Avoid object layout changes during GC.
R=mstarzinger@chromium.org BUG= Review URL: https://chromiumcodereview.appspot.com/11530011 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13194 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This commit is contained in:
yangguo@chromium.org
parent
ae54f9cfe0
commit
da3e153e63
12
src/heap.cc
12
src/heap.cc
@ -7223,7 +7223,7 @@ void ErrorObjectList::DeferredFormatStackTrace(Isolate* isolate) {
|
|||||||
// If formatting the stack trace causes a GC, this method will be
|
// If formatting the stack trace causes a GC, this method will be
|
||||||
// recursively called. In that case, skip the recursive call, since
|
// recursively called. In that case, skip the recursive call, since
|
||||||
// the loop modifies the list while iterating over it.
|
// the loop modifies the list while iterating over it.
|
||||||
if (nested_) return;
|
if (nested_ || isolate->has_pending_exception()) return;
|
||||||
nested_ = true;
|
nested_ = true;
|
||||||
HandleScope scope(isolate);
|
HandleScope scope(isolate);
|
||||||
Handle<String> stack_key = isolate->factory()->stack_symbol();
|
Handle<String> stack_key = isolate->factory()->stack_symbol();
|
||||||
@ -7249,14 +7249,20 @@ void ErrorObjectList::DeferredFormatStackTrace(Isolate* isolate) {
|
|||||||
JSFunction* getter_fun = JSFunction::cast(getter_obj);
|
JSFunction* getter_fun = JSFunction::cast(getter_obj);
|
||||||
String* key = isolate->heap()->hidden_stack_trace_symbol();
|
String* key = isolate->heap()->hidden_stack_trace_symbol();
|
||||||
if (key != getter_fun->GetHiddenProperty(key)) continue;
|
if (key != getter_fun->GetHiddenProperty(key)) continue;
|
||||||
|
budget--;
|
||||||
bool has_exception = false;
|
bool has_exception = false;
|
||||||
Execution::Call(Handle<Object>(getter_fun, isolate),
|
Execution::Call(Handle<Object>(getter_fun, isolate),
|
||||||
Handle<Object>(object, isolate),
|
Handle<Object>(object, isolate),
|
||||||
0,
|
0,
|
||||||
NULL,
|
NULL,
|
||||||
&has_exception);
|
&has_exception);
|
||||||
ASSERT(!has_exception);
|
if (has_exception) {
|
||||||
budget--;
|
// Hit an exception (most likely a stack overflow).
|
||||||
|
// Wrap up this pass and retry after another GC.
|
||||||
|
isolate->clear_pending_exception();
|
||||||
|
list_[write_index++] = object;
|
||||||
|
budget = 0;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
list_.Rewind(write_index);
|
list_.Rewind(write_index);
|
||||||
list_.Trim();
|
list_.Trim();
|
||||||
|
|||||||
@ -1088,9 +1088,9 @@ function captureStackTrace(obj, cons_opt) {
|
|||||||
if (stackTraceLimit < 0 || stackTraceLimit > 10000) {
|
if (stackTraceLimit < 0 || stackTraceLimit > 10000) {
|
||||||
stackTraceLimit = 10000;
|
stackTraceLimit = 10000;
|
||||||
}
|
}
|
||||||
var raw_stack = %CollectStackTrace(obj,
|
var stack = %CollectStackTrace(obj,
|
||||||
cons_opt ? cons_opt : captureStackTrace,
|
cons_opt ? cons_opt : captureStackTrace,
|
||||||
stackTraceLimit);
|
stackTraceLimit);
|
||||||
|
|
||||||
// Don't be lazy if the error stack formatting is custom (observable).
|
// Don't be lazy if the error stack formatting is custom (observable).
|
||||||
if (IS_FUNCTION($Error.prepareStackTrace)) {
|
if (IS_FUNCTION($Error.prepareStackTrace)) {
|
||||||
@ -1098,7 +1098,7 @@ function captureStackTrace(obj, cons_opt) {
|
|||||||
// Use default error formatting for the case that custom formatting throws.
|
// Use default error formatting for the case that custom formatting throws.
