From 9318e1cc4af0f80fe557b044e1fb8de91b264a55 Mon Sep 17 00:00:00 2001
From: "jkummerow@chromium.org"
 <jkummerow@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
Date: Thu, 21 Nov 2013 08:06:02 +0000
Subject: [PATCH] API: Change AdjustAmountOfExternalAllocatedMemory calls to
 use int64_t instead of intptr_t

This prevents an overflow in FreeArrayBuffer, which in turn caused needless GCs
as well as crashes on isolate teardown.

LOG=Y
R=ulan@chromium.org

Review URL: https://codereview.chromium.org/70233010

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@17944 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
---
 include/v8.h   |  6 +++---
 src/api.cc     |  6 +++---
 src/heap-inl.h | 14 +++++++-------
 src/heap.cc    |  4 ++--
 src/heap.h     | 15 +++++++++------
 src/runtime.cc |  2 +-
 6 files changed, 25 insertions(+), 22 deletions(-)

diff --git a/include/v8.h b/include/v8.h
index df82352..6e227dd 100644
--- a/include/v8.h
+++ b/include/v8.h
@@ -4102,7 +4102,7 @@ class V8_EXPORT Isolate {
    *   kept alive by JavaScript objects.
    * \returns the adjusted value.
    */
-  intptr_t AdjustAmountOfExternalAllocatedMemory(intptr_t change_in_bytes);
+  int64_t AdjustAmountOfExternalAllocatedMemory(int64_t change_in_bytes);
 
   /**
    * Returns heap profiler for this isolate. Will return NULL until the isolate
@@ -4685,8 +4685,8 @@ class V8_EXPORT V8 {
 
   V8_DEPRECATED(
       "Use Isolate::AdjustAmountOfExternalAllocatedMemory instead",
-      static intptr_t AdjustAmountOfExternalAllocatedMemory(
-          intptr_t change_in_bytes));
+      static int64_t AdjustAmountOfExternalAllocatedMemory(
+          int64_t change_in_bytes));
 
   /**
    * Forcefully terminate the current thread of JavaScript execution
diff --git a/src/api.cc b/src/api.cc
index 9516d1e..a448e19 100644
--- a/src/api.cc
+++ b/src/api.cc
@@ -6389,14 +6389,14 @@ void V8::SetFailedAccessCheckCallbackFunction(
 }
 
 
-intptr_t Isolate::AdjustAmountOfExternalAllocatedMemory(
-    intptr_t change_in_bytes) {
+int64_t Isolate::AdjustAmountOfExternalAllocatedMemory(
+    int64_t change_in_bytes) {
   i::Heap* heap = reinterpret_cast<i::Isolate*>(this)->heap();
   return heap->AdjustAmountOfExternalAllocatedMemory(change_in_bytes);
 }
 
 
-intptr_t V8::AdjustAmountOfExternalAllocatedMemory(intptr_t change_in_bytes) {
+int64_t V8::AdjustAmountOfExternalAllocatedMemory(int64_t change_in_bytes) {
   i::Isolate* isolate = i::Isolate::UncheckedCurrent();
   if (isolate == NULL || !isolate->IsInitialized()) {
     return 0;
diff --git a/src/heap-inl.h b/src/heap-inl.h
index 168aa50..9d57c99 100644
--- a/src/heap-inl.h
+++ b/src/heap-inl.h
@@ -541,10 +541,10 @@ MaybeObject* Heap::PrepareForCompare(String* str) {
 }
 
