From b7caca9f9a386d288c15935646997d59bafc3ffd Mon Sep 17 00:00:00 2001 From: jochen Date: Thu, 11 Dec 2014 07:25:23 -0800 Subject: [PATCH] When reading the map from a live object, use a barrier load It could happen that we shrink a live object on the main thread (e.g. MigrateFastToSlow) while we're sweeping the same page. The main thread first creates a filler object that the release-stores the new map. Therefore it's important to barrier load the map word of live objects from the sweeper thread. BUG=none R=ulan@chromium.org,hpayer@chromium.org LOG=n Review URL: https://codereview.chromium.org/797623002 Cr-Commit-Position: refs/heads/master@{#25780} --- src/heap/mark-compact.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/heap/mark-compact.cc b/src/heap/mark-compact.cc index b2f067bc90..85afd16f0b 100644 --- a/src/heap/mark-compact.cc +++ b/src/heap/mark-compact.cc @@ -3243,7 +3243,7 @@ static int Sweep(PagedSpace* space, FreeList* free_list, Page* p, } HeapObject* live_object = HeapObject::FromAddress(free_end); DCHECK(Marking::IsBlack(Marking::MarkBitFrom(live_object))); - Map* map = live_object->map(); + Map* map = live_object->synchronized_map(); int size = live_object->SizeFromMap(map); if (sweeping_mode == SWEEP_AND_VISIT_LIVE_OBJECTS) { live_object->IterateBody(map->instance_type(), size, v);