<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<tt>Greetings,<br>
<br>
This code review from Stefan Karlsson was originally posted on an
Oracle<br>
internal alias that we use for discussing HotSpot SMR development
issues.<br>
That subject was: "Thread-SMR (8167108)(JDK10): CR round 0
changes". I did<br>
not have time to address Stefan's review before I went on vacation
and<br>
Stefan graciously allowed me to defer his review to the OpenJDK
review.<br>
<br>
With Stefan's permission, I'm replying to his code review on the
OpenJDK<br>
aliases that we're using for the JDK-8167108 code review.<br>
<br>
</tt><br>
<div class="moz-cite-prefix">On 10/6/17 1:19 PM, Stefan Karlsson
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:dd56dd01-0bc1-8a94-157a-e3020e42eebc@oracle.com">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<div class="moz-cite-prefix">Hi Dan,<br>
<br>
Great that this is getting done!<br>
</div>
</blockquote>
<tt> <br>
Thanks! It has been an adventure for all three primary
contributors...<br>
<br>
<br>
</tt>
<blockquote type="cite"
cite="mid:dd56dd01-0bc1-8a94-157a-e3020e42eebc@oracle.com">
<div class="moz-cite-prefix"> Erik already mentioned the file so I
think that's on track, and that's what I was most concerned
about.<br>
<br>
<br>
I have not been involved in the review of this patch at all, but
now that I've been looking at it I have a few comments. I hope
you don't mind. I don't want them to block the open review
request, but at the same time I'd like to share my opinion and
have it weighted in for the future of this code.<br>
<br>
1) ThreadsListHandle allows a safepoint to block and allow GCs
to run and restructure objects and metadata, iff the
ThreadsListHandle is nested. This forced me to review all usages
of ThreadsListHandle in great detail to visually verify that it
didn't break the surrounding code.<br>
<br>
If ThreadsListHandle didn't ever block for safepoints, I
wouldn't have had to care about that aspect when reading and
reviewing the code. This also means that we in the future runs
the risk of someone accidentally adding a nested
ThreadsListHandle somewhere where they don't expect a safepoint
to happen.<br>
</div>
</blockquote>
<tt> <br>
We included the following to automatically sanity check the
placement<br>
of the ThreadsListHandle:<br>
<br>
src/hotspot/share/runtime/thread.cpp:<br>
<br>
3596 ThreadsList *Threads::acquire_stable_list(Thread *self, bool
is_ThreadsListSetter) {<br>
3597 assert(self != NULL, "sanity check");<br>
3598 // acquire_stable_list_nested_path() will grab the
Threads_lock<br>
3599 // so let's make sure the ThreadsListHandle is in a safe
place.<br>
3600 // ThreadsListSetter cannot make this check on this code
path.<br>
3601 debug_only(if (!is_ThreadsListSetter &&
StrictSafepointChecks) self->check_for_valid_safepoint_state(/*
potential_vm_operation */ false);)<br>
<br>
So each ThreadsListHandle location is checked for being a valid<br>
safepoint state.<br>
<br>
We tested this idea with our work on
JvmtiEnv::GetThreadLocalStorage().<br>
GetThreadLocalStorage() is called from the 'in native' state so we<br>
cannot place a common ThreadsListHandle for all code paths because<br>
it would fail the assertion when called with 'thread == NULL',
i.e.,<br>
the thread is operating on itself.<br>
<br>
Update: Erik is going to explore a lock free solution for the<br>
nesting algorithm. That will likely mean that a ThreadsListHandle<br>
will not require placement in a safepoint safe location...<br>
<br>
<br>
</tt>
<blockquote type="cite"
cite="mid:dd56dd01-0bc1-8a94-157a-e3020e42eebc@oracle.com">
<div class="moz-cite-prefix"> If the lock protecting the threads
list could be taken with no_safepoint_check, then the described
problem above would completely vanish. Unfortunately, we can't
acquire the Threads_lock with no_safepoint_check. A solution to
this would be to introduced a low-rank (rank == access) lock,
say ThreadsList_lock, and always take it with
no_safepoint_check.<br>
</div>
</blockquote>
<tt> <br>
The problem with switching locks is that we are protecting the
scanning<br>
phase of the SMR algorithm with the Threads_lock so we would have
to<br>
switch that lock also. I believe we use the Threads_lock with the<br>
scanning because we're using closures... Of course, Erik or Robbin<br>
should probably jump in here... :-)<br>
<br>
