Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(165)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1203973002: Serializer: clear next link in weak cells. (Closed)

Created:
5 years, 6 months ago by Yang
Modified:
5 years, 6 months ago
Reviewers:
ulan
CC:
v8-dev, Yang
Base URL:
https://chromium.googlesource.com/v8/v8.git@master
Target Ref:
refs/pending/heads/master
Project:
v8
Visibility:
Public.

Description

Serializer: clear next link in weak cells. If we do not clear next links during serialization, the serializer would simply follow those links and serialize arbitrary objects held by weak cells. This breaks the invariant in the code serializer, which crashes if it sees context-dependent objects. R=ulan@chromium.org BUG=chromium:503552 LOG=Y Committed: https://crrev.com/f1982eb49083d0063214ffa0f9f92c0609ae31cc Cr-Commit-Position: refs/heads/master@{#29255}

Patch Set 1 #

Total comments: 3

Patch Set 2 : address comments #

Patch Set 3 : fix build #

Patch Set 4 : fix asan failure #

Unified diffs Side-by-side diffs Delta from patch set Stats (+67 lines, -7 lines) Patch
M src/heap/heap.cc View 1 chunk +1 line, -1 line 0 comments Download
M src/heap/mark-compact.cc View 2 chunks +2 lines, -4 lines 0 comments Download
M src/heap/objects-visiting-inl.h View 1 chunk +1 line, -2 lines 0 comments Download
M src/objects.h View 1 chunk +4 lines, -0 lines 0 comments Download
M src/objects-inl.h View 1 2 1 chunk +8 lines, -0 lines 0 comments Download
M src/snapshot/serialize.cc View 1 3 chunks +26 lines, -0 lines 0 comments Download
M test/cctest/test-serialize.cc View 1 2 3 1 chunk +25 lines, -0 lines 0 comments Download

Messages

Total messages: 17 (8 generated)
Yang
Ulan, please review. This has to be landed before https://codereview.chromium.org/1211453002/
5 years, 6 months ago (2015-06-24 11:05:03 UTC) #1
ulan
lgtm if comments are addressed: https://codereview.chromium.org/1203973002/diff/1/src/snapshot/serialize.cc File src/snapshot/serialize.cc (right): https://codereview.chromium.org/1203973002/diff/1/src/snapshot/serialize.cc#newcode1866 src/snapshot/serialize.cc:1866: if (weak_cell_) weak_cell_->set_next(next_); set_next(next_, ...
5 years, 6 months ago (2015-06-24 11:11:19 UTC) #2
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1203973002/20001
5 years, 6 months ago (2015-06-24 11:23:55 UTC) #5
commit-bot: I haz the power
Exceeded global retry quota
5 years, 6 months ago (2015-06-24 11:27:00 UTC) #7
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1203973002/40001
5 years, 6 months ago (2015-06-24 11:44:47 UTC) #10
commit-bot: I haz the power
Try jobs failed on following builders: v8_linux64_asan_rel on tryserver.v8 (JOB_FAILED, http://build.chromium.org/p/tryserver.v8/builders/v8_linux64_asan_rel/builds/5419)
5 years, 6 months ago (2015-06-24 12:22:42 UTC) #12
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1203973002/60001
5 years, 6 months ago (2015-06-24 13:56:00 UTC) #15
commit-bot: I haz the power
Committed patchset #4 (id:60001)
5 years, 6 months ago (2015-06-24 14:26:39 UTC) #16
commit-bot: I haz the power
5 years, 6 months ago (2015-06-24 14:26:54 UTC) #17
Message was sent while issue was closed. 
Patchset 4 (id:??) landed as
https://crrev.com/f1982eb49083d0063214ffa0f9f92c0609ae31cc
Cr-Commit-Position: refs/heads/master@{#29255}

Powered by Google App Engine
This is Rietveld 408576698