Fix assertion scope in Runtime_GetScript.

The HeapIterator implies DisallowHeapAllocation, but Script::GetWrapper
may allocate.

LOG=N
R=jkummerow@chromium.org
BUG=chromium:410033

Review URL: https://codereview.chromium.org/680283002

Cr-Commit-Position: refs/heads/master@{#25001}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25001 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

diff --git a/src/runtime/runtime-debug.cc b/src/runtime/runtime-debug.cc
index 1555106..2de372f 100644 (file)
--- a/src/runtime/runtime-debug.cc
+++ b/src/runtime/runtime-debug.cc
@@ -2614,48 +2614,30 @@ RUNTIME_FUNCTION(Runtime_GetHeapUsage) {
 // traversals might be required rendering this operation as a rather slow
 // operation. However for setting break points which is normally done through
 // some kind of user interaction the performance is not crucial.
-static Handle<Object> Runtime_GetScriptFromScriptName(
-    Handle<String> script_name) {
-  // Scan the heap for Script objects to find the script with the requested
-  // script data.
-  Handle<Script> script;
-  Factory* factory = script_name->GetIsolate()->factory();
-  Heap* heap = script_name->GetHeap();
-  HeapIterator iterator(heap);
-  HeapObject* obj = NULL;
-  while (script.is_null() && ((obj = iterator.next()) != NULL)) {
-    // If a script is found check if it has the script data requested.
-    if (obj->IsScript()) {
-      if (Script::cast(obj)->name()->IsString()) {
-        if (String::cast(Script::cast(obj)->name())->Equals(*script_name)) {
-          script = Handle<Script>(Script::cast(obj));
-        }
-      }
-    }
-  }
-
-  // If no script with the requested script data is found return undefined.
-  if (script.is_null()) return factory->undefined_value();
-
-  // Return the script found.
-  return Script::GetWrapper(script);
-}
-
-
-// Get the script object from script data. NOTE: Regarding performance
-// see the NOTE for GetScriptFromScriptData.
-// args[0]: script data for the script to find the source for
 RUNTIME_FUNCTION(Runtime_GetScript) {
   HandleScope scope(isolate);
-
   DCHECK(args.length() == 1);
+  CONVERT_ARG_HANDLE_CHECKED(String, script_name, 0);
 
-  CONVERT_ARG_CHECKED(String, script_name, 0);
+  Handle<Script> found;
+  Heap* heap = isolate->heap();
+  {
+    HeapIterator iterator(heap);
+    HeapObject* obj = NULL;
+    while ((obj = iterator.next()) != NULL) {
+      if (!obj->IsScript()) continue;
+      Script* script = Script::cast(obj);
+      if (!script->name()->IsString()) continue;
+      String* name = String::cast(script->name());
+      if (name->Equals(*script_name)) {
+        found = Handle<Script>(script, isolate);
+        break;
+      }
+    }
+  }
 
-  // Find the requested script.
-  Handle<Object> result =
-      Runtime_GetScriptFromScriptName(Handle<String>(script_name));
-  return *result;
+  if (found.is_null()) return heap->undefined_value();
+  return *Script::GetWrapper(found);
 }
 
 

diff --git a/test/mjsunit/regress/regress-crbug-410033.js b/test/mjsunit/regress/regress-crbug-410033.js
new file mode 100644 (file)
index 0000000..63693e6
--- /dev/null
+++ b/test/mjsunit/regress/regress-crbug-410033.js
@@ -0,0 +1,7 @@
+// Copyright 2014 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Flags: --allow-natives-syntax --expose-gc
+
+%GetScript('v8/gc');