New src/share/vm/gc_implementation/shenandoah/shenandoahEvacOOMHandler.hpp

   1 /*
   2  * Copyright (c) 2018, Red Hat, Inc. All rights reserved.
   3  *
   4  * This code is free software; you can redistribute it and/or modify it
   5  * under the terms of the GNU General Public License version 2 only, as
   6  * published by the Free Software Foundation.
   7  *
   8  * This code is distributed in the hope that it will be useful, but WITHOUT
   9  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  10  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  11  * version 2 for more details (a copy is included in the LICENSE file that
  12  * accompanied this code).
  13  *
  14  * You should have received a copy of the GNU General Public License version
  15  * 2 along with this work; if not, write to the Free Software Foundation,
  16  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  17  *
  18  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  19  * or visit www.oracle.com if you need additional information or have any
  20  * questions.
  21  *
  22  */
  23 
  24 #ifndef SHARE_VM_GC_SHENANDOAH_SHENANDOAHEVACOOMHANDLER_HPP
  25 #define SHARE_VM_GC_SHENANDOAH_SHENANDOAