I was just running V8 in debug, and got an assert failure that I'm
trying to understand. Specifically, the assert is in handles-inl.h
line 49:
template <class T>
inline T* Handle<T>::operator*() const {
ASSERT(location_ != NULL);
-> ASSERT(reinterpret_cast<Address>(*location_) != kHandleZapValue);
return *location_;
}
I poked around to figure out what kHandleZapValue was, and what might
cause this assert, I found that the only time kHandleZapValue is
assigned to anything is in HandleScope::ZapRange. ZapRange is only
called from a couple places, one of them caught my eye in
HandleScope::Leave:
static void Leave(
const v8::ImplementationUtilities::HandleScopeData* previous) {
if (current_.extensions > 0) {
DeleteExtensions();
}
current_ = *previous;
#ifdef DEBUG
ZapRange(current_.next, current_.limit);
#endif
}
The question I have is: should ZapRange really be getting called on
current_'s data after it's just been changed to previous? Doesn't
this mean that a handle scope is being destroyed, it changes the
current handle scope to the previous one, then zaps all of the handles
in the new handle scope? So as soon as something from that handle
scope is looked up, it's going to be the zap value? Or am I totally
missing something? I would guess that it should look like this:
static void Leave(
const v8::ImplementationUtilities::HandleScopeData* previous) {
if (current_.extensions > 0) {
DeleteExtensions();
}
#ifdef DEBUG
ZapRange(current_.next, current_.limit);
#endif
current_ = *previous;
}
FYI, I'm looking at trunk r4756, though I checked and this is the same
on the head of bleeding_edge as well.
Thanks,
matt
--
v8-users mailing list
[email protected]
http://groups.google.com/group/v8-users
