[v8-dev] [v8] r13570 committed - Better fix for MemoryChunk::owner()....

Thu, 31 Jan 2013 07:36:48 -0800 

Revision: 13570
Author:   [email protected]
Date:     Thu Jan 31 07:36:24 2013
Log:      Better fix for MemoryChunk::owner().

Pointer arithmetic such as "owner_ - kFailureTag" is undefined behaviour
unless owner_ points to a valid object.

This allowed Clang to assume the subtraction would never be NULL,
causing problems in the caller (see https://codereview.chromium.org/12090072/). 

To fix this, we should cast owner_ to intptr_t before doing the
arithmetic.

Review URL: https://codereview.chromium.org/12096089
Patch from Hans Wennborg <[email protected]>.
http://code.google.com/p/v8/source/detail?r=13570

Modified:
 /branches/bleeding_edge/src/spaces.cc
 /branches/bleeding_edge/src/spaces.h

=======================================
--- /branches/bleeding_edge/src/spaces.cc       Wed Jan 30 09:35:29 2013
+++ /branches/bleeding_edge/src/spaces.cc       Thu Jan 31 07:36:24 2013
@@ -711,7 +711,7 @@

 void MemoryAllocator::Free(MemoryChunk* chunk) {
   LOG(isolate_, DeleteEvent("MemoryChunk", chunk));
-  if (chunk->has_owner()) {
+  if (chunk->owner() != NULL) {
     ObjectSpace space =
         static_cast<ObjectSpace>(1 << chunk->owner()->identity());
     PerformAllocationCallback(space, kAllocationActionFree, chunk->size());
=======================================
--- /branches/bleeding_edge/src/spaces.h        Wed Jan 30 09:35:29 2013
+++ /branches/bleeding_edge/src/spaces.h        Thu Jan 31 07:36:24 2013
@@ -320,7 +320,8 @@
   Space* owner() const {
     if ((reinterpret_cast<intptr_t>(owner_) & kFailureTagMask) ==
         kFailureTag) {
-      return reinterpret_cast<Space*>(owner_ - kFailureTag);
+      return reinterpret_cast<Space*>(reinterpret_cast<intptr_t>(owner_) -
+                                      kFailureTag);
     } else {
       return NULL;
     }
@@ -332,14 +333,6 @@
     ASSERT((reinterpret_cast<intptr_t>(owner_) & kFailureTagMask) ==
            kFailureTag);
   }
-
- // Workaround for a bug in Clang-3.3 which in some situations optimizes away 
-  // an "if (chunk->owner() != NULL)" check.
-  bool has_owner() {
-    if (owner_ == 0) return false;
-    if (reinterpret_cast<intptr_t>(owner_) == kFailureTag) return false;
-    return true;
-  }

   VirtualMemory* reserved_memory() {
     return &reservation_;

--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
--- You received this message because you are subscribed to the Google Groups "v8-dev" group. 
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to