-
sigbjornf authored
Do not allow BlinkGC managed objects to include unsafe iterators of other heap objects; that is, do not allow them to keep iterator part objects as fields. These iterators contain untraced references, which is in general unsafe practice and breaks the general rule that all heap references must be known to the GC infrastructure, and be marked and traced through. This applies to all heap collection iterators but HeapListHashSet<>'s, which can be safely traced. It is also the only collection iterator which is kept as a field of an on-heap object (CSSSegmentedFontFace.) R=haraken BUG=672030 Review-Url: https://codereview.chromium.org/2588943002 Cr-Commit-Position: refs/heads/master@{#439784}
1fb76ab1