Update: Erik is going to explore a lock-free solution for the<br>
nesting algorithm.<br>
<br>
</tt>
<blockquote type="cite"
cite="mid:dd56dd01-0bc1-8a94-157a-e3020e42eebc@oracle.com">
<div class="moz-cite-prefix"> That solution would also solve a
potential lock-rank problem, we have that ThreadsListHandle
can't be used if a higher-rank lock is held.<br>
</div>
</blockquote>
<tt> <br>
So far we haven't run into that problem and we think that the<br>
check_for_valid_safepoint_state() will catch that if the code<br>
should evolve to introduce one.<br>
<br>
<br>
Update: Erik is going to explore a lock-free solution for the<br>
nesting algorithm. <br>
<br>
<br>
</tt>
<blockquote type="cite"
cite="mid:dd56dd01-0bc1-8a94-157a-e3020e42eebc@oracle.com">
<div class="moz-cite-prefix"> 2) The following one-liner: <br>
<pre><span class="removed">- for (JavaThread* t = Threads::first(); t; t = t->next()) {
</span>
has been converted to a five-liner:
<span class="new">+ {</span>
<span class="new">+ ThreadsListHandle tlh;</span>
<span class="new">+ JavaThreadIterator jti(tlh.list());</span>
<span class="new">+ for (JavaThread* t = jti.first(); t != NULL; t = jti.next()) {</span>
<span class="new">...
+ }
I find that unfortunate, and would prefer if this was rewritten.
For example:
for (JavaThreadIterator jti; JavaThread* t = jit.next();) {
jti will implicitly hold the ThreadListHandle on the stack.
I know that the implicit conversion of pointer to bool is non-conventional in the HotSpot code, but in this case I prefer that over five lines of extra noise in the GC code.</span></pre>
</div>
</blockquote>
<tt> <br>
Coleen made a similar comment in her OpenJDK review:<br>
<br>
<blockquote type="cite">Hi, From my initial look at this, I
really like new interface for</blockquote>
<blockquote type="cite">walking the threads list, except every
instance but 2 uses of</blockquote>
<blockquote type="cite">JavaThreadIterator has a preceding
ThreadsListHandle declaration. <br>
<br>
+ ThreadsListHandle tlh; <br>
+ JavaThreadIterator jti(tlh.list()); <br>
<br>
<br>
Could there be a wrapper that embeds the ThreadsListHandle,
like: <br>
<br>
class JavaThreadsListIterator { <br>
ThreadsListHandle _tlh; <br>
... <br>
} </blockquote>
<br>
<br>
Yup a definite code noise problem. We originally didn't have an<br>
iterator and used direct thread_at(foo) calls so we had a pretty<br>
close correspondence between the old for-loop and the new
for-loop.<br>
Early reviewers asked for an iterator abstraction so we modeled<br>
JavaThreadIterator after other existing iterators in the JVM/TI<br>
area... (Yes, Dan stayed pretty close to "home" here...)<br>
<br>
There are places where we still need the existing
JavaThreadIterator<br>
because a ThreadsList is passed down a call stack... So we've
added<br>
a JavaThreadIteratorWithHandle class. <br>
<br>
Here's an example of the noisy code in the GC area:<br>
<br>
src/hotspot/share/gc/g1/dirtyCardQueue.cpp:<br>
<br>
@@ -319,8 +320,12 @@<br>
clear();<br>
// Since abandon is done only at safepoints, we can safely
manipulate<br>
// these queues.<br>
- for (JavaThread* t = Threads::first(); t; t = t->next()) {<br>
- t->dirty_card_queue().reset();<br>
+ {<br>
+ ThreadsListHandle tlh;<br>
+ JavaThreadIterator jti(tlh.list());<br>
+ for (JavaThread* t = jti.first(); t != NULL; t = jti.next())
{<br>
+ t->dirty_card_queue().reset();<br>
+ }<br>
}<br>
shared_dirty_card_queue()->reset();<br>
}<br>
<br>
Here's an example of the revised code in the GC area:<br>
<br>
src/hotspot/share/gc/g1/dirtyCardQueue.cpp:<br>
<br>
@@ -319,7 +320,7 @@<br>
clear();<br>
// Since abandon is done only at safepoints, we can safely
manipulate<br>
// these queues.<br>
- for (JavaThread* t = Threads::first(); t; t = t->next()) {<br>
+ for (JavaThreadIteratorWithHandle jtiwh; JavaThread *t =
jtiwh.next(); ) {<br>
t->dirty_card_queue().reset();<br>
}<br>
shared_dirty_card_queue()->reset();<br>
<br>
This is definitely much less noisy and I'm hoping I don't catch
too<br>
much grief for the implied boolean usage...<br>
<br>
<br>
</tt>
<blockquote type="cite"
cite="mid:dd56dd01-0bc1-8a94-157a-e3020e42eebc@oracle.com">
<div class="moz-cite-prefix">
<pre><span class="new">3) cv_internal_thread_to_JavaThread
Has one return value and two output parameter. It forces the callers to setup stack lock variables for the two new variables.
