commit | 59acab802a319da23c1c005e062fbc2bab4d348b | [log] [tgz] |
---|---|---|
author | Clemens Backes <clemensb@chromium.org> | Thu Jan 04 10:01:36 2024 |
committer | V8 LUCI CQ <v8-scoped@luci-project-accounts.iam.gserviceaccount.com> | Thu Jan 04 15:22:24 2024 |
tree | 56c6b845319e8f575360331af85bf733b2c75a23 | |
parent | 8cf17a14a78cc1276eb42e1b4bb699f705675530 [diff] |
[wasm] Introduce WasmTrustedInstanceData This CL moves most data from the WasmInstanceObject to a new WasmTrustedInstanceData. As the name suggests, this new object is allocated in the trusted space and can hence hold otherwise-unsafe data (like direct pointers). As the Wasm instance was still storing some unsafe pointers, this CL closes holes in the V8 sandbox, and allows us to land follow-up refactorings to remove more indirections for sandboxing (potentially after moving more data structures to the trusted space). The general idea is that during execution we mostly work with the WasmTrustedInstanceData object. This is passed as a direct pointer to Wasm functions and is stored in Wasm frames. The WasmInstanceObject is the JS-exposed wrapper, which also holds user-defined properties and elements. See the design doc (linked from the tracking bug) for all the details. R=ahaas@chromium.org, saelo@chromium.org Bug: v8:14499 Change-Id: I44fc81078d0785db1507ffcad1c1aaca39351e45 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/5130974 Reviewed-by: Samuel Groß <saelo@chromium.org> Reviewed-by: Darius Mercadier <dmercadier@chromium.org> Reviewed-by: Andreas Haas <ahaas@chromium.org> Reviewed-by: Camillo Bruni <cbruni@chromium.org> Reviewed-by: Eric Leese <leese@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/main@{#91680}
V8 is Google's open source JavaScript engine.
V8 implements ECMAScript as specified in ECMA-262.
V8 is written in C++ and is used in Google Chrome, the open source browser from Google.
V8 can run standalone, or can be embedded into any C++ application.
V8 Project page: https://v8.dev/docs
Checkout depot tools, and run
fetch v8
This will checkout V8 into the directory v8
and fetch all of its dependencies. To stay up to date, run
git pull origin gclient sync
For fetching all branches, add the following into your remote configuration in .git/config
:
fetch = +refs/branch-heads/*:refs/remotes/branch-heads/* fetch = +refs/tags/*:refs/tags/*
Please follow the instructions mentioned at v8.dev/docs/contribute.