deps: fix null pointer checks in v8

targos · Myles Borins · commit 3c50350f41a0 · 2016-05-17T17:24:43.000-07:00
fix null pointer checks in V8's FrameStateDescriptor PR-URL: #6669 Reviewed-By: Myles Borins <myles.borins@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>
diff --git a/deps/v8/src/compiler/code-generator.cc b/deps/v8/src/compiler/code-generator.cc
@@ -524,7 +524,8 @@ void CodeGenerator::BuildTranslationForFrameStateDescriptor(
                                             translation, frame_state_offset,
                                             OutputFrameStateCombine::Ignore());
   }
-  frame_state_offset += descriptor->outer_state()->GetTotalSize();
+  frame_state_offset +=
+      FrameStateDescriptor::GetTotalSize(descriptor->outer_state());
 
   Handle<SharedFunctionInfo> shared_info;
   if (!descriptor->shared_info().ToHandle(&shared_info)) {
@@ -562,8 +563,10 @@ int CodeGenerator::BuildTranslation(Instruction* instr, int pc_offset,
   frame_state_offset++;
 
   Translation translation(
-      &translations_, static_cast<int>(descriptor->GetFrameCount()),
-      static_cast<int>(descriptor->GetJSFrameCount()), zone());
+      &translations_,
+      static_cast<int>(FrameStateDescriptor::GetFrameCount(descriptor)),
+      static_cast<int>(FrameStateDescriptor::GetJSFrameCount(descriptor)),
+      zone());
   BuildTranslationForFrameStateDescriptor(descriptor, instr, &translation,
                                           frame_state_offset, state_combine);
 
diff --git a/deps/v8/src/compiler/instruction-selector-impl.h b/deps/v8/src/compiler/instruction-selector-impl.h
@@ -374,7 +374,7 @@ struct CallBuffer {
   size_t frame_state_value_count() const {
     return (frame_state_descriptor == NULL)
                ? 0
-               : (frame_state_descriptor->GetTotalSize() +
+               : (FrameStateDescriptor::GetTotalSize(frame_state_descriptor) +
                   1);  // Include deopt id.
   }
 };
diff --git a/deps/v8/src/compiler/instruction-selector.cc b/deps/v8/src/compiler/instruction-selector.cc
@@ -1007,7 +1007,8 @@ void InstructionSelector::VisitDeoptimize(Node* value) {
   OperandGenerator g(this);
 
   FrameStateDescriptor* desc = GetFrameStateDescriptor(value);
-  size_t arg_count = desc->GetTotalSize() + 1;  // Include deopt id.
+  size_t arg_count =
+      FrameStateDescriptor::GetTotalSize(desc) + 1;  // Include deopt id.
 
   InstructionOperandVector args(instruction_zone());
   args.reserve(arg_count);
diff --git a/deps/v8/src/compiler/instruction.cc b/deps/v8/src/compiler/instruction.cc
@@ -697,29 +697,29 @@ size_t FrameStateDescriptor::GetSize(OutputFrameStateCombine combine) const {
 }
 
 
-size_t FrameStateDescriptor::GetTotalSize() const {
+size_t FrameStateDescriptor::GetTotalSize(const FrameStateDescriptor* desc) {
   size_t total_size = 0;
-  for (const FrameStateDescriptor* iter = this; iter != NULL;
+  for (const FrameStateDescriptor* iter = desc; iter != NULL;
        iter = iter->outer_state_) {
     total_size += iter->GetSize();
   }
   return total_size;
 }
 
 
-size_t FrameStateDescriptor::GetFrameCount() const {
+size_t FrameStateDescriptor::GetFrameCount(const FrameStateDescriptor* desc) {
   size_t count = 0;
-  for (const FrameStateDescriptor* iter = this; iter != NULL;
+  for (const FrameStateDescriptor* iter = desc; iter != NULL;
        iter = iter->outer_state_) {
     ++count;
   }
   return count;
 }
 
 
-size_t FrameStateDescriptor::GetJSFrameCount() const {
+size_t FrameStateDescriptor::GetJSFrameCount(const FrameStateDescriptor* desc) {
   size_t count = 0;
-  for (const FrameStateDescriptor* iter = this; iter != NULL;
+  for (const FrameStateDescriptor* iter = desc; iter != NULL;
        iter = iter->outer_state_) {
     if (iter->type_ == FrameStateType::kJavaScriptFunction) {
       ++count;
diff --git a/deps/v8/src/compiler/instruction.h b/deps/v8/src/compiler/instruction.h
@@ -869,6 +869,10 @@ class FrameStateDescriptor : public ZoneObject {
                        MaybeHandle<SharedFunctionInfo> shared_info,
                        FrameStateDescriptor* outer_state = nullptr);
 
+  static size_t GetTotalSize(const FrameStateDescriptor* desc);
+  static size_t GetFrameCount(const FrameStateDescriptor* desc);
+  static size_t GetJSFrameCount(const FrameStateDescriptor* desc);
+
   FrameStateType type() const { return type_; }
   BailoutId bailout_id() const { return bailout_id_; }
   OutputFrameStateCombine state_combine() const { return frame_state_combine_; }
@@ -883,9 +887,6 @@ class FrameStateDescriptor : public ZoneObject {
 
   size_t GetSize(OutputFrameStateCombine combine =
                      OutputFrameStateCombine::Ignore()) const;
-  size_t GetTotalSize() const;
-  size_t GetFrameCount() const;
-  size_t GetJSFrameCount() const;
 
   MachineType GetType(size_t index) const;
   void SetType(size_t index, MachineType type);

Original file line number	Diff line number	Diff line change
`@@ -374,7 +374,7 @@ struct CallBuffer {`
`374`	`374`	`size_t frame_state_value_count() const {`
`375`	`375`	`return (frame_state_descriptor == NULL)`
`376`	`376`	`? 0`
`377`		`- : (frame_state_descriptor->GetTotalSize() +`
	`377`	`+ : (FrameStateDescriptor::GetTotalSize(frame_state_descriptor) +`
`378`	`378`	`1); // Include deopt id.`
`379`	`379`	`}`
`380`	`380`	`};`