diff options
| author | 2016-12-19 11:44:47 -0800 | |
|---|---|---|
| committer | 2016-12-19 11:44:47 -0800 | |
| commit | 65f5f247a367af9d6b9ac63767b69ecf3ab079bc (patch) | |
| tree | bff631b0efd7e8fe77be9c445ea9224e2b67433b /runtime/gc/reference_queue.cc | |
| parent | 5b32b91d731d6187ada4c6fc804041b7b3b6903c (diff) | |
Fix race condition btw DelayReferenceRefernent vs Reference.clear().
Rename IsMarkedHeapReference to IsNullOrMarkedHeapReference.
Move the null check from the caller of IsMarkedHeapReference into
IsNullOrMarkedHeapReference.
Make sure that the referent is only loaded once between the null
check and the IsMarked call.
Use a CAS in ConcurrentCopying::IsNullOrMarkedHeapReference when
called from DelayReferenceRefernent.
Bug: 33389022
Test: test-art-host without and with CC.
Change-Id: I20edab4dac2a4bb02dbb72af0f09de77b55ac08e
Diffstat (limited to 'runtime/gc/reference_queue.cc')
| -rw-r--r-- | runtime/gc/reference_queue.cc | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/runtime/gc/reference_queue.cc b/runtime/gc/reference_queue.cc index a0eb197bd5..734caea371 100644 --- a/runtime/gc/reference_queue.cc +++ b/runtime/gc/reference_queue.cc @@ -129,8 +129,9 @@ void ReferenceQueue::ClearWhiteReferences(ReferenceQueue* cleared_references, while (!IsEmpty()) { ObjPtr<mirror::Reference> ref = DequeuePendingReference(); mirror::HeapReference<mirror::Object>* referent_addr = ref->GetReferentReferenceAddr(); - if (referent_addr->AsMirrorPtr() != nullptr && - !collector->IsMarkedHeapReference(referent_addr)) { + // do_atomic_update is false because this happens during the reference processing phase where + // Reference.clear() would block. + if (!collector->IsNullOrMarkedHeapReference(referent_addr, /*do_atomic_update*/false)) { // Referent is white, clear it. if (Runtime::Current()->IsActiveTransaction()) { ref->ClearReferent<true>(); @@ -147,8 +148,9 @@ void ReferenceQueue::EnqueueFinalizerReferences(ReferenceQueue* cleared_referenc while (!IsEmpty()) { ObjPtr<mirror::FinalizerReference> ref = DequeuePendingReference()->AsFinalizerReference(); mirror::HeapReference<mirror::Object>* referent_addr = ref->GetReferentReferenceAddr(); - if (referent_addr->AsMirrorPtr() != nullptr && - !collector->IsMarkedHeapReference(referent_addr)) { + // do_atomic_update is false because this happens during the reference processing phase where + // Reference.clear() would block. + if (!collector->IsNullOrMarkedHeapReference(referent_addr, /*do_atomic_update*/false)) { ObjPtr<mirror::Object> forward_address = collector->MarkObject(referent_addr->AsMirrorPtr()); // Move the updated referent to the zombie field. if (Runtime::Current()->IsActiveTransaction()) { |