-
NARUSE, Yui authored
[Bug #18501] Fire write barrier after hash has been written Before this change the write barrier was executed before the key and value were actually reachable via the Hash. This could cause inconsistencies in object coloration which would lead to accidental collection of dup'd keys. Example: 1. Object O is grey, Object P is white. 2. Write barrier fires O -> P 3. Write barrier does nothing 4. Malloc happens, which starts GC 5. GC colors O black 6. P is written in to O (now we have O -> P reference) 7. P is now accidentally treated as garbage --- hash.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-)
NARUSE, Yui authored[Bug #18501] Fire write barrier after hash has been written Before this change the write barrier was executed before the key and value were actually reachable via the Hash. This could cause inconsistencies in object coloration which would lead to accidental collection of dup'd keys. Example: 1. Object O is grey, Object P is white. 2. Write barrier fires O -> P 3. Write barrier does nothing 4. Malloc happens, which starts GC 5. GC colors O black 6. P is written in to O (now we have O -> P reference) 7. P is now accidentally treated as garbage --- hash.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-)
Loading