AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
45,003 Commits 1 Branch 0 Tags 839 MiB
C++ 67.6%
JavaScript 30.1%
Python 1.2%
C 0.3%
TypeScript 0.3%
Other 0.4%
e1f676ec99
Go to file
jgruber e1f676ec99 [regexp] Add stack check to RegExpExec 
Band-aid fix for infinite recursion in RegExp TFJ builtins.

TFJ builtins don't contain stack checks in general, so any deep
recursion involving only TFJ builtins can end up overflowing the stack
and segfaulting on the red area.

RegExp builtins in particular can only build such recursions using
RegExp.p.exec, and (as far as I can tell) only by modifying the instance
or prototype, thus hitting the slow path in all builtins.

This CL adds a stack check to RegExpExec, which is the choke point for
calling exec on slow-mode RegExps.

Bug: v8:7239, chromium:797481

Regression test

Change-Id: I78dbb5f868a775d9697606d513623f912639d7db
Reviewed-on: https://chromium-review.googlesource.com/856777
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50511}
2018-01-11 15:39:34 +00:00
benchmarks Fix common misspellings 2017-08-02 09:35:28 +00:00
build_overrides [ndk] Change android ndk root for v8 2018-01-11 08:10:33 +00:00
docs [Docs] Removed unused docs because they are moved to GitHub 2015-11-19 10:23:30 +00:00
gni [gn] do not hide symbols for monolithic build. 2018-01-05 16:11:55 +00:00
gypfiles [ndk] Change android ndk root for v8 2018-01-11 08:10:33 +00:00
include [tracing] allow embedders to provide own tracing timestamps 2018-01-10 19:36:23 +00:00
infra Add LUCI config checks to V8 presubmit 2018-01-09 17:50:14 +00:00
samples [cleanup] use unique_ptr for the DefaultPlatform 2017-11-14 09:57:18 +00:00
src [regexp] Add stack check to RegExpExec 2018-01-11 15:39:34 +00:00
test [regexp] Add stack check to RegExpExec 2018-01-11 15:39:34 +00:00
testing Use GTEST_LANG_CXX11 in V8 2016-07-25 13:06:42 +00:00
third_party Update third_party/binutils version to match Chromium. 2017-12-08 07:28:26 +00:00
tools [foozzie] Suppress test cases with async in slow-path mode 2018-01-11 15:14:55 +00:00
.clang-format [clang-format] Don't derive pointer alignment 2017-01-17 09:28:19 +00:00
.editorconfig Add .editorconfig 2017-07-28 13:39:24 +00:00
.git-blame-ignore-revs [build] Add DEPS formatting to hyper-blame 2017-10-09 14:08:45 +00:00
.gitignore [test] Remove promises-aplus test suite 2017-12-19 09:29:26 +00:00
.gn For building v8 using gn on aix_ppc64, linux_s390x and linux_ppc64(both LE and BE). 2017-05-12 01:35:09 +00:00
.vpython Add a comment for the VPython dep 2017-10-25 12:23:35 +00:00
.ycm_extra_conf.py [ycm] Switch from gnu++11 to gnu++14 2017-11-27 07:48:21 +00:00
AUTHORS Reland: Reimplement Object.entries/values as CSA to optimize performance. 2018-01-11 07:04:00 +00:00
BUILD.gn [wasm] Move (almost all) constants to wasm-constants.h 2018-01-11 12:25:54 +00:00
ChangeLog [tools] Merge ChangeLog from latest release 2017-12-19 12:30:56 +00:00
CODE_OF_CONDUCT.md Explicitly state that the Chromium Code of Conduct also applies to V8 2016-03-02 09:51:24 +00:00
codereview.settings Make Gerrit the default code review for V8 2017-06-30 17:37:37 +00:00
DEPS Update V8 DEPS. 2018-01-11 08:15:12 +00:00
LICENSE Updates to the license information of third party components. 2015-06-16 12:37:50 +00:00
LICENSE.fdlibm Add LICENSE.fdlibm for all the fdlibm imported sources. 2016-06-09 07:17:03 +00:00
LICENSE.strongtalk Add LICENSE.v8, LICENSE.strongtalk and LICENSE.valgrind to the v8 2011-02-03 07:10:06 +00:00
LICENSE.v8 Add LICENSE.v8, LICENSE.strongtalk and LICENSE.valgrind to the v8 2011-02-03 07:10:06 +00:00
LICENSE.valgrind Add LICENSE.v8, LICENSE.strongtalk and LICENSE.valgrind to the v8 2011-02-03 07:10:06 +00:00
Makefile [test] Continued test support for make targets 2017-10-20 15:01:51 +00:00
Makefile.android [build] Fix d8-for-Android builds 2016-05-20 12:10:45 +00:00
OWNERS Add myself to OWNERS to be able to approve/make infra-related changes 2017-11-09 22:52:19 +00:00
PRESUBMIT.py Replace all tryserver.v8 entries with corresponding LUCI bucket 2017-12-22 14:39:42 +00:00
README.md [Docs] Removed unused docs because they are moved to GitHub 2015-11-19 10:23:30 +00:00
snapshot_toolchain.gni MIPS[64]: Generate snapshots on MIPS big-endian targets 2017-11-24 19:00:32 +00:00
WATCHLISTS Add adamk to a few WATCHLISTS 2017-11-10 21:38:29 +00:00

README.md

V8 JavaScript Engine

V8 is Google's open source JavaScript engine.

V8 implements ECMAScript as specified in ECMA-262.

V8 is written in C++ and is used in Google Chrome, the open source browser from Google.

V8 can run standalone, or can be embedded into any C++ application.

V8 Project page: https://github.com/v8/v8/wiki

Getting the Code

Checkout depot tools, and run

    fetch v8

This will checkout V8 into the directory v8 and fetch all of its dependencies. To stay up to date, run

    git pull origin
    gclient sync

For fetching all branches, add the following into your remote configuration in .git/config:

    fetch = +refs/branch-heads/*:refs/remotes/branch-heads/*
    fetch = +refs/tags/*:refs/tags/*

Contributing

Please follow the instructions mentioned on the V8 wiki.