Commit Graph

284 Commits

Author SHA1 Message Date
jochen
cb7aa79b12 Expose a lower bound of malloc'd memory via heap statistics
We expect that the majority of malloc'd memory held by V8 is allocated
in Zone objects. Introduce an Allocator class that is used by Zones to
manage memory, and allows for querying the current usage.

BUG=none
R=titzer@chromium.org,bmeurer@chromium.org,jarin@chromium.org
LOG=n
TBR=rossberg@chromium.org

Review URL: https://codereview.chromium.org/1847543002

Cr-Commit-Position: refs/heads/master@{#35196}
2016-04-01 10:01:56 +00:00
yangguo
67dc6ce5fd Canonicalize handles for optimized compilation.
R=bmeurer@chromium.org

Committed: https://crrev.com/15f36b2b1e166a511966a9991fddea94f890a755
Cr-Commit-Position: refs/heads/master@{#31566}

Review URL: https://codereview.chromium.org/1423833003

Cr-Commit-Position: refs/heads/master@{#31576}
2015-10-26 15:33:20 +00:00
yangguo
8bcef0d73d Revert of Canonicalize handles for optimized compilation. (patchset #1 id:1 of https://codereview.chromium.org/1423833003/ )
Reason for revert:
GC stress failure on ia32 optdebug:

/tmp/runfswAKT/out/Debug/d8 --test --random-seed=-1536184370 --turbo --always-opt --nohard-abort --nodead-code-elimination --nofold-constants --enable-slow-asserts --debug-code --verify-heap --stack-size=46 /tmp/runfswAKT/test/mjsunit/mjsunit.js /tmp/runfswAKT/test/mjsunit/regress/regress-1132.js --gc-interval=500 --stress-compaction --concurrent-recompilation-queue-length=64 --concurrent-recompilation-delay=500 --concurrent-recompilation

Run #1
Exit code: -6
Result: FAIL
Expected outcomes: PASS
Duration: 00:06:279

Stderr:

#
# Fatal error in ../../src/hashmap.h, line 248
# Check failed: base::bits::IsPowerOfTwo32(capacity_).
#

==== C stack trace ===============================

Original issue's description:
> Canonicalize handles for optimized compilation.
>
> R=bmeurer@chromium.org
>
> Committed: https://crrev.com/15f36b2b1e166a511966a9991fddea94f890a755
> Cr-Commit-Position: refs/heads/master@{#31566}

TBR=jochen@chromium.org,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1417013007

Cr-Commit-Position: refs/heads/master@{#31570}
2015-10-26 14:45:34 +00:00
yangguo
15f36b2b1e Canonicalize handles for optimized compilation.
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1423833003

Cr-Commit-Position: refs/heads/master@{#31566}
2015-10-26 13:50:16 +00:00
mstarzinger
98a0fe0f32 Remove grab-bag includes of v8.h from everywhere.
R=bmeurer@chromium.org

Review URL: https://codereview.chromium.org/1285183010

Cr-Commit-Position: refs/heads/master@{#30263}
2015-08-20 07:44:15 +00:00
bmeurer
199e30d36f [handles] Sanitize Handle and friends.
Bunch of cleanups to allow us to get rid of handles-inl.h at some
point (in the not so far future); but more importantly to sanitize uses
of handles and prepare for handle canonicalization support.

R=yangguo@chromium.org

Committed: https://crrev.com/3283195d0408333cce552cf4087577e6f41054e5
Cr-Commit-Position: refs/heads/master@{#28222}

Committed: https://crrev.com/d940c6d3bcc227b459cb4123d9a8332d9ed0d5f8
Cr-Commit-Position: refs/heads/master@{#29666}

Review URL: https://codereview.chromium.org/1128533002

Cr-Commit-Position: refs/heads/master@{#29675}
2015-07-15 11:05:08 +00:00
machenbach
1964b19663 Revert of [handles] Sanitize Handle and friends. (patchset #5 id:180001 of https://codereview.chromium.org/1128533002/)
Reason for revert:
[Sheriff] Still breaks mac asan:
http://build.chromium.org/p/client.v8/builders/V8%20Mac64%20ASAN/builds/2066

Original issue's description:
> [handles] Sanitize Handle and friends.
>
> Bunch of cleanups to allow us to get rid of handles-inl.h at some
> point (in the not so far future); but more importantly to sanitize uses
> of handles and prepare for handle canonicalization support.
>
> R=yangguo@chromium.org
>
> Committed: https://crrev.com/3283195d0408333cce552cf4087577e6f41054e5
> Cr-Commit-Position: refs/heads/master@{#28222}
>
> Committed: https://crrev.com/d940c6d3bcc227b459cb4123d9a8332d9ed0d5f8
> Cr-Commit-Position: refs/heads/master@{#29666}

TBR=yangguo@chromium.org,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1235253007

Cr-Commit-Position: refs/heads/master@{#29669}
2015-07-15 08:05:58 +00:00
bmeurer
d940c6d3bc [handles] Sanitize Handle and friends.
Bunch of cleanups to allow us to get rid of handles-inl.h at some
point (in the not so far future); but more importantly to sanitize uses
of handles and prepare for handle canonicalization support.

