Reviewers: dvyukov, Alexander Potapenko, danno, Jakob,
Description:
Fix data race in v8::internal::UnboundQueue
This change modifies memory accesses to ensure proper load/store ordering.
BUG=249750
Please review this at https://codereview.chromium.org/17294004/
SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files:
M src/cpu-profiler.cc
M src/optimizing-compiler-thread.cc
M src/unbound-queue-inl.h
M src/unbound-queue.h
Index: src/cpu-profiler.cc
diff --git a/src/cpu-profiler.cc b/src/cpu-profiler.cc
index
42722191bd5a0cce0c9bdb7d8a909cbd3d30fb2a..109ddd5d976f0a36ccdb1512e02b2a78467238d6
100644
--- a/src/cpu-profiler.cc
+++ b/src/cpu-profiler.cc
@@ -191,9 +191,8 @@ void ProfilerEventsProcessor::AddCurrentStack() {
bool ProfilerEventsProcessor::ProcessCodeEvent(unsigned* dequeue_order) {
- if (!events_buffer_.IsEmpty()) {
- CodeEventsContainer record;
- events_buffer_.Dequeue(&record);
+ CodeEventsContainer record;
+ if (events_buffer_.Dequeue(&record)) {
switch (record.generic.type) {
#define PROFILER_TYPE_CASE(type, clss) \
case CodeEventRecord::type: \
Index: src/optimizing-compiler-thread.cc
diff --git a/src/optimizing-compiler-thread.cc
b/src/optimizing-compiler-thread.cc
index
b2abc813abb63e52a191ae789352b79962264e19..e092248b6f56613ee3b196bf08a0fd701bfade32
100644
--- a/src/optimizing-compiler-thread.cc
+++ b/src/optimizing-compiler-thread.cc
@@ -128,9 +128,8 @@ void
OptimizingCompilerThread::InstallOptimizedFunctions() {
ASSERT(!IsOptimizerThread());
HandleScope handle_scope(isolate_);
int functions_installed = 0;
- while (!output_queue_.IsEmpty()) {
- OptimizingCompiler* compiler;
- output_queue_.Dequeue(&compiler);
+ OptimizingCompiler* compiler;
+ while (output_queue_.Dequeue(&compiler)) {
Compiler::InstallOptimizedCode(compiler);
functions_installed++;
}
Index: src/unbound-queue-inl.h
diff --git a/src/unbound-queue-inl.h b/src/unbound-queue-inl.h
index
86722f3a7cd18b24bbe44f5de9abbbdb51fcf7b4..1f7f050bdaa4e8bffc6772992c841432611102ba
100644
--- a/src/unbound-queue-inl.h
+++ b/src/unbound-queue-inl.h
@@ -68,11 +68,12 @@ void UnboundQueue<Record>::DeleteFirst() {
template<typename Record>
-void UnboundQueue<Record>::Dequeue(Record* rec) {
- ASSERT(divider_ != last_);
+bool UnboundQueue<Record>::Dequeue(Record* rec) {
+ if (divider_ == Acquire_Load(&last_)) return false;
Node* next = reinterpret_cast<Node*>(divider_)->next;
*rec = next->value;
Release_Store(÷r_, reinterpret_cast<AtomicWord>(next));
+ return true;
}
@@ -81,13 +82,16 @@ void UnboundQueue<Record>::Enqueue(const Record& rec) {
Node*& next = reinterpret_cast<Node*>(last_)->next;
next = new Node(rec);
Release_Store(&last_, reinterpret_cast<AtomicWord>(next));
- while (first_ != reinterpret_cast<Node*>(divider_)) DeleteFirst();
+
+ while (first_ != reinterpret_cast<Node*>(Acquire_Load(÷r_))) {
+ DeleteFirst();
+ }
}
template<typename Record>
Record* UnboundQueue<Record>::Peek() {
- ASSERT(divider_ != last_);
+ if (divider_ == Acquire_Load(&last_)) return NULL;
Node* next = reinterpret_cast<Node*>(divider_)->next;
return &next->value;
}
Index: src/unbound-queue.h
diff --git a/src/unbound-queue.h b/src/unbound-queue.h
index
59a426b7fedf72c822a6d8d4aaf1ee2aa75b3213..7b3964430e33a1ec8c54407047eac49f0721eea9
100644
--- a/src/unbound-queue.h
+++ b/src/unbound-queue.h
@@ -46,7 +46,7 @@ class UnboundQueue BASE_EMBEDDED {
inline UnboundQueue();
inline ~UnboundQueue();
- INLINE(void Dequeue(Record* rec));
+ INLINE(bool Dequeue(Record* rec));
INLINE(void Enqueue(const Record& rec));
INLINE(bool IsEmpty()) { return divider_ == last_; }
INLINE(Record* Peek());
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
