test · c58862c3601cd6601ec6c8692052d28fc8579fec · Linshizhi / V8

cppgc: Allow CrossThreadPersistent to access poisoned memory from GC · c58862c3

Michael Lippautz authored Jul 21, 2021

Allow CrossThreadPersistent and its weak form to access ASAN poisoned
memory from the GC entry points.

In general, payloads of to-be-finalized objects are poisoned until the
finalizer actually runs to avoid accidentally touching that payload.

In the case of cross-thread handles, these may need to be cleared by a
different thread before the finalizer actually runs. In order to clear
those references, the slot needs to be unpoisoned.

This is issue is ASAN-only and does not affect production or other
debug builds.

Bug: chromium:1230599, chromium:1056170
Change-Id: If4d0808953047319b02653821abbb5c638084dc5
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3040845
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Omer Katz <omerkatz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75846}

c58862c3

Name	Last commit	Last update
..
benchmarks		Loading commit data...
bigint		Loading commit data...
cctest		Loading commit data...
common		Loading commit data...
debugger		Loading commit data...
debugging		Loading commit data...
fuzzer		Loading commit data...
fuzzilli		Loading commit data...
inspector		Loading commit data...
intl		Loading commit data...
js-perf-test		Loading commit data...
memory		Loading commit data...
message		Loading commit data...
mjsunit		Loading commit data...
mkgrokdump		Loading commit data...
mozilla		Loading commit data...
test262		Loading commit data...
torque		Loading commit data...
unittests		Loading commit data...
wasm-api-tests		Loading commit data...
wasm-js		Loading commit data...
wasm-spec-tests		Loading commit data...
webkit		Loading commit data...
BUILD.gn		Loading commit data...
OWNERS		Loading commit data...