</span>--- Used to be ---
<span class="new">- oop java_thread = JNIHandles::resolve_non_null(jthread);
java_lang_Thread::set_priority(java_thread, (ThreadPriority)prio);
- JavaThread* thr = java_lang_Thread::thread(java_thread);
- if (thr != NULL) { // Thread not yet started; priority pushed down when it is
- Thread::set_priority(thr, (ThreadPriority)prio);
</span>
--- Now is ---
<span class="new">+ oop java_thread = NULL;
+ JavaThread* receiver = NULL;
+ bool is_alive = tlh.cv_internal_thread_to_JavaThread(jthread, &receiver, &java_thread);
java_lang_Thread::set_priority(java_thread, (ThreadPriority)prio);
+
+ if (is_alive) {
+ // jthread refers to a live JavaThread.
+ Thread::set_priority(receiver, (ThreadPriority)prio);
--- Maybe could be ---</span>
<span class="new"><span class="new"> oop java_thread = JNIHandles::resolve_non_null(jthread);
java_lang_Thread::set_priority(java_thread, (ThreadPriority)prio);
JavaThread* thr = tlh.cv_internal_thread_to_JavaThread(java_thread);
if (thr != NULL) { // Thread not yet started; priority pushed down when it is
Thread::set_priority(thr, (ThreadPriority)prio);
</span>
I don't see the need to for the extra complexity of the two output parameters.
The return value is always true when thr is non-null, and always false when thr is null.</span></pre>
</div>
</blockquote>
<tt> <br>
There are three cv_*_to_JavaThread() functions and we had to craft
them<br>
very, very carefully to avoid changing some of the subtle
semantics at<br>
the original call sites. If you carefully examine the output
parameters<br>
and return value usages at all of the call sites, you'll see that
each<br>
was added to fit some existing semantic that we didn't want to
risk<br>
changing. Of course, not all of the call sites need all of the
special<br>
behaviors individually, but they do as a union.<br>
<br>
In short, compatibility and risk management led us here.<br>
<br>
</tt>
<blockquote type="cite"
cite="mid:dd56dd01-0bc1-8a94-157a-e3020e42eebc@oracle.com">
<div class="moz-cite-prefix">
<pre><span class="new">But the usage of cv_internal_thread_to_JavaThread is contained within the Runtime code, so my opinion should probably not weigh as much as other's opinions. :)</span></pre>
</div>
</blockquote>
<tt> <br>
We definitely agree this is a mess, but not one we're willing to
risk<br>
changing at this time. Dan has made the observation that the JVM_*<br>
entry points, like Y2K code, shows a variety of different coding<br>
patterns, each with different (potential) issues...<br>
<br>
Thanks for being flexible on accepting
cv_internal_thread_to_JavaThread()<br>
as is for now!<br>
<br>
<br>
</tt>
<blockquote type="cite"
cite="mid:dd56dd01-0bc1-8a94-157a-e3020e42eebc@oracle.com">
<div class="moz-cite-prefix">
<pre><span class="new">4) I'd prefer if abbreviations where expanded, so that the casual reader would immediately understood the code. For example:
t_list -> thread_list
cv_internal_thread_to_JavaThread -> internal_thread_to_JavaThread</span></pre>
</div>
</blockquote>
<tt> <br>
We've had requests to shorten names, spell out names, use
different<br>
names, etc. It seems that no one is going to be happy with all of<br>
