Revision: 10246
Author: [email protected]
Date: Tue Dec 13 10:08:45 2011
Log: Merge r10243 to 3.7 branch.
Guard against undefined fields in global context.
BUG=v8:1860
TEST=
Original CL: http://codereview.chromium.org/8917014
Review URL: http://codereview.chromium.org/8879057
http://code.google.com/p/v8/source/detail?r=10246
Modified:
/branches/3.7/src/assembler.cc
/branches/3.7/src/assembler.h
/branches/3.7/src/deoptimizer.cc
/branches/3.7/src/heap.cc
/branches/3.7/src/incremental-marking.cc
/branches/3.7/src/version.cc
=======================================
--- /branches/3.7/src/assembler.cc Tue Nov 29 06:28:56 2011
+++ /branches/3.7/src/assembler.cc Tue Dec 13 10:08:45 2011
@@ -815,11 +815,6 @@
return ExternalReference(
Redirect(isolate, FUNCTION_ADDR(Deoptimizer::ComputeOutputFrames)));
}
-
-
-ExternalReference ExternalReference::global_contexts_list(Isolate*
isolate) {
- return
ExternalReference(isolate->heap()->global_contexts_list_address());
-}
ExternalReference ExternalReference::keyed_lookup_cache_keys(Isolate*
isolate) {
=======================================
--- /branches/3.7/src/assembler.h Tue Nov 29 06:28:56 2011
+++ /branches/3.7/src/assembler.h Tue Dec 13 10:08:45 2011
@@ -590,7 +590,6 @@
// Deoptimization support.
static ExternalReference new_deoptimizer_function(Isolate* isolate);
static ExternalReference compute_output_frames_function(Isolate*
isolate);
- static ExternalReference global_contexts_list(Isolate* isolate);
// Static data in the keyed lookup cache.
static ExternalReference keyed_lookup_cache_keys(Isolate* isolate);
=======================================
--- /branches/3.7/src/deoptimizer.cc Thu Nov 17 00:34:43 2011
+++ /branches/3.7/src/deoptimizer.cc Tue Dec 13 10:08:45 2011
@@ -264,11 +264,16 @@
AssertNoAllocation no_allocation;
// Run through the list of all global contexts and deoptimize.
- Object* global = Isolate::Current()->heap()->global_contexts_list();
- while (!global->IsUndefined()) {
-
VisitAllOptimizedFunctionsForGlobalObject(Context::cast(global)->global(),
- visitor);
- global = Context::cast(global)->get(Context::NEXT_CONTEXT_LINK);
+ Object* context = Isolate::Current()->heap()->global_contexts_list();
+ while (!context->IsUndefined()) {
+ // GC can happen when the context is not fully initialized,
+ // so the global field of the context can be undefined.
+ Object* global = Context::cast(context)->get(Context::GLOBAL_INDEX);
+ if (!global->IsUndefined()) {
+ VisitAllOptimizedFunctionsForGlobalObject(JSObject::cast(global),
+ visitor);
+ }
+ context = Context::cast(context)->get(Context::NEXT_CONTEXT_LINK);
}
}
=======================================
--- /branches/3.7/src/heap.cc Mon Dec 5 09:22:52 2011
+++ /branches/3.7/src/heap.cc Tue Dec 13 10:08:45 2011
@@ -637,13 +637,17 @@
Object* context = global_contexts_list_;
while (!context->IsUndefined()) {
- // Get the caches for this context:
- FixedArray* caches =
- Context::cast(context)->jsfunction_result_caches();
- // Clear the caches:
- int length = caches->length();
- for (int i = 0; i < length; i++) {
- JSFunctionResultCache::cast(caches->get(i))->Clear();
+ // Get the caches for this context. GC can happen when the context
+ // is not fully initialized, so the caches can be undefined.
+ Object* caches_or_undefined =
+
Context::cast(context)->get(Context::JSFUNCTION_RESULT_CACHES_INDEX);
+ if (!caches_or_undefined->IsUndefined()) {
+ FixedArray* caches = FixedArray::cast(caches_or_undefined);
+ // Clear the caches:
+ int length = caches->length();
+ for (int i = 0; i < length; i++) {
+ JSFunctionResultCache::cast(caches->get(i))->Clear();
+ }
}
// Get the next context:
context = Context::cast(context)->get(Context::NEXT_CONTEXT_LINK);
@@ -660,7 +664,13 @@
Object* context = global_contexts_list_;
while (!context->IsUndefined()) {
- Context::cast(context)->normalized_map_cache()->Clear();
+ // GC can happen when the context is not fully initialized,
+ // so the cache can be undefined.
+ Object* cache =
+ Context::cast(context)->get(Context::NORMALIZED_MAP_CACHE_INDEX);
+ if (!cache->IsUndefined()) {
+ NormalizedMapCache::cast(cache)->Clear();
+ }
context = Context::cast(context)->get(Context::NEXT_CONTEXT_LINK);
}
}
=======================================
--- /branches/3.7/src/incremental-marking.cc Mon Dec 5 09:22:52 2011
+++ /branches/3.7/src/incremental-marking.cc Tue Dec 13 10:08:45 2011
@@ -677,11 +677,16 @@
Object* context = heap_->global_contexts_list();
while (!context->IsUndefined()) {
- NormalizedMapCache* cache =
Context::cast(context)->normalized_map_cache();
- MarkBit mark_bit = Marking::MarkBitFrom(cache);
- if (Marking::IsGrey(mark_bit)) {
- Marking::GreyToBlack(mark_bit);
- MemoryChunk::IncrementLiveBytes(cache->address(), cache->Size());
+ // GC can happen when the context is not fully initialized,
+ // so the cache can be undefined.
+ HeapObject* cache = HeapObject::cast(
+ Context::cast(context)->get(Context::NORMALIZED_MAP_CACHE_INDEX));
+ if (!cache->IsUndefined()) {
+ MarkBit mark_bit = Marking::MarkBitFrom(cache);
+ if (Marking::IsGrey(mark_bit)) {
+ Marking::GreyToBlack(mark_bit);
+ MemoryChunk::IncrementLiveBytes(cache->address(), cache->Size());
+ }
}
context = Context::cast(context)->get(Context::NEXT_CONTEXT_LINK);
}
=======================================
--- /branches/3.7/src/version.cc Fri Dec 9 05:19:57 2011
+++ /branches/3.7/src/version.cc Tue Dec 13 10:08:45 2011
@@ -35,7 +35,7 @@
#define MAJOR_VERSION 3
#define MINOR_VERSION 7
#define BUILD_NUMBER 12
-#define PATCH_LEVEL 10
+#define PATCH_LEVEL 11
// Use 1 for candidates and 0 otherwise.
// (Boolean macro values are not supported by all preprocessors.)
#define IS_CANDIDATE_VERSION 0
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
