[compiler] Silence tsan warning on Context::length

The field is immutable after initialization and thus should be set
non-atomically on the main thread, and read non-atomically on the
background thread. But TSAN support for generated code turns all field
accesses into relaxed atomic accesses, leading to this race detection.
Silence it by making the read relaxed as well.

Bug: chromium:1236302,v8:7790
Change-Id: I47979b2dbf61a65a9e92453324fe2b255fafd30d
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3070700
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Santiago Aboy Solanes <solanes@chromium.org>
Auto-Submit: Jakob Gruber <jgruber@chromium.org>
Reviewed-by: Santiago Aboy Solanes <solanes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#76080}

src/compiler/heap-refs.cc

@@ -1680,7 +1680,8 @@ ContextRef ContextRef::previous(size_t* depth) const {
 
 base::Optional<ObjectRef> ContextRef::get(int index) const {
   CHECK_LE(0, index);
-  if (index >= object()->length()) return {};
+  // Length is immutable after initialization.
+  if (index >= object()->length(kRelaxedLoad)) return {};
   return TryMakeRef(broker(), object()->get(index));
 }
 

src/objects/contexts-inl.h

@@ -56,6 +56,8 @@ NEVER_READ_ONLY_SPACE_IMPL(Context)
 
 CAST_ACCESSOR(NativeContext)
 
+RELAXED_SMI_ACCESSORS(Context, length, kLengthOffset)
+
 Object Context::get(int index) const {
   PtrComprCageBase cage_base = GetPtrComprCageBase(*this);
   return get(cage_base, index);
@@ -63,14 +65,14 @@ Object Context::get(int index) const {
 
 Object Context::get(PtrComprCageBase cage_base, int index) const {
   DCHECK_LT(static_cast<unsigned int>(index),
-            static_cast<unsigned int>(length()));
+            static_cast<unsigned int>(length(kRelaxedLoad)));
   return TaggedField<Object>::Relaxed_Load(cage_base, *this,
                                            OffsetOfElementAt(index));
 }
 
 void Context::set(int index, Object value, WriteBarrierMode mode) {
   DCHECK_LT(static_cast<unsigned int>(index),
-            static_cast<unsigned int>(length()));
+            static_cast<unsigned int>(length(kRelaxedLoad)));
   const int offset = OffsetOfElementAt(index);
   RELAXED_WRITE_FIELD(*this, offset, value);
   CONDITIONAL_WRITE_BARRIER(*this, offset, value, mode);
@@ -84,14 +86,14 @@ Object Context::get(int index, AcquireLoadTag tag) const {
 Object Context::get(PtrComprCageBase cage_base, int index,
                     AcquireLoadTag) const {
   DCHECK_LT(static_cast<unsigned int>(index),
-            static_cast<unsigned int>(length()));
+            static_cast<unsigned int>(length(kRelaxedLoad)));
   return ACQUIRE_READ_FIELD(*this, OffsetOfElementAt(index));
 }
 
 void Context::set(int index, Object value, WriteBarrierMode mode,
                   ReleaseStoreTag) {
   DCHECK_LT(static_cast<unsigned int>(index),
-            static_cast<unsigned int>(length()));
+            static_cast<unsigned int>(length(kRelaxedLoad)));
   const int offset = OffsetOfElementAt(index);
   RELEASE_WRITE_FIELD(*this, offset, value);
   CONDITIONAL_WRITE_BARRIER(*this, offset, value, mode);

src/objects/contexts.h

@@ -436,6 +436,10 @@ class Context : public TorqueGeneratedContext<Context, HeapObject> {
  public:
   NEVER_READ_ONLY_SPACE
 
+  using TorqueGeneratedContext::length;      // Non-atomic.
+  using TorqueGeneratedContext::set_length;  // Non-atomic.
+  DECL_RELAXED_SMI_ACCESSORS(length)
+
   // Setter and getter for elements.
   // Note the plain accessors use relaxed semantics.
   // TODO(jgruber): Make that explicit through tags.