diff options
| author | Peter Marshall <petermarshall@chromium.org> | 2018-11-09 13:06:07 +0100 |
|---|---|---|
| committer | Daniel Bevenius <daniel.bevenius@gmail.com> | 2018-11-12 07:24:09 +0100 |
| commit | a8847aa5e009e4c487a0d895cfeaea0080e33a29 (patch) | |
| tree | ec3e576dd8da4934533e7fdc190d7a65b1af8d70 /common.gypi | |
| parent | d6f52f5a38b2e93f62da2c18a58bc85991f11234 (diff) | |
| download | node-new-a8847aa5e009e4c487a0d895cfeaea0080e33a29.tar.gz | |
deps: cherry-pick b87d408 from upstream V8
Original commit message:
[heap-profiler] Fix a use-after-free when snapshots are deleted
If a caller starts the sampling heap profiler and takes a snapshot,
and then deletes the snapshot before the sampling has completed, a
use-after-free will occur on the StringsStorage pointer.
The same issue applies for StartTrackingHeapObjects which shares the
same StringsStorage object.
Bug: v8:8373
Change-Id: I5d69d60d3f9465f9dd3b3bef107c204e0fda0643
Reviewed-on: https://chromium-review.googlesource.com/c/1301477
Commit-Queue: Peter Marshall <petermarshall@chromium.org>
Reviewed-by: Alexei Filippov <alph@chromium.org>
Cr-Commit-Position: refs/heads/master@{#57114}
PR-URL: https://github.com/nodejs/node/pull/24272
Refs:
https://github.com/v8/v8/commit/b87d408f65b9ab49a4d199e850d2358995deaeb2
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Diffstat (limited to 'common.gypi')
| -rw-r--r-- | common.gypi | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/common.gypi b/common.gypi index a7a4d214b9..f92791f946 100644 --- a/common.gypi +++ b/common.gypi @@ -32,7 +32,7 @@ # Reset this number to 0 on major V8 upgrades. # Increment by one for each non-official patch applied to deps/v8. - 'v8_embedder_string': '-node.10', + 'v8_embedder_string': '-node.11', # Enable disassembler for `--print-code` v8 options 'v8_enable_disassembler': 1, |