AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity

[torque] Fix crash when no map is passed to extern class constructor

Browse Source 
This CL adds a check and a more descriptive error message when no "map"
is passed when constructing an extern class:

extern class Foo extends HeapObject {...}
const f = new Foo {};

R=sigurds@chromium.org

Bug: v8:7793
Change-Id: I0dfa6d5976e98d572bafcf7a87f701ea97cd6a73
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1611804
Commit-Queue: Simon Zünd <szuend@chromium.org>
Reviewed-by: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#61537}
This commit is contained in:
Simon Zünd 2019-05-15 15:15:54 +02:00 committed by Commit Bot
parent 0fbc34d51b
commit 0a3e0cc690
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/torque/implementation-visitor.cc
View File

@ -1471,8 +1471,13 @@ VisitResult ImplementationVisitor::Visit(NewExpression* expr) {
ReportError( ReportError(
"external classes initializers must have a map as first parameter"); "external classes initializers must have a map as first parameter");
} }
VisitResult object_map = NameValueMap initializer_fields = initializer_results.field_value_map;
initializer_results.field_value_map[map_field.name_and_type.name]; if (initializer_fields.find(map_field.name_and_type.name) ==
initializer_fields.end()) {
ReportError("Constructor for ", class_type->name(),
" needs Map argument!");
}
VisitResult object_map = initializer_fields[map_field.name_and_type.name];
Arguments size_arguments; Arguments size_arguments;
size_arguments.parameters.push_back(object_map); size_arguments.parameters.push_back(object_map);
VisitResult object_size = GenerateCall("%GetAllocationBaseSize", VisitResult object_size = GenerateCall("%GetAllocationBaseSize",