the names we used in this code.<br>
<br>
Our guidelines:<br>
<br>
- use the same consistently, e.g., t_list for ThreadsLists<br>
- use a name that doesn't show up in an existing grep (if
possible)<br>
<br>
We hope you don't mind, but we're not planning to make any more
name<br>
changes...<br>
<br>
<br>
</tt>
<blockquote type="cite"
cite="mid:dd56dd01-0bc1-8a94-157a-e3020e42eebc@oracle.com">
<div class="moz-cite-prefix">
<pre><span class="new">5) This macro and the jesting is pretty bad.</span></pre>
</div>
</blockquote>
<br>
<tt>Yup!<br>
<br>
<br>
</tt>
<blockquote type="cite"
cite="mid:dd56dd01-0bc1-8a94-157a-e3020e42eebc@oracle.com">
<div class="moz-cite-prefix">
<pre><span class="new">I complained about it to Erik, and then he confessed that he wrote it :D
</span>
<span class="new">+// Possibly the ugliest for loop the world has seen. C++ does not allow
+// multiple types in the declaration section of the for loop. In this case
+// we are only dealing with pointers and hence can cast them. It looks ugly
+// but macros are ugly and therefore it's fine to make things absurdly ugly.
+#define DO_JAVA_THREADS(LIST, X) \
+ for (JavaThread *MACRO_scan_interval = (JavaThread*)(uintptr_t)PrefetchScanIntervalInBytes, \
+ *MACRO_list = (JavaThread*)(LIST), \
+ **MACRO_end = ((JavaThread**)((ThreadsList*)MACRO_list)->threads()) + ((ThreadsList*)MACRO_list)->length(), \
+ **MACRO_current_p = (JavaThread**)((ThreadsList*)MACRO_list)->threads(), \
+ *X = (JavaThread*)prefetch_and_load_ptr((void**)MACRO_current_p, (intx)MACRO_scan_interval); \
+ MACRO_current_p != MACRO_end; \
+ MACRO_current_p++, \
+ X = (JavaThread*)prefetch_and_load_ptr((void**)MACRO_current_p, (intx)MACRO_scan_interval))
+
This can be rewritten without all these cast, and minimal usage of the macros expansions:
struct JavaThreadPrefetchedIterator {
ThreadList* _list;
JavaThread** _end;
JavaThread** _current;
JavaThreadIteror(ThreadList* list) :
_list(list), _end(list->threads() + list->length()), _current(list->threads()) {}
JavaThread* current() {
return </span><span class="new"><span class="new">context._current != context._end
? prefetch_and_load_ptr(context._current, </span></span><span class="new"><span class="new"><span class="new">PrefetchScanIntervalInBytes)</span>
: NULL) // ^ prefetch would be rewritten to return JavaThread* and not void*</span>
}
void next() {
_current++;
};
#define DO_JAVA_THREADS(LIST, X) \
for (JavaThreadPrefetchedIterator iter(LIST); JavaThread* X = iter.current(); iter.next())
(I did some changes to the code above and haven't compiled this exact version)</span></pre>
</div>
</blockquote>
<tt> <br>
Erik hasn't chimed in on this comment so I (Dan) am not planning
to<br>
try to resolve this comment in this round.<br>
<br>
Update: Erik is planning to look at cleaning up the ugly macro...<br>
<br>
<br>
</tt>
<blockquote type="cite"
cite="mid:dd56dd01-0bc1-8a94-157a-e3020e42eebc@oracle.com">
<div class="moz-cite-prefix">
<pre><span class="new">6) I think it would be nice if the SMR stuff in thread.hpp were encapsulated into an class instead of added directly to Thread and Threads. I sort-of expected the SMR variables to be moved to threadSMR.hpp.
