Properly fix liveedit heap traversal bug with write barrier
Review URL: https://chromiumcodereview.appspot.com/10682013 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11960 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This commit is contained in:
parent
ec65e4fe78
commit
dffb5082ba
@ -965,12 +965,21 @@ class ReplacingVisitor : public ObjectVisitor {
|
|||||||
|
|
||||||
|
|
||||||
// Finds all references to original and replaces them with substitution.
|
// Finds all references to original and replaces them with substitution.
|
||||||
static void ReplaceCodeObject(Code* original, Code* substitution) {
|
static void ReplaceCodeObject(Handle<Code> original,
|
||||||
ASSERT(!HEAP->InNewSpace(substitution));
|
Handle<Code> substitution) {
|
||||||
|
// Perform a full GC in order to ensure that we are not in the middle of an
|
||||||
|
// incremental marking phase when we are replacing the code object.
|
||||||
|
// Since we are not in an incremental marking phase we can write pointers
|
||||||
|
// to code objects (that are never in new space) without worrying about
|
||||||
|
// write barriers.
|
||||||
|
HEAP->CollectAllGarbage(Heap::kMakeHeapIterableMask,
|
||||||
|
"liveedit.cc ReplaceCodeObject");
|
||||||
|
|
||||||
|
ASSERT(!HEAP->InNewSpace(*substitution));
|
||||||
|
|
||||||
AssertNoAllocation no_allocations_please;
|
AssertNoAllocation no_allocations_please;
|
||||||
|
|
||||||
ReplacingVisitor visitor(original, substitution);
|
ReplacingVisitor visitor(*original, *substitution);
|
||||||
|
|
||||||
// Iterate over all roots. Stack frames may have pointer into original code,
|
// Iterate over all roots. Stack frames may have pointer into original code,
|
||||||
// so temporary replace the pointers with offset numbers
|
// so temporary replace the pointers with offset numbers
|
||||||
@ -1066,7 +1075,7 @@ MaybeObject* LiveEdit::ReplaceFunctionCode(
|
|||||||
|
|
||||||
if (IsJSFunctionCode(shared_info->code())) {
|
if (IsJSFunctionCode(shared_info->code())) {
|
||||||
Handle<Code> code = compile_info_wrapper.GetFunctionCode();
|
Handle<Code> code = compile_info_wrapper.GetFunctionCode();
|
||||||
ReplaceCodeObject(shared_info->code(), *code);
|
ReplaceCodeObject(Handle<Code>(shared_info->code()), code);
|
||||||
Handle<Object> code_scope_info = compile_info_wrapper.GetCodeScopeInfo();
|
Handle<Object> code_scope_info = compile_info_wrapper.GetCodeScopeInfo();
|
||||||
if (code_scope_info->IsFixedArray()) {
|
if (code_scope_info->IsFixedArray()) {
|
||||||
shared_info->set_scope_info(ScopeInfo::cast(*code_scope_info));
|
shared_info->set_scope_info(ScopeInfo::cast(*code_scope_info));
|
||||||
@ -1309,7 +1318,7 @@ MaybeObject* LiveEdit::PatchFunctionPositions(
|
|||||||
// on stack (it is safe to substitute the code object on stack, because
|
// on stack (it is safe to substitute the code object on stack, because
|
||||||
// we only change the structure of rinfo and leave instructions
|
// we only change the structure of rinfo and leave instructions
|
||||||
// untouched).
|
// untouched).
|
||||||
ReplaceCodeObject(info->code(), *patched_code);
|
ReplaceCodeObject(Handle<Code>(info->code()), patched_code);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user