[Mono-dev] Jump trampoline threading problem with synchronized methods

Martin Däumler mdae at cs.tu-chemnitz.de
Mon May 30 10:46:24 EDT 2011


Hello,

maybe there might be a problem with a optimization in the jump
trampoline code. In the IL code example appended, the main method
creates two threads that start with a method that jumps to a
synchronized method. The final value of the variable "count"
should be 20, but it isn't always so. If you change the jump
instruction to call instruction, the code works as expected. I
tested with Mono 2.6.1, 2.6.7 and 2.10.2 on an x86 machine
running Linux.

In "mono_postprocess_patches()", the handle to the method is stored
in the hash table "jump_target_hash". When the synchronized method
("tolleMethode()") is jumped to the first time, the magic trampoline
creates a wrapper and returns the address of the wrapper. The first
jump instruction is patched with that address. A later lookup in the
"jump_target_hash" ("mono_jit_compile_method_inner()", in the scope
of the JIT-compilation of the wrapper) doesn't return pending jump
patches because the method handle of "tolleMethod()" is stored,
instead of the wrapper's handle. So, the second jump instruction
is not patched (if it is JIT-compiled so far).

Even worse: When the wrapper is executed, the method "tolleMethode()"
is JIT-compiled. Then, in "mono_jit_compile_method_inner()", there
is a hash hit and the second jump instruction is patched with
the method's address instead of her wrapper's one. So, I suggest to
check for a synchronized method in "mono_postprocess_patches()",
to create a wrapper if needed and to change the patch's target
method to the wrapper. There might be other problems I don't see?


With kind regards,
Martin Däumler
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: thread-jump.il
Url: http://lists.ximian.com/pipermail/mono-devel-list/attachments/20110530/dc2a8620/attachment.pl 


More information about the Mono-devel-list mailing list