Home Explore 引导页 在线工具 Blog
Register Sign In
Pchen0
/
electron
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

chore: cherry-pick aeceeb2187a6 from v8 (#37654)

* chore: [22-x-y] cherry-pick aeceeb2187a6 from v8

* chore: update patches

---------

Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com>
Co-authored-by: electron-patch-conflict-fixer[bot] <83340002+electron-patch-conflict-fixer[bot]@users.noreply.github.com>
Pedro Pontes 2 years ago
parent
565c4fe9a7
commit
be71423d32
2 changed files with 91 additions and 0 deletions
Split View Show Diff Stats
  1. 1 0
      patches/v8/.patches
  2. 90 0
      patches/v8/cherry-pick-aeceeb2187a6.patch

+ 1 - 0
patches/v8/.patches
View File 

@@ -10,5 +10,6 @@ revert_runtime_dhceck_terminating_exception_in_microtasks.patch
 
 chore_disable_is_execution_terminating_dcheck.patch
 
 force_cppheapcreateparams_to_be_noncopyable.patch
 
 cherry-pick-e17eee4894be.patch
 
+cherry-pick-aeceeb2187a6.patch
 
 cherry-pick-546e00df97ac.patch
 
 cherry-pick-f6ddbf42b1ea.patch

+ 90 - 0
patches/v8/cherry-pick-aeceeb2187a6.patch
View File 

@@ -0,0 +1,90 @@
 
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 
+From: =?UTF-8?q?Marja=20H=C3=B6ltt=C3=A4?= <[email protected]>
 
+Date: Tue, 21 Feb 2023 13:38:34 +0100
 
+Subject: Merged [valueserializer] Fix map transition chain following w/
 
+ dictionary maps
 
+MIME-Version: 1.0
 
+Content-Type: text/plain; charset=UTF-8
 
+Content-Transfer-Encoding: 8bit
 
+
 
+Map::Update might return a dictionary map, and the calling code didn't
 
+take it into account.
 
+
 
+Bug: chromium:1412487
 
+(cherry picked from commit b0db6637936a88807b5512a4de68145d0a9d6f02)
 
+
 
+Change-Id: Ib5e55aa60719e4ac2f14d993a3fc3e908cd43d2e
 
+Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4290145
 
+Reviewed-by: Marja Hölttä <[email protected]>
 
+Reviewed-by: Lutz Vahl <[email protected]>
 
+Commit-Queue: Lutz Vahl <[email protected]>
 
+Cr-Commit-Position: refs/branch-heads/11.0@{#35}
 
+Cr-Branched-From: 06097c6f0c5af54fd5d6965d37027efb72decd4f-refs/heads/11.0.226@{#1}
 
+Cr-Branched-From: 6bf3344f5d9940de1ab253f1817dcb99c641c9d3-refs/heads/main@{#84857}
 
+
 
+diff --git a/src/objects/value-serializer.cc b/src/objects/value-serializer.cc
 
+index 61a7cae8e8a900694ba22637d04368dac56ebd5f..640f8621719fa5dee4909e215ae788b09f1b0ba5 100644
 
+--- a/src/objects/value-serializer.cc
 
++++ b/src/objects/value-serializer.cc
 
+@@ -2408,37 +2408,38 @@ Maybe<uint32_t> ValueDeserializer::ReadJSObjectProperties(
 
+         // Deserializaton of |value| might have deprecated current |target|,
 
+         // ensure we are working with the up-to-date version.
 
+         target = Map::Update(isolate_, target);
 
+-
 
+-        InternalIndex descriptor(properties.size());
 
+-        PropertyDetails details =
 
+-            target->instance_descriptors(isolate_).GetDetails(descriptor);
 
+-        Representation expected_representation = details.representation();
 
+-        if (value->FitsRepresentation(expected_representation)) {
 
+-          if (expected_representation.IsHeapObject() &&
 
+-              !target->instance_descriptors(isolate_)
 
+-                   .GetFieldType(descriptor)
 
+-                   .NowContains(value)) {
 
+-            Handle<FieldType> value_type =
 
+-                value->OptimalType(isolate_, expected_representation);
 
+-            MapUpdater::GeneralizeField(isolate_, target, descriptor,
 
+-                                        details.constness(),
 
+-                                        expected_representation, value_type);
 
+-          }
 
+-          DCHECK(target->instance_descriptors(isolate_)
 
++        if (!target->is_dictionary_map()) {
 
++          InternalIndex descriptor(properties.size());
 
++          PropertyDetails details =
 
++              target->instance_descriptors(isolate_).GetDetails(descriptor);
 
++          Representation expected_representation = details.representation();
 
++          if (value->FitsRepresentation(expected_representation)) {
 
++            if (expected_representation.IsHeapObject() &&
 
++                !target->instance_descriptors(isolate_)
 
+                      .GetFieldType(descriptor)
 
+-                     .NowContains(value));
 
+-          properties.push_back(value);
 
+-          map = target;
 
+-          continue;
 
+-        } else {
 
+-          transitioning = false;
 
++                     .NowContains(value)) {
 
++              Handle<FieldType> value_type =
 
++                  value->OptimalType(isolate_, expected_representation);
 
++              MapUpdater::GeneralizeField(isolate_, target, descriptor,
 
++                                          details.constness(),
 
++                                          expected_representation, value_type);
 
++            }
 
++            DCHECK(target->instance_descriptors(isolate_)
 
++                       .GetFieldType(descriptor)
 
++                       .NowContains(value));
 
++            properties.push_back(value);
 
++            map = target;
 
++            continue;
 
++          }
 
+         }
 
++        transitioning = false;
 
+       }
 
+ 
+       // Fell out of transitioning fast path. Commit the properties gathered so
 
+       // far, and then start setting properties slowly instead.
 
+       DCHECK(!transitioning);
 
+       CHECK_LT(properties.size(), std::numeric_limits<uint32_t>::max());
 
++      CHECK(!map->is_dictionary_map());
 
+       CommitProperties(object, map, properties);
 
+       num_properties = static_cast<uint32_t>(properties.size());
 
+