We mustn't finalize sweeping when V8 started collecting garbage.

third_party/WebKit/Source/bindings/core/v8/V8GCController.cpp

Index: third_party/WebKit/Source/bindings/core/v8/V8GCController.cpp
diff --git a/third_party/WebKit/Source/bindings/core/v8/V8GCController.cpp b/third_party/WebKit/Source/bindings/core/v8/V8GCController.cpp
index c3b4cc8eb022f32066119c36b08e2de4fc941a77..927ec418641038100a445e798e43bb1c562d5e2e 100644
--- a/third_party/WebKit/Source/bindings/core/v8/V8GCController.cpp
+++ b/third_party/WebKit/Source/bindings/core/v8/V8GCController.cpp
@@ -274,13 +274,17 @@ void gcPrologueForMajorGC(v8::Isolate* isolate, bool constructRetainedObjectInfo
 
 void V8GCController::gcPrologue(v8::GCType type, v8::GCCallbackFlags flags)
 {
-    if (ThreadState::current())
-        ThreadState::current()->willStartV8GC();
-
     if (isMainThread()) {
         ScriptForbiddenScope::enter();
     }
 
+    // TODO(haraken): It is not safe to run finalizers in a prologue callback
+    // because V8AbstractEventListener's destructor cann call into V8. We
+    // should post a task to schedule willStartV8GC() and avoid running it
+    // inside the prologue callback.
+    // if (ThreadState::current())
+    //     ThreadState::current()->willStartV8GC();
+
     // TODO(haraken): It would be nice if the GC callbacks passed the Isolate
     // directly.
     v8::Isolate* isolate = v8::Isolate::GetCurrent();