projects / platform / upstream / v8.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8977e3d)
Resolve race condition with GC in CompilationCacheTable::Put.
authorjarin@chromium.org <jarin@chromium.org>
Mon, 10 Nov 2014 05:50:11 +0000 (05:50 +0000)
committerjarin@chromium.org <jarin@chromium.org>
Mon, 10 Nov 2014 05:50:41 +0000 (05:50 +0000)
The trouble is that the AsHandle method can allocate and thus
invoke GC, which could empty the table while we are updating it.

BUG=chromium:430880
LOG=N
R=verwaest@chromium.org

Review URL: https://codereview.chromium.org/700913003

Cr-Commit-Position: refs/heads/master@{#25229}
git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@25229 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

src/objects.cc patch | blob | history

diff --git a/src/objects.cc b/src/objects.cc
index 63b7312..2b5b567 100644 (file)
--- a/src/objects.cc
+++ b/src/objects.cc
@@ -15014,16 +15014,19 @@ Handle<CompilationCacheTable> CompilationCacheTable::Put(
   Handle<SharedFunctionInfo> shared(context->closure()->shared());
   StringSharedKey key(src, shared, FLAG_use_strict ? STRICT : SLOPPY,
                       RelocInfo::kNoPosition);
-  int entry = cache->FindEntry(&key);
-  if (entry != kNotFound) {
+  {
     Handle<Object> k = key.AsHandle(isolate);
-    cache->set(EntryToIndex(entry), *k);
-    cache->set(EntryToIndex(entry) + 1, *value);
-    return cache;
+    DisallowHeapAllocation no_allocation_scope;
+    int entry = cache->FindEntry(&key);
+    if (entry != kNotFound) {
+      cache->set(EntryToIndex(entry), *k);
+      cache->set(EntryToIndex(entry) + 1, *value);
+      return cache;
+    }
   }
 
   cache = EnsureCapacity(cache, 1, &key);
-  entry = cache->FindInsertionEntry(key.Hash());
+  int entry = cache->FindInsertionEntry(key.Hash());
   Handle<Object> k =
       isolate->factory()->NewNumber(static_cast<double>(key.Hash()));
   cache->set(EntryToIndex(entry), *k);
@@ -15039,16 +15042,19 @@ Handle<CompilationCacheTable> CompilationCacheTable::PutEval(
     int scope_position) {
   Isolate* isolate = cache->GetIsolate();
   StringSharedKey key(src, outer_info, value->strict_mode(), scope_position);
-  int entry = cache->FindEntry(&key);
-  if (entry != kNotFound) {
+  {
     Handle<Object> k = key.AsHandle(isolate);
-    cache->set(EntryToIndex(entry), *k);
-    cache->set(EntryToIndex(entry) + 1, *value);
-    return cache;
+    DisallowHeapAllocation no_allocation_scope;
+    int entry = cache->FindEntry(&key);
+    if (entry != kNotFound) {
+      cache->set(EntryToIndex(entry), *k);
+      cache->set(EntryToIndex(entry) + 1, *value);
+      return cache;
+    }
   }
 
   cache = EnsureCapacity(cache, 1, &key);
-  entry = cache->FindInsertionEntry(key.Hash());
+  int entry = cache->FindInsertionEntry(key.Hash());
   Handle<Object> k =
       isolate->factory()->NewNumber(static_cast<double>(key.Hash()));
   cache->set(EntryToIndex(entry), *k);
Domain: Web Framework / Web Engine;