2755 JSArray::SetContent(array_object, storage); 2746 JSArray::SetContent(array_object, storage);
2756 array_object->set_length(Smi::FromInt(num_custom_sections)); 2747 array_object->set_length(Smi::FromInt(num_custom_sections));
2757 2748
2758 for (int i = 0; i < num_custom_sections; i++) { 2749 for (int i = 0; i < num_custom_sections; i++) {
2759 storage->set(i, *matching_sections[i]); 2750 storage->set(i, *matching_sections[i]);
2760 } 2751 }
2761 2752
2762 return array_object; 2753 return array_object;
2763 } 2754 }
OLDNEW
« src/wasm/wasm-js.cc ('K') | « src/wasm/wasm-js.cc ('k') | test/mjsunit/wasm/import-memory.js » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698