-
Omer Katz authored
Object size and mark bit reside in the same half word. Reading the size during marking causes data races. Specifically, the size is read from the write barrier and from Member's CheckPointer method. Adding an atomic version to accessing the size. This version is used by FindHeaderFromObject in the write barrier slow path and by CheckPointer in member methods other than allocation (members during allocation will not be traced yet so atomics are not needed there). Note that since the size never changed during marking (added a DCHECK to verify that incremental marking is off during size change), it is safe to read the size relaxed. Bug: 986235 Change-Id: I73019f9f9bfeb9562d4d1f29fc020a9b6f71866a Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1893202 Commit-Queue: Omer Katz <omerkatz@chromium.org> Reviewed-by:
Kentaro Hara <haraken@chromium.org> Reviewed-by:
Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/master@{#712551}
5da6c653
