Assertion failure on PPC64 after 8200545: Improve filter for enqueued deferred cards

Thomas Schatzl thomas.schatzl at oracle.com
Fri May 24 12:03:20 UTC 2019 

Hi,

On Fri, 2019-05-24 at 11:02 +0000, Doerr, Martin wrote:
> Hi Thomas,
> 
> I've taken a 2nd look at the hs_err files.
> 
> Seems like the GCTaskThread which runs into the assertion has seen
> hr_obj->rem_set()->is_tracked() == true
> but another thread concurrently sets
> r->rem_set()->set_state_complete()
> 
> When the hs_err file gets printed, the region shows up as "Complete"
> (which means untracked).
> 
> Does this make sense? In which scenario can this happen?
> 

Is r == hr_obj? If so, that seems impossible at least in the way I
believe the code is written.

Random thoughts below, beware... :)

The only way I could imagine such an error would be if the compiler did
something weird with writing the fields of the heap attribute table?
I.e. it loads a machine word (containing four of those RegionAttr
entries), modifies just one of the bytes, and writes back the whole
word. I.e. then some concurrent reader might see inconsistent values
that flip back and forth.
I really doubt this is the case though. Particularly I assume that at
least on ppc64/linux you also use gcc.

Old regions' remembered set should never be changed during GC, and if
they are set, they are set to Empty (from
Empty)(HeapRegionRemSet::_state)/false(region_attr._needs_remembered_se
t). Since the default value of region_attr._needs_remembered_set is
also 0 (i.e. false), this is also a value-preserving write.

Can you dump the remembered set states/heap region attributes after
setting them in the
G1CollectedHeap::register_regions_with_region_attr() method and
comparing them with the information from the assert?

You might want to check that the default value written to
_needs_remembered_set in G1HeapRegionAttr in its constructor really
ends up as 0/false. As mentioned there is a bool->uint8_t implicit type
coercion. (Now I'm in paranoia mode :))

The only remembered sets that are changed from Empty to Complete are
Survivor regions, as originally they were Free regions (which are
"Empty" initially).

Thanks,
  Thomas

More information about the hotspot-gc-dev mailing list