RFR: 8349146: [REDO] Implement a better allocator for downcalls [v6]

[Jorn Vernee]

On Thu, 1 May 2025 10:20:44 GMT, Maurizio Cimadamore <mcimadamore at openjdk.org> wrote:

>> src/java.base/share/classes/jdk/internal/foreign/BufferStack.java line 163:
>> 
>>> 161:                     lock.unlock();
>>> 162:                 }
>>> 163:                 Reference.reachabilityFence(arena);
>> 
>> I'm not sure this is enough to keep the automatic arena alive. If the client lets the Frame arena go out of scope w/o calling close, then `arena` will become unreachable, but some segments created by the Frame arena might still be reachable. To be more correct, I think `Frame` should add a "close action" to its confined arena which keeps the outer automatic arena alive. This can be done, for instance, by passing a close action to the `reinterpret` call:
>> 
>> 
>> frame = new SlicingAllocator(frameSegment.reinterpret(confinedArena, () -> Reference.reachabilityFence(arena)));
>> 
>> 
>> The close action is installed in the `MemorySession` object of `confinedArena` -- which is then attached to all segments returned by `Frame` -- thus keeping the automatic arena alive.
>
> (if you agree with this analysis, perhaps adding an extra stress test, or tweaking one of the existing stress tests to check this could also be useful)

I've thought about it a bit, and I think adding a cleanup action to the reinterpret call is indeed the only fool proof way to add a link back to the parent segment. MemorySegment is what gives a user access to the memory (almost like an access token), so the memory needs to be kept alive through the MS. MS has a reference to its scope, which can then reference the original scope through a cleanup action.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/24829#discussion_r2070510278