|
||||||
$Error.prepareStackTrace = null;
|
$Error.prepareStackTrace = null;
|
||||||
var array = [];
|
var array = [];
|
||||||
%MoveArrayContents(GetStackFrames(raw_stack), array);
|
%MoveArrayContents(GetStackFrames(stack), array);
|
||||||
obj.stack = custom_stacktrace_fun(obj, array);
|
obj.stack = custom_stacktrace_fun(obj, array);
|
||||||
$Error.prepareStackTrace = custom_stacktrace_fun;
|
$Error.prepareStackTrace = custom_stacktrace_fun;
|
||||||
return;
|
return;
|
||||||
@ -1108,10 +1108,14 @@ function captureStackTrace(obj, cons_opt) {
|
|||||||
// Note that 'obj' and 'this' maybe different when called on objects that
|
// Note that 'obj' and 'this' maybe different when called on objects that
|
||||||
// have the error object on its prototype chain. The getter replaces itself
|
// have the error object on its prototype chain. The getter replaces itself
|
||||||
// with a data property as soon as the stack trace has been formatted.
|
// with a data property as soon as the stack trace has been formatted.
|
||||||
|
// The getter must not change the object layout as it may be called after GC.
|
||||||
var getter = function() {
|
var getter = function() {
|
||||||
var value = FormatStackTrace(error_string, GetStackFrames(raw_stack));
|
if (IS_STRING(stack)) return stack;
|
||||||
%DefineOrRedefineDataProperty(obj, 'stack', value, NONE);
|
// Stack is still a raw array awaiting to be formatted.
|
||||||
return value;
|
stack = FormatStackTrace(error_string, GetStackFrames(stack));
|
||||||
|
// Release context value.
|
||||||
|
error_string = void 0;
|
||||||
|
return stack;
|
||||||
};
|
};
|
||||||
%MarkOneShotGetter(getter);
|
%MarkOneShotGetter(getter);
|
||||||
|
|
||||||
@ -1263,18 +1267,21 @@ function SetUpStackOverflowBoilerplate() {
|
|||||||
// a data property.
|
// a data property.
|
||||||
var error_string = boilerplate.name + ": " + boilerplate.message;
|
var error_string = boilerplate.name + ": " + boilerplate.message;
|
||||||
|
|
||||||
|
// The getter must not change the object layout as it may be called after GC.
|
||||||
function getter() {
|
function getter() {
|
||||||
var holder = this;
|
var holder = this;
|
||||||
while (!IS_ERROR(holder)) {
|
while (!IS_ERROR(holder)) {
|
||||||
holder = %GetPrototype(holder);
|
holder = %GetPrototype(holder);
|
||||||
if (holder == null) return MakeSyntaxError('illegal_access', []);
|
if (holder == null) return MakeSyntaxError('illegal_access', []);
|
||||||
}
|
}
|
||||||
var raw_stack = %GetOverflowedRawStackTrace(holder);
|
var stack = %GetOverflowedStackTrace(holder);
|
||||||
var result = IS_ARRAY(raw_stack)
|
if (IS_STRING(stack)) return stack;
|
||||||
? FormatStackTrace(error_string, GetStackFrames(raw_stack))
|
if (IS_ARRAY(stack)) {
|
||||||
: void 0;
|
var result = FormatStackTrace(error_string, GetStackFrames(stack));
|
||||||
%DefineOrRedefineDataProperty(holder, 'stack', result, NONE);
|
%SetOverflowedStackTrace(holder, result);
|
||||||
return result;
|
return result;
|
||||||
|
}
|
||||||
|
return void 0;
|
||||||
}
|
}
|
||||||
%MarkOneShotGetter(getter);
|
%MarkOneShotGetter(getter);
|
||||||
|
|
||||||
@ -1282,6 +1289,8 @@ function SetUpStackOverflowBoilerplate() {
|
|||||||
// the receiver is the same as holder, this accessor pair is replaced.
|
// the receiver is the same as holder, this accessor pair is replaced.
|
||||||
function setter(v) {
|
function setter(v) {
|
||||||
%DefineOrRedefineDataProperty(this, 'stack', v, NONE);
|
%DefineOrRedefineDataProperty(this, 'stack', v, NONE);
|
||||||
|
// Release the stack trace that is stored as hidden property, if exists.
