New issue
Advanced search Search tips

Issue 758925 link

Starred by 1 user
Status: Archived
Owner: ----
Closed: Sep 13
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug



Sign in to add a comment

LazyInstance doesn't support classes with virtual members.

Project Member Reported by albertnetymk@google.com, Aug 25 2017 
UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36

Steps to reproduce the problem:
1.Place the following into `args.gn`.
```
is_cfi = true
is_component_build = false
is_debug = false
target_cpu = "x64"
use_cfi_cast = true
use_cfi_diag = true
use_cfi_recover = false
v8_test_isolation_mode = "prepare"
```
2. Build V8

What is the expected behavior?
V8 successfully builds.

What went wrong?
Control flow integrity check fails.

Did this work before? N/A 

Chrome version: 60.0.3112.90  Channel: dev
OS Version: 
Flash Version:
Project Member

Comment 1 by bugdroid1@chromium.org, Aug 25 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/b20390c0a11b1c3039e15b5f56828a695d508721

commit b20390c0a11b1c3039e15b5f56828a695d508721
Author: Albert Mingkun Yang <albertnetymk@google.com>
Date: Fri Aug 25 12:45:24 2017

[Fix] Allow LazyInstance to support classes with virtual members

Change the signature of `Construct` so that no casting is required on
calling it. The casting would fire control flow integrity check if the
class contains virtual members.

Bug:  chromium:758925 
Change-Id: Iefc711c634b36efd051e245e2df13b28d5563f45
Reviewed-on: https://chromium-review.googlesource.com/635563
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Albert Mingkun Yang <albertnetymk@google.com>
Cr-Commit-Position: refs/heads/master@{#47608}
[modify] https://crrev.com/b20390c0a11b1c3039e15b5f56828a695d508721/src/assert-scope.cc
[modify] https://crrev.com/b20390c0a11b1c3039e15b5f56828a695d508721/src/base/lazy-instance.h
[modify] https://crrev.com/b20390c0a11b1c3039e15b5f56828a695d508721/src/elements-kind.cc
[modify] https://crrev.com/b20390c0a11b1c3039e15b5f56828a695d508721/src/register-configuration.cc

Comment 2 by kkaluri@chromium.org, Sep 13 2017

Labels: TE-NeedsTriageHelp Needs-Milestone
Unable to triage this issue from TE-End, hence adding TE-NeedsTriageHelp for further triage.
Project Member

Comment 3 by sheriffbot@chromium.org, Sep 13

Status: Archived (was: Unconfirmed)
Issue has not been modified or commented on in the last 365 days, please re-open or file a new bug if this is still an issue.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment