AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
21,364 Commits 1 Branch 0 Tags 839 MiB
C++ 67.6%
JavaScript 30.1%
Python 1.2%
C 0.3%
TypeScript 0.3%
Other 0.4%
bb13e7f746
Go to file
jarin bb13e7f746 Do not touch a binary op IC target in code object marked for lazy deopt. 
Bad scenario:

- Enter a binop IC miss handler from optimized code object C from call
  site S,

- From the binop IC, invoke arbitrary javascript that lazy deopts C,
  so all relocation info is nuked and replaced with lazy deopt entries'
  reloc info. In particular, there is no reloc info for S.

- Still from the arbitrary JavaScript, make IC target's code object move.
  Note that the call site S is not updated.

- Return to the miss handler and inspect the IC's target. This will try
  to get the target from S, but that is a potentially invalid pointer.

It is quite possible that we will have to do a similar fix for other ICs,
but we will have to find a reliable repro first. I am not submitting a
repro here because it is quite long running and brittle (it
relies on code compaction happening while in the binop IC).

BUG=v8:3910
LOG=n
R=ishell@chromium.org

Review URL: https://codereview.chromium.org/958473004

Cr-Commit-Position: refs/heads/master@{#26872}
2015-02-26 08:36:54 +00:00
benchmarks Revert "Refactoring: Make gtest testsuite the default." 2014-09-02 09:17:26 +00:00
build [gyp] Disable warnings generated by third party ICU code. 2015-02-26 08:19:32 +00:00
include Add v8::Object::GetRealNamedPropertyAttributes() 2015-02-25 15:09:20 +00:00
samples shell.cc race condition 2015-02-02 08:08:31 +00:00
src Do not touch a binary op IC target in code object marked for lazy deopt. 2015-02-26 08:36:54 +00:00
test [turbofan] Fix bogus covering of Word64Equal w/ zero. 2015-02-26 07:18:42 +00:00
testing Add linux dbg coverage to CQ. 2015-02-24 16:39:23 +00:00
third_party/binutils Ignore unsupport host architectures for binutils download. 2015-02-10 07:51:42 +00:00
tools Move compilation error handling into a separate class. 2015-02-25 14:18:34 +00:00
.clang-format Change clang-format config to allow for two empty lines between functions 2013-12-03 10:39:21 +00:00
.gitignore Port chromium landmines script. 2015-02-24 16:57:47 +00:00
.ycm_extra_conf.py [ycm] The YouCompleteMe configuration is not VIM specific. 2015-02-12 07:21:13 +00:00
AUTHORS Add StrongLoop, Inc. to AUTHORS. 2015-02-09 06:56:48 +00:00
BUILD.gn Move compilation error handling into a separate class. 2015-02-25 14:18:34 +00:00
ChangeLog Upgrade version and change log after branch. 2014-11-10 10:41:13 +00:00
codereview.settings Removed TRYSERVER_ROOT since this is not used anymore 2015-01-28 11:04:32 +00:00
DEPS Port chromium landmines script. 2015-02-24 16:57:47 +00:00
LICENSE Update LICENSE date. 2014-02-18 10:50:22 +00:00
LICENSE.strongtalk Add LICENSE.v8, LICENSE.strongtalk and LICENSE.valgrind to the v8 2011-02-03 07:10:06 +00:00
LICENSE.v8 Add LICENSE.v8, LICENSE.strongtalk and LICENSE.valgrind to the v8 2011-02-03 07:10:06 +00:00
LICENSE.valgrind Add LICENSE.v8, LICENSE.strongtalk and LICENSE.valgrind to the v8 2011-02-03 07:10:06 +00:00
Makefile Remove version generation approach. 2015-01-23 10:45:39 +00:00
Makefile.android Fix ARM64 build 2014-12-08 13:04:17 +00:00
Makefile.nacl Use the pnacl-clang toolchain for (P)NaCL builds 2014-10-06 08:10:50 +00:00
OWNERS Add Erik Arvidsson to OWNERS 2015-01-28 18:23:29 +00:00
PRESUBMIT.py Add linux dbg coverage to CQ. 2015-02-24 16:39:23 +00:00
README.md Update all DEPS to match chromium's DEPS at edb488e 2014-12-08 12:27:26 +00:00
WATCHLISTS Add myself to a watchlist for the public API. 2013-10-10 11:37:48 +00:00

README.md

V8 JavaScript Engine

V8 is Google's open source JavaScript engine.

V8 implements ECMAScript as specified in ECMA-262.

V8 is written in C++ and is used in Google Chrome, the open source browser from Google.

V8 can run standalone, or can be embedded into any C++ application.

V8 Project page: https://code.google.com/p/v8/

Getting the Code

Checkout depot tools, and run

fetch v8

This will checkout V8 into the directory v8 and fetch all of its dependencies. To stay up to date, run

git pull origin gclient sync

For fetching all branches, add the following into your remote configuration in .git/config:

    fetch = +refs/branch-heads/*:refs/remotes/branch-heads/*
    fetch = +refs/tags/*:refs/tags/*