Skip to content

Commit edeb0a4

Browse files
joyeecheungV8 LUCI CQ
joyeecheung
authored and
V8 LUCI CQ
committed
Zero-initialize proxy padding
So that snapshots with proxies can be reproducible. Refs: nodejs/node#61898 Change-Id: I01fac5e18c73cd482a1ae63750dbadf42a12e08a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/7666243 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Joyee Cheung <joyee@igalia.com> Cr-Commit-Position: refs/heads/main@{#105830}
1 parent 12c22c6 commit edeb0a4

2 files changed

Lines changed: 7 additions & 0 deletions

File tree

src/builtins/builtins-proxy-gen.cc

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -63,6 +63,10 @@ TNode<JSProxy> ProxiesCodeStubAssembler::AllocateProxy(
6363
StoreObjectFieldNoWriteBarrier(proxy, JSProxy::kTargetOffset, target);
6464
StoreObjectFieldNoWriteBarrier(proxy, JSProxy::kHandlerOffset, handler);
6565
StoreObjectFieldNoWriteBarrier(proxy, JSProxy::kFlagsOffset, flags);
66+
#if TAGGED_SIZE_8_BYTES
67+
StoreObjectFieldNoWriteBarrier(proxy, JSProxy::kPaddingOffset,
68+
Int32Constant(0));
69+
#endif
6670

6771
return CAST(proxy);
6872
}

src/heap/factory.cc

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4041,6 +4041,9 @@ Handle<JSProxy> Factory::NewJSProxy(DirectHandle<JSReceiver> target,
40414041
result->set_target(*target, SKIP_WRITE_BARRIER);
40424042
result->set_handler(*handler, SKIP_WRITE_BARRIER);
40434043
result->set_flags(JSProxy::IsRevocableBit::encode(revocable));
4044+
#if TAGGED_SIZE_8_BYTES
4045+
result->set_padding(0);
4046+
#endif
40444047
return handle(result, isolate());
40454048
}
40464049

0 commit comments

Comments
 (0)