[d8 worker] Fix regression when serializing very large arraybuffer

BUG=chromium:514081
R=jarin@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/1264723002

Cr-Commit-Position: refs/heads/master@{#29982}
This commit is contained in:
binji 2015-08-03 10:07:48 -07:00 committed by Commit bot
parent ed3e5d1f3a
commit df1f72bbf1
2 changed files with 19 additions and 5 deletions

View File

@ -2077,16 +2077,15 @@ bool Shell::SerializeValue(Isolate* isolate, Local<Value> value,
} else {
ArrayBuffer::Contents contents = array_buffer->GetContents();
// Clone ArrayBuffer
if (contents.ByteLength() > i::kMaxUInt32) {
if (contents.ByteLength() > i::kMaxInt) {
Throw(isolate, "ArrayBuffer is too big to clone");
return false;
}
int byte_length = static_cast<int>(contents.ByteLength());
int32_t byte_length = static_cast<int32_t>(contents.ByteLength());
out_data->WriteTag(kSerializationTagArrayBuffer);
out_data->Write(byte_length);
out_data->WriteMemory(contents.Data(),
static_cast<int>(contents.ByteLength()));
out_data->WriteMemory(contents.Data(), byte_length);
}
} else if (value->IsSharedArrayBuffer()) {
Local<SharedArrayBuffer> sab = Local<SharedArrayBuffer>::Cast(value);
@ -2212,7 +2211,7 @@ MaybeLocal<Value> Shell::DeserializeValue(Isolate* isolate,
break;
}
case kSerializationTagArrayBuffer: {
int byte_length = data.Read<int>(offset);
int32_t byte_length = data.Read<int32_t>(offset);
Local<ArrayBuffer> array_buffer = ArrayBuffer::New(isolate, byte_length);
ArrayBuffer::Contents contents = array_buffer->GetContents();
DCHECK(static_cast<size_t>(byte_length) == contents.ByteLength());

View File

@ -0,0 +1,15 @@
// Copyright 2015 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
if (this.Worker) {
var __v_7 = new Worker('onmessage = function() {};');
try {
var ab = new ArrayBuffer(2147483648);
// If creating the ArrayBuffer succeeded, then postMessage should fail.
assertThrows(function() { __v_7.postMessage(ab); });
} catch (e) {
// Creating the ArrayBuffer failed.
assertInstanceof(e, RangeError);
}
}