 
-intptr_t Heap::AdjustAmountOfExternalAllocatedMemory(
-    intptr_t change_in_bytes) {
+int64_t Heap::AdjustAmountOfExternalAllocatedMemory(
+    int64_t change_in_bytes) {
   ASSERT(HasBeenSetUp());
-  intptr_t amount = amount_of_external_allocated_memory_ + change_in_bytes;
+  int64_t amount = amount_of_external_allocated_memory_ + change_in_bytes;
   if (change_in_bytes > 0) {
     // Avoid overflow.
     if (amount > amount_of_external_allocated_memory_) {
@@ -554,7 +554,7 @@ intptr_t Heap::AdjustAmountOfExternalAllocatedMemory(
       amount_of_external_allocated_memory_ = 0;
       amount_of_external_allocated_memory_at_last_global_gc_ = 0;
     }
-    intptr_t amount_since_last_global_gc = PromotedExternalMemorySize();
+    int64_t amount_since_last_global_gc = PromotedExternalMemorySize();
     if (amount_since_last_global_gc > external_allocation_limit_) {
       CollectAllGarbage(kNoGCFlags, "external memory allocation limit reached");
     }
@@ -573,9 +573,9 @@ intptr_t Heap::AdjustAmountOfExternalAllocatedMemory(
     PrintF("Adjust amount of external memory: delta=%6" V8_PTR_PREFIX "d KB, "
            "amount=%6" V8_PTR_PREFIX "d KB, since_gc=%6" V8_PTR_PREFIX "d KB, "
            "isolate=0x%08" V8PRIxPTR ".\n",
-           change_in_bytes / KB,
-           amount_of_external_allocated_memory_ / KB,
-           PromotedExternalMemorySize() / KB,
+           static_cast<intptr_t>(change_in_bytes / KB),
+           static_cast<intptr_t>(amount_of_external_allocated_memory_ / KB),
+           static_cast<intptr_t>(PromotedExternalMemorySize() / KB),
            reinterpret_cast<intptr_t>(isolate()));
   }
   ASSERT(amount_of_external_allocated_memory_ >= 0);
diff --git a/src/heap.cc b/src/heap.cc
index b75f751..b5fe184 100644
--- a/src/heap.cc
+++ b/src/heap.cc
@@ -412,7 +412,7 @@ void Heap::PrintShortHeapStatistics() {
            this->Available() / KB,
            this->CommittedMemory() / KB);
   PrintPID("External memory reported: %6" V8_PTR_PREFIX "d KB\n",
-           amount_of_external_allocated_memory_ / KB);
+           static_cast<intptr_t>(amount_of_external_allocated_memory_ / KB));
   PrintPID("Total time spent in GC  : %.1f ms\n", total_gc_time_ms_);
 }
 
@@ -6591,7 +6591,7 @@ bool Heap::AdvanceSweepers(int step_size) {
 }
 
 
-intptr_t Heap::PromotedExternalMemorySize() {
+int64_t Heap::PromotedExternalMemorySize() {
   if (amount_of_external_allocated_memory_
       <= amount_of_external_allocated_memory_at_last_global_gc_) return 0;
   return amount_of_external_allocated_memory_
diff --git a/src/heap.h b/src/heap.h
index 752a1ed..57c0f56 100644
--- a/src/heap.h
+++ b/src/heap.h
@@ -1475,8 +1475,8 @@ class Heap {
 
   // Adjusts the amount of registered external memory.
   // Returns the adjusted value.
-  inline intptr_t AdjustAmountOfExternalAllocatedMemory(
-      intptr_t change_in_bytes);
+  inline int64_t AdjustAmountOfExternalAllocatedMemory(
+      int64_t change_in_bytes);
 
   // This is only needed for testing high promotion mode.
   void SetNewSpaceHighPromotionModeActive(bool mode) {
@@ -1495,7 +1495,10 @@ class Heap {
   }
 
   inline intptr_t PromotedTotalSize() {
-    return PromotedSpaceSizeOfObjects() + PromotedExternalMemorySize();
+    int64_t total = PromotedSpaceSizeOfObjects() + PromotedExternalMemorySize();
+    if (total > kMaxInt) return static_cast<intptr_t>(kMaxInt);
+    if (total < 0) return 0;
+    return static_cast<intptr_t>(total);
   }
 
   inline intptr_t OldGenerationSpaceAvailable() {
@@ -1906,7 +1909,7 @@ class Heap {
   int gc_post_processing_depth_;
 
   // Returns the amount of external memory registered since last global gc.
-  intptr_t PromotedExternalMemorySize();
+  int64_t PromotedExternalMemorySize();
 
   unsigned int ms_count_;  // how many mark-sweep collections happened
   unsigned int gc_count_;  // how many gc happened
@@ -1960,10 +1963,10 @@ class Heap {
 
   // The amount of external memory registered through the API kept alive
   // by global handles
-  intptr_t amount_of_external_allocated_memory_;
+  int64_t amount_of_external_allocated_memory_;
 
   // Caches the amount of external memory registered at the last global gc.
-  intptr_t amount_of_external_allocated_memory_at_last_global_gc_;
+  int64_t amount_of_external_allocated_memory_at_last_global_gc_;
 
   // Indicates that an allocation has failed in the old generation since the
   // last GC.
diff --git a/src/runtime.cc b/src/runtime.cc
index b5a1081..f546629 100644
--- a/src/runtime.cc
+++ b/src/runtime.cc
@@ -700,7 +700,7 @@ void Runtime::FreeArrayBuffer(Isolate* isolate,
       isolate, phantom_array_buffer->byte_length());
 
   isolate->heap()->AdjustAmountOfExternalAllocatedMemory(
-      -static_cast<intptr_t>(allocated_length));
+      -static_cast<int64_t>(allocated_length));
   CHECK(V8::ArrayBufferAllocator() != NULL);
   V8::ArrayBufferAllocator()->Free(
       phantom_array_buffer->backing_store(),
-- 
2.7.4