R=yangguo@chromium.org

Committed: https://crrev.com/3283195d0408333cce552cf4087577e6f41054e5
Cr-Commit-Position: refs/heads/master@{#28222}

Review URL: https://codereview.chromium.org/1128533002

Cr-Commit-Position: refs/heads/master@{#29666}
2015-07-15 07:14:05 +00:00
bmeurer
d4f70f8ce8 [turbofan] Revive the VectorSlotPair and also put feedback on JSCallFunction.
We resurrect the VectorSlotPair in order to be able to separate the
feedback input for the compiler from the actual type feedback vector
that is required to meet the IC requirements at runtime. This will allow
us to for example use feedback from a different context or divide the
type feedback vector into two separate vectors, without having to touch
the compiler. It'll allow use to load the vector from the shared
function info at runtime, while still consuming feedback in the
compiler (i.e. we don't rely on the feedback vector node to be a heap
constant).

R=mvstanton@chromium.org

Review URL: https://codereview.chromium.org/1198983002

Cr-Commit-Position: refs/heads/master@{#29185}
2015-06-22 12:08:20 +00:00
erikcorry
4f5337a2b6 Cosmetic changes to tests to make it easier to concatenate them.
When compiling on a laptop I like to concatenate the small test files.
This makes a big difference to compile times. These changes make that
easier.

R=ulan@chromium.org
BUG=

Review URL: https://codereview.chromium.org/1163803002

Cr-Commit-Position: refs/heads/master@{#28742}
2015-06-01 22:47:08 +00:00
machenbach
f6ca539952 Revert of [handles] Sanitize Handle and friends. (patchset #4 id:50001 of https://codereview.chromium.org/1128533002/)
Reason for revert:
[Sheriff] Breaks mac asan:
http://build.chromium.org/p/client.v8/builders/V8%20Mac64%20ASAN/builds/1198

Original issue's description:
> [handles] Sanitize Handle and friends.
>
> This almost allows us to get rid of handles-inl.h, once we fix the
> cyclic dependencies (follow up CL).
>
> R=yangguo@chromium.org
>
> Committed: https://crrev.com/3283195d0408333cce552cf4087577e6f41054e5
> Cr-Commit-Position: refs/heads/master@{#28222}

TBR=yangguo@chromium.org,bmeurer@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true

Review URL: https://codereview.chromium.org/1128543004

Cr-Commit-Position: refs/heads/master@{#28235}
2015-05-05 15:45:07 +00:00
bmeurer
3283195d04 [handles] Sanitize Handle and friends.
This almost allows us to get rid of handles-inl.h, once we fix the
cyclic dependencies (follow up CL).

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1128533002

Cr-Commit-Position: refs/heads/master@{#28222}
2015-05-05 12:48:17 +00:00
bmeurer@chromium.org
d07a2eb806 Rename ASSERT* to DCHECK*.
This way we don't clash with the ASSERT* macros
defined by GoogleTest, and we are one step closer
to being able to replace our homegrown base/ with
base/ from Chrome.

R=jochen@chromium.org, svenpanne@chromium.org

Review URL: https://codereview.chromium.org/430503007

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@22812 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-08-04 11:34:54 +00:00
jochen@chromium.org
56a486c322 Use full include paths everywhere
- this avoids using relative include paths which are forbidden by the style guide
- makes the code more readable since it's clear which header is meant
- allows for starting to use checkdeps

BUG=none
R=jkummerow@chromium.org, danno@chromium.org
LOG=n

Review URL: https://codereview.chromium.org/304153016

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21625 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-06-03 08:12:43 +00:00
bmeurer@chromium.org
d4b533d41b Bulk update of Google copyright headers in source files.
R=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/259183002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@21035 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-29 06:42:26 +00:00
yangguo@chromium.org
7af5597287 Reland "Move functions from handles.cc to where they belong."
R=jarin@chromium.org

Review URL: https://codereview.chromium.org/239113009

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20807 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 13:28:11 +00:00
yangguo@chromium.org
0cba01c420 Revert "Move functions from handles.cc to where they belong."
This reverts r20802 .

