Fix ThreadHeap::isHeapObjectAlive(const T*& ptr) stack overflow.

third_party/WebKit/Source/platform/heap/Heap.h

 /*
  * Copyright (C) 2013 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  *     * Redistributions in binary form must reproduce the above
@@ skipping 75 matching lines @@
 class UntracedMember;
 
 template <typename T, bool = NeedsAdjustAndMark<T>::value>
 class ObjectAliveTrait;
 
 template <typename T>
 class ObjectAliveTrait<T, false> {
   STATIC_ONLY(ObjectAliveTrait);
 
  public:
-  static bool isHeapObjectAlive(T* object) {
+  static bool isHeapObjectAlive(const T* object) {
     static_assert(sizeof(T), "T must be fully defined");
     return HeapObjectHeader::fromPayload(object)->isMarked();
   }
 };
 
 template <typename T>
 class ObjectAliveTrait<T, true> {
   STATIC_ONLY(ObjectAliveTrait);
 
  public:
   NO_SANITIZE_ADDRESS
-  static bool isHeapObjectAlive(T* object) {
+  static bool isHeapObjectAlive(const T* object) {
     static_assert(sizeof(T), "T must be fully defined");
     return object->isHeapObjectAlive();
   }
 };
 
 class PLATFORM_EXPORT ProcessHeap {
   STATIC_ONLY(ProcessHeap);
 
  public:
   static void init();
@@ skipping 112 matching lines @@
   // TODO(keishi): Per-thread-heap will return false.
   bool isMainThreadHeap() { return this == ThreadHeap::mainThreadHeap(); }
   static ThreadHeap* mainThreadHeap() { return s_mainThreadHeap; }
 
 #if ENABLE(ASSERT)
   bool isAtSafePoint();
   BasePage* findPageFromAddress(Address);
 #endif
 
   template <typename T>
-  static inline bool isHeapObjectAlive(T* object) {
+  static inline bool isHeapObjectAlive(const T* object) {
     static_assert(sizeof(T), "T must be fully defined");
     // The strongification of collections relies on the fact that once a
     // collection has been strongified, there is no way that it can contain
     // non-live entries, so no entries will be removed. Since you can't set
     // the mark bit on a null pointer, that means that null pointers are
     // always 'alive'.
     if (!object)
       return true;
     // TODO(keishi): some tests create CrossThreadPersistent on non attached
     // threads.
     if (!ThreadState::current())
       return true;
     if (&ThreadState::current()->heap() !=
         &pageFromObject(object)->arena()->getThreadState()->heap())
       return true;
     return ObjectAliveTrait<T>::isHeapObjectAlive(object);
   }
   template <typename T>
   static inline bool isHeapObjectAlive(const Member<T>& member) {
     return isHeapObjectAlive(member.get());
   }
   template <typename T>
   static inline bool isHeapObjectAlive(const WeakMember<T>& member) {
     return isHeapObjectAlive(member.get());
   }
   template <typename T>
   static inline bool isHeapObjectAlive(const UntracedMember<T>& member) {
     return isHeapObjectAlive(member.get());
   }
-  template <typename T>
-  static inline bool isHeapObjectAlive(const T*& ptr) {
-    return isHeapObjectAlive(ptr);
-  }
 
   StackFrameDepth& stackFrameDepth() { return m_stackFrameDepth; }
 
   RecursiveMutex& threadAttachMutex() { return m_threadAttachMutex; }
   const ThreadStateSet& threads() const { return m_threads; }
   ThreadHeapStats& heapStats() { return m_stats; }
   SafePointBarrier* safePointBarrier() { return m_safePointBarrier.get(); }
   CallbackStack* markingStack() const { return m_markingStack.get(); }
   CallbackStack* postMarkingCallbackStack() const {
     return m_postMarkingCallbackStack.get();
@@ skipping 388 matching lines @@
 template <typename T>
 void VisitorHelper<Derived>::handleWeakCell(Visitor* self, void* object) {
   T** cell = reinterpret_cast<T**>(object);
   if (*cell && !ObjectAliveTrait<T>::isHeapObjectAlive(*cell))
     *cell = nullptr;
 }
 
 }  // namespace blink
 
 #endif  // Heap_h