projects / platform / upstream / v8.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: eecfb92)
Verify that Api function's instance call handler is actually a CallHandlerInfo structure.
authorishell <ishell@chromium.org>
Fri, 9 Jan 2015 12:17:18 +0000 (04:17 -0800)
committerCommit bot <commit-bot@chromium.org>
Fri, 9 Jan 2015 12:17:30 +0000 (12:17 +0000)
This is to ensure that chromium:443798 is caused by a random memory
corruption.

Review URL: https://codereview.chromium.org/846613002

Cr-Commit-Position: refs/heads/master@{#26008}

src/builtins.cc patch | blob | history

diff --git a/src/builtins.cc b/src/builtins.cc
index b8d0b42..3e68ff3 100644 (file)
--- a/src/builtins.cc
+++ b/src/builtins.cc
@@ -1089,7 +1089,8 @@ MUST_USE_RESULT static Object* HandleApiCallHelper(
 
   HandleScope scope(isolate);
   Handle<JSFunction> function = args.called_function();
-  DCHECK(function->shared()->IsApiFunction());
+  // TODO(ishell): turn this back to a DCHECK.
+  CHECK(function->shared()->IsApiFunction());
 
   Handle<FunctionTemplateInfo> fun_data(
       function->shared()->get_api_func_data(), isolate);
@@ -1118,6 +1119,8 @@ MUST_USE_RESULT static Object* HandleApiCallHelper(
 
   Object* raw_call_data = fun_data->call_code();
   if (!raw_call_data->IsUndefined()) {
+    // TODO(ishell): remove this debugging code.
+    CHECK(raw_call_data->IsCallHandlerInfo());
     CallHandlerInfo* call_data = CallHandlerInfo::cast(raw_call_data);
     Object* callback_obj = call_data->callback();
     v8::FunctionCallback callback =
@@ -1183,10 +1186,13 @@ MUST_USE_RESULT static Object* HandleApiCallAsFunctionOrConstructor(
   // used to create the called object.
   DCHECK(obj->map()->has_instance_call_handler());
   JSFunction* constructor = JSFunction::cast(obj->map()->constructor());
-  DCHECK(constructor->shared()->IsApiFunction());
+  // TODO(ishell): turn this back to a DCHECK.
+  CHECK(constructor->shared()->IsApiFunction());
   Object* handler =
       constructor->shared()->get_api_func_data()->instance_call_handler();
   DCHECK(!handler->IsUndefined());
+  // TODO(ishell): remove this debugging code.
+  CHECK(handler->IsCallHandlerInfo());
   CallHandlerInfo* call_data = CallHandlerInfo::cast(handler);
   Object* callback_obj = call_data->callback();
   v8::FunctionCallback callback =
Domain: Web Framework / Web Engine;