Reviewers: mvstanton, Yang,
Description:
Add a CHECK to make sure we don't accidentally serialize type feedback
BUG=chromium:440984
[email protected],[email protected]
LOG=n
Please review this at https://codereview.chromium.org/803063002/
Base URL: https://chromium.googlesource.com/v8/v8.git@master
Affected files (+50, -9 lines):
M src/serialize.h
M src/serialize.cc
M src/type-feedback-vector.h
M src/type-feedback-vector.cc
Index: src/serialize.cc
diff --git a/src/serialize.cc b/src/serialize.cc
index
01c55a1226efedc5cca0d8bc1f80ad99dede6ba4..d58d8e200f04abd7c74abb20a2ecc7a10736a490
100644
--- a/src/serialize.cc
+++ b/src/serialize.cc
@@ -1307,14 +1307,16 @@ void Deserializer::ReadData(Object** current,
Object** limit, int source_space,
}
-Serializer::Serializer(Isolate* isolate, SnapshotByteSink* sink)
+Serializer::Serializer(Isolate* isolate, SnapshotByteSink* sink,
+ bool allow_type_feedback)
: isolate_(isolate),
sink_(sink),
external_reference_encoder_(new ExternalReferenceEncoder(isolate)),
root_index_map_(isolate),
code_address_map_(NULL),
large_objects_total_size_(0),
- seen_large_objects_index_(0) {
+ seen_large_objects_index_(0),
+ allow_type_feedback_(allow_type_feedback) {
// The serializer is meant to be used only to generate initial heap
images
// from a context in which there is only one isolate.
for (int i = 0; i < kNumberOfPreallocatedSpaces; i++) {
@@ -1768,6 +1770,12 @@ void Serializer::ObjectSerializer::Serialize() {
}
}
+ if (object_->IsSharedFunctionInfo()
&& !serializer_->allow_type_feedback_) {
+ CHECK(SharedFunctionInfo::cast(object_)
+ ->feedback_vector()
+ ->CanBeSerialized());
+ }
+
int size = object_->Size();
Map* map = object_->map();
SerializePrologue(Serializer::SpaceOfObject(object_), size, map);
Index: src/serialize.h
diff --git a/src/serialize.h b/src/serialize.h
index
bd0c423a6aa8281838806e682afdabd7723b641e..aa9fc8073e7776498c23f2603c92783b2a53c14e
100644
--- a/src/serialize.h
+++ b/src/serialize.h
@@ -593,7 +593,8 @@ class CodeAddressMap;
// There can be only one serializer per V8 process.
class Serializer : public SerializerDeserializer {
public:
- Serializer(Isolate* isolate, SnapshotByteSink* sink);
+ Serializer(Isolate* isolate, SnapshotByteSink* sink,
+ bool allow_type_feedback);
~Serializer();
void VisitPointers(Object** start, Object** end) OVERRIDE;
@@ -725,6 +726,7 @@ class Serializer : public SerializerDeserializer {
// We map serialized large objects to indexes for back-referencing.
uint32_t large_objects_total_size_;
uint32_t seen_large_objects_index_;
+ bool allow_type_feedback_;
DISALLOW_COPY_AND_ASSIGN(Serializer);
};
@@ -732,11 +734,10 @@ class Serializer : public SerializerDeserializer {
class PartialSerializer : public Serializer {
public:
- PartialSerializer(Isolate* isolate,
- Serializer* startup_snapshot_serializer,
+ PartialSerializer(Isolate* isolate, Serializer*
startup_snapshot_serializer,
SnapshotByteSink* sink)
- : Serializer(isolate, sink),
- startup_serializer_(startup_snapshot_serializer) {
+ : Serializer(isolate, sink, true),
+ startup_serializer_(startup_snapshot_serializer) {
InitializeCodeAddressMap();
}
@@ -769,7 +770,7 @@ class PartialSerializer : public Serializer {
class StartupSerializer : public Serializer {
public:
StartupSerializer(Isolate* isolate, SnapshotByteSink* sink)
- : Serializer(isolate, sink), root_index_wave_front_(0) {
+ : Serializer(isolate, sink, true), root_index_wave_front_(0) {
// Clear the cache of objects used by the partial snapshot. After the
// strong roots have been serialized we can create a partial snapshot
// which will repopulate the cache with objects needed by that partial
@@ -827,7 +828,7 @@ class CodeSerializer : public Serializer {
private:
CodeSerializer(Isolate* isolate, SnapshotByteSink* sink, String* source,
Code* main_code)
- : Serializer(isolate, sink),
+ : Serializer(isolate, sink, false),
source_(source),
main_code_(main_code),
num_internalized_strings_(0) {
Index: src/type-feedback-vector.cc
diff --git a/src/type-feedback-vector.cc b/src/type-feedback-vector.cc
index
45028b87879f7bbe2984179c111f586ce6f9025e..00d2252256cb142fee159f80e1e321bce901fd4e
100644
--- a/src/type-feedback-vector.cc
+++ b/src/type-feedback-vector.cc
@@ -207,6 +207,35 @@ void
TypeFeedbackVector::ClearSlots(SharedFunctionInfo* shared) {
}
+bool TypeFeedbackVector::CanBeSerialized() {
+ int slots = Slots();
+ Isolate* isolate = GetIsolate();
+ Object* uninitialized_sentinel =
+ TypeFeedbackVector::RawUninitializedSentinel(isolate->heap());
+
+ for (int i = 0; i < slots; i++) {
+ FeedbackVectorSlot slot(i);
+ Object* obj = Get(slot);
+ if (obj->IsHeapObject() && obj != uninitialized_sentinel) {
+ return false;
+ }
+ }
+
+ slots = ICSlots();
+ if (slots == 0) return true;
+
+ // Now check vector-based ICs.
+ for (int i = 0; i < slots; i++) {
+ FeedbackVectorICSlot slot(i);
+ Object* obj = Get(slot);
+ if (obj != uninitialized_sentinel) {
+ return false;
+ }
+ }
+ return true;
+}
+
+
Handle<FixedArray> FeedbackNexus::EnsureArrayOfSize(int length) {
Isolate* isolate = GetIsolate();
Handle<Object> feedback = handle(GetFeedback(), isolate);
Index: src/type-feedback-vector.h
diff --git a/src/type-feedback-vector.h b/src/type-feedback-vector.h
index
864f336f90cb733f3e2ce28d875383bc25782231..39946fd4a83bd576b0660fb3ae29e96ab1231d1d
100644
--- a/src/type-feedback-vector.h
+++ b/src/type-feedback-vector.h
@@ -166,6 +166,9 @@ class TypeFeedbackVector : public FixedArray {
// Clears the vector slots and the vector ic slots.
void ClearSlots(SharedFunctionInfo* shared);
+ // Returns true if all slots are clear.
+ bool CanBeSerialized();
+
// The object that indicates an uninitialized cache.
static inline Handle<Object> UninitializedSentinel(Isolate* isolate);
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
