Fix deserializer to understand direct pointers from code to cell payloads.

src/serialize.cc

 // Copyright 2012 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 820 matching lines @@
             ASSERT(where == kFromStart);                                       \
             if (offset_from_start == kUnknownOffsetFromStart) {                \
               emit_write_barrier = (space_number == NEW_SPACE);                \
               new_object = GetAddressFromStart(data & kSpaceMask);             \
             } else {                                                           \
               Address object_address = pages_[space_number][0] +               \
                   (offset_from_start << kObjectAlignmentBits);                 \
               new_object = HeapObject::FromAddress(object_address);            \
             }                                                                  \
           }                                                                    \
-          if (within == kFirstInstruction) {                                   \
-            Code* new_code_object = reinterpret_cast<Code*>(new_object);       \
-            new_object = reinterpret_cast<Object*>(                            \
-                new_code_object->instruction_start());                         \
+          if (within == kInnerPointer) {                                       \
+            if (space_number != CODE_SPACE || new_object->IsCode()) {          \
+              Code* new_code_object = reinterpret_cast<Code*>(new_object);     \
+              new_object = reinterpret_cast<Object*>(                          \
+                  new_code_object->instruction_start());                       \
+            } else {                                                           \
+              ASSERT(space_number == CODE_SPACE || space_number == kLargeCode);\
+              JSGlobalPropertyCell* cell =                                     \
+                  JSGlobalPropertyCell::cast(new_object);                      \
+              new_object = reinterpret_cast<Object*>(                          \
+                  cell->ValueAddress());                                       \
+            }                                                                  \
           }                                                                    \
           if (how == kFromCode) {                                              \
             Address location_of_branch_data =                                  \
                 reinterpret_cast<Address>(current);                            \
             Assembler::deserialization_set_special_target_at(                  \
                 location_of_branch_data,                                       \
                 reinterpret_cast<Address>(new_object));                        \
             location_of_branch_data += Assembler::kSpecialTargetSize;          \
             current = reinterpret_cast<Object**>(location_of_branch_data);     \
             current_was_incremented = true;                                    \
@@ skipping 117 matching lines @@
         Object* object = current[-1];
         ASSERT(!isolate->heap()->InNewSpace(object));
         for (int i = 0; i < repeats; i++) current[i] = object;
         current += repeats;
         break;
       }
 
       // Deserialize a new object and write a pointer to it to the current
       // object.
       ONE_PER_SPACE(kNewObject, kPlain, kStartOfObject)
-      // Support for direct instruction pointers in functions
-      ONE_PER_CODE_SPACE(kNewObject, kPlain, kFirstInstruction)
+      // Support for direct instruction pointers in functions.  It's an inner
+      // pointer because it points at the entry point, not at the start of the
+      // code object.
+      ONE_PER_CODE_SPACE(kNewObject, kPlain, kInnerPointer)
       // Deserialize a new code object and write a pointer to its first
       // instruction to the current code object.
-      ONE_PER_SPACE(kNewObject, kFromCode, kFirstInstruction)
+      ONE_PER_SPACE(kNewObject, kFromCode, kInnerPointer)
       // Find a recently deserialized object using its offset from the current
       // allocation point and write a pointer to it to the current object.
       ALL_SPACES(kBackref, kPlain, kStartOfObject)
 #if V8_TARGET_ARCH_MIPS
       // Deserialize a new object from pointer found in code and write
       // a pointer to it to the current object. Required only for MIPS, and
       // omitted on the other architectures because it is fully unrolled and
       // would cause bloat.
       ONE_PER_SPACE(kNewObject, kFromCode, kStartOfObject)
       // Find a recently deserialized code object using its offset from the
       // current allocation point and write a pointer to it to the current
       // object. Required only for MIPS.
       ALL_SPACES(kBackref, kFromCode, kStartOfObject)
       // Find an already deserialized code object using its offset from
       // the start and write a pointer to it to the current object.
       // Required only for MIPS.
       ALL_SPACES(kFromStart, kFromCode, kStartOfObject)
 #endif
       // Find a recently deserialized code object using its offset from the
       // current allocation point and write a pointer to its first instruction
       // to the current code object or the instruction pointer in a function
       // object.
-      ALL_SPACES(kBackref, kFromCode, kFirstInstruction)
-      ALL_SPACES(kBackref, kPlain, kFirstInstruction)
+      ALL_SPACES(kBackref, kFromCode, kInnerPointer)
+      ALL_SPACES(kBackref, kPlain, kInnerPointer)
       // Find an already deserialized object using its offset from the start
       // and write a pointer to it to the current object.
       ALL_SPACES(kFromStart, kPlain, kStartOfObject)
-      ALL_SPACES(kFromStart, kPlain, kFirstInstruction)
+      ALL_SPACES(kFromStart, kPlain, kInnerPointer)
       // Find an already deserialized code object using its offset from the
       // start and write a pointer to its first instruction to the current code
       // object.
-      ALL_SPACES(kFromStart, kFromCode, kFirstInstruction)
+      ALL_SPACES(kFromStart, kFromCode, kInnerPointer)
       // Find an object in the roots array and write a pointer to it to the
       // current object.
       CASE_STATEMENT(kRootArray, kPlain, kStartOfObject, 0)
       CASE_BODY(kRootArray, kPlain, kStartOfObject, 0, kUnknownOffsetFromStart)
       // Find an object in the partial snapshots cache and write a pointer to it
       // to the current object.
       CASE_STATEMENT(kPartialSnapshotCache, kPlain, kStartOfObject, 0)
       CASE_BODY(kPartialSnapshotCache,
                 kPlain,
                 kStartOfObject,
                 0,
                 kUnknownOffsetFromStart)
       // Find an code entry in the partial snapshots cache and
       // write a pointer to it to the current object.
-      CASE_STATEMENT(kPartialSnapshotCache, kPlain, kFirstInstruction, 0)
+      CASE_STATEMENT(kPartialSnapshotCache, kPlain, kInnerPointer, 0)
       CASE_BODY(kPartialSnapshotCache,
                 kPlain,
-                kFirstInstruction,
+                kInnerPointer,
                 0,
                 kUnknownOffsetFromStart)
       // Find an external reference and write a pointer to it to the current
       // object.
       CASE_STATEMENT(kExternalReference, kPlain, kStartOfObject, 0)
       CASE_BODY(kExternalReference,
                 kPlain,
                 kStartOfObject,
                 0,
                 kUnknownOffsetFromStart)
@@ skipping 486 matching lines @@
   sink_->PutInt(encoding, "reference id");
   bytes_processed_so_far_ += rinfo->target_address_size();
 }
 
