projects / platform / upstream / nodejs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 44da52a)
deps: backport IsValid changes from 4e8736d in V8 79/139779/1 accepted/tizen_4.0_unified accepted/tizen_5.0_unified accepted/tizen_5.5_unified accepted/tizen_5.5_unified_mobile_hotfix accepted/tizen_unified tizen_4.0 tizen_5.0 tizen_5.5 tizen_5.5_mobile_hotfix tizen_5.5_tv accepted/tizen/4.0/unified/20170816.011835 accepted/tizen/4.0/unified/20170828.222709 accepted/tizen/5.0/unified/20181102.030536 accepted/tizen/5.5/unified/20191031.011937 accepted/tizen/5.5/unified/mobile/hotfix/20201027.074323 accepted/tizen/unified/20170721.024603 submit/tizen/20170720.105540 submit/tizen_4.0/20170811.094300 submit/tizen_4.0/20170828.100006 submit/tizen_5.0/20181101.000007 submit/tizen_5.5/20191031.000007 submit/tizen_5.5_mobile_hotfix/20201026.185107 tizen_4.0.IoT.p1_release tizen_4.0.IoT.p2_release tizen_4.0.m2_release tizen_5.5.m2_release
authormin7.choi <min7.choi@samsung.com>
Thu, 20 Jul 2017 09:55:45 +0000 (18:55 +0900)
committermin7.choi <min7.choi@samsung.com>
Thu, 20 Jul 2017 09:55:52 +0000 (18:55 +0900)
V8 erroneously did null pointer checks on `this`.
It can lead to a SIGSEGV crash if node is compiled with GCC 6.
Backport relevant changes from [1] that fix this issue.

[1]: https://codereview.chromium.org/1900423002
Fixes: https://github.com/nodejs/node/issues/6272
PR-URL: https://github.com/nodejs/node/pull/6669

Change-Id: I488cde214e1b22df424e74d8ffaed91c119b56a5
Signed-off-by: min7.choi <min7.choi@samsung.com>
deps/v8/src/heap/incremental-marking.cc patch | blob | history
deps/v8/src/heap/spaces-inl.h patch | blob | history
deps/v8/src/heap/spaces.cc patch | blob | history
deps/v8/src/heap/spaces.h patch | blob | history
deps/v8/test/cctest/test-spaces.cc patch | blob | history

diff --git a/deps/v8/src/heap/incremental-marking.cc b/deps/v8/src/heap/incremental-marking.cc
index 58eb0aa..b2b796f 100644 (file)
--- a/deps/v8/src/heap/incremental-marking.cc
+++ b/deps/v8/src/heap/incremental-marking.cc
@@ -364,7 +364,7 @@ void IncrementalMarking::DeactivateIncrementalWriteBarrier() {
   DeactivateIncrementalWriteBarrierForSpace(heap_->new_space());
 
   LargePage* lop = heap_->lo_space()->first_page();
-  while (lop->is_valid()) {
+  while (LargePage::IsValid(lop)) {
     SetOldSpacePageFlags(lop, false, false);
     lop = lop->next_page();
   }
@@ -396,7 +396,7 @@ void IncrementalMarking::ActivateIncrementalWriteBarrier() {
   ActivateIncrementalWriteBarrier(heap_->new_space());
 
   LargePage* lop = heap_->lo_space()->first_page();
-  while (lop->is_valid()) {
+  while (LargePage::IsValid(lop)) {
     SetOldSpacePageFlags(lop, true, is_compacting_);
     lop = lop->next_page();
   }
diff --git a/deps/v8/src/heap/spaces-inl.h b/deps/v8/src/heap/spaces-inl.h
index c2c4d12..d63ee63 100644 (file)
--- a/deps/v8/src/heap/spaces-inl.h
+++ b/deps/v8/src/heap/spaces-inl.h
@@ -155,7 +155,7 @@ Page* Page::Initialize(Heap* heap, MemoryChunk* chunk, Executability executable,
 
 bool PagedSpace::Contains(Address addr) {
   Page* p = Page::FromAddress(addr);
-  if (!p->is_valid()) return false;
+  if (!Page::IsValid(p)) return false;
   return p->owner() == this;
 }
 
diff --git a/deps/v8/src/heap/spaces.cc b/deps/v8/src/heap/spaces.cc
index 0806b25..c0e109b 100644 (file)
--- a/deps/v8/src/heap/spaces.cc
+++ b/deps/v8/src/heap/spaces.cc
@@ -2953,7 +2953,7 @@ LargePage* LargeObjectSpace::FindPage(Address a) {
   if (e != NULL) {
     DCHECK(e->value != NULL);
     LargePage* page = reinterpret_cast<LargePage*>(e->value);
-    DCHECK(page->is_valid());
+    DCHECK(LargePage::IsValid(page));
     if (page->Contains(a)) {
       return page;
     }
diff --git a/deps/v8/src/heap/spaces.h b/deps/v8/src/heap/spaces.h
index 3461de3..e35c057 100644 (file)
--- a/deps/v8/src/heap/spaces.h
+++ b/deps/v8/src/heap/spaces.h
@@ -278,9 +278,9 @@ class MemoryChunk {
   // Only works for addresses in pointer spaces, not data or code spaces.
   static inline MemoryChunk* FromAnyPointerAddress(Heap* heap, Address addr);
 
-  Address address() { return reinterpret_cast<Address>(this); }
+  static bool IsValid(MemoryChunk* chunk) { return chunk != nullptr; }
 
-  bool is_valid() { return address() != NULL; }
+  Address address() { return reinterpret_cast<Address>(this); }
 
   MemoryChunk* next_chunk() const {
     return reinterpret_cast<MemoryChunk*>(base::Acquire_Load(&next_chunk_));
diff --git a/deps/v8/test/cctest/test-spaces.cc b/deps/v8/test/cctest/test-spaces.cc
index 3f5e437..8ad9e86 100644 (file)
--- a/deps/v8/test/cctest/test-spaces.cc
+++ b/deps/v8/test/cctest/test-spaces.cc
@@ -314,7 +314,7 @@ TEST(MemoryAllocator) {
       faked_space.AreaSize(), &faked_space, NOT_EXECUTABLE);
 
   first_page->InsertAfter(faked_space.anchor()->prev_page());
-  CHECK(first_page->is_valid());
+  CHECK(Page::IsValid(first_page));
   CHECK(first_page->next_page() == faked_space.anchor());
   total_pages++;
 
@@ -325,7 +325,7 @@ TEST(MemoryAllocator) {
   // Again, we should get n or n - 1 pages.
   Page* other = memory_allocator->AllocatePage(
       faked_space.AreaSize(), &faked_space, NOT_EXECUTABLE);
-  CHECK(other->is_valid());
+  CHECK(Page::IsValid(other));
   total_pages++;
   other->InsertAfter(first_page);
   int page_count = 0;
@@ -336,7 +336,7 @@ TEST(MemoryAllocator) {
   CHECK(total_pages == page_count);
 
   Page* second_page = first_page->next_page();
-  CHECK(second_page->is_valid());
+  CHECK(Page::IsValid(second_page));
   memory_allocator->Free(first_page);
   memory_allocator->Free(second_page);
   memory_allocator->TearDown();
Domain: Web Framework / Common;