AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
36,133 Commits 1 Branch 0 Tags 839 MiB
C++ 67.6%
JavaScript 30.1%
Python 1.2%
C 0.3%
TypeScript 0.3%
Other 0.4%
9b6808bfb5
Go to file
jgruber 9b6808bfb5 [heap] Initialize the owner on each page after lospace allocation 
The least two bits of the owner field of a Page are used to determine
whether the Page is part of a large object. If these bits are not equal
to 0x11, the page is part of a large object and needs special handling
e.g. in MemoryChunk::FromAnyPointerAddress to determine which chunk it
belongs to.

This CL fixes an issue in which the store buffer overflows after
a large object space allocation but before the object has been fully
initialized. Store buffer overflow handling attempts to look up the
chunk of a page, but fails to do so correctly since the page's owner
field has not yet been initialized.

This CL ensures that the owner field of all pages belonging to a large
object allocation are initialized to a value that is interpreted
correctly.

BUG=chromium:672041

Review-Url: https://codereview.chromium.org/2565713002
Cr-Commit-Position: refs/heads/master@{#41641}
2016-12-12 13:19:07 +00:00
benchmarks Revert "Refactoring: Make gtest testsuite the default." 2014-09-02 09:17:26 +00:00
build_overrides [build] Roll build a3b623a:11a223f 2016-11-29 11:17:15 +00:00
docs [Docs] Removed unused docs because they are moved to GitHub 2015-11-19 10:23:30 +00:00
gni [build] Use MSVS 2015 by default. 2016-12-01 08:50:57 +00:00
gypfiles [build] Use MSVS 2015 by default. 2016-12-01 08:50:57 +00:00
include [wasm] Generate correct locations for error messages 2016-12-12 12:46:02 +00:00
infra [build] Make x87 bot use the snapshot. 2016-12-05 08:18:28 +00:00
samples Reland of land "Turn libbase into a component" (patchset #1 id:1 of https://codereview.chromium.org/2396933002/ ) 2016-10-07 07:56:52 +00:00
src [heap] Initialize the owner on each page after lospace allocation 2016-12-12 13:19:07 +00:00
test [heap] Initialize the owner on each page after lospace allocation 2016-12-12 13:19:07 +00:00
testing Use GTEST_LANG_CXX11 in V8 2016-07-25 13:06:42 +00:00
third_party [inspector] Roll inspector_protocol to c65b17da8a32bc6ab25b4ebbef1008f23c69e7d1. 2016-12-05 16:22:12 +00:00
tools Whitespace. 2016-12-09 14:17:43 +00:00
.clang-format [formatting] Remove the formatting requirement for 2 empty lines between declarations. 2016-01-25 09:50:17 +00:00
.gitignore fix typo in .gitignore 2016-12-01 07:49:45 +00:00
.gn [build] Roll build a3b623a:11a223f 2016-11-29 11:17:15 +00:00
.ycm_extra_conf.py Use C++11 / gnu++11, not 0x 2016-03-22 15:24:43 +00:00
AUTHORS Return false in TryNumberToSize if the number is 1 << 64. 2016-12-08 09:20:30 +00:00
BUILD.gn [Tracing] Implement IC statistics in tracing. 2016-12-07 16:58:46 +00:00
ChangeLog [Release] Update ChangeLog file 2016-02-17 21:29:09 +00:00
CODE_OF_CONDUCT.md Explicitly state that the Chromium Code of Conduct also applies to V8 2016-03-02 09:51:24 +00:00
codereview.settings Use v8-reviews@ for review mail, so v8-dev@ is free for dev discussions 2015-09-09 08:14:11 +00:00
DEPS Update V8 DEPS. 2016-12-12 04:25:57 +00:00
LICENSE Updates to the license information of third party components. 2015-06-16 12:37:50 +00:00
LICENSE.fdlibm Add LICENSE.fdlibm for all the fdlibm imported sources. 2016-06-09 07:17:03 +00:00
LICENSE.strongtalk Add LICENSE.v8, LICENSE.strongtalk and LICENSE.valgrind to the v8 2011-02-03 07:10:06 +00:00
LICENSE.v8 Add LICENSE.v8, LICENSE.strongtalk and LICENSE.valgrind to the v8 2011-02-03 07:10:06 +00:00
LICENSE.valgrind Add LICENSE.v8, LICENSE.strongtalk and LICENSE.valgrind to the v8 2011-02-03 07:10:06 +00:00
Makefile Add v8_os_page_size flag for cross compilation 2016-11-15 14:41:03 +00:00
Makefile.android [build] Fix d8-for-Android builds 2016-05-20 12:10:45 +00:00
OWNERS Remove oth from OWNERS 2016-09-05 13:38:25 +00:00
PRESUBMIT.py [test] Only run presubmit for changed status files 2016-12-06 11:42:11 +00:00
README.md [Docs] Removed unused docs because they are moved to GitHub 2015-11-19 10:23:30 +00:00
snapshot_toolchain.gni Use clang for snapshot_toolchain by default, except on ChromeOS. 2016-08-23 14:04:27 +00:00
WATCHLISTS [inspector] added devtools-reviews@chromium.org in WATCHLISTS for inspector 2016-09-29 15:16:54 +00:00

README.md

V8 JavaScript Engine

V8 is Google's open source JavaScript engine.

V8 implements ECMAScript as specified in ECMA-262.

V8 is written in C++ and is used in Google Chrome, the open source browser from Google.

V8 can run standalone, or can be embedded into any C++ application.

V8 Project page: https://github.com/v8/v8/wiki

Getting the Code

Checkout depot tools, and run

    fetch v8

This will checkout V8 into the directory v8 and fetch all of its dependencies. To stay up to date, run

    git pull origin
    gclient sync

For fetching all branches, add the following into your remote configuration in .git/config:

    fetch = +refs/branch-heads/*:refs/remotes/branch-heads/*
    fetch = +refs/tags/*:refs/tags/*

Contributing

Please follow the instructions mentioned on the V8 wiki.