Skip to content

Commit

Permalink
deps: cherry-pick ca0f9573 from V8 upstream
Browse files Browse the repository at this point in the history
Original commit message:
  Trigger OOM crash if no memory returned in v8::ArrayBuffer::New and v…
  …8::SharedArrayBuffer::New.

  This API does not allow reporting failure, but we should crash rather than have
  the caller get an ArrayBuffer that isn't properly set up.

  BUG=chromium:681843

  Review-Url: https://codereview.chromium.org/2641953002
  Cr-Commit-Position: refs/heads/master@{#42511}

PR-URL: #11940
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
  • Loading branch information
ofrobots authored and MylesBorins committed Apr 18, 2017
1 parent cd698e0 commit 929fd6c
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 4 deletions.
2 changes: 1 addition & 1 deletion deps/v8/include/v8-version.h
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
#define V8_MAJOR_VERSION 4
#define V8_MINOR_VERSION 5
#define V8_BUILD_NUMBER 103
#define V8_PATCH_LEVEL 46
#define V8_PATCH_LEVEL 47

// Use 1 for candidates and 0 otherwise.
// (Boolean macro values are not supported by all preprocessors.)
Expand Down
14 changes: 11 additions & 3 deletions deps/v8/src/api.cc
Original file line number Diff line number Diff line change
Expand Up @@ -6580,7 +6580,11 @@ Local<ArrayBuffer> v8::ArrayBuffer::New(Isolate* isolate, size_t byte_length) {
ENTER_V8(i_isolate);
i::Handle<i::JSArrayBuffer> obj =
i_isolate->factory()->NewJSArrayBuffer(i::SharedFlag::kNotShared);
i::Runtime::SetupArrayBufferAllocatingData(i_isolate, obj, byte_length);
// TODO(jbroman): It may be useful in the future to provide a MaybeLocal
// version that throws an exception or otherwise does not crash.
if (!i::Runtime::SetupArrayBufferAllocatingData(i_isolate, obj, byte_length)) {
i::FatalProcessOutOfMemory("v8::ArrayBuffer::New");
}
return Utils::ToLocal(obj);
}

Expand Down Expand Up @@ -6775,8 +6779,12 @@ Local<SharedArrayBuffer> v8::SharedArrayBuffer::New(Isolate* isolate,
ENTER_V8(i_isolate);
i::Handle<i::JSArrayBuffer> obj =
i_isolate->factory()->NewJSArrayBuffer(i::SharedFlag::kShared);
i::Runtime::SetupArrayBufferAllocatingData(i_isolate, obj, byte_length, true,
i::SharedFlag::kShared);
// TODO(jborman): It may be useful in the future to provide a MaybeLocal
// version that throws an exception or otherwise does not crash.
if (!i::Runtime::SetupArrayBufferAllocatingData(i_isolate, obj, byte_length, true,
i::SharedFlag::kShared)) {
i::FatalProcessOutOfMemory("v8::SharedArrayBuffer::New");
}
return Utils::ToLocalShared(obj);
}

Expand Down

1 comment on commit 929fd6c

@ofrobots
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Backport LGTM.

Please sign in to comment.