Turn old space cons strings into regular external strings (not short).

R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/368223002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@22192 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

diff --git a/src/objects.cc b/src/objects.cc
index c7e44e6..f0c0824 100644 (file)
--- a/src/objects.cc
+++ b/src/objects.cc
@@ -1067,18 +1067,13 @@ bool String::MakeExternal(v8::String::ExternalStringResource* resource) {
   bool is_internalized = this->IsInternalizedString();
 
   // Morph the string to an external string by replacing the map and
-  // reinitializing the fields.  This won't work if
-  // - the space the existing string occupies is too small for a regular
-  //   external string.
-  // - the existing string is in old pointer space and the backing store of
-  //   the external string is not aligned.  The GC cannot deal with a field
-  //   containing a possibly unaligned address to outside of V8's heap.
-  // In either case we resort to a short external string instead, omitting
+  // reinitializing the fields.  This won't work if the space the existing
+  // string occupies is too small for a regular  external string.
+  // Instead, we resort to a short external string instead, omitting
   // the field caching the address of the backing store.  When we encounter
   // short external strings in generated code, we need to bailout to runtime.
   Map* new_map;
-  if (size < ExternalString::kSize ||
-      heap->old_pointer_space()->Contains(this)) {
+  if (size < ExternalString::kSize) {
     new_map = is_internalized
         ? (is_ascii
             ? heap->
@@ -1139,18 +1134,13 @@ bool String::MakeExternal(v8::String::ExternalAsciiStringResource* resource) {
   bool is_internalized = this->IsInternalizedString();
 
   // Morph the string to an external string by replacing the map and
-  // reinitializing the fields.  This won't work if
-  // - the space the existing string occupies is too small for a regular
-  //   external string.
-  // - the existing string is in old pointer space and the backing store of
-  //   the external string is not aligned.  The GC cannot deal with a field
-  //   containing a possibly unaligned address to outside of V8's heap.
-  // In either case we resort to a short external string instead, omitting
+  // reinitializing the fields.  This won't work if the space the existing
+  // string occupies is too small for a regular  external string.
+  // Instead, we resort to a short external string instead, omitting
   // the field caching the address of the backing store.  When we encounter
   // short external strings in generated code, we need to bailout to runtime.
   Map* new_map;
-  if (size < ExternalString::kSize ||
-      heap->old_pointer_space()->Contains(this)) {
+  if (size < ExternalString::kSize) {
     new_map = is_internalized
         ? heap->short_external_ascii_internalized_string_map()
         : heap->short_external_ascii_string_map();

diff --git a/test/mjsunit/regress/regress-sliced-external-cons-regexp.js b/test/mjsunit/regress/regress-sliced-external-cons-regexp.js
new file mode 100644 (file)
index 0000000..145c831
--- /dev/null
+++ b/test/mjsunit/regress/regress-sliced-external-cons-regexp.js
@@ -0,0 +1,21 @@
+// Copyright 2014 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Flags: --expose-externalize-string --expose-gc
+
+var re = /(B)/;
+var cons1 = "0123456789" + "ABCDEFGHIJ";
+var cons2 = "0123456789\u1234" + "ABCDEFGHIJ";
+gc();
+gc();  // Promote cons.
+
+try { externalizeString(cons1, false); } catch (e) { }
+try { externalizeString(cons2, true); } catch (e) { }
+
+var slice1 = cons1.slice(1,-1);
+var slice2 = cons2.slice(1,-1);
+for (var i = 0; i < 10; i++) {
+  assertEquals(["B", "B"], re.exec(slice1));
+  assertEquals(["B", "B"], re.exec(slice2));
+}