 
 void Serializer::ObjectSerializer::VisitCodeTarget(RelocInfo* rinfo) {
   CHECK(RelocInfo::IsCodeTarget(rinfo->rmode()));
   Address target_start = rinfo->target_address_address();
   OutputRawData(target_start);
   Code* target = Code::GetCodeFromTargetAddress(rinfo->target_address());
-  serializer_->SerializeObject(target, kFromCode, kFirstInstruction);
+  serializer_->SerializeObject(target, kFromCode, kInnerPointer);
   bytes_processed_so_far_ += rinfo->target_address_size();
 }
 
 
 void Serializer::ObjectSerializer::VisitCodeEntry(Address entry_address) {
   Code* target = Code::cast(Code::GetObjectFromEntryAddress(entry_address));
   OutputRawData(entry_address);
-  serializer_->SerializeObject(target, kPlain, kFirstInstruction);
+  serializer_->SerializeObject(target, kPlain, kInnerPointer);
   bytes_processed_so_far_ += kPointerSize;
 }
 
 
 void Serializer::ObjectSerializer::VisitGlobalPropertyCell(RelocInfo* rinfo) {
-  // We shouldn't have any global property cell references in code
-  // objects in the snapshot.
-  UNREACHABLE();
+  ASSERT(rinfo->rmode() == RelocInfo::GLOBAL_PROPERTY_CELL);
+  JSGlobalPropertyCell* cell =
+      JSGlobalPropertyCell::cast(rinfo->target_cell());
+  OutputRawData(rinfo->pc());
+  serializer_->SerializeObject(cell, kPlain, kInnerPointer);
 }
 
 
 void Serializer::ObjectSerializer::VisitExternalAsciiString(
     v8::String::ExternalAsciiStringResource** resource_pointer) {
   Address references_start = reinterpret_cast<Address>(resource_pointer);
   OutputRawData(references_start);
   for (int i = 0; i < Natives::GetBuiltinsCount(); i++) {
     Object* source = HEAP->natives_source_cache()->get(i);
     if (!source->IsUndefined()) {
@@ skipping 112 matching lines @@
 int Serializer::SpaceAreaSize(int space) {
   if (space == CODE_SPACE) {
     return isolate_->memory_allocator()->CodePageAreaSize();
   } else {
     return Page::kPageSize - Page::kObjectStartOffset;
   }
 }
 
 
 } }  // namespace v8::internal