Reviewers: Lasse Reichstein,
Description:
RegExpMacroAssembler::CheckStackGuardState should update input string.
If input string was cons-string it might undergo short-circuiting during GC.
This does not change input start if underlying seq-string (first element of
cons-string) does not move but this makes input-string pointer on the native
regexp's frame invalid.
[email protected]
Please review this at http://codereview.chromium.org/8343001/
SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files:
M src/arm/regexp-macro-assembler-arm.cc
M src/ia32/regexp-macro-assembler-ia32.cc
M src/x64/regexp-macro-assembler-x64.cc
Index: src/arm/regexp-macro-assembler-arm.cc
diff --git a/src/arm/regexp-macro-assembler-arm.cc
b/src/arm/regexp-macro-assembler-arm.cc
index
c8764679383d54b477e225dbe263489c1b47b2b1..b212f9f6e6a0922fba39f3d48c177e65e09a3ce2
100644
--- a/src/arm/regexp-macro-assembler-arm.cc
+++ b/src/arm/regexp-macro-assembler-arm.cc
@@ -1111,6 +1111,11 @@ int
RegExpMacroAssemblerARM::CheckStackGuardState(Address* return_address,
frame_entry<const String*>(re_frame, kInputString) = *subject;
frame_entry<const byte*>(re_frame, kInputStart) = new_address;
frame_entry<const byte*>(re_frame, kInputEnd) = new_address +
byte_length;
+ } else if (frame_entry<const String*>(re_frame, kInputString) !=
*subject) {
+ // Subject string might have been a ConsString that underwent
+ // short-circuiting during GC. That will not change start_address but
+ // will change pointer inside the subject handle.
+ frame_entry<const String*>(re_frame, kInputString) = *subject;
}
return 0;
Index: src/ia32/regexp-macro-assembler-ia32.cc
diff --git a/src/ia32/regexp-macro-assembler-ia32.cc
b/src/ia32/regexp-macro-assembler-ia32.cc
index
8b0b9ab91154520ec34bf35dd9b66cae0a746271..dbf01abff08714d7979578b239b4a93ea5d6a20f
100644
--- a/src/ia32/regexp-macro-assembler-ia32.cc
+++ b/src/ia32/regexp-macro-assembler-ia32.cc
@@ -1141,6 +1141,11 @@ int
RegExpMacroAssemblerIA32::CheckStackGuardState(Address* return_address,
frame_entry<const String*>(re_frame, kInputString) = *subject;
frame_entry<const byte*>(re_frame, kInputStart) = new_address;
frame_entry<const byte*>(re_frame, kInputEnd) = new_address +
byte_length;
+ } else if (frame_entry<const String*>(re_frame, kInputString) !=
*subject) {
+ // Subject string might have been a ConsString that underwent
+ // short-circuiting during GC. That will not change start_address but
+ // will change pointer inside the subject handle.
+ frame_entry<const String*>(re_frame, kInputString) = *subject;
}
return 0;
Index: src/x64/regexp-macro-assembler-x64.cc
diff --git a/src/x64/regexp-macro-assembler-x64.cc
b/src/x64/regexp-macro-assembler-x64.cc
index
55fabc00364491618fc1c594e59ee99566b35a5f..1e0cd6a38c0a7b607c442dcdb475a3583991b898
100644
--- a/src/x64/regexp-macro-assembler-x64.cc
+++ b/src/x64/regexp-macro-assembler-x64.cc
@@ -1248,6 +1248,11 @@ int
RegExpMacroAssemblerX64::CheckStackGuardState(Address* return_address,
frame_entry<const String*>(re_frame, kInputString) = *subject;
frame_entry<const byte*>(re_frame, kInputStart) = new_address;
frame_entry<const byte*>(re_frame, kInputEnd) = new_address +
byte_length;
+ } else if (frame_entry<const String*>(re_frame, kInputString) !=
*subject) {
+ // Subject string might have been a ConsString that underwent
+ // short-circuiting during GC. That will not change start_address but
+ // will change pointer inside the subject handle.
+ frame_entry<const String*>(re_frame, kInputString) = *subject;
}
return 0;
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
