Files · 3f850f4da08e9beb564e1b0cf93950e7b49d5348 · Linshizhi / V8

[unified-heap] Call TraceEpilogue at the end of a MC GC · 3f850f4d

Michael Lippautz authored Oct 23, 2018

Marking resets global handles which touches the corresponding slots on the
embedder side. The embedder may already have freed the memory which results in
use after free.

Bug: chromium:843903
Change-Id: I05a62f28d801b4de167f6fbf1be29743544c1293
Reviewed-on: https://chromium-review.googlesource.com/c/1296457Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#56911}

3f850f4d

Name	Last commit	Last update
benchmarks		Loading commit data...
build_overrides		Loading commit data...
custom_deps		Loading commit data...
docs		Loading commit data...
gni		Loading commit data...
include		Loading commit data...
infra		Loading commit data...
samples		Loading commit data...
src		Loading commit data...
test		Loading commit data...
testing		Loading commit data...
third_party		Loading commit data...
tools		Loading commit data...
.clang-format		Loading commit data...
.clang-tidy		Loading commit data...
.editorconfig		Loading commit data...
.git-blame-ignore-revs		Loading commit data...
.gitattributes		Loading commit data...
.gitignore		Loading commit data...
.gn		Loading commit data...
.vpython		Loading commit data...
.ycm_extra_conf.py		Loading commit data...
AUTHORS		Loading commit data...
BUILD.gn		Loading commit data...
CODE_OF_CONDUCT.md		Loading commit data...
ChangeLog		Loading commit data...
DEPS		Loading commit data...
LICENSE		Loading commit data...
LICENSE.fdlibm		Loading commit data...
LICENSE.strongtalk		Loading commit data...
LICENSE.v8		Loading commit data...
LICENSE.valgrind		Loading commit data...
OWNERS		Loading commit data...
PRESUBMIT.py		Loading commit data...
README.md		Loading commit data...
WATCHLISTS		Loading commit data...
codereview.settings		Loading commit data...
snapshot_toolchain.gni		Loading commit data...

README.md