RFR: 8254263: Remove special_runtime_exit_condition() check from ~ThreadInVMForHandshake()
Patricio Chilano
patricio.chilano.mateo at oracle.com
Tue Oct 13 13:58:24 UTC 2020
Hi David,
On 10/12/20 11:35 PM, David Holmes wrote:
> Hi Patricio,
>
> On 12/10/2020 2:59 pm, Patricio Chilano Mateo wrote:
>> On Sun, 11 Oct 2020 22:09:30 GMT, David Holmes <dholmes at openjdk.org>
>> wrote:
>>
>>>> Hi all,
>>>>
>>>> Please review the following patch that removes the call to
>>>> handle_special_runtime_exit_condition() in
>>>> ~ThreadInVMForHandshake(). This check was added by 8223572 to
>>>> prevent a JavaThread that was suspended while trying to
>>>> process a handshake to transition back to java without noticing it
>>>> was suspended. Since 8238761, a JavaThread executing
>>>> HandshakeState::process_by_self() will never become safe. It comes
>>>> from an unsafe state and remains unsafe, so it
>>>> cannot be suspended during that time. Removing this check also
>>>> removes one of the reasons
>>>> SafepointMechanism::process_if_requested() is recursive (the other
>>>> one remains SafepointSynchronize::block()). Tested
>>>> in mach5, tiers 1-7. Thanks, Patricio
>>>
>>> src/hotspot/share/runtime/interfaceSupport.inline.hpp line 146:
>>>
>>>> 144:
>>>> 145: ~ThreadInVMForHandshake() {
>>>> 146: assert(_thread->thread_state() == _thread_in_vm, "should
>>>> only call when leaving VM after handshake");
>>>
>>> Can we also assert `!_thread->has_special_runtime_exit_condition()`?
>>> Or at least that the value of this has not changed
>>> between the TIVFH constructor and destructor.
>>
>> has_special_runtime_exit_condition() checks for async exceptions,
>> external_suspend and JFR suspend. The last two can
>> actually be set while we are in the handshake. It doesn't mean that
>> the caller will consider the target suspended, but
>> the _suspend_flags might be different at construction and destruction
>> of TIVFH.
>
> Ah right! Oh well :)
>
>> As for async exceptions, I realized we
>> have a similar issue as the one described in 8223572 when calling
>> handle_polling_page_exception() on a return poll:
>>
>> - T calls ThreadSafepointState::handle_polling_page_exception()
>> because another thread called T.stop() (which we
>> implement with a handshake)
>> - T calls SafepointMechanism::process_if_requested(thread())
>> - T calls HandshakeState::process_self_inner() and processes the
>> handshake which calls set_pending_async_exception()
>> - T returns from SafepointMechanism::process_if_requested(thread())
>> and goes back to java without calling
>> check_and_handle_async_exceptions() to throw the ThreadDeath()
>> exception
>>
>> I'm not sure if delaying the throw of ThreadDeath is allowed, so if
>> we need to keep the current behaviour I can add a
>> call to check_and_handle_async_exceptions():
>
> To some extent, given it is a race, a delay is permissible, but I find
> it highly undesirable. Our biggest problems with async exceptions
> lately is the unpredictability of their actually getting propagated.
> So we should fix this.
>
>> @@ -987,6 +987,7 @@ void
>> ThreadSafepointState::handle_polling_page_exception() {
>> // Process pending operation
>> SafepointMechanism::process_if_requested(thread());
>> + thread()->check_and_handle_async_exceptions();
>
> Why directly in handle_polling_page_exception() rather than restoring
> it to the ~ThreadInVMForHandshake() ?
Having the check in ~TIVFH saves us from missing the async exception for
this particular handle_polling_page_exception() on poll return case
because if there is and InstallAsyncExceptionClosure handshake then the
target will execute it and will notice the async exception on the
~TIVFH. But otherwise it's not useful. If that handshake happened while
the target was safe (let's say _thread_blocked somewhere) we will never
hit that check since the handshake would be executed by the handshaker.
So, having the check directly in handle_polling_page_exception() makes
the code in line with other places where we check for async exceptions
right before transitioning back to java. In fact we should also check
for external_suspend and not rely on the same
special_runtime_exit_condition() check at the end of SS:block() as I
discussed with Richard, but I can leave that for a different change.
Thanks,
Patricio
> Thanks,
> David
> -----
>
>> // restore oop result, if any
>>
>> -------------
>>
>> PR: https://git.openjdk.java.net/jdk/pull/577
>>
More information about the hotspot-runtime-dev
mailing list