tree 43be9c4b287b8cbf6b9ee9c85381660710c22600
parent ff179c4af9e5bf4f178521baf017441a382df4dc
author Dmitry Vyukov <dvyukov@google.com> 1640017182 +0100
committer Copybara-Service <copybara-worker@google.com> 1640023112 -0800

tsan: fix NULL deref in TraceSwitchPart

There is a small chance that the slot may be not queued in TraceSwitchPart.
This can happen if the slot has kEpochLast epoch and another thread
in FindSlotAndLock discovered that it's exhausted and removed it from
the slot queue. kEpochLast can happen in 2 cases: (1) if TraceSwitchPart
was called with the slot locked and epoch already at kEpochLast,
or (2) if we've acquired a new slot in SlotLock in the beginning
of the function and the slot was at kEpochLast - 1, so after increment
in SlotAttachAndLock it become kEpochLast.

If this happens we crash on ctx->slot_queue.Remove(thr->slot).
Skip the requeueing if the slot is not queued.
The slot is exhausted, so it must not be ctx->slot_queue.

The existing stress test triggers this with very small probability.
I am not sure how to make this condition more likely to be triggered,
it evaded lots of testing.

Depends on D116040.

Reviewed By: melver

Differential Revision: https://reviews.llvm.org/D116041

GitOrigin-RevId: 4c5476b0664a2ba4bd51f69552852160ba6451be