TBR=jarin@chromium.org

Review URL: https://codereview.chromium.org/239543010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20804 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 12:35:50 +00:00
yangguo@chromium.org
3b66957602 Move functions from handles.cc to where they belong.
R=mvstanton@chromium.org, ulan@chromium.org

Review URL: https://codereview.chromium.org/237673014

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20802 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-16 12:16:06 +00:00
ishell@chromium.org
610fcfa916 Function allocators, Heap::ReinitializeJSGlobalProxy() and Heap::ReinitializeJSReceiver() handlified. Factory::New<>() added.
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/237093006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20762 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-15 11:51:34 +00:00
yangguo@chromium.org
01fc2ab69b Allow allocation and GC in access check callbacks.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/234913003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20730 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-14 14:03:20 +00:00
yangguo@chromium.org
7d987b3744 Allow GetScriptNameOrSourceURL to be called with exception pending.
R=jarin@chromium.org, ishell@chromium.org

Review URL: https://codereview.chromium.org/235943006

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20705 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-14 08:27:00 +00:00
yangguo@chromium.org
80a974ba00 Reland "Handlify GetProperty."
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/235083002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20689 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 12:47:34 +00:00
yangguo@chromium.org
93c9717473 Revert "Handlify GetProperty."
This reverts r20682.

TBR=dcarney@chromium.org

Review URL: https://codereview.chromium.org/234893003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20685 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 11:56:54 +00:00
yangguo@chromium.org
a3d68ca64d Handlify GetProperty.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/233233004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20682 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 11:26:22 +00:00
yangguo@chromium.org
380ae9810e Return MaybeHandle from Invoke.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/231883007

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20680 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 10:41:09 +00:00
ulan@chromium.org
ff953ac055 Make maps in monomorphic IC stubs weak.
Maps in monomorphic Load, KeyedLoad, Store, KeyedStore, and CompareNil IC
stubs are treated as weak references by the marking visitor.

During generation of an IC stub with a weak map, the stub is appended to the
dependent code array of the map. When the map dies, all stubs in its dependent
code array are invalidated by setting embedded maps to undefined.

BUG=v8:2073
LOG=Y
TEST=cctest/test-heap/WeakMapInMonomorphic*IC
R=mstarzinger@chromium.org, verwaest@chromium.org

Review URL: https://codereview.chromium.org/188783003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20679 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 10:36:09 +00:00
yangguo@chromium.org
1267b43072 Remove remnant from deferred error formatting on GC.
Deferred error formatting on GC was a failed experiment. It has been
removed, except for this part.  See r13371.

R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/233163004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20672 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-11 08:31:10 +00:00
ishell@chromium.org
32735ae3a9 Object::GetElements() and friends maybehandlification.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/231103002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20644 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-10 09:20:11 +00:00
yangguo@chromium.org
ed9f1af2fc Implement handlified String::Flatten.
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/228093004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20572 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-08 09:49:49 +00:00
yangguo@chromium.org
9ed8c39cac Return MaybeHandle from SetElement and DeleteElement.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/227573002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20560 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-08 07:04:13 +00:00
yangguo@chromium.org
4fcc06685f Handlify LookupSingleCharacterStringFromCode.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/227593004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20559 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-08 06:45:53 +00:00
ishell@chromium.org
dd891816d4 Callers of ElementsAccessor::AddElementsToFixedArray(), ElementsAccessor::HasElement() and ElementsAccessor::GetKeyForIndex() handlified.
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/225623004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20513 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 13:05:37 +00:00
yangguo@chromium.org
dd7bb01688 Return MaybeHandle from SetProperty.
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/225283005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20509 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-04-04 12:06:11 +00:00
verwaest@chromium.org
019e27d8db Reland and fix "Fix LoadFieldByIndex to take mutable heap-numbers into account.""
BUG=
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/218663005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20358 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 14:21:04 +00:00
jochen@chromium.org
163044e7ba Revert 20348 - "Fix LoadFieldByIndex to take mutable heap-numbers into account."
Reason for revert: crashes benchmarks/sunspider/string-fasta on ia32.debug

This also reverts r20350 and r20352

> Fix LoadFieldByIndex to take mutable heap-numbers into account.
>
> BUG=
> R=ishell@chromium.org
>
> Review URL: https://codereview.chromium.org/213213002

BUG=none
LOG=n
TBR=verwaest@chromium.org

Revert "Use sarq on x64"

This reverts commit e2a8ef9321345c6bc091054443bf2b9535ff6b1c.

Revert "Don't | int and bool"

This reverts commit c90d713d3a8ceba4fec41933a63beb6e50a3d7c0.

