Skip stack trace formatting in case the global object is already dead.

src/handles.cc

 // Copyright 2012 the V8 project authors. All rights reserved.
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 //       notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
 //       copyright notice, this list of conditions and the following
 //       disclaimer in the documentation and/or other materials provided
@@ skipping 614 matching lines @@
 static bool ContainsOnlyValidKeys(Handle<FixedArray> array) {
   int len = array->length();
   for (int i = 0; i < len; i++) {
     Object* e = array->get(i);
     if (!(e->IsString() || e->IsNumber())) return false;
   }
   return true;
 }
 
 
+
+template
+Handle<FixedArray> GetKeysInFixedArrayFor<true>(Handle<JSReceiver> object,
+                                                KeyCollectionType type,
+                                                bool* threw);
+template
+Handle<FixedArray> GetKeysInFixedArrayFor<false>(Handle<JSReceiver> object,
+                                                 KeyCollectionType type,
+                                                 bool* threw);
+
+template<bool allow_side_effect>
 Handle<FixedArray> GetKeysInFixedArrayFor(Handle<JSReceiver> object,
                                           KeyCollectionType type,
                                           bool* threw) {
   USE(ContainsOnlyValidKeys);
   Isolate* isolate = object->GetIsolate();
   Handle<FixedArray> content = isolate->factory()->empty_fixed_array();
   Handle<JSObject> arguments_boilerplate = Handle<JSObject>(
       isolate->context()->native_context()->arguments_boilerplate(),
       isolate);
   Handle<JSFunction> arguments_function = Handle<JSFunction>(
       JSFunction::cast(arguments_boilerplate->map()->constructor()),
       isolate);
 
   // Only collect keys if access is permitted.
   for (Handle<Object> p = object;
        *p != isolate->heap()->null_value();
        p = Handle<Object>(p->GetPrototype(), isolate)) {
     if (p->IsJSProxy()) {
-      Handle<JSProxy> proxy(JSProxy::cast(*p), isolate);
-      Handle<Object> args[] = { proxy };
-      Handle<Object> names = Execution::Call(
-          isolate->proxy_enumerate(), object, ARRAY_SIZE(args), args, threw);
-      if (*threw) return content;
-      content = AddKeysFromJSArray(content, Handle<JSArray>::cast(names));
+      if (allow_side_effect) {
+        Handle<JSProxy> proxy(JSProxy::cast(*p), isolate);
+        Handle<Object> args[] = { proxy };
+        Handle<Object> names = Execution::Call(
+            isolate->proxy_enumerate(), object, ARRAY_SIZE(args), args, threw);
+        if (*threw) return content;
+        content = AddKeysFromJSArray(content, Handle<JSArray>::cast(names));
+      }
       break;
     }
 
     Handle<JSObject> current(JSObject::cast(*p), isolate);
 
     // Check access rights if required.
-    if (current->IsAccessCheckNeeded() &&
-        !isolate->MayNamedAccess(*current,
-                                 isolate->heap()->undefined_value(),
-                                 v8::ACCESS_KEYS)) {
-      isolate->ReportFailedAccessCheck(*current, v8::ACCESS_KEYS);
-      break;
+    if (current->IsAccessCheckNeeded()) {
+      if (!allow_side_effect) {
+        break;
+      } else if (!isolate->MayNamedAccess(
+              *current, isolate->heap()->undefined_value(), v8::ACCESS_KEYS)) {
+        isolate->ReportFailedAccessCheck(*current, v8::ACCESS_KEYS);
+        break;
+      }
     }
 
     // Compute the element keys.
     Handle<FixedArray> element_keys =
         isolate->factory()->NewFixedArray(current->NumberOfEnumElements());
     current->GetEnumElementKeys(*element_keys);
     content = UnionOfKeys(content, element_keys);
     ASSERT(ContainsOnlyValidKeys(content));
 
     // Add the element keys from the interceptor.
-    if (current->HasIndexedInterceptor()) {
+    if (allow_side_effect && current->HasIndexedInterceptor()) {
       v8::Handle<v8::Array> result =
           GetKeysForIndexedInterceptor(object, current);
       if (!result.IsEmpty())
         content = AddKeysFromJSArray(content, v8::Utils::OpenHandle(*result));
       ASSERT(ContainsOnlyValidKeys(content));
     }
 
     // We can cache the computed property keys if access checks are
     // not needed and no interceptors are involved.
     //
     // We do not use the cache if the object has elements and
     // therefore it does not make sense to cache the property names
     // for arguments objects.  Arguments objects will always have
     // elements.
     // Wrapped strings have elements, but don't have an elements
     // array or dictionary.  So the fast inline test for whether to
     // use the cache says yes, so we should not create a cache.
     bool cache_enum_keys =
         ((current->map()->constructor() != *arguments_function) &&
          !current->IsJSValue() &&
          !current->IsAccessCheckNeeded() &&
          !current->HasNamedInterceptor() &&
          !current->HasIndexedInterceptor());
     // Compute the property keys and cache them if possible.
     content =
         UnionOfKeys(content, GetEnumPropertyKeys(current, cache_enum_keys));
     ASSERT(ContainsOnlyValidKeys(content));
 
     // Add the property keys from the interceptor.
-    if (current->HasNamedInterceptor()) {
+    if (allow_side_effect && current->HasNamedInterceptor()) {
       v8::Handle<v8::Array> result =
           GetKeysForNamedInterceptor(object, current);
       if (!result.IsEmpty())
         content = AddKeysFromJSArray(content, v8::Utils::OpenHandle(*result));
       ASSERT(ContainsOnlyValidKeys(content));
     }
 
     // If we only want local properties we bail out after the first
     // iteration.
-    if (type == LOCAL_ONLY)
-      break;
+    if (type == LOCAL_ONLY) break;
   }
   return content;
 }
 
 
-Handle<JSArray> GetKeysFor(Handle<JSReceiver> object, bool* threw) {
-  Isolate* isolate = object->GetIsolate();
-  isolate->counters()->for_in()->Increment();
-  Handle<FixedArray> elements =
-      GetKeysInFixedArrayFor(object, INCLUDE_PROTOS, threw);
-  return isolate->factory()->NewJSArrayWithElements(elements);
-}
-
-
 Handle<FixedArray> ReduceFixedArrayTo(Handle<FixedArray> array, int length) {
   ASSERT(array->length() >= length);
   if (array->length() == length) return array;
 
   Handle<FixedArray> new_array =
       array->GetIsolate()->factory()->NewFixedArray(length);
   for (int i = 0; i < length; ++i) new_array->set(i, array->get(i));
   return new_array;
 }
 
@@ skipping 181 matching lines @@
   data->next = prev_next_;
   data->limit = prev_limit_;
 #ifdef DEBUG
   handles_detached_ = true;
 #endif
   return deferred;
 }
 
 
 } }  // namespace v8::internal