Fix missing write barrier in deserialization. Issue 1783.

src/serialize.cc

 // Copyright 2011 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 765 matching lines @@
           ReadObject(space_number, dest_space, current);                       \
           emit_write_barrier = (space_number == NEW_SPACE &&                   \
                                 source_space != NEW_SPACE &&                   \
                                 source_space != CELL_SPACE);                   \
         } else {                                                               \
           Object* new_object = NULL;  /* May not be a real Object pointer. */  \
           if (where == kNewObject) {                                           \
             ASSIGN_DEST_SPACE(space_number)                                    \
             ReadObject(space_number, dest_space, &new_object);                 \
           } else if (where == kRootArray) {                                    \
+            if (source_space != CELL_SPACE &&                                  \
+                source_space != CODE_SPACE &&                                  \
+                source_space != OLD_DATA_SPACE) {                              \
+              emit_write_barrier = true;                                       \
+            }                                                                  \
             int root_id = source_->GetInt();                                   \
             new_object = isolate->heap()->roots_array_start()[root_id];        \
           } else if (where == kPartialSnapshotCache) {                         \
+            if (source_space != CELL_SPACE &&                                  \
+                source_space != CODE_SPACE &&                                  \
+                source_space != OLD_DATA_SPACE) {                              \
+              emit_write_barrier = true;                                       \
+            }                                                                  \
             int cache_index = source_->GetInt();                               \
             new_object = isolate->serialize_partial_snapshot_cache()           \
                 [cache_index];                                                 \
           } else if (where == kExternalReference) {                            \
             int reference_id = source_->GetInt();                              \
             Address address = external_reference_decoder_->                    \
                 Decode(reference_id);                                          \
             new_object = reinterpret_cast<Object*>(address);                   \
           } else if (where == kBackref) {                                      \
             emit_write_barrier = (space_number == NEW_SPACE &&                 \
@@ skipping 114 matching lines @@
         int size = source_->GetInt();
         byte* raw_data_out = reinterpret_cast<byte*>(current);
         source_->CopyRaw(raw_data_out, size);
         current = reinterpret_cast<Object**>(raw_data_out + size);
         break;
       }
 
       SIXTEEN_CASES(kRootArrayLowConstants)
       SIXTEEN_CASES(kRootArrayHighConstants) {
         int root_id = RootArrayConstantFromByteCode(data);
-        *current++ = isolate->heap()->roots_array_start()[root_id];
+        Object* object = isolate->heap()->roots_array_start()[root_id];
+        ASSERT(!isolate->heap()->InNewSpace(object));
+        *current++ = object;
         break;
       }
 
       case kRepeat: {
         int repeats = source_->GetInt();
         Object* object = current[-1];
+        ASSERT(!isolate->heap()->InNewSpace(object));
         for (int i = 0; i < repeats; i++) current[i] = object;
         current += repeats;
         break;
       }
 
+      STATIC_ASSERT(kRootArrayNumberOfConstantEncodings ==
+                    Heap::kOldSpaceRoots);
       STATIC_ASSERT(kMaxRepeats == 12);
       FOUR_CASES(kConstantRepeat)
       FOUR_CASES(kConstantRepeat + 4)
       FOUR_CASES(kConstantRepeat + 8) {
         int repeats = RepeatsForCode(data);
         Object* object = current[-1];
+        ASSERT(!isolate->heap()->InNewSpace(object));
         for (int i = 0; i < repeats; i++) current[i] = object;
         current += repeats;
         break;
       }
 
       // Deserialize a new object and write a pointer to it to the current
       // object.
       ONE_PER_SPACE(kNewObject, kPlain, kStartOfObject)
       // Support for direct instruction pointers in functions
       ONE_PER_CODE_SPACE(kNewObject, kPlain, kFirstInstruction)
@@ skipping 467 matching lines @@
 
 
 void Serializer::ObjectSerializer::VisitPointers(Object** start,
                                                  Object** end) {
   Object** current = start;
   while (current < end) {
     while (current < end && (*current)->IsSmi()) current++;
     if (current < end) OutputRawData(reinterpret_cast<Address>(current));
 
     while (current < end && !(*current)->IsSmi()) {
+      HeapObject* current_contents = HeapObject::cast(*current);
+      int root_index = serializer_->RootIndex(current_contents);
+      // Repeats are not subject to the write barrier so there are only some
+      // objects that can be used in a repeat encoding.  These are the early
+      // ones in the root array that are never in new space.
       if (current != start &&
-          current[0] == current[-1] &&
-          !HEAP->InNewSpace(*current)) {
+          root_index != kInvalidRootIndex &&
+          root_index < kRootArrayNumberOfConstantEncodings &&
+          current_contents == current[-1]) {
+        ASSERT(!HEAP->InNewSpace(current_contents));
         int repeat_count = 1;
-        while (current < end - 1 && current[repeat_count] == current[0]) {
+        while (current < end - 1 && current[repeat_count] == current_contents) {
           repeat_count++;
         }
         current += repeat_count;
         bytes_processed_so_far_ += repeat_count * kPointerSize;
         if (repeat_count > kMaxRepeats) {
           sink_->Put(kRepeat, "SerializeRepeats");
           sink_->PutInt(repeat_count, "SerializeRepeats");
         } else {
           sink_->Put(CodeForRepeats(repeat_count), "SerializeRepeats");
         }
       } else {
-        serializer_->SerializeObject(*current, kPlain, kStartOfObject);
+        serializer_->SerializeObject(current_contents, kPlain, kStartOfObject);
         bytes_processed_so_far_ += kPointerSize;
         current++;
       }
     }
   }
 }
 
 
 void Serializer::ObjectSerializer::VisitExternalReferences(Address* start,
                                                            Address* end) {
@@ skipping 166 matching lines @@
       fullness_[space] = RoundUp(fullness_[space], Page::kPageSize);
     }
   }
   int allocation_address = fullness_[space];
   fullness_[space] = allocation_address + size;
   return allocation_address;
 }
 
 
 } }  // namespace v8::internal