From d9e9d9fb11f05f55d7f0b2a7d88e88b544cee4bb Mon Sep 17 00:00:00 2001 From: Ali Ijaz Sheikh Date: Tue, 14 Jun 2016 22:39:06 -0700 Subject: [PATCH] deps: backport e7cc609 from upstream V8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is part 1/2 of the fixes from v8:4871. This fixes a segfault in verify-heap. Original commit message: [crankshaft] Write fillers for folded old space allocations during verify-heap If we don't write fillers, we crash during PagedSpace verification when we try to iterate over dead memory (unused folded allocation slots). BUG=v8:4871,chromium:580959 LOG=N Review URL: https://codereview.chromium.org/1837163002 Cr-Commit-Position: refs/heads/master@{#35097} Fixes: https://github.com/nodejs/node/issues/5900 V8-Bug: https://bugs.chromium.org/p/v8/issues/detail?id=4871 PR-URL: https://github.com/nodejs/node/pull/7303 Reviewed-By: Michaƫl Zasso Reviewed-By: Ben Noordhuis Reviewed-By: Fedor Indutny Reviewed-By: Myles Borins --- deps/v8/src/hydrogen-instructions.cc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deps/v8/src/hydrogen-instructions.cc b/deps/v8/src/hydrogen-instructions.cc index 2843195e867747..bf3c82ecb60e88 100644 --- a/deps/v8/src/hydrogen-instructions.cc +++ b/deps/v8/src/hydrogen-instructions.cc @@ -3825,12 +3825,12 @@ bool HAllocate::HandleSideEffectDominator(GVNFlag side_effect, } } - bool keep_new_space_iterable = FLAG_log_gc || FLAG_heap_stats; + bool keep_heap_iterable = FLAG_log_gc || FLAG_heap_stats; #ifdef VERIFY_HEAP - keep_new_space_iterable = keep_new_space_iterable || FLAG_verify_heap; + keep_heap_iterable = keep_heap_iterable || FLAG_verify_heap; #endif - if (keep_new_space_iterable && dominator_allocate->IsNewSpaceAllocation()) { + if (keep_heap_iterable) { dominator_allocate->MakePrefillWithFiller(); } else { // TODO(hpayer): This is a short-term hack to make allocation mementos