re PR libgcj/8995 (race cases in interpreter)

2008-08-22  Andrew Haley  <aph@redhat.com>

        PR libgcj/8895:

        * interpret-run.cc (REWRITE_INSN): Null this macro.

        * include/jvm.h (class _Jv_Linker): Declare resolve_mutex, init.
        (read_cpool_entry, write_cpool_entry): New functions.
        * link.cc (_Jv_Linker::resolve_mutex): new.
        (_Jv_Linker::init): New function.
        (_Jv_Linker::resolve_pool_entry): Use {read,write}_cpool_entry
        to ensure atomic access to constant pool entries.

From-SVN: r139492

1 files changed, 18 insertions, 6 deletions

diff --git a/libjava/interpret-run.cc b/libjava/interpret-run.cc
index f858c97..2934b9b 100644
--- a/libjava/interpret-run.cc
+++ b/libjava/interpret-run.cc
@@ -382,12 +382,24 @@ details.  */
 #else // !DEBUG
 #undef NEXT_INSN
 #define NEXT_INSN goto *((pc++)->insn)
-#define REWRITE_INSN(INSN,SLOT,VALUE)		\
-  do {						\
-    pc[-2].insn = INSN;				\
-    pc[-1].SLOT = VALUE;			\
-  }						\
-  while (0)
+
+// REWRITE_INSN does nothing.
+//
+// Rewriting a multi-word instruction in the presence of multiple
+// threads leads to a data race if a thread reads part of an
+// instruction while some other thread is rewriting that instruction.
+// For example, an invokespecial instruction may be rewritten to
+// invokespecial_resolved and its operand changed from an index to a
+// pointer while another thread is executing invokespecial.  This
+// other thread then reads the pointer that is now the operand of
+// invokespecial_resolved and tries to use it as an index.
+//
+// Fixing this requires either spinlocks, a more elaborate data
+// structure, or even per-thread allocated pages.  It's clear from the
+// locking in meth->compile below that the presence of multiple
+// threads was contemplated when this code was written, but the full
+// consequences were not fully appreciated.
+#define REWRITE_INSN(INSN,SLOT,VALUE)
 
 #undef INTERP_REPORT_EXCEPTION
 #define INTERP_REPORT_EXCEPTION(Jthrowable) /* not needed when not debugging */