In the chromium cross-build, v8 creates a mksnapshot binary for host and
creates snapshot_blob.bin for target by the binary.
I've been creating snapshot_blob.bin with external JS file to use my codes
without JS file on a custom browser.
Recently, I updated v8 version from 5.3.332 to 5.8.301, and got a crash
sometimes at the 'generated code' by v8. (So, it's hard to debug...)
When I create the snapshot_blob.bin by using *host mksnapshot, it crashes*.
But if I've done same thing by using *target mksnapshot* (I modified gyp
and get target's one.) on the target device,* it didn't crash* on the same
situation.
Also, the size of output snapshot_blob.bin files are different.
By --trace-codegen and inspecting codes, I got what js code makes the
crash. But it's super normal code.
* external JS
...
var CaseMapper = function CaseMapper(option) {
this.up = true; // (1)
...
}
var XXXX = new CaseMapper({...}); // create 2 objects during the snapshot
...
* After load
var YYYY = new CaseMapper({...}); // crashed!!
The crash doesn't occur with every JS class, but just a class.
(Sorry for actual js file. Cannot share in here because of security.)
If I remove assign codes to 'this' likes (1), it doesn't crash.
If I remove new CaseMapper on the external JS, it doesn't crash also.
Is there someone can help my situation?
(There are so many changes between two version. So, I cannot specify what
patch makes this issue.)
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups
"v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
