Chromium Code Reviews Chromium Code Reviews
Issue 173060:
Do not allow GlobalHandles::Create to reuse destoryed nodes (ones from free l... (Closed)
Base URL: http://v8.googlecode.com/svn/branches/bleeding_edge/| OLD | NEW |
|---|---|
| 1 // Copyright 2009 the V8 project authors. All rights reserved. | 1 // Copyright 2009 the V8 project authors. All rights reserved. |
| 2 // Redistribution and use in source and binary forms, with or without | 2 // Redistribution and use in source and binary forms, with or without |
| 3 // modification, are permitted provided that the following conditions are | 3 // modification, are permitted provided that the following conditions are |
| 4 // met: | 4 // met: |
| 5 // | 5 // |
| 6 // * Redistributions of source code must retain the above copyright | 6 // * Redistributions of source code must retain the above copyright |
| 7 // notice, this list of conditions and the following disclaimer. | 7 // notice, this list of conditions and the following disclaimer. |
| 8 // * Redistributions in binary form must reproduce the above | 8 // * Redistributions in binary form must reproduce the above |
| 9 // copyright notice, this list of conditions and the following | 9 // copyright notice, this list of conditions and the following |
| 10 // disclaimer in the documentation and/or other materials provided | 10 // disclaimer in the documentation and/or other materials provided |
| (...skipping 138 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 149 LOG(HandleEvent("GlobalHandle::Processing", handle().location())); | 149 LOG(HandleEvent("GlobalHandle::Processing", handle().location())); |
| 150 void* par = parameter(); | 150 void* par = parameter(); |
| 151 state_ = NEAR_DEATH; | 151 state_ = NEAR_DEATH; |
| 152 set_parameter(NULL); | 152 set_parameter(NULL); |
| 153 // The callback function is resolved as late as possible to preserve old | 153 // The callback function is resolved as late as possible to preserve old |
| 154 // behavior. | 154 // behavior. |
| 155 WeakReferenceCallback func = callback(); | 155 WeakReferenceCallback func = callback(); |
| 156 if (func != NULL) { | 156 if (func != NULL) { |
| 157 v8::Persistent<v8::Object> object = ToApi<v8::Object>(handle()); | 157 v8::Persistent<v8::Object> object = ToApi<v8::Object>(handle()); |
| 158 { | 158 { |
| 159 // Forbid reuse of destroyed nodes as they might be already deallocated. | |
| 160 // It's fine though to reuse nodes that were destroyed in weak callback | |
| 161 // as those cannot be deallocated until we are back from the callback. | |
| 162 set_first_free(NULL); | |
|
Mads Ager (chromium)
2009/08/19 17:32:07
Doesn't this leak the nodes on the free list? Sho
antonm
2009/08/19 17:39:32
I don't think so. To the best of my knowledge we
| |
| 159 // Leaving V8. | 163 // Leaving V8. |
| 160 VMState state(EXTERNAL); | 164 VMState state(EXTERNAL); |
| 161 func(object, par); | 165 func(object, par); |
| 162 } | 166 } |
| 163 } | 167 } |
| 164 } | 168 } |
| 165 | 169 |
| 166 // Place the handle address first to avoid offset computation. | 170 // Place the handle address first to avoid offset computation. |
| 167 Object* object_; // Storage for object pointer. | 171 Object* object_; // Storage for object pointer. |
| 168 | 172 |
| (...skipping 206 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 375 void GlobalHandles::RemoveObjectGroups() { | 379 void GlobalHandles::RemoveObjectGroups() { |
| 376 List<ObjectGroup*>* object_groups = ObjectGroups(); | 380 List<ObjectGroup*>* object_groups = ObjectGroups(); |
| 377 for (int i = 0; i< object_groups->length(); i++) { | 381 for (int i = 0; i< object_groups->length(); i++) { |
| 378 delete object_groups->at(i); | 382 delete object_groups->at(i); |
| 379 } | 383 } |
| 380 object_groups->Clear(); | 384 object_groups->Clear(); |
| 381 } | 385 } |
| 382 | 386 |
| 383 | 387 |
| 384 } } // namespace v8::internal | 388 } } // namespace v8::internal |
| OLD | NEW |
