AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity

[heap, tsan] Annotate concurrent marking for TSAN

Browse Source 
TSAN complains about missing synchronization on access to the page flags
because it does not support and recognize the memory fence we emit after
page initialization.

This adds a TSAN only acquire load to the code accesses page flags
similar to the existing load in MarkObject.

Bug: v8:9842
Change-Id: I34dac308ac1cce1d74a4a1bad95a482abc071595
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1856008
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64247}
This commit is contained in:
Ulan Degenbaev 2019-10-11 16:14:05 +02:00 committed by Commit Bot
parent 1ce9b553b5
commit 94dc6d2e8f
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/heap/concurrent-marking.cc
View File

@ -224,6 +224,9 @@ class ConcurrentMarkingVisitor final
} }
if (weak_ref.target().IsHeapObject()) { if (weak_ref.target().IsHeapObject()) {
HeapObject target = HeapObject::cast(weak_ref.target()); HeapObject target = HeapObject::cast(weak_ref.target());
#ifdef THREAD_SANITIZER
MemoryChunk::FromHeapObject(target)->SynchronizedHeapLoad();
#endif
if (marking_state_.IsBlackOrGrey(target)) { if (marking_state_.IsBlackOrGrey(target)) {
// Record the slot inside the JSWeakRef, since the // Record the slot inside the JSWeakRef, since the
// VisitJSObjectSubclass above didn't visit it. // VisitJSObjectSubclass above didn't visit it.
@ -246,6 +249,9 @@ class ConcurrentMarkingVisitor final
WeakCell::BodyDescriptor::IterateBody(map, weak_cell, size, this); WeakCell::BodyDescriptor::IterateBody(map, weak_cell, size, this);
if (weak_cell.target().IsHeapObject()) { if (weak_cell.target().IsHeapObject()) {
HeapObject target = HeapObject::cast(weak_cell.target()); HeapObject target = HeapObject::cast(weak_cell.target());
#ifdef THREAD_SANITIZER
MemoryChunk::FromHeapObject(target)->SynchronizedHeapLoad();
#endif
if (marking_state_.IsBlackOrGrey(target)) { if (marking_state_.IsBlackOrGrey(target)) {
// Record the slot inside the WeakCell, since the IterateBody above // Record the slot inside the WeakCell, since the IterateBody above
// didn't visit it. // didn't visit it.
@ -477,6 +483,9 @@ class ConcurrentMarkingVisitor final
ObjectSlot key_slot = ObjectSlot key_slot =
table.RawFieldOfElementAt(EphemeronHashTable::EntryToIndex(i)); table.RawFieldOfElementAt(EphemeronHashTable::EntryToIndex(i));
HeapObject key = HeapObject::cast(table.KeyAt(i)); HeapObject key = HeapObject::cast(table.KeyAt(i));
#ifdef THREAD_SANITIZER
MemoryChunk::FromHeapObject(key)->SynchronizedHeapLoad();
#endif
MarkCompactCollector::RecordSlot(table, key_slot, key); MarkCompactCollector::RecordSlot(table, key_slot, key);
ObjectSlot value_slot = ObjectSlot value_slot =
@ -490,6 +499,9 @@ class ConcurrentMarkingVisitor final
if (value_obj.IsHeapObject()) { if (value_obj.IsHeapObject()) {
HeapObject value = HeapObject::cast(value_obj); HeapObject value = HeapObject::cast(value_obj);
#ifdef THREAD_SANITIZER
MemoryChunk::FromHeapObject(value)->SynchronizedHeapLoad();
#endif
MarkCompactCollector::RecordSlot(table, value_slot, value); MarkCompactCollector::RecordSlot(table, value_slot, value);
// Revisit ephemerons with both key and value unreachable at end // Revisit ephemerons with both key and value unreachable at end