AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
9ff7156f87
v8/test
History
Ulan Degenbaev 9ff7156f87 [test] Fix UAF in cctest/test-memory-measurement/RandomizedTimeout 
The test creates a mock platform. The bug was that the lifetime of the
mock platform was shoter than the lifetime of the isolate. Even though
the mock platform restores the old platfrom, a background thread may
still have a pointer to the mock platform leading to UAF.

Bug: v8:10690
Tbr: dinfuehr@chromium.rg
Change-Id: Ic14bf408e5e3e9e7d07e01af545bb88c21462300
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2290850
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#68777}
2020-07-10 08:52:00 +00:00
..
benchmarks cppgc: Add micro benchmark for tracing objects 2020-07-03 14:50:43 +00:00
cctest [test] Fix UAF in cctest/test-memory-measurement/RandomizedTimeout 2020-07-10 08:52:00 +00:00
common [wasm-gc] Test improvements 2020-07-02 11:54:29 +00:00
debugger [d8] Exit with error code upon unhandled promise rejection 2020-06-24 07:21:58 +00:00
debugging [wasm][respect] Avoid 'sanity check' 2020-06-19 14:32:15 +00:00
fuzzer [wasm-gc] Refactoring in preparation of generalizing WasmInitExpr 2020-07-09 15:03:18 +00:00
fuzzilli Integrate fuzzilli into v8 2020-06-03 09:53:24 +00:00
inspector Fix crash on inspector setScriptSource calls when source is unchanged 2020-07-07 13:25:51 +00:00
intl Return undefined if fractionalSecondDigits is 0 2020-07-09 23:01:15 +00:00
js-perf-test [js-perf-test] Add flags for async benchmark 2020-07-01 12:04:46 +00:00
memory [owners] Remove redundant OWNERS files in test/ 2019-06-24 12:44:32 +00:00
message [d8] Handle recursively rejected promises 2020-06-30 08:27:36 +00:00
mjsunit [liftoff] Handle unordered register pairs 2020-07-09 11:05:08 +00:00
mkgrokdump [heap] Move BaseSpace into base-space.h 2020-06-19 09:38:24 +00:00
mozilla [Respect] Prefer inclusive terms 2020-06-22 18:11:23 +00:00
test262 Return undefined if fractionalSecondDigits is 0 2020-07-09 23:01:15 +00:00
torque [torque] Torque Context definition should better match C++ definition 2020-07-03 15:58:58 +00:00
unittests Revert "[heap] Allow LocalHeap on the main thread" 2020-07-09 21:21:25 +00:00
wasm-api-tests [wasm-gc] Refactoring in preparation of generalizing WasmInitExpr 2020-07-09 15:03:18 +00:00
wasm-js [wasm] Add tail call spec tests 2020-07-02 14:11:49 +00:00
wasm-spec-tests [mips][wasm] Skip tail-call/float_misc spec test. 2020-07-06 10:36:50 +00:00
webkit [d8] Exit with error code upon unhandled promise rejection 2020-06-24 07:21:58 +00:00
BUILD.gn Add google_benchmark depdendency 2020-07-02 20:11:29 +00:00
OWNERS Use relative paths to OWNERS files 2019-08-12 13:52:52 +00:00