third_party/WebKit/Source/platform/heap/GarbageCollected.h - Issue 1411603007: [Oilpan] Add use-after-free detector in Member<>

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: third_party/WebKit/Source/platform/heap/GarbageCollected.h

Issue 1411603007: [Oilpan] Add use-after-free detector in Member<> Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Rebase Created 5 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: third_party/WebKit/Source/platform/heap/GarbageCollected.h

diff --git a/third_party/WebKit/Source/platform/heap/GarbageCollected.h b/third_party/WebKit/Source/platform/heap/GarbageCollected.h

index d9abbd3a2af03f801b57b211bcde0a65a25b1231..60b14dfa02e32625f9de0d05cdafb6a8aaa5d4b6 100644

--- a/third_party/WebKit/Source/platform/heap/GarbageCollected.h

+++ b/third_party/WebKit/Source/platform/heap/GarbageCollected.h

@@ -128,6 +128,7 @@ public:

virtual void adjustAndMark(InlinedGlobalMarkingVisitor) const = 0;

virtual void trace(InlinedGlobalMarkingVisitor);

virtual bool isHeapObjectAlive() const = 0;

+ virtual HeapObjectHeader* heapObjectHeader() const = 0;

};

#define DEFINE_GARBAGE_COLLECTED_MIXIN_METHODS(VISITOR, TYPE) \

@@ -171,7 +172,7 @@ public:

{ \

void* object = TYPE::allocateObject(size, IsEagerlyFinalizedType<TYPE>::value); \

ThreadState* state = ThreadStateFor<ThreadingTrait<TYPE>::Affinity>::state(); \

- state->enterGCForbiddenScopeIfNeeded(&(reinterpret_cast<TYPE*>(object)->m_mixinConstructorMarker)); \

+ state->startConstructingGCMixin(&(reinterpret_cast<TYPE*>(object)->m_mixinConstructorMarker)); \

return object; \

} \

GarbageCollectedMixinConstructorMarker m_mixinConstructorMarker; \

@@ -205,6 +206,10 @@ public: \

{ \

return Heap::isHeapObjectAlive(this); \

} \

+ HeapObjectHeader* heapObjectHeader() const override \

+ { \

+ return HeapObjectHeader::fromPayload(this); \

+ } \

private:

#if ENABLE(OILPAN)

@@ -230,7 +235,7 @@ public:

// happen soon enough and take care of it. Mixin objects aren't

// overly common.

ThreadState* state = ThreadState::current();

- state->leaveGCForbiddenScopeIfNeeded(this);

+ state->finishConstructingGCMixin(this);

}

};

« no previous file with comments | « no previous file | third_party/WebKit/Source/platform/heap/Handle.h » ('j') | third_party/WebKit/Source/platform/heap/HeapPage.cpp » ('J')