Review URL: https://codereview.chromium.org/219393002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20354 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 13:23:32 +00:00
verwaest@chromium.org
b8fab1cf19 Don't | int and bool
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/219293002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20352 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 12:24:51 +00:00
verwaest@chromium.org
55a6318560 Fix LoadFieldByIndex to take mutable heap-numbers into account.
BUG=
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/213213002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20348 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-31 11:59:29 +00:00
yangguo@chromium.org
1037a883de Clean up some "GetProperty" methods/functions.
Runtime::GetObjectProperty:
  - handled string.charAt, element access and property access
  - now handlified
GetProperty in handles.cc:
  - called to Runtime::GetObjectProperty
  - now removed
Object::GetProperty (handlified version):
  - handled element access and property access
  - now changed to only do property access
New: Object::GetPropertyOrElement:
  - handles element access and property access

R=ishell@chromium.org

Review URL: https://codereview.chromium.org/210953005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20327 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 09:49:27 +00:00
jarin@chromium.org
9e655afdb4 Reland "Fix property enum cache creation to include only own properties"
Reland r20308 (reverted by r20310).

TBR=verwaest@chromium.org

Review URL: https://codereview.chromium.org/216383003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20321 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 06:59:20 +00:00
jarin@chromium.org
af74f1206e Revert "Fix property enum cache creation to include only own properties"
This reverts commit 4cf47a20b4846cf050ea4844433e9c57654da34e.

BUG=

Review URL: https://codereview.chromium.org/214893002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20310 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 16:18:42 +00:00
jarin@chromium.org
4608bdeccc With this fix, we only create the enum cache for own property descriptors (originally we cached all descriptors in the map). The problem was that the size of all descriptors could be trimmed during GC triggered by allocating the storage for the cache, so we could have ended up with a wrong storage size.
This is really Toon's fix, I have only created a small repro case.

BUG=
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/212673011

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@20308 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-27 15:33:06 +00:00
ulan@chromium.org
66c8130b8a Simplify GetEnumPropertyKeys and avoid trimming fixed arrays in large object space.
BUG=352070
LOG=N
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/198943002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19894 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-13 12:45:12 +00:00
rossberg@chromium.org
8e3f3cee9e Eliminate extended mode, and other modes clean-up
- Merge LanguageMode and StrictModeFlag enums
- Make harmony-scoping depend only on strict mode
- Free some bits on the way
- Plus additional clean-up and renaming

R=ulan@chromium.org
BUG=

Review URL: https://codereview.chromium.org/181543002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19800 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-11 14:41:22 +00:00
yangguo@chromium.org
469428e610 Handlify JSObject::CanSetCallback.
Also use temporary wrapper functions where possible to mark progress.

R=ishell@chromium.org

Review URL: https://codereview.chromium.org/172503002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@19743 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-10 08:28:59 +00:00
svenpanne@chromium.org
b25bb230cd Removed apiutils.h and related cleanup.
ExtensionConfiguration is just a simple container for extension names
(in a perfect world we would use vector<string> and range-based for
loops), and HandleScopeData was in the totally wrong place. Some
additional cleanup on the way, e.g. using the null pattern behind our
external API.

R=dcarney@chromium.org

Review URL: https://codereview.chromium.org/139393002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18632 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-16 08:17:40 +00:00
svenpanne@chromium.org
ad605de2b5 Various ApiCheck-related cleanups.
R=mstarzinger@chromium.org

Review URL: https://codereview.chromium.org/130933003

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18551 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-01-13 09:42:23 +00:00
yangguo@chromium.org
f7929d2a87 Reland "Handlify concat string and substring."
This relands commit r17490.

BUG=
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/114943004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18408 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-23 12:37:56 +00:00
svenpanne@chromium.org
402139f686 Remove all stuff marked as V8_DEPRECATED.
R=jochen@chromium.org, mstarzinger@chromium.org, yurys@chromium.org

Review URL: https://codereview.chromium.org/99193002

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18333 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-12-18 08:09:37 +00:00
danno@chromium.org
f27f2fa420 Match max property descriptor length to corresponding bit fields
BUG=v8:3010
R=verwaest@chromium.org
LOG=N

Review URL: https://codereview.chromium.org/72333004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17823 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-18 11:44:06 +00:00
mstarzinger@chromium.org
d5cb83f4aa Fix invalid reuse of weak global handle in GetScriptWrapper.
This fixes a direct usage of a weak global handle in GetScriptWrapper
that just casted it to a strong local handle, while a subsequent GC
might clear it. Handlepocalypse anyone?

R=machenbach@chromium.org
BUG=v8:2988
TEST=mjsunit/regress/regress-2988

Review URL: https://codereview.chromium.org/67273004

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17622 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2013-11-11 16:27:36 +00:00