For example:
</span>
<span class="new"> class Threads: AllStatic {
friend class VMStructs;
private:
<span class="new">+ // Safe Memory Reclamation (SMR) support:</span>
<span class="new">+ static Monitor* _smr_delete_lock;</span>
<span class="new">+ // The '_cnt', '_max' and '_times" fields are enabled via</span>
<span class="new">+ // -XX:+EnableThreadSMRStatistics:</span>
<span class="new">+ static uint _smr_delete_lock_wait_cnt;</span>
<span class="new">+ static uint _smr_delete_lock_wait_max;</span>
<span class="new">+ static volatile int _smr_delete_notify;</span>
<span class="new">+ static volatile jint _smr_deleted_thread_cnt;</span>
<span class="new">+ static volatile jint _smr_deleted_thread_time_max;</span>
<span class="new">+ static volatile jint _smr_deleted_thread_times;</span>
<span class="new">+ static ThreadsList* volatile _smr_java_thread_list;</span>
<span class="new">+ static ThreadsList* get_smr_java_thread_list() {</span>
<span class="new">+ return (ThreadsList*)OrderAccess::load_ptr_acquire((void* volatile*)&_smr_java_thread_list);</span>
<span class="new">+ }</span>
<span class="new">+ static ThreadsList* xchg_smr_java_thread_list(ThreadsList* new_list) {</span>
<span class="new">+ return (ThreadsList*)Atomic::xchg_ptr((void*)new_list, (volatile void*)&_smr_java_thread_list);</span>
<span class="new">+ }</span>
<span class="new">+ static long _smr_java_thread_list_alloc_cnt;</span>
<span class="new">+ static long _smr_java_thread_list_free_cnt;</span>
<span class="new">+ static uint _smr_java_thread_list_max;</span>
<span class="new">+ static uint _smr_nested_thread_list_max;</span>
<span class="new">+ static volatile jint _smr_tlh_cnt;</span>
<span class="new">+ static volatile jint _smr_tlh_time_max;</span>
<span class="new">+ static volatile jint _smr_tlh_times;</span>
<span class="new">+ static ThreadsList* _smr_to_delete_list;</span>
<span class="new">+ static uint _smr_to_delete_list_cnt;</span>
<span class="new">+ static uint _smr_to_delete_list_max;
Could be:
class Threads: AllStatic {
friend class VMStructs;
private:
// Safe Memory Reclamation (SMR) support:
SMRSupport _smr_support;
And SMRSupport could be moved to threadSMR.hpp.
I haven't read all the code in detail, so I'm not sure if this is feasible or not, but my gut-feeling says that it would be worth testing. The above is just an example, and the rest of the code could probably be encapsulated and moved as well.</span></span></pre>
</div>
</blockquote>
<tt> <br>
We already moved all of the SMR stuff that was "easy" to move
based<br>
on your earlier comment. (Of course, doing that move introduced a<br>
number of compilation complications, but that's just Dan
complaining :-))<br>
<br>
We don't really want to try this migration at this time since
we're<br>
still hoping to get this code into 18.3. (Also Dan doesn't see the<br>
value in moving the SMR fields... Threads is already an eclectic
static<br>
class so why does SMR have to encapsulate when no other project
did so?)<br>
<br>
<br>
</tt>
<blockquote type="cite"
cite="mid:dd56dd01-0bc1-8a94-157a-e3020e42eebc@oracle.com">
<div class="moz-cite-prefix">
<pre><span class="new"><span class="new"></span>7) Currently, threadSMR.hpp "only" contains the ThreadList. Unless, you move the SMR stuff into threadSMR.hpp, maybe it should be renamed to threadsList.hpp? Maybe it does make sense to have both threadSMR.hpp and threadsList.hpp?</span></pre>
</div>
</blockquote>
<tt> <br>
We're planning to stick with the threadSMR.hpp and threadSMR.cpp<br>
file names. Currently they contain the more standalone pieces of<br>
thread SMR (more than just ThreadsList) so we're planning to keep<br>
those names.<br>
<br>
Thanks for the detailed review!!<br>
<br>
Dan, Erik and Robbin<br>
<br>
<br>
</tt>
<blockquote type="cite"
cite="mid:dd56dd01-0bc1-8a94-157a-e3020e42eebc@oracle.com">
<div class="moz-cite-prefix">
<pre><span class="new">
Cheers and thanks!
StefanK
</span></pre>
</div>
</blockquote>
<br>
</body>
</html>