test/unittests · c75ff1ca2e22795244ae58172ff5731637a8f2e6 · Linshizhi / V8

cppgc: Clear large pages on free. · 1fc24069

Omer Katz authored May 06, 2021

Destroyed large pages can be reallocated before the OS get a chance to
reclaim and clear them. In such cases we will get non-zero memory in a
newly allocated page.
Normal pages are not affected since they are kept in page pools instead
of being freed.
Fix by explicitly clearing the payload when destroying a large page.

Bug: chromium:1056170, chromium:1206274
Change-Id: I6436302f50b8f0b4ef41288425bf464b0eb52d5f
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2874404
Commit-Queue: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74418}

1fc24069

Name	Last commit	Last update
..
api		Loading commit data...
asmjs		Loading commit data...
assembler		Loading commit data...
base		Loading commit data...
codegen		Loading commit data...
compiler		Loading commit data...
compiler-dispatcher		Loading commit data...
date		Loading commit data...
diagnostics		Loading commit data...
execution		Loading commit data...
heap		Loading commit data...
interpreter		Loading commit data...
libplatform		Loading commit data...
logging		Loading commit data...
numbers		Loading commit data...
objects		Loading commit data...
parser		Loading commit data...
profiler		Loading commit data...
regress		Loading commit data...
strings		Loading commit data...
tasks		Loading commit data...
torque		Loading commit data...
utils		Loading commit data...
wasm		Loading commit data...
zone		Loading commit data...
BUILD.gn		Loading commit data...
DEPS		Loading commit data...
run-all-unittests.cc		Loading commit data...
test-helpers.cc		Loading commit data...
test-helpers.h		Loading commit data...
test-utils.cc		Loading commit data...
test-utils.h		Loading commit data...
testcfg.py		Loading commit data...
unittests.status		Loading commit data...