src/bootstrapper.cc - Issue 1374663002: [bootstrapper] Fix raw pointer use during potential GC.

Unified Diff: src/bootstrapper.cc

Issue 1374663002: [bootstrapper] Fix raw pointer use during potential GC. (Closed) Base URL: https://chromium.googlesource.com/v8/v8.git@master

Patch Set: Created 5 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: src/bootstrapper.cc

diff --git a/src/bootstrapper.cc b/src/bootstrapper.cc

index 2f2216b13e80a9851ca78f38e2624b24e43e4b94..4bcebaa8d687d6679a3562f0e4ce9d320486a1e2 100644

--- a/src/bootstrapper.cc

+++ b/src/bootstrapper.cc

@@ -1803,23 +1803,29 @@ void Bootstrapper::ExportFromRuntime(Isolate* isolate,

PUBLIC_SYMBOL_LIST(EXPORT_PUBLIC_SYMBOL)

#undef EXPORT_PUBLIC_SYMBOL

- Handle<JSFunction> apply = InstallFunction(

- container, "reflect_apply", JS_OBJECT_TYPE, JSObject::kHeaderSize,

- MaybeHandle<JSObject>(), Builtins::kReflectApply);

- apply->shared()->set_internal_formal_parameter_count(3);

- apply->shared()->set_length(3);

- apply->shared()->set_feedback_vector(

- *TypeFeedbackVector::CreatePushAppliedArgumentsVector(isolate));

Michael Starzinger 2015/10/01 17:37:48 Holy sh*t, GCMole didn't find this, that is concer

Benedikt Meurer 2015/10/01 17:52:23 Good point. Can you look into this Michi?

- isolate->native_context()->set_reflect_apply(*apply);

- Handle<JSFunction> construct = InstallFunction(

- container, "reflect_construct", JS_OBJECT_TYPE, JSObject::kHeaderSize,

- MaybeHandle<JSObject>(), Builtins::kReflectConstruct);

- construct->shared()->set_internal_formal_parameter_count(3);

- construct->shared()->set_length(2);

- construct->shared()->set_feedback_vector(

- *TypeFeedbackVector::CreatePushAppliedArgumentsVector(isolate));

- isolate->native_context()->set_reflect_construct(*construct);

+ {

+ Handle<JSFunction> apply = InstallFunction(

+ container, "reflect_apply", JS_OBJECT_TYPE, JSObject::kHeaderSize,

+ MaybeHandle<JSObject>(), Builtins::kReflectApply);

+ apply->shared()->set_internal_formal_parameter_count(3);

+ apply->shared()->set_length(3);

+ Handle<TypeFeedbackVector> feedback_vector =

+ TypeFeedbackVector::CreatePushAppliedArgumentsVector(isolate);

+ apply->shared()->set_feedback_vector(*feedback_vector);

+ isolate->native_context()->set_reflect_apply(*apply);

+ }

+ {

+ Handle<JSFunction> construct = InstallFunction(

+ container, "reflect_construct", JS_OBJECT_TYPE, JSObject::kHeaderSize,

+ MaybeHandle<JSObject>(), Builtins::kReflectConstruct);

+ construct->shared()->set_internal_formal_parameter_count(3);

+ construct->shared()->set_length(2);

+ Handle<TypeFeedbackVector> feedback_vector =

+ TypeFeedbackVector::CreatePushAppliedArgumentsVector(isolate);

+ construct->shared()->set_feedback_vector(*feedback_vector);

+ isolate->native_context()->set_reflect_construct(*construct);

+ }

}

@@ -2421,8 +2427,9 @@ bool Genesis::InstallNatives(ContextType context_type) {

Handle<JSFunction> apply =

InstallFunction(proto, "apply", JS_OBJECT_TYPE, JSObject::kHeaderSize,

MaybeHandle<JSObject>(), Builtins::kFunctionApply);

- apply->shared()->set_feedback_vector(

- *TypeFeedbackVector::CreatePushAppliedArgumentsVector(isolate()));

+ Handle<TypeFeedbackVector> feedback_vector =

+ TypeFeedbackVector::CreatePushAppliedArgumentsVector(isolate());

+ apply->shared()->set_feedback_vector(*feedback_vector);

// Make sure that Function.prototype.call appears to be compiled.

// The code will never be called, but inline caching for call will

« no previous file with comments | « no previous file | no next file » | no next file with comments »