Commit e487a7da authored by Dominik Inführ's avatar Dominik Inführ Committed by Commit Bot

[heap] Access wasted_memory() while holding lock

PagedSpace::RefillFreeList() needs to invoke wasted_memory()
while holding the lock. Otherwise this races with
PagedSpace::FreeLinearAllocationArea() which uses add_wasted_memory()
and already holds the lock.

Bug: v8:10315
Change-Id: I3a57191529cdd81d75833ec334a57f84a9a59194
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2428930Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
Commit-Queue: Dominik Inführ <dinfuehr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70126}
parent 4af3a333
......@@ -137,13 +137,14 @@ void PagedSpace::RefillFreeList() {
owner->RefineAllocatedBytesAfterSweeping(p);
owner->RemovePage(p);
added += AddPage(p);
added += p->wasted_memory();
} else {
base::MutexGuard guard(mutex());
DCHECK_EQ(this, p->owner());
RefineAllocatedBytesAfterSweeping(p);
added += RelinkFreeListCategories(p);
}
added += p->wasted_memory();
}
if (is_compaction_space() && (added > kCompactionMemoryWanted)) break;
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment