Status: Assigned
Owner: [email protected]
Labels: Type-Bug Priority-Medium
New issue 4291 by [email protected]: Alignment handling in the
serializer prior to 4.5 is buggy.
https://code.google.com/p/v8/issues/detail?id=4291
In the serializer, when we come across an object that needs to be
double-aligned, we allocate an additional pointer size which we can use as
padding, and emit a special op code for the deserializer.
The deserializer allocates with additional padding and depending on the
current alignment, pads the first or last pointer with a filler object. If
it padded at the start of the allocated area, the object starts offset by a
pointer size. However, the back reference still points to the start of the
allocated area. So back references to that object are off by a pointer size.
I haven't been able to create a repro where a double fixed elements array
is referenced by more than once (so that we get a back reference).
This problem should have been fixed in 4.5 with the new alignment handling
implementation.
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
