Reviewers: Michael Starzinger,
Description:
Allocate generator result objects before unwinding try handlers
When a generator suspends, it saves its state out to the heap and
unwinds try handlers but doesn't pop anything off the stack. Instead it
relies on no GC happening between the suspend and the return from the
generator. However this was not the case: boxing the result object
could cause GC, which would try to traverse the stack but would
misinterpret words from unwound try handlers as heap objects.
This CL changes to allocate the result objects before the suspend. It
also removes the generators-iteration skip introduced in r15065.
[email protected]
TEST=mjsunit/harmony/generators-iteration
BUG=
Please review this at https://codereview.chromium.org/16801006/
SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files:
M src/arm/full-codegen-arm.cc
M src/full-codegen.h
M src/full-codegen.cc
M src/ia32/full-codegen-ia32.cc
M src/x64/full-codegen-x64.cc
M test/mjsunit/mjsunit.status
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
