Make changing a record's type an atomic operation.

base/metrics/persistent_memory_allocator.cc

 // Copyright (c) 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/metrics/persistent_memory_allocator.h"
 
 #include <assert.h>
 #include <algorithm>
 
 #include "base/files/memory_mapped_file.h"
@@ skipping 60 matching lines @@
 // padding out allocations. An alignment of 16 would ensure that the block
 // header structure always sits in a single cache line. An average of about
 // 1/2 this value will be wasted with every allocation.
 const uint32_t PersistentMemoryAllocator::kAllocAlignment = 8;
 
 // The block-header is placed at the top of every allocation within the
 // segment to describe the data that follows it.
 struct PersistentMemoryAllocator::BlockHeader {
   uint32_t size;       // Number of bytes in this block, including header.
   uint32_t cookie;     // Constant value indicating completed allocation.
-  uint32_t type_id;    // A number provided by caller indicating data type.
-  std::atomic<uint32_t> next;  // Pointer to the next block when iterating.
+  std::atomic<uint32_t> type_id;  // Arbitrary number indicating data type.
+  std::atomic<uint32_t> next;     // Pointer to the next block when iterating.
 };
 
 // The shared metadata exists once at the top of the memory segment to
 // describe the state of the allocator to all processes.
 struct PersistentMemoryAllocator::SharedMetadata {
   uint32_t cookie;     // Some value that indicates complete initialization.
   uint32_t size;       // Total size of memory segment.
   uint32_t page_size;  // Paging size within memory segment.
   uint32_t version;    // Version code so upgrades don't break.
   uint64_t id;         // Arbitrary ID number given by creator.
@@ skipping 88 matching lines @@
       return kReferenceNull;
     }
 
     // Update the "last_record" pointer to be the reference being returned.
     // If it fails then another thread has already iterated past it so loop
     // again. Failing will also load the existing value into "last" so there
     // is no need to do another such load when the while-loop restarts. A
     // "strong" compare-exchange is used because failing unnecessarily would
     // mean repeating some fairly costly validations above.
     if (last_record_.compare_exchange_strong(last, next)) {
-      *type_return = block->type_id;
+      *type_return = block->type_id.load(std::memory_order_relaxed);
       break;
     }
   }
 
   // Memory corruption could cause a loop in the list. Such must be detected
   // so as to not cause an infinite loop in the caller. This is done by simply
   // making sure it doesn't iterate more times than the absolute maximum
   // number of allocations that could have been made. Callers are likely
   // to loop multiple times before it is detected but at least it stops.
   const uint32_t freeptr = std::min(
@@ skipping 86 matching lines @@
         shared_meta()->version != 0 ||
         shared_meta()->freeptr.load(std::memory_order_relaxed) != 0 ||
         shared_meta()->flags.load(std::memory_order_relaxed) != 0 ||
         shared_meta()->id != 0 ||
         shared_meta()->name != 0 ||
         shared_meta()->tailptr != 0 ||
         shared_meta()->queue.cookie != 0 ||
         shared_meta()->queue.next.load(std::memory_order_relaxed) != 0 ||
         first_block->size != 0 ||
         first_block->cookie != 0 ||
-        first_block->type_id != 0 ||
+        first_block->type_id.load(std::memory_order_relaxed) != 0 ||
         first_block->next != 0) {
       // ...or something malicious has been playing with the metadata.
       SetCorrupt();
     }
 
     // This is still safe to do even if corruption has been detected.
     shared_meta()->cookie = kGlobalCookie;
     shared_meta()->size = mem_size_;
     shared_meta()->page_size = mem_page_;
     shared_meta()->version = kGlobalVersion;
@@ skipping 106 matching lines @@
     SetCorrupt();
     return 0;
   }
   return size - sizeof(BlockHeader);
 }
 
 uint32_t PersistentMemoryAllocator::GetType(Reference ref) const {
   const volatile BlockHeader* const block = GetBlock(ref, 0, 0, false, false);
   if (!block)
     return 0;
-  return block->type_id;
+  return block->type_id.load(std::memory_order_relaxed);
 }
 
