Google Git
Sign in
chromium / v8 / v8 / 741e9edc116dc6e065e8dd918e59a8ff0a74eee5
commit741e9edc116dc6e065e8dd918e59a8ff0a74eee5[log] [tgz]
authorShu-yu Guo <syg@chromium.org>Tue Jul 07 16:26:23 2020
committerCommit Bot <commit-bot@chromium.org>Mon Jul 13 17:54:03 2020
treee33f8b50bbdd18b6e36c6a86ec992fd703e23d6b
parent45e58746ffbc60bc91c685f092eaa35ce2d06251 [diff]
Merged: [weakrefs] Make unregister_token undefined on popped WeakCells

(cherry picked from commit 93c0be4b7cdc3afbbcafedcaf867393c963b2f19)

The unregister_token slot is iterated as a custom weak pointer slot,
which means the heap verifier treats it as a strong slot. Currently,
popped WeakCells (that is, WeakCells for which the owning
FinalizationRegistry's finalizer has already been invoked) neither
clears out the unregister_token slot nor marks it, which trips the heap
verifier.

Bug: chromium:1102161
Change-Id: I0a803f12379fc9df6935bc8331b3d5ecb199571a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2284202
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Auto-Submit: Shu-yu Guo <syg@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#68723}
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2295459
Commit-Queue: Shu-yu Guo <syg@chromium.org>
Cr-Commit-Position: refs/branch-heads/8.5@{#20}
Cr-Branched-From: a7f8bc434b35c3122a859f094fa541febd74ec7c-refs/heads/8.5.210@{#1}
Cr-Branched-From: dd58472158b209e36f3f8646e9adfb31ffa61483-refs/heads/master@{#68510}
2 files changed
tree: e33f8b50bbdd18b6e36c6a86ec992fd703e23d6b
  1. build_overrides/
  2. custom_deps/
  3. docs/
  4. gni/
  5. include/
  6. infra/
  7. samples/
  8. src/
  9. test/
  10. testing/
  11. third_party/
  12. tools/
  13. .clang-format
  14. .clang-tidy
  15. .editorconfig
  16. .flake8
  17. .git-blame-ignore-revs
  18. .gitattributes
  19. .gitignore
  20. .gn
  21. .vpython
  22. .ycm_extra_conf.py
  23. AUTHORS
  24. BUILD.gn
  25. CODE_OF_CONDUCT.md
  26. codereview.settings
  27. COMMON_OWNERS
  28. DEPS
  29. ENG_REVIEW_OWNERS
  30. INFRA_OWNERS
  31. INTL_OWNERS
  32. LICENSE
  33. LICENSE.fdlibm
  34. LICENSE.strongtalk
  35. LICENSE.v8
  36. LICENSE.valgrind
  37. MIPS_OWNERS
  38. OWNERS
  39. PPC_OWNERS
  40. PRESUBMIT.py
  41. README.md
  42. S390_OWNERS
  43. WATCHLISTS
README.md

V8 JavaScript Engine

V8 is Google's open source JavaScript engine.

V8 implements ECMAScript as specified in ECMA-262.

V8 is written in C++ and is used in Google Chrome, the open source browser from Google.

V8 can run standalone, or can be embedded into any C++ application.

V8 Project page: https://v8.dev/docs

Getting the Code

Checkout depot tools, and run

    fetch v8

This will checkout V8 into the directory v8 and fetch all of its dependencies. To stay up to date, run

    git pull origin
    gclient sync

For fetching all branches, add the following into your remote configuration in .git/config:

    fetch = +refs/branch-heads/*:refs/remotes/branch-heads/*
    fetch = +refs/tags/*:refs/tags/*

Contributing

Please follow the instructions mentioned at v8.dev/docs/contribute.