Status: Assigned
Owner: [email protected]
CC: [email protected], [email protected],
[email protected], [email protected]
Labels: Type-Bug Priority-Medium
New issue 3459 by [email protected]: AstValueFactory bypasses regular
string internalization
http://code.google.com/p/v8/issues/detail?id=3459
AstValueFactory implements its own version of string internalization logic.
That can easily break the internalization invariant of the heap if hash
seeds don't agree. Consider e.g. the following test case:
TEST(AstRawString_InternalizationAcrossInstances) {
i::Isolate* isolate = CcTest::i_isolate();
i::HandleScope scope(isolate);
i::Zone zone(isolate);
i::AstValueFactory avf1(&zone, 14);
i::AstValueFactory avf2(&zone, 35);
avf1.Internalize(isolate);
avf2.Internalize(isolate);
const i::AstRawString* name1 = avf1.GetOneByteString("result");
const i::AstRawString* name2 = avf2.GetOneByteString("result");
i::Handle<i::String> str1 = name1->string();
i::Handle<i::String> str2 = name2->string();
CHECK(str1->IsInternalizedString());
CHECK(str2->IsInternalizedString());
CHECK(*str1 == *str2); // Fails
}
I think this is bad. Although the AVF created for the parser is currently
seeded consistently, it's easy to screw this up, e.g. in test cases. It
shouldn't even be possible to violate the internal heap representation
invariants on a higher level -- that is, AVF should go through the regular
heap/factory abstraction for internalizing strings.
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
