Samuel Groß (Gerrit)

unread,

Dec 19, 2025, 8:22:25 AM12/19/25

to Igor Sheludko, Omer Katz, Michael Lippautz, V8 LUCI CQ, v8-re...@googlegroups.com

Attention needed from Igor Sheludko

Samuel Groß added 2 comments

Patchset-level comments

File-level comment, Patchset 7 (Latest):

Samuel Groß . resolved

Thanks! +Igor for remaining files

File src/base/platform/platform-linux.cc

Line 359, Patchset 5: if (fd_ < 0) return std::nullopt;

Omer Katz . resolved

Can we make this a CHECK or DCHECK? Currently all reads are gated behind a `IsValid` check, so I think we can make that a requirement.

Samuel Groß

Done

Open in Gerrit

Related details

Attention is currently required from:

Igor Sheludko

Submit Requirements:

Code-Owners
Code-Review
Review-Enforcement

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

unsatisfied_requirement

satisfied_requirement

open

diffy

Igor Sheludko (Gerrit)

unread,

Dec 19, 2025, 11:34:28 AM12/19/25

to Samuel Groß, Omer Katz, Michael Lippautz, V8 LUCI CQ, v8-re...@googlegroups.com

Attention needed from Samuel Groß

Igor Sheludko voted and added 4 comments

Votes added by Igor Sheludko

Code-Review

+1

4 comments

Patchset-level comments

File-level comment, Patchset 7 (Latest):

Igor Sheludko . resolved

lgtm with nits

Commit Message

Line 18, Patchset 7 (Latest):

/proc/self/maps. Ideally, we would be able to check that we crashed on a
known mapping instead, but this can be implemented in follow-up CLs.

Igor Sheludko . unresolved

It feels like an way easier solution to implement than parsing mem file: there are only two known cages+guard regions + tables where any SEGFAULT is allowed. Everything else might be a sandbox escape with enough luck.

File src/base/platform/platform-linux.cc

Line 352, Patchset 7 (Latest): : fd_(open("/proc/self/maps", O_RDONLY)), buffer_pos_(0), buffer_end_(0) {}

Igor Sheludko . unresolved

Ideally, it would be nice to unify this code with another "maps" parsing code in this file.

Line 360, Patchset 7 (Latest):

Igor Sheludko . unresolved

```
  // The maps file consists of the following kind of lines:
  // 55ac243aa000-55ac243ac000 r--p 00000000 fe:01 31594735 /usr/bin/head
```

Open in Gerrit

Related details

Attention is currently required from:

Samuel Groß

Submit Requirements:

Code-Owners
Code-Review
No-Unresolved-Comments
Review-Enforcement

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

satisfied_requirement

unsatisfied_requirement

open

diffy

Samuel Groß (Gerrit)

unread,

Jan 8, 2026, 6:49:42 AM (23 hours ago) Jan 8

to AyeAye, Igor Sheludko, Omer Katz, Michael Lippautz, V8 LUCI CQ, cbruni...@chromium.org, v8-re...@googlegroups.com

Attention needed from Igor Sheludko and Omer Katz

Samuel Groß added 4 comments

Patchset-level comments

File-level comment, Patchset 11 (Latest):

Samuel Groß . resolved

Thanks! PTAL!

Commit Message

Line 18, Patchset 7:/proc/self/maps. Ideally, we would be able to check that we crashed on a


known mapping instead, but this can be implemented in follow-up CLs.

Igor Sheludko . resolved

It feels like an way easier solution to implement than parsing mem file: there are only two known cages+guard regions + tables where any SEGFAULT is allowed. Everything else might be a sandbox escape with enough luck.

Samuel Groß

Yeah this is basically what the next CL in the chain does. I don't want to add thread-safe tracking (with signal-safe access) for all the pointer tables and similar memory regions we allocate (as these are per-Isolate) just for the sandbox testing mode. Also I think it'd be nice if the regions get names in /proc/self/maps. So with the follow-up CL, we now look for these names to determine where we crashed. But then I still need the Maps parser, so I implemented it in that order.

File src/base/platform/platform-linux.cc

Line 352, Patchset 7: : fd_(open("/proc/self/maps", O_RDONLY)), buffer_pos_(0), buffer_end_(0) {}

Igor Sheludko . unresolved

Ideally, it would be nice to unify this code with another "maps" parsing code in this file.

Samuel Groß

Done :D now the CL is larger, but at least there's no longer any code duplication. WDYT?

Line 360, Patchset 7:

Igor Sheludko . resolved

```
  // The maps file consists of the following kind of lines:
  // 55ac243aa000-55ac243ac000 r--p 00000000 fe:01 31594735 /usr/bin/head
```

Samuel Groß

Done

Open in Gerrit

Related details

Attention is currently required from:

Igor Sheludko
Omer Katz

Submit Requirements:

Code-Owners
Code-Review

No-Unresolved-Comments

Review-Enforcement

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

unsatisfied_requirement

open

diffy

Omer Katz (Gerrit)

unread,

Jan 8, 2026, 6:52:49 AM (23 hours ago) Jan 8

to Samuel Groß, AyeAye, Igor Sheludko, Michael Lippautz, V8 LUCI CQ, cbruni...@chromium.org, v8-re...@googlegroups.com

Attention needed from Igor Sheludko and Samuel Groß

Omer Katz voted and added 1 comment

Votes added by Omer Katz

Code-Review

+1

1 comment

Patchset-level comments

File-level comment, Patchset 11 (Latest):

Omer Katz . resolved

lgtm

Open in Gerrit

Related details

Attention is currently required from:

Igor Sheludko
Samuel Groß

Submit Requirements:

Code-Owners

Code-Review

No-Unresolved-Comments

Review-Enforcement

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

unsatisfied_requirement

satisfied_requirement

open

diffy

Reply all

Reply to author

Forward

[sandbox] Filter out fewer SEGV_ACCERR crashes in the CrashFilter [v8/v8 : main]

Samuel Groß (Gerrit)

Samuel Groß added 2 comments

Related details

Igor Sheludko (Gerrit)

Igor Sheludko voted and added 4 comments

Votes added by Igor Sheludko

4 comments

Related details

Samuel Groß (Gerrit)

Samuel Groß added 4 comments

Related details

Omer Katz (Gerrit)

Omer Katz voted and added 1 comment

Votes added by Omer Katz

1 comment

Related details