|
||||||
|
%SetOverflowedStackTrace(this, void 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
%DefineOrRedefineAccessorProperty(
|
%DefineOrRedefineAccessorProperty(
|
||||||
|
|||||||
@ -13109,19 +13109,38 @@ RUNTIME_FUNCTION(MaybeObject*, Runtime_MarkOneShotGetter) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// Retrieve the raw stack trace collected on stack overflow and delete
|
// Retrieve the stack trace. This could be the raw stack trace collected
|
||||||
// it since it is used only once to avoid keeping it alive.
|
// on stack overflow or the already formatted stack trace string.
|
||||||
RUNTIME_FUNCTION(MaybeObject*, Runtime_GetOverflowedRawStackTrace) {
|
RUNTIME_FUNCTION(MaybeObject*, Runtime_GetOverflowedStackTrace) {
|
||||||
|
HandleScope scope(isolate);
|
||||||
ASSERT_EQ(args.length(), 1);
|
ASSERT_EQ(args.length(), 1);
|
||||||
CONVERT_ARG_CHECKED(JSObject, error_object, 0);
|
CONVERT_ARG_CHECKED(JSObject, error_object, 0);
|
||||||
String* key = isolate->heap()->hidden_stack_trace_symbol();
|
String* key = isolate->heap()->hidden_stack_trace_symbol();
|
||||||
Object* result = error_object->GetHiddenProperty(key);
|
Object* result = error_object->GetHiddenProperty(key);
|
||||||
RUNTIME_ASSERT(result->IsJSArray() || result->IsUndefined());
|
RUNTIME_ASSERT(result->IsJSArray() ||
|
||||||
error_object->DeleteHiddenProperty(key);
|
result->IsString() ||
|
||||||
|
result->IsUndefined());
|
||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
// Set or clear the stack trace attached to an stack overflow error object.
|
||||||
|
RUNTIME_FUNCTION(MaybeObject*, Runtime_SetOverflowedStackTrace) {
|
||||||
|
HandleScope scope(isolate);
|
||||||
|
ASSERT_EQ(args.length(), 2);
|
||||||
|
CONVERT_ARG_HANDLE_CHECKED(JSObject, error_object, 0);
|
||||||
|
CONVERT_ARG_HANDLE_CHECKED(HeapObject, value, 1);
|
||||||
|
Handle<String> key = isolate->factory()->hidden_stack_trace_symbol();
|
||||||
|
if (value->IsUndefined()) {
|
||||||
|
error_object->DeleteHiddenProperty(*key);
|
||||||
|
} else {
|
||||||
|
RUNTIME_ASSERT(value->IsString());
|
||||||
|
JSObject::SetHiddenProperty(error_object, key, value);
|
||||||
|
}
|
||||||
|
return *error_object;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
// Returns V8 version as a string.
|
// Returns V8 version as a string.
|
||||||
RUNTIME_FUNCTION(MaybeObject*, Runtime_GetV8Version) {
|
RUNTIME_FUNCTION(MaybeObject*, Runtime_GetV8Version) {
|
||||||
ASSERT_EQ(args.length(), 0);
|
ASSERT_EQ(args.length(), 0);
|
||||||
|
|||||||
@ -237,7 +237,8 @@ namespace internal {
|
|||||||
F(GetScript, 1, 1) \
|
F(GetScript, 1, 1) \
|
||||||
F(CollectStackTrace, 3, 1) \
|
F(CollectStackTrace, 3, 1) \
|
||||||
F(MarkOneShotGetter, 1, 1) \
|
F(MarkOneShotGetter, 1, 1) \
|
||||||
F(GetOverflowedRawStackTrace, 1, 1) \
|
F(GetOverflowedStackTrace, 1, 1) \
|
||||||
|
F(SetOverflowedStackTrace, 2, 1) \
|
||||||
F(GetV8Version, 0, 1) \
|
F(GetV8Version, 0, 1) \
|
||||||
\
|
\
|
||||||
F(ClassOf, 1, 1) \
|
F(ClassOf, 1, 1) \
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user