On 2012/11/16 01:09:57, Vyacheslav Egorov (Google) wrote:
LGTM iff the concern about .stack getter replacement can be addressed
[recognize
one shot accessor?]
http://codereview.chromium.org/11377158/diff/5001/src/heap.cc
File src/heap.cc (right):
http://codereview.chromium.org/11377158/diff/5001/src/heap.cc#newcode7444
src/heap.cc:7444: Object::GetProperty(js_object, js_object, &lookup,
stack_key,
&attr);
here is two interesting questions:
1) what if somebody _replaces_ the .stack getter? can they do it? then
they
can
observe GC.
2) what if scavenge happens here? scavenges move things down in this
array so
our write index might start pointing to something that we did not process
and
we
end up overwriting it. this does not matter much (there are no correctness
concerns it seems). but it might be worth a comment
Both very valid points, I hope I sufficiently addressed them:
1) I'm "abusing" the native flag to recognize the one shot getters.
2) If the scavenge is triggered by formatting, I recognize that the nested_
flag
is true and don't move things down the list.
Additionally, I changed the behavior of our stack trace API so that if a
custom
Error.prepareStackTrace function is defined, we format the stack trace
immediately so that GC cannot be observed this way.
Please take another look.
http://codereview.chromium.org/11377158/
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
