From 5b8434eebceb7a60062bbebc03cdf83d520c6bee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C3=ABl=20Zasso?= Date: Sat, 30 Mar 2019 15:21:31 +0100 Subject: deps: V8: cherry-pick 0188634 Original commit message: [ptr-compr][ubsan] Use [Read/Write]UnalignedValue for unaligned fields When pointer compression is enabled the [u]intptr_t and double fields are only kTaggedSize aligned so in order to avoid undefined behavior in C++ code we have to access these values in an unaligned pointer friendly way although both x64 and arm64 architectures (where pointer compression is supported) allow unaligned access. These changes will be removed once v8:8875 is fixed and all the kSystemPointerSize fields are properly aligned. Bug: v8:7703 Change-Id: I4df477cbdeab806303bb4f675d52b61c06342c8e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1528996 Commit-Queue: Igor Sheludko Reviewed-by: Ulan Degenbaev Reviewed-by: Jakob Gruber Reviewed-by: Clemens Hammacher Cr-Commit-Position: refs/heads/master@{#60321} Refs: https://github.com/v8/v8/commit/0188634ee523aef39ba71732b1ab9d422f449825 PR-URL: https://github.com/nodejs/node/pull/27013 Reviewed-By: Anna Henningsen Reviewed-By: Gus Caplan Reviewed-By: Ruben Bridgewater Reviewed-By: Ben Noordhuis --- deps/v8/src/objects/embedder-data-slot-inl.h | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'deps/v8/src/objects/embedder-data-slot-inl.h') diff --git a/deps/v8/src/objects/embedder-data-slot-inl.h b/deps/v8/src/objects/embedder-data-slot-inl.h index 7762479cf9..b87f31ac7d 100644 --- a/deps/v8/src/objects/embedder-data-slot-inl.h +++ b/deps/v8/src/objects/embedder-data-slot-inl.h @@ -11,6 +11,7 @@ #include "src/objects-inl.h" #include "src/objects/embedder-data-array.h" #include "src/objects/js-objects-inl.h" +#include "src/v8memory.h" // Has to be the last include (doesn't have include guards): #include "src/objects/object-macros.h" @@ -71,7 +72,15 @@ bool EmbedderDataSlot::ToAlignedPointer(void** out_pointer) const { // are accessed this way only from the main thread via API during "mutator" // phase which is propely synched with GC (concurrent marker may still look // at the tagged part of the embedder slot but read-only access is ok). +#ifdef V8_COMPRESS_POINTERS + // TODO(ishell, v8:8875): When pointer compression is enabled 8-byte size + // fields (external pointers, doubles and BigInt data) are only kTaggedSize + // aligned so we have to use unaligned pointer friendly way of accessing them + // in order to avoid undefined behavior in C++ code. + Address raw_value = ReadUnalignedValue
(address()); +#else Address raw_value = *location(); +#endif *out_pointer = reinterpret_cast(raw_value); return HAS_SMI_TAG(raw_value); } @@ -89,7 +98,15 @@ EmbedderDataSlot::RawData EmbedderDataSlot::load_raw( // are accessed this way only by serializer from the main thread when // GC is not active (concurrent marker may still look at the tagged part // of the embedder slot but read-only access is ok). +#ifdef V8_COMPRESS_POINTERS + // TODO(ishell, v8:8875): When pointer compression is enabled 8-byte size + // fields (external pointers, doubles and BigInt data) are only kTaggedSize + // aligned so we have to use unaligned pointer friendly way of accessing them + // in order to avoid undefined behavior in C++ code. + return ReadUnalignedValue
(address()); +#else return *location(); +#endif } void EmbedderDataSlot::store_raw(EmbedderDataSlot::RawData data, -- cgit v1.2.1