[heap] Avoid creating handles in heap verification

Use raw_native_context().normalized_map_cache() to avoid handle creation in a safepoint. Handles have all kinds of DCHECKs that may not hold during heap verification. Bug: v8:11708, v8:13244 Change-Id: I3f9ceae6533059c119287b833d5795f8fa67f9d1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3865965 Reviewed-by: Omer Katz <omerkatz@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/main@{#82854}
2022-08-31 09:57:34 +02:00 · 2022-08-31 09:57:34 +02:00 · 22485d7c45
commit 22485d7c45
parent 5576ef617f
1 changed files with 8 additions and 3 deletions
--- a/src/heap/heap-verifier.cc
+++ b/src/heap/heap-verifier.cc
@ -80,9 +80,14 @@ void HeapVerification::Verify() {
  heap()->IterateRoots(&visitor, {});

  if (!isolate()->context().is_null() &&
-      !isolate()->normalized_map_cache()->IsUndefined(isolate())) {
-    NormalizedMapCache::cast(*isolate()->normalized_map_cache())
-        .NormalizedMapCacheVerify(isolate());
+      !isolate()->raw_native_context().is_null()) {
+    Object normalized_map_cache =
+        isolate()->raw_native_context().normalized_map_cache();
+
+    if (normalized_map_cache.IsNormalizedMapCache()) {
+      NormalizedMapCache::cast(normalized_map_cache)
+          .NormalizedMapCacheVerify(isolate());
+    }
  }

  // The heap verifier can't deal with partially deserialized objects, so