• mlippautz's avatar
    [heap] Do not trace through blink after making weak roots strong for finalizers · af6d01a1
    mlippautz authored
    Similar to object grouping, we cannot trace through blink (and back to V8) after
    making weak roots strong because phantom callbacks have already been scheduled
    and the handles been zapped.
    
    This is a short-term solution (mimicing what object grouping currently does). It
    is not correct in general because we should fully process the subgraph that was
    discovered by making some of the weak roots strong.  In long term we need  a
    separate handle type on the API level for traced references that have their
    handles zapped at a different stage.
    
    Reproduction:
    - Initial marking is done, i.e., both marking deques are empty.
    - We make weak roots needed for regular finalizers strong.
    - We collect phantom callback data and zap handles that are not reachable so far.
    - Through new roots we discover wrappables on the blink side that would also keep
      objects that were already scheduled for phantom callbacks alive.
    - Since the handle was already zapped we crash during dereferencing.
    
    BUG=chromium:668060,chromium:468240
    
    Review-Url: https://codereview.chromium.org/2580813002
    Cr-Commit-Position: refs/heads/master@{#41724}
    af6d01a1
Name
Last commit
Last update
benchmarks Loading commit data...
build_overrides Loading commit data...
docs Loading commit data...
gni Loading commit data...
gypfiles Loading commit data...
include Loading commit data...
infra Loading commit data...
samples Loading commit data...
src Loading commit data...
test Loading commit data...
testing Loading commit data...
third_party Loading commit data...
tools Loading commit data...
.clang-format Loading commit data...
.gitignore Loading commit data...
.gn Loading commit data...
.ycm_extra_conf.py Loading commit data...
AUTHORS Loading commit data...
BUILD.gn Loading commit data...
CODE_OF_CONDUCT.md Loading commit data...
ChangeLog Loading commit data...
DEPS Loading commit data...
LICENSE Loading commit data...
LICENSE.fdlibm Loading commit data...
LICENSE.strongtalk Loading commit data...
LICENSE.v8 Loading commit data...
LICENSE.valgrind Loading commit data...
Makefile Loading commit data...
Makefile.android Loading commit data...
OWNERS Loading commit data...
PRESUBMIT.py Loading commit data...
README.md Loading commit data...
WATCHLISTS Loading commit data...
codereview.settings Loading commit data...
snapshot_toolchain.gni Loading commit data...