Status: Accepted
Owner: [email protected]
Labels: Type-Bug Priority-Medium
New issue 3782 by [email protected]: V8 is not -fsanitize=null clean
https://code.google.com/p/v8/issues/detail?id=3782
V8 uses the bad idea (a.k.a. "technique") of pretending that JavaScript
entities are C++ pointers all over the place, see objects.h and friends.
Combined with our Smi encoding, we actually call via a "null" pointer quite
a lot. Fundamentally this is fixable by making the functions static and
explicitly passing the entity as parameter, but that's a tremendous amount
of work.
Nevertheless, this is highly dangerous: We already had at least one bug
caused by the fact that the C++ compiler optimized away some code on the
assumption that "this" is never null. There could be even more assumptions
made by the compiler, e.g. alignment (= values of the lower bits), so we
are on very thin ice here and should remove this madness in the long run.
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
