commit f5cdc417be5958eaed2172667178ae87ccc51c56
author Andreas Gampe <agampe@google.com> Tue Aug 18 08:57:44 2015 -0700
committer Andreas Gampe <agampe@google.com> Wed Aug 19 09:24:47 2015 -0700
tree 10775ab47640018149a6599edc06d88eaf2190ea
parent f71ad9ede9ae322a897e8fe407208dc35c5dee65

ART: (Partially) fix lock aliasing

On monitor-exit, we must unlock all the registers which purport to
be locked at the current lock depth. These are lock aliases.

Bug: 20102779
Bug: 21169615
Bug: 21988678
Bug: 23300986
Change-Id: I6604871fc778d8f0ca9a99f6aad16a99ab62c599

runtime/verifier/register_line.h

diff --git a/runtime/verifier/register_line.h b/runtime/verifier/register_line.h
index f61e51f..a9c4c95 100644
--- a/runtime/verifier/register_line.h
+++ b/runtime/verifier/register_line.h
@@ -344,6 +344,14 @@
     } else {
       reg_to_lock_depths_.erase(it);
     }
+    // Need to unlock every register at the same lock depth. These are aliased locks.
+    uint32_t mask = 1 << depth;
+    for (auto& pair : reg_to_lock_depths_) {
+      if ((pair.second & mask) != 0) {
+        VLOG(verifier) << "Also unlocking " << pair.first;
+        pair.second ^= mask;
+      }
+    }
   }
 
   void ClearAllRegToLockDepths(size_t reg) {

test/800-smali/expected.txt

diff --git a/test/800-smali/expected.txt b/test/800-smali/expected.txt
index dd37cdb..21a8171 100644
--- a/test/800-smali/expected.txt
+++ b/test/800-smali/expected.txt
@@ -41,4 +41,5 @@
 b/20843113
 b/23201502 (float)
 b/23201502 (double)
+b/23300986
 Done!

test/800-smali/smali/b_23300986.smali

diff --git a/test/800-smali/smali/b_23300986.smali b/test/800-smali/smali/b_23300986.smali
new file mode 100644
index 0000000..5ed8e5e
--- /dev/null
+++ b/test/800-smali/smali/b_23300986.smali
@@ -0,0 +1,13 @@
+.class public LB23300986;
+
+.super Ljava/lang/Object;
+
+.method public static runAliasAfterEnter(Ljava/lang/Object;)V
+   .registers 3
+   monitor-enter v2        # Lock on parameter
+   move-object v1, v2      # Copy parameter into v1, establishing an alias.
+   monitor-exit v1         # Unlock on alias
+   monitor-enter v2        # Do it again.
+   monitor-exit v1
+   return-void
+.end method

test/800-smali/src/Main.java

diff --git a/test/800-smali/src/Main.java b/test/800-smali/src/Main.java
index b481a1d..a89b849 100644
--- a/test/800-smali/src/Main.java
+++ b/test/800-smali/src/Main.java
@@ -127,6 +127,8 @@
                 new NullPointerException(), null));
         testCases.add(new TestCase("b/23201502 (double)", "B23201502", "runDouble", null,
                 new NullPointerException(), null));
+        testCases.add(new TestCase("b/23300986", "B23300986", "runAliasAfterEnter",
+                new Object[] { new Object() }, null, null));
     }
 
     public void runTests() {