- 19 Jun, 2020 1 commit
-
-
Michael Lippautz authored
This is a reland of e0c1a349 The issue was passing SentinelPointer (== +1) through T*. The fix is disabling cfi unrelated cast diagnostic for the bottlenecks (Get()). This means that nullptr is treated the same as kSentinelPointer. The alternative would be a DCHECK that Get() does not return kSentinelPointer and adjusting all Member and Persistent logic that uses Get() to work on void*. This is quite intrusive as it involves Swap(), heterogeneous assignments, comparisons, etc. Original change's description: > cppgc: Properly clear (Weak)Peristent and WeakMember pointers > > The CL addresses two issues with (Weak)Persistent and WeakMember: > 1. (Weak)Persistent pointers are cleared on heap teardown. Before this > CL the pointers would contain stale values which could lead to UAF. > 2. WeakPersistent and WeakMember are cleared using a combination of > internal clearing methods and mutable fields which avoids the use > of const_cast<>. > > Bug: chromium:1056170 > Change-Id: Ibf2b0f0856771b4f6906608cde13a6d43ebf81f3 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2248190 > Reviewed-by: Omer Katz <omerkatz@chromium.org> > Reviewed-by: Anton Bikineev <bikineev@chromium.org> > Commit-Queue: Michael Lippautz <mlippautz@chromium.org> > Cr-Commit-Position: refs/heads/master@{#68394} Bug: chromium:1056170 Change-Id: I3d74b43464c2973df1956f51b1419d755dd9f519 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2250240Reviewed-by: Omer Katz <omerkatz@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#68426}
-
- 17 Jun, 2020 2 commits
-
-
Zhi An Ng authored
This reverts commit e0c1a349. Reason for revert: Fails on Linux 64 cfi https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20-%20cfi/25283? TBR=omerkatz@chromium.org,mlippautz@chromium.org,bikineev@chromium.org,bikineev@chromium.org Change-Id: I2b208c4019979735925bff5e0551291fae6a14d6 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2250320Reviewed-by: Zhi An Ng <zhin@chromium.org> Commit-Queue: Zhi An Ng <zhin@chromium.org> Cr-Commit-Position: refs/heads/master@{#68396}
-
Michael Lippautz authored
The CL addresses two issues with (Weak)Persistent and WeakMember: 1. (Weak)Persistent pointers are cleared on heap teardown. Before this CL the pointers would contain stale values which could lead to UAF. 2. WeakPersistent and WeakMember are cleared using a combination of internal clearing methods and mutable fields which avoids the use of const_cast<>. Bug: chromium:1056170 Change-Id: Ibf2b0f0856771b4f6906608cde13a6d43ebf81f3 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2248190Reviewed-by: Omer Katz <omerkatz@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#68394}
-
- 27 Apr, 2020 3 commits
-
-
Clemens Backes authored
The category name changed in https://crrev.com/c/2159690 (in depot_tools), hence presubmit tests start failing whenever someone touches a file which still refers to the old category. R=zhin@chromium.org TBR=machenbach@chromium.org No-Try: true No-Tree-Checks: true Change-Id: I62813a42d63e512d421c4fe94229d04a56056978 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2165760Reviewed-by: Zhi An Ng <zhin@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Commit-Queue: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#67403}
-
Nico Hartmann authored
This reverts commit 313ad531. Reason for revert: https://ci.chromium.org/p/v8/builders/ci/V8%20Presubmit/10183? Original change's description: > cppgc: Fix NOLINT exception > > Bug: chromium:1056170 > Change-Id: I6a0fdd867caa7fc49ff586d878bc57b621260afc > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2167863 > Commit-Queue: Omer Katz <omerkatz@chromium.org> > Commit-Queue: Anton Bikineev <bikineev@chromium.org> > Reviewed-by: Michael Lippautz <mlippautz@chromium.org> > Reviewed-by: Anton Bikineev <bikineev@chromium.org> > Cr-Commit-Position: refs/heads/master@{#67396} TBR=mlippautz@chromium.org,bikineev@chromium.org,omerkatz@chromium.org Change-Id: Icb016aec744160e84ee02148dba5b383403d27cc No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: chromium:1056170 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2167444Reviewed-by: Nico Hartmann <nicohartmann@chromium.org> Commit-Queue: Nico Hartmann <nicohartmann@chromium.org> Cr-Commit-Position: refs/heads/master@{#67397}
-
Omer Katz authored
Bug: chromium:1056170 Change-Id: I6a0fdd867caa7fc49ff586d878bc57b621260afc Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2167863 Commit-Queue: Omer Katz <omerkatz@chromium.org> Commit-Queue: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Anton Bikineev <bikineev@chromium.org> Cr-Commit-Position: refs/heads/master@{#67396}
-
- 21 Apr, 2020 1 commit
-
-
Michael Lippautz authored
- Fixes includes to be relative to include/ which allows embedders to just add V8's include directory to get started. - Adds public target for the library as "cppgc". Bug: chromium:1056170 Change-Id: Iec9b644e20016a5d7281275b739821a050fd2540 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2157366Reviewed-by: Michael Achenbach <machenbach@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#67278}
-
- 15 Apr, 2020 1 commit
-
-
Anton Bikineev authored
CrossThreadPersistent and friends are the followup. Bug: chromium:1056170 Change-Id: Ide910062d80952da73b922398c281162b1861f47 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2144957 Commit-Queue: Anton Bikineev <bikineev@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Omer Katz <omerkatz@chromium.org> Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#67153}
-