Reviewers: Toon Verwaest,
Message:
Please take a look.
Description:
Serializer: do not miss outdated contexts if they are serialized deferred.
[email protected]
Please review this at https://codereview.chromium.org/1189183002/
Base URL: https://chromium.googlesource.com/v8/v8.git@master
Affected files (+53, -2 lines):
M src/snapshot/serialize.cc
M test/cctest/test-serialize.cc
Index: src/snapshot/serialize.cc
diff --git a/src/snapshot/serialize.cc b/src/snapshot/serialize.cc
index
fe33c3e8b2d71e86aa6322ab5ff69700baa7b298..66c47195ed2779d727da0350ac584b6ab464455a
100644
--- a/src/snapshot/serialize.cc
+++ b/src/snapshot/serialize.cc
@@ -617,8 +617,8 @@ MaybeHandle<Object> Deserializer::DeserializePartial(
Object* root;
Object* outdated_contexts;
VisitPointer(&root);
- VisitPointer(&outdated_contexts);
DeserializeDeferredObjects();
+ VisitPointer(&outdated_contexts);
// There's no code deserialized here. If this assert fires then that's
// changed and logging should be added to notify the profiler et al of
the
@@ -1395,8 +1395,8 @@ void PartialSerializer::Serialize(Object** o) {
back_reference_map()->AddGlobalProxy(context->global_proxy());
}
VisitPointer(o);
- SerializeOutdatedContextsAsFixedArray();
SerializeDeferredObjects();
+ SerializeOutdatedContextsAsFixedArray();
Pad();
}
Index: test/cctest/test-serialize.cc
diff --git a/test/cctest/test-serialize.cc b/test/cctest/test-serialize.cc
index
89623305499907c64c14475000f309a5c0219098..6089e43db7b7025549ef41202073952b234552b5
100644
--- a/test/cctest/test-serialize.cc
+++ b/test/cctest/test-serialize.cc
@@ -702,6 +702,57 @@ TEST(PerIsolateSnapshotBlobs) {
}
+static void SerializationFunctionTemplate(
+ const v8::FunctionCallbackInfo<v8::Value>& args) {
+ args.GetReturnValue().Set(args[0]);
+}
+
+
+TEST(PerIsolateSnapshotBlobsOutdatedContextWithOverflow) {
+ DisableTurbofan();
+
+ const char* source1 =
+ "var o = {};"
+ "(function() {"
+ " function f1(x) { return f2(x) instanceof Array; }"
+ " function f2(x) { return foo.bar(x); }"
+ " o.a = f2.bind(null);"
+ " o.b = 1;"
+ " o.c = 2;"
+ " o.d = 3;"
+ " o.e = 4;"
+ "})();\n";
+
+ const char* source2 = "o.a(42)";
+
+ v8::StartupData data = v8::V8::CreateSnapshotDataBlob(source1);
+
+ v8::Isolate::CreateParams params;
+ params.snapshot_blob = &data;
+ params.array_buffer_allocator = CcTest::array_buffer_allocator();
+
+ v8::Isolate* isolate = v8::Isolate::New(params);
+ {
+ v8::Isolate::Scope i_scope(isolate);
+ v8::HandleScope h_scope(isolate);
+
+ v8::Local<v8::ObjectTemplate> global =
v8::ObjectTemplate::New(isolate);
+ v8::Local<v8::ObjectTemplate> property =
v8::ObjectTemplate::New(isolate);
+ v8::Local<v8::FunctionTemplate> function =
+ v8::FunctionTemplate::New(isolate, SerializationFunctionTemplate);
+ property->Set(isolate, "bar", function);
+ global->Set(isolate, "foo", property);
+
+ v8::Local<v8::Context> context = v8::Context::New(isolate, NULL,
global);
+ delete[] data.data; // We can dispose of the snapshot blob now.
+ v8::Context::Scope c_scope(context);
+ v8::Local<v8::Value> result = CompileRun(source2);
+ CHECK(v8_str("42")->Equals(result));
+ }
+ isolate->Dispose();
+}
+
+
TEST(PerIsolateSnapshotBlobsWithLocker) {
DisableTurbofan();
v8::Isolate::CreateParams create_params;
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
