Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(819)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: src/objects.cc

Issue 24259005: Revert ("Chromium 284577 needs a mitigation CL added." (svn-id 16742)) (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Patch Set: Created 7 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « src/heap-inl.h ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: src/objects.cc
diff --git a/src/objects.cc b/src/objects.cc
index 7165abe11dbd157b0e08d42bbeba5bdaef3d8f0e..f0108e62187fafe14d559d571fe6f906ac982af3 100644
--- a/src/objects.cc
+++ b/src/objects.cc
@@ -8971,18 +8971,7 @@ AllocationMemento* AllocationMemento::FindForJSObject(JSObject* object) {
object->GetHeap()->allocation_memento_map()) {
AllocationMemento* memento = AllocationMemento::cast(
reinterpret_cast<Object*>(ptr_end + kHeapObjectTag));
-
- // TODO(mvstanton): because of chromium bug 284577, put extra care
- // into validating that the memento points to a valid AllocationSite.
- // This check is expensive so remove it asap. Also, this check
- // HIDES bug 284577, so it must be disabled to debug/diagnose.
- Object* site = memento->allocation_site();
- Heap* heap = object->GetHeap();
- if (heap->InOldPointerSpace(site) &&
- site->IsHeapObject() &&
- HeapObject::cast(site)->map() == heap->allocation_site_map()) {
- return memento;
- }
+ return memento;
}
}
}
« no previous file with comments | « src/heap-inl.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698