d98b12d3df
Two threads might get the same PersistentNode because the BasicCrossThreadPersistent ctor wasn't taking a lock. Then if one thread frees the node and the other initalizes it or updates its owner, we get some random object in our free list of PersistentNodes. I debug a crash in Assign(Unsafe) and Clear where the PersistentNode seemed to be allocated on stack. Empirically, adding this guard resolved it. I can't confirm in the code that the scenario above is what was happening. Drive-by: adding a few DCHECKs. Bug: chromium:1056170 Change-Id: I37d8ed5bb942a124c98d7524b7f04fe8ccb2aefd Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2718144 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#73023} |
||
|---|---|---|
| .. | ||
| api-constants.h | ||
| atomic-entry-flag.h | ||
| caged-heap-local-data.h | ||
| compiler-specific.h | ||
| finalizer-trait.h | ||
| gc-info.h | ||
| logging.h | ||
| name-trait.h | ||
| persistent-node.h | ||
| pointer-policies.h | ||
| prefinalizer-handler.h | ||
| write-barrier.h | ||