Fix data race in v8::internal::UnboundQueue

This change modifies memory accesses to ensure proper load/store ordering. BUG=249750 R=dvyukov@google.com, jkummerow@chromium.org Review URL: https://codereview.chromium.org/17294004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15219 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Fix data race in v8::internal::UnboundQueue
This change modifies memory accesses to ensure proper load/store ordering. BUG=249750 R=dvyukov@google.com, jkummerow@chromium.org Review URL: https://codereview.chromium.org/17294004 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@15219 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
3b53f7dc · yurys@chromium.org · 07ae09c1 · 3b53f7dc · 3b53f7dc · 3b53f7dc
Commit 3b53f7dc authored Jun 20, 2013 by yurys@chromium.org
Showing with 22 additions and 14 deletions

cpu-profiler.cc src/cpu-profiler.cc +2 -3

optimizing-compiler-thread.cc src/optimizing-compiler-thread.cc +2 -3

unbound-queue-inl.h src/unbound-queue-inl.h +15 -5

unbound-queue.h src/unbound-queue.h +3 -3

No files found.
--- a/src/cpu-profiler.cc
+++ b/src/cpu-profiler.cc
@@ -191,9 +191,8 @@ void ProfilerEventsProcessor::AddCurrentStack() {


 bool ProfilerEventsProcessor::ProcessCodeEvent(unsigned* dequeue_order) {
-  if (!events_buffer_.IsEmpty()) {
-    CodeEventsContainer record;
-    events_buffer_.Dequeue(&record);
+  CodeEventsContainer record;
+  if (events_buffer_.Dequeue(&record)) {
    switch (record.generic.type) {
 #define PROFILER_TYPE_CASE(type, clss)                          \
      case CodeEventRecord::type:                               \

--- a/src/optimizing-compiler-thread.cc
+++ b/src/optimizing-compiler-thread.cc
@@ -128,9 +128,8 @@ void OptimizingCompilerThread::InstallOptimizedFunctions() {
  ASSERT(!IsOptimizerThread());
  HandleScope handle_scope(isolate_);
  int functions_installed = 0;
-  while (!output_queue_.IsEmpty()) {
-    OptimizingCompiler* compiler;
-    output_queue_.Dequeue(&compiler);
+  OptimizingCompiler* compiler;
+  while (output_queue_.Dequeue(&compiler)) {
    Compiler::InstallOptimizedCode(compiler);
    functions_installed++;
  }

--- a/src/unbound-queue-inl.h
+++ b/src/unbound-queue-inl.h
@@ -68,11 +68,12 @@ void UnboundQueue<Record>::DeleteFirst() {


 template<typename Record>
-void UnboundQueue<Record>::Dequeue(Record* rec) {
-  ASSERT(divider_ != last_);
+bool UnboundQueue<Record>::Dequeue(Record* rec) {
+  if (divider_ == Acquire_Load(&last_)) return false;
  Node* next = reinterpret_cast<Node*>(divider_)->next;
  *rec = next->value;
  Release_Store(&divider_, reinterpret_cast<AtomicWord>(next));
+  return true;
 }


@@ -81,13 +82,22 @@ void UnboundQueue<Record>::Enqueue(const Record& rec) {
  Node*& next = reinterpret_cast<Node*>(last_)->next;
  next = new Node(rec);
  Release_Store(&last_, reinterpret_cast<AtomicWord>(next));
-  while (first_ != reinterpret_cast<Node*>(divider_)) DeleteFirst();
+
+  while (first_ != reinterpret_cast<Node*>(Acquire_Load(&divider_))) {
+    DeleteFirst();
+  }
+}
+
+
+template<typename Record>
+bool UnboundQueue<Record>::IsEmpty() const {
+  return NoBarrier_Load(&divider_) == NoBarrier_Load(&last_);
 }


 template<typename Record>
-Record* UnboundQueue<Record>::Peek() {
-  ASSERT(divider_ != last_);
+Record* UnboundQueue<Record>::Peek() const {
+  if (divider_ == Acquire_Load(&last_)) return NULL;
  Node* next = reinterpret_cast<Node*>(divider_)->next;
  return &next->value;
 }

--- a/src/unbound-queue.h
+++ b/src/unbound-queue.h
@@ -46,10 +46,10 @@ class UnboundQueue BASE_EMBEDDED {
  inline UnboundQueue();
  inline ~UnboundQueue();

-  INLINE(void Dequeue(Record* rec));
+  INLINE(bool Dequeue(Record* rec));
  INLINE(void Enqueue(const Record& rec));
-  INLINE(bool IsEmpty()) { return divider_ == last_; }
-  INLINE(Record* Peek());
+  INLINE(bool IsEmpty() const);
+  INLINE(Record* Peek() const);

 private:
  INLINE(void DeleteFirst());