| OLD | NEW |
|---|
| 1 // Copyright 2006-2009 the V8 project authors. All rights reserved. | 1 // Copyright 2006-2009 the V8 project authors. All rights reserved. |
| 2 // Redistribution and use in source and binary forms, with or without | 2 // Redistribution and use in source and binary forms, with or without |
| 3 // modification, are permitted provided that the following conditions are | 3 // modification, are permitted provided that the following conditions are |
| 4 // met: | 4 // met: |
| 5 // | 5 // |
| 6 // * Redistributions of source code must retain the above copyright | 6 // * Redistributions of source code must retain the above copyright |
| 7 // notice, this list of conditions and the following disclaimer. | 7 // notice, this list of conditions and the following disclaimer. |
| 8 // * Redistributions in binary form must reproduce the above | 8 // * Redistributions in binary form must reproduce the above |
| 9 // copyright notice, this list of conditions and the following | 9 // copyright notice, this list of conditions and the following |
| 10 // disclaimer in the documentation and/or other materials provided | 10 // disclaimer in the documentation and/or other materials provided |
| (...skipping 6374 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 6385 } | 6385 } |
| 6386 | 6386 |
| 6387 | 6387 |
| 6388 static void TrySettingInlineConstructStub(Handle<JSFunction> function) { | 6388 static void TrySettingInlineConstructStub(Handle<JSFunction> function) { |
| 6389 Handle<Object> prototype = Factory::null_value(); | 6389 Handle<Object> prototype = Factory::null_value(); |
| 6390 if (function->has_instance_prototype()) { | 6390 if (function->has_instance_prototype()) { |
| 6391 prototype = Handle<Object>(function->instance_prototype()); | 6391 prototype = Handle<Object>(function->instance_prototype()); |
| 6392 } | 6392 } |
| 6393 if (function->shared()->CanGenerateInlineConstructor(*prototype)) { | 6393 if (function->shared()->CanGenerateInlineConstructor(*prototype)) { |
| 6394 ConstructStubCompiler compiler; | 6394 ConstructStubCompiler compiler; |
| 6395 MaybeObject* code = compiler.CompileConstructStub(function->shared()); | 6395 MaybeObject* code = compiler.CompileConstructStub(*function); |
| 6396 if (!code->IsFailure()) { | 6396 if (!code->IsFailure()) { |
| 6397 function->shared()->set_construct_stub( | 6397 function->shared()->set_construct_stub( |
| 6398 Code::cast(code->ToObjectUnchecked())); | 6398 Code::cast(code->ToObjectUnchecked())); |
| 6399 } | 6399 } |
| 6400 } | 6400 } |
| 6401 } | 6401 } |
| 6402 | 6402 |
| 6403 | 6403 |
| 6404 static MaybeObject* Runtime_NewObject(Arguments args) { | 6404 static MaybeObject* Runtime_NewObject(Arguments args) { |
| 6405 HandleScope scope; | 6405 HandleScope scope; |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 6453 // The function should be compiled for the optimization hints to be available. | 6453 // The function should be compiled for the optimization hints to be available. |
| 6454 Handle<SharedFunctionInfo> shared(function->shared()); | 6454 Handle<SharedFunctionInfo> shared(function->shared()); |
| 6455 EnsureCompiled(shared, CLEAR_EXCEPTION); | 6455 EnsureCompiled(shared, CLEAR_EXCEPTION); |
| 6456 | 6456 |
| 6457 if (!function->has_initial_map() && | 6457 if (!function->has_initial_map() && |
| 6458 shared->IsInobjectSlackTrackingInProgress()) { | 6458 shared->IsInobjectSlackTrackingInProgress()) { |
| 6459 // The tracking is already in progress for another function. We can only | 6459 // The tracking is already in progress for another function. We can only |
| 6460 // track one initial_map at a time, so we force the completion before the | 6460 // track one initial_map at a time, so we force the completion before the |
| 6461 // function is called as a constructor for the first time. | 6461 // function is called as a constructor for the first time. |
| 6462 shared->CompleteInobjectSlackTracking(); | 6462 shared->CompleteInobjectSlackTracking(); |
| 6463 TrySettingInlineConstructStub(function); | |
| 6464 } | 6463 } |
| 6465 | 6464 |
| 6466 bool first_allocation = !shared->live_objects_may_exist(); | 6465 bool first_allocation = !shared->live_objects_may_exist(); |
| 6467 Handle<JSObject> result = Factory::NewJSObject(function); | 6466 Handle<JSObject> result = Factory::NewJSObject(function); |
| 6468 // Delay setting the stub if inobject slack tracking is in progress. | 6467 // Delay setting the stub if inobject slack tracking is in progress. |
| 6469 if (first_allocation && !shared->IsInobjectSlackTrackingInProgress()) { | 6468 if (first_allocation && !shared->IsInobjectSlackTrackingInProgress()) { |
| 6470 TrySettingInlineConstructStub(function); | 6469 TrySettingInlineConstructStub(function); |
| 6471 } | 6470 } |
| 6472 | 6471 |
| 6473 Counters::constructed_objects.Increment(); | 6472 Counters::constructed_objects.Increment(); |
| (...skipping 3852 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 10326 } else { | 10325 } else { |
| 10327 // Handle last resort GC and make sure to allow future allocations | 10326 // Handle last resort GC and make sure to allow future allocations |
| 10328 // to grow the heap without causing GCs (if possible). | 10327 // to grow the heap without causing GCs (if possible). |
| 10329 Counters::gc_last_resort_from_js.Increment(); | 10328 Counters::gc_last_resort_from_js.Increment(); |
| 10330 Heap::CollectAllGarbage(false); | 10329 Heap::CollectAllGarbage(false); |
| 10331 } | 10330 } |
| 10332 } | 10331 } |
| 10333 | 10332 |
| 10334 | 10333 |
| 10335 } } // namespace v8::internal | 10334 } } // namespace v8::internal |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 5278003:
Fix crashes during GC caused by partially initialized objects. The... (Closed)
Base URL: http://v8.googlecode.com/svn/branches/bleeding_edge/