review.tizen.org Git - platform/upstream/v8.git/commit

Fix GC issue in instanceof stub

The the call of the builtin in InstanceofStub was not correctly protected with an internal frame leading to the return address being handled as a pointer during GC.

Marked the Instanceof stub as allowing stub calls (the RecordWriteStub was removed some days ago).

This issue was not caught by the assertion designed for this when debug mode is run with --debug-code (which out tests always does) as generating code for Abort set the allow stub calls flag to true. This has been fixed by restoring the allow stub calls flag correctly.
Review URL: http://codereview.chromium.org/6097010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@6218 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

author	sgjesse@chromium.org <sgjesse@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
	Fri, 7 Jan 2011 10:37:26 +0000 (10:37 +0000)
committer	sgjesse@chromium.org <sgjesse@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
	Fri, 7 Jan 2011 10:37:26 +0000 (10:37 +0000)
commit	426f13e0845a5ae212c0d04c0e5f44e99afbc9ba
tree	cb8b093e5295b69094651ade2d6c7793767383f8	tree \| snapshot
parent	bfecc956941335da7e15b0f6616dd35be1be131f	commit \| diff

src/arm/macro-assembler-arm.cc		diff \| blob \| history
src/code-stubs.cc		diff \| blob \| history
src/code-stubs.h		diff \| blob \| history
src/ia32/code-stubs-ia32.cc		diff \| blob \| history
src/ia32/lithium-codegen-ia32.cc		diff \| blob \| history
src/ia32/macro-assembler-ia32.cc		diff \| blob \| history
src/x64/macro-assembler-x64.cc		diff \| blob \| history