RFR: In TsanSymbolize, use ThreadInVMfromUnknown to transition to VM state. [v2]

Jiangli Zhou jiangli at openjdk.org
Mon Jun 23 20:40:15 UTC 2025 

> Our internal testing on JDK 21 fastdebug binary runs into following assertion failure when tsan tries to report a race during executing a JNI native method.
> 
> 
> #  Internal Error (/tmp/jdkbuild/srcs/src/hotspot/share/oops/accessBackend.cpp:224), pid=2318779, tid=2318806
> #  assert(state == _thread_in_vm || state == _thread_in_Java || state == _thread_new) failed: Wrong thread state for accesses: 4
> 
> 
> 
> V  [libjvm.so+0x84113d]  AccessInternal::check_access_thread_state()+0x8d  (accessBackend.cpp:224)
> V  [libjvm.so+0xdc65d7]  ClassLoaderData::is_alive() const+0x37
> V  [libjvm.so+0x173165a]  Method::checked_resolve_jmethod_id(_jmethodID*)+0xaa
> V  [libjvm.so+0x1bb3293]  TsanSymbolize+0x73
> <snip>
> C  [<snip>]  __tsan::ReportRace(__tsan::ThreadState*, __tsan::RawShadow*, __tsan::Shadow, __tsan::Shadow, unsigned long)+0xb2f
> C  [<snip>]  WriteHeapVar+0x1d
> C  [<snip>]  <JNI_native_method>
> <snip>
> 
> 
> The assert is hit as the thread state is `_thread_in_native`, which is not expected by `AccessInternal::check_access_thread_state`.
> 
> Since `__tsan::ReportRace ... -> TsanSymbolize` could be triggered during executing both Java code or native code, making `TsanSymbolize` a `JVM_ENTRY` for transitioning into VM state does not work in all cases. Instead, `ThreadInVMfromUnknown` is used for transitioning into VM state only if the current JavaThread is in native. As part of the fix, I also remove `DEBUG_ONLY(NoSafepointVerifier nsv;)` from  `TsanSymbolize`. `NoSafepointVerifier nsv;)` does `JavaThread::cast(_thread)->inc_no_safepoint_count()`, which causes `_no_safepoint_count` to be `>0` and asserts during the thread state transition.
> 
> 
> #  Internal Error (/tmp/jdkbuild/srcs/src/hotspot/share/runtime/javaThread.cpp:362), pid=454073, tid=454110
> #  assert(false) failed: Possible safepoint reached by thread that does not allow it
> 
> 
> Tested the change with tsan jtreg tests on fastdebug build. The fix was also tested with the affected internal tests on fastdebug build.
> 
> 
> $ bash configure --with-boot-jdk=/usr/local/google/home/jianglizhou/openjdk/jdk-21.0.7 --with-debug-level=fastdebug --disable-warnings-as-errors --with-jtreg=/usr/local/google/home/jianglizhou/github/jtreg/build/images/jtreg --with-stdc++lib=static --disable-precompiled-headers --enable-unlimited-crypto --with-native-debug-symbols=internal --with-default-make-target=jdk-image --disable-warnings-as-errors --with-toolchain-type=clang --disable-warnings-as-errors
> 
> 
> 
> $ make test TEST=hotspot/jtreg/tsan
> 
> 
> 
> =====================...

Jiangli Zhou has updated the pull request incrementally with one additional commit since the last revision:

  Address @rasbold review: Remove internal bug ID.

-------------

Changes:
  - all: https://git.openjdk.org/tsan/pull/24/files
  - new: https://git.openjdk.org/tsan/pull/24/files/fc8cd3b9..2d05b63b

Webrevs:
 - full: https://webrevs.openjdk.org/?repo=tsan&pr=24&range=01
 - incr: https://webrevs.openjdk.org/?repo=tsan&pr=24&range=00-01

  Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod
  Patch: https://git.openjdk.org/tsan/pull/24.diff
  Fetch: git fetch https://git.openjdk.org/tsan.git pull/24/head:pull/24

PR: https://git.openjdk.org/tsan/pull/24

More information about the tsan-dev mailing list