• Clemens Backes's avatar
    [wasm][debug] Avoid use-after-free on tier down · 0816423d
    Clemens Backes authored
    When tiering down (or up), we first get a list of all native modules
    (under a lock), then tier them down/up without holding the lock. Since
    we don't hold (shared) ownership of the native module, it could die
    in-between.
    This CL fixes this by keeping weak pointers to the native modules, and
    re-gaining a shared pointer before putting the module in the list of
    modules to be tiered down/up.
    
    R=thibaudm@chromium.org
    
    Bug: v8:10588
    Change-Id: I2891c3729f42f26d4026f3e2448e124863b95122
    Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_rel
    Cq-Include-Trybots: luci.v8.try:v8_linux64_tsan_isolates_rel_ng
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2228515
    Commit-Queue: Clemens Backes <clemensb@chromium.org>
    Reviewed-by: 's avatarThibaud Michaud <thibaudm@chromium.org>
    Cr-Commit-Position: refs/heads/master@{#68145}
    0816423d
Name
Last commit
Last update
..
baseline Loading commit data...
DEPS Loading commit data...
OWNERS Loading commit data...
c-api.cc Loading commit data...
c-api.h Loading commit data...
compilation-environment.h Loading commit data...
decoder.h Loading commit data...
function-body-decoder-impl.h Loading commit data...
function-body-decoder.cc Loading commit data...
function-body-decoder.h Loading commit data...
function-compiler.cc Loading commit data...
function-compiler.h Loading commit data...
graph-builder-interface.cc Loading commit data...
graph-builder-interface.h Loading commit data...
jump-table-assembler.cc Loading commit data...
jump-table-assembler.h Loading commit data...
leb-helper.h Loading commit data...
local-decl-encoder.cc Loading commit data...
local-decl-encoder.h Loading commit data...
memory-tracing.cc Loading commit data...
memory-tracing.h Loading commit data...
module-compiler.cc Loading commit data...
module-compiler.h Loading commit data...
module-decoder.cc Loading commit data...
module-decoder.h Loading commit data...
module-instantiate.cc Loading commit data...
module-instantiate.h Loading commit data...
object-access.h Loading commit data...
signature-map.cc Loading commit data...
signature-map.h Loading commit data...
streaming-decoder.cc Loading commit data...
streaming-decoder.h Loading commit data...
struct-types.h Loading commit data...
sync-streaming-decoder.cc Loading commit data...
value-type.h Loading commit data...
wasm-arguments.h Loading commit data...
wasm-code-manager.cc Loading commit data...
wasm-code-manager.h Loading commit data...
wasm-constants.h Loading commit data...
wasm-debug-evaluate.cc Loading commit data...
wasm-debug-evaluate.h Loading commit data...
wasm-debug.cc Loading commit data...
wasm-debug.h Loading commit data...
wasm-engine.cc Loading commit data...
wasm-engine.h Loading commit data...
wasm-external-refs.cc Loading commit data...
wasm-external-refs.h Loading commit data...
wasm-feature-flags.h Loading commit data...
wasm-features.cc Loading commit data...
wasm-features.h Loading commit data...
wasm-import-wrapper-cache.cc Loading commit data...
wasm-import-wrapper-cache.h Loading commit data...
wasm-interpreter.cc Loading commit data...
wasm-interpreter.h Loading commit data...
wasm-js.cc Loading commit data...
wasm-js.h Loading commit data...
wasm-limits.h Loading commit data...
wasm-linkage.h Loading commit data...
wasm-module-builder.cc Loading commit data...
wasm-module-builder.h Loading commit data...
wasm-module-sourcemap.cc Loading commit data...
wasm-module-sourcemap.h Loading commit data...
wasm-module.cc Loading commit data...
wasm-module.h Loading commit data...
wasm-objects-inl.h Loading commit data...
wasm-objects.cc Loading commit data...
wasm-objects.h Loading commit data...
wasm-objects.tq Loading commit data...
wasm-opcodes.cc Loading commit data...
wasm-opcodes.h Loading commit data...
wasm-result.cc Loading commit data...
wasm-result.h Loading commit data...
wasm-serialization.cc Loading commit data...
wasm-serialization.h Loading commit data...
wasm-tier.h Loading commit data...
wasm-value.h Loading commit data...