-void PersistentMemoryAllocator::SetType(Reference ref, uint32_t type_id) {
+bool PersistentMemoryAllocator::ChangeType(Reference ref,
+                                           uint32_t to_type_id,
+                                           uint32_t from_type_id) {
   DCHECK(!readonly_);
   volatile BlockHeader* const block = GetBlock(ref, 0, 0, false, false);
   if (!block)
-    return;
-  block->type_id = type_id;
+    return false;
+
+  // This is a "strong" exchange because there is no loop that can retry in
+  // the wake of spurious failures possible with "weak" exchanges.
+  return block->type_id.compare_exchange_strong(from_type_id, to_type_id);
 }
 
 PersistentMemoryAllocator::Reference PersistentMemoryAllocator::Allocate(
     size_t req_size,
     uint32_t type_id) {
   Reference ref = AllocateImpl(req_size, type_id);
   if (ref) {
     // Success: Record this allocation in usage stats (if active).
     if (allocs_histogram_)
       allocs_histogram_->Add(static_cast<HistogramBase::Sample>(req_size));
@@ skipping 93 matching lines @@
       continue;
 
     // Given that all memory was zeroed before ever being given to an instance
     // of this class and given that we only allocate in a monotomic fashion
     // going forward, it must be that the newly allocated block is completely
     // full of zeros. If we find anything in the block header that is NOT a
     // zero then something must have previously run amuck through memory,
     // writing beyond the allocated space and into unallocated space.
     if (block->size != 0 ||
         block->cookie != kBlockCookieFree ||
-        block->type_id != 0 ||
+        block->type_id.load(std::memory_order_relaxed) != 0 ||
         block->next.load(std::memory_order_relaxed) != 0) {
       SetCorrupt();
       return kReferenceNull;
     }
 
     block->size = size;
     block->cookie = kBlockCookieAllocated;
-    block->type_id = type_id;
+    block->type_id.store(type_id, std::memory_order_relaxed);
     return freeptr;
   }
 }
 
 void PersistentMemoryAllocator::GetMemoryInfo(MemoryInfo* meminfo) const {
   uint32_t remaining = std::max(
       mem_size_ - shared_meta()->freeptr.load(std::memory_order_relaxed),
       (uint32_t)sizeof(BlockHeader));
   meminfo->total = mem_size_;
   meminfo->free = IsCorrupt() ? 0 : remaining - sizeof(BlockHeader);
@@ skipping 111 matching lines @@
     if (ref + size > freeptr)
       return nullptr;
     const volatile BlockHeader* const block =
         reinterpret_cast<volatile BlockHeader*>(mem_base_ + ref);
     if (block->size < size)
       return nullptr;
     if (ref + block->size > freeptr)
       return nullptr;
     if (ref != kReferenceQueue && block->cookie != kBlockCookieAllocated)
       return nullptr;
-    if (type_id != 0 && block->type_id != type_id)
+    if (type_id != 0 &&
+        block->type_id.load(std::memory_order_relaxed) != type_id) {
       return nullptr;
+    }
   }
 
   // Return pointer to block data.
   return reinterpret_cast<const volatile BlockHeader*>(mem_base_ + ref);
 }
 
 const volatile void* PersistentMemoryAllocator::GetBlockData(
     Reference ref,
     uint32_t type_id,
     uint32_t size) const {
@@ skipping 74 matching lines @@
 FilePersistentMemoryAllocator::~FilePersistentMemoryAllocator() {}
 
 // static
 bool FilePersistentMemoryAllocator::IsFileAcceptable(
     const MemoryMappedFile& file,
     bool read_only) {
   return IsMemoryAcceptable(file.data(), file.length(), 0, read_only);
 }
 
 }  // namespace base