1949668 - Race condition between clearning mIsDeferredPurgePending and removing from the purge request list

Status: RESOLVED FIXED

(Core :: Memory Allocator, defect, P1)

Description

[Paul Bone [:pbone]]

Bug 1920451 changed the order of removing an arena from the list before purging dirty pages from it, this introduced a race condition.

Thread MayPurgeStep: Finds arena
Thread MayPurgeStep: Purges memory from arena and is finished so it clears mIsDeferredPurgePending
Thread 2: Releases more memory in the arena and sets mIsDeferredPurgePending
Thread 2: Adds the arena to the list of requests (a no-op, it's already there)
Thread MayPurgeStep: Removes arena from list.

Now the arena has the flag set but is not in the list. Deferred purging will never release memory from it.

I suggest removing the arena from the list before attempting to purge memory from it.

Comment 1

[BugBot [:suhaib / :marco/ :calixte]]

Set release status flags based on info from the regressing bug 1920451

:jstutte, since you are the author of the regressor, bug 1920451, could you take a look? Also, could you set the severity field?

For more information, please visit BugBot documentation.

Comment 2

[Jens Stutte [:jstutte]]

Attachment: Bug 1949668 - Avoid a race that might end up with a situation where we stop purging an arena. r?smaug

Comment 3

[Pulsebot]

Pushed by jstutte@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/4cb558574e3b
Avoid a race that might end up with a situation where we stop purging an arena. r=smaug

Comment 4

[Serban Stanca [:SerbanS]]

https://hg.mozilla.org/mozilla-central/rev/4cb558574e3b