| commit | f3bdb526f0c97e54b161fd1647934a459a4cec52 | |
| author | monojenkins <jo.shields+jenkins@xamarin.com> | |
| Mon, 11 Feb 2019 16:46:01 +0000 (11 11:46 -0500) | ||
| committer | GitHub <noreply@github.com> | |
| Mon, 11 Feb 2019 16:46:01 +0000 (11 11:46 -0500) | ||
| tree | d00f5dc01ea87c5b85652b67803dc61f85ed6e6c | treesnapshot (tar.gz zip) |
| parent | fc80faabb0952f8f480c5649a125de08f5e96361 | commitdiff |
Fix issue where togglerefs might be incorrectly pinned. (#12815)
[2019-02] Fix issue where togglerefs might be incorrectly pinned by GC.
Due to current call order in sgen_client_stop_world to first process togglerefs and then take current threads stack could cause a problem where toogleref object references might be left in registers after running sgen_process_togglerefs and then those object reference would be put into current thread context, incorrectly pinning the object pointed to by a toggleref, preventing it from properly being handled by GC.
The problem was observed on Windows (in debug build) running sgen-toggleref.exe runtime test since
the compile of sgen_process_togglerefs used a register holding the current toogleref's object reference when walking the list of togglerefs. That register was then not re-used until the current threads stack was taken, causing incorrect pinning of the last toogleref object in the list. This problem could in theory happen on any platform depending on native compiler and optimization.
Fix takes current threads context before walking the togglerefs to make sure we are not getting managed references into registers as part of managing the toggleref list in sgen_process_togglerefs.
Backport of #12811.
/cc @marek-safar @lateralusX
[2019-02] Fix issue where togglerefs might be incorrectly pinned by GC.
Due to current call order in sgen_client_stop_world to first process togglerefs and then take current threads stack could cause a problem where toogleref object references might be left in registers after running sgen_process_togglerefs and then those object reference would be put into current thread context, incorrectly pinning the object pointed to by a toggleref, preventing it from properly being handled by GC.
The problem was observed on Windows (in debug build) running sgen-toggleref.exe runtime test since
the compile of sgen_process_togglerefs used a register holding the current toogleref's object reference when walking the list of togglerefs. That register was then not re-used until the current threads stack was taken, causing incorrect pinning of the last toogleref object in the list. This problem could in theory happen on any platform depending on native compiler and optimization.
Fix takes current threads context before walking the togglerefs to make sure we are not getting managed references into registers as part of managing the toggleref list in sgen_process_togglerefs.
Backport of #12811.
/cc @marek-safar @lateralusX
| mono/metadata/sgen-stw.c | diffblobblamehistory |