From aec2874d992ae7db3920ed0a8583ea3d2787c952 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Inf=C3=BChr?= Date: Sat, 19 Sep 2020 00:02:59 +0200 Subject: [PATCH] [heap] Read gc_state() only once for DCHECK MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit That DCHECK could fail even though GC was in the right state. It could happen that the first load gets the old value NOT_IN_GC, since this isn't TEAR_DOWN a second load needs to be performed. The load then returns TEAR_DOWN but that doesn't match NOT_IN_GC either. Fix this by only loading gc_state() once. Bug: v8:10315 Change-Id: Ibcad540fa4d5f578c9936c472b294bbccebdc09a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2418719 Reviewed-by: Ulan Degenbaev Commit-Queue: Dominik Inführ Cr-Commit-Position: refs/heads/master@{#70021} --- src/heap/local-heap-inl.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/heap/local-heap-inl.h b/src/heap/local-heap-inl.h index 69eb86de1e..89b6d2479f 100644 --- a/src/heap/local-heap-inl.h +++ b/src/heap/local-heap-inl.h @@ -15,13 +15,15 @@ namespace internal { AllocationResult LocalHeap::AllocateRaw(int size_in_bytes, AllocationType type, AllocationOrigin origin, AllocationAlignment alignment) { +#if DEBUG DCHECK_EQ(LocalHeap::Current(), this); DCHECK(AllowHandleAllocation::IsAllowed()); DCHECK(AllowHeapAllocation::IsAllowed()); DCHECK_IMPLIES(type == AllocationType::kCode, alignment == AllocationAlignment::kCodeAligned); - DCHECK(heap()->gc_state() == Heap::TEAR_DOWN || - heap()->gc_state() == Heap::NOT_IN_GC); + Heap::HeapState state = heap()->gc_state(); + DCHECK(state == Heap::TEAR_DOWN || state == Heap::NOT_IN_GC); +#endif bool large_object = size_in_bytes > kMaxRegularHeapObjectSize; CHECK_EQ(type, AllocationType::kOld);