-
Clemens Hammacher authored
The destructor of the {WasmGCForegroundTask} can be called immediately when scheduling that task (if the platform determines that the task can never execute anyway). In that case, we deregister the task from the wasm engine so we do not access it later (which would be UAF). This deregistration leads to recursively taking a mutex now. The only later access to the task happens to cancel the task. For this purpose, we can also use the {CancelableTaskManager} of the isolate, and avoid all code in the destructor. This should fix the reentrant mutex, which leads to a DCHECK failure in debug builds and deadlock in release builds. R=mstarzinger@chromium.org Bug: chromium:984970, v8:8217 Change-Id: I14f05a21ea961ecc391dc59af3b5eebf31e0f873 Cq-Include-Trybots: luci.v8.try:v8_linux_blink_rel Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1706480Reviewed-by:Michael Starzinger <mstarzinger@chromium.org> Commit-Queue: Clemens Hammacher <clemensh@chromium.org> Cr-Commit-Position: refs/heads/master@{#62804}
777d5084
