AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity

[heap] Fix data races in debug builds

Browse Source 
These fixes address race observed in
https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket/8792972887942555249/+/u/Benchmarks__flakes_/splay
and
https://logs.chromium.org/logs/v8/buildbucket/cr-buildbucket/8792972887942555249/+/u/Check_-_extra/regress-1146013

Bug: v8:13665
Change-Id: Ief02d57907dd1930fc5c719503fd98e42171991b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4171638
Auto-Submit: Omer Katz <omerkatz@chromium.org>
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/main@{#85393}
This commit is contained in:
Omer Katz 2023-01-19 11:56:04 +01:00 committed by V8 LUCI CQ
parent 6830f99903
commit 562b65a86e
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/heap/scavenger-inl.h
View File

@ -135,7 +135,7 @@ CopyAndForwardResult Scavenger::SemiSpaceCopyObject(
HeapObject target;
if (allocation.To(&target)) {
DCHECK(heap()->non_atomic_marking_state()->IsWhite(target));
DCHECK(heap()->marking_state()->IsWhite(target));
const bool self_success =
MigrateObject(map, object, target, object_size, kPromoteIntoLocalHeap);
if (!self_success) {

3
src/maglev/maglev-concurrent-dispatcher.cc
View File

@ -118,7 +118,8 @@ CompilationJob::Status MaglevCompilationJob::FinalizeJobImpl(Isolate* isolate) {
if (!maglev::MaglevCompiler::GenerateCode(isolate, info()).ToHandle(&code)) {
return CompilationJob::FAILED;
}
info()->toplevel_compilation_unit()->function().object()->set_code(*code);
info()->toplevel_compilation_unit()->function().object()->set_code(
*code, kReleaseStore);
return CompilationJob::SUCCEEDED;
}