AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
54,688 Commits 1 Branch 0 Tags 839 MiB
C++ 67.6%
JavaScript 30.1%
Python 1.2%
C 0.3%
TypeScript 0.3%
Other 0.4%
b9962a9a96
Go to file
Georg Neis b9962a9a96 [csa] Make JSProxy's CheckGetSetTrapResult bailout for certain names 
The TryGetOwnProperty code supports only unique names that are not
array indices. Unfortunately, this is neither obvious from its type,
nor from its comment, nor from its code.

ProxiesCodeStubAssembler::CheckHasTrapResult violated the assumption
and was already fixed a few days ago. This CL fixes
CheckGetSetTrapResult and improves our code documentation in the
form of comments and assertions. Concretely:

- Add CodeStubAssembler::IsUniqueName and IsUniqueNameNoIndex
- Use IsUniqueNameNoIndex in CheckGetSetTrapResult to guard
  TryGetOwnProperty (bailout to runtime if not satisfied).
- Similarly, use IsUniqueNameNoIndex to simplify the previous fix in
  CheckHasTrapResult.
- Add a IsUniqueNameNoIndex CSA_ASSERT to TryGetOwnProperty and a few
  other places to avoid such bugs in the future.
- Add a IsUniqueName CSA_ASSERT to a few places where we apparently
  expect unique names (I don't know if those allow indices or not).
- Add a DCHECK to Name::IsUniqueName to ensure and document that this
  shortcut version is equivalent to HeapObject::IsUniqueName.

Bug: chromium:937618
Change-Id: Id4a18ab2a0e9c7591b087dd0c9fe018aa9b9ef3a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1514732
Auto-Submit: Georg Neis <neis@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#60196}
2019-03-12 17:44:18 +00:00
benchmarks [test] Ensure random generator in JSTests does not use float arithmetic 2018-12-17 10:05:08 +00:00
build_overrides [ndk] Change android ndk root for v8 2018-01-11 08:10:33 +00:00
custom_deps [build] Add common directory for custom deps 2018-06-08 19:23:02 +00:00
docs [docs] Change links from old wiki to v8.dev 2019-03-07 12:13:30 +00:00
gni unified-heap: Add GN flag for full heap snapshots 2019-03-06 09:39:22 +00:00
include [api] Remove unowned Extensions interface 2019-03-12 13:09:51 +00:00
infra [build] Temporarily remove goma from gcov builder 2019-03-07 12:18:19 +00:00
samples Add a sample that uses the JS API to create wasm 2018-06-07 23:43:38 +00:00
src [csa] Make JSProxy's CheckGetSetTrapResult bailout for certain names 2019-03-12 17:44:18 +00:00
test [wasm] Sync wasm-module-builder.js back to spec version 2019-03-12 16:29:41 +00:00
testing Remove dummy files created for rolling googletest. 2018-03-27 05:55:56 +00:00
third_party [cleanup] Remove dead code from Array#sort 2019-03-12 16:17:06 +00:00
tools [tools] Add support for ref archive type 2019-03-12 16:16:01 +00:00
.clang-format [clang-format] Don't derive pointer alignment 2017-01-17 09:28:19 +00:00
.clang-tidy [tool] Remove unfixed clang-tidy warnings to ease use. 2018-10-26 07:40:32 +00:00
.editorconfig Add .editorconfig 2017-07-28 13:39:24 +00:00
.git-blame-ignore-revs [build] Add DEPS formatting to hyper-blame 2017-10-09 14:08:45 +00:00
.gitattributes .gitattributes: Mark minified emscripten js files as -diff 2018-09-19 16:27:10 +00:00
.gitignore Add .ccls-cache to .gitignore 2019-02-26 10:32:45 +00:00
.gn [test] Remove obsolete test262 archive extract 2018-03-28 13:52:15 +00:00
.vpython [tools] Correctly identify and report test crashes and infra failures 2018-10-30 15:05:40 +00:00
.ycm_extra_conf.py [ycm] Switch from gnu++11 to gnu++14 2017-11-27 07:48:21 +00:00
AUTHORS Use inherited ctors for MacroAssembler and TurboAssembler 2019-03-08 09:31:30 +00:00
BUILD.gn Reland Remove builtin-function-id in SFI 2019-03-08 18:40:05 +00:00
ChangeLog [release] Merge ChangeLog back to master 2018-12-07 15:41:59 +00:00
CODE_OF_CONDUCT.md Explicitly state that the Chromium Code of Conduct also applies to V8 2016-03-02 09:51:24 +00:00
codereview.settings Make Gerrit the default code review for V8 2017-06-30 17:37:37 +00:00
DEPS Update V8 DEPS. 2019-03-12 11:07:45 +00:00
LICENSE Add antlr4 runtime library to support Torque 2018-04-10 10:01:01 +00:00
LICENSE.fdlibm Add LICENSE.fdlibm for all the fdlibm imported sources. 2016-06-09 07:17:03 +00:00
LICENSE.strongtalk Add LICENSE.v8, LICENSE.strongtalk and LICENSE.valgrind to the v8 2011-02-03 07:10:06 +00:00
LICENSE.v8 Add LICENSE.v8, LICENSE.strongtalk and LICENSE.valgrind to the v8 2011-02-03 07:10:06 +00:00
LICENSE.valgrind Add LICENSE.v8, LICENSE.strongtalk and LICENSE.valgrind to the v8 2011-02-03 07:10:06 +00:00
OWNERS Reduce wasm OWNERS to current team members 2018-10-15 14:47:49 +00:00
PRESUBMIT.py Revert "[torque] Temporarily disable torque format check to pass presubmit" 2019-02-20 14:07:17 +00:00
README.md [docs] Change links from old wiki to v8.dev 2019-03-07 12:13:30 +00:00
snapshot_toolchain.gni Reland "Add Windows ARM64 ABI support to V8" 2018-10-24 19:46:36 +00:00
WATCHLISTS Update WATCHLIST wrt yangguo 2018-11-23 08:29:12 +00:00

README.md

V8 JavaScript Engine

V8 is Google's open source JavaScript engine.

V8 implements ECMAScript as specified in ECMA-262.

V8 is written in C++ and is used in Google Chrome, the open source browser from Google.

V8 can run standalone, or can be embedded into any C++ application.

V8 Project page: https://v8.dev/docs

Getting the Code

Checkout depot tools, and run

    fetch v8

This will checkout V8 into the directory v8 and fetch all of its dependencies. To stay up to date, run

    git pull origin
    gclient sync

For fetching all branches, add the following into your remote configuration in .git/config:

    fetch = +refs/branch-heads/*:refs/remotes/branch-heads/*
    fetch = +refs/tags/*:refs/tags/*

Contributing

Please follow the instructions mentioned at v8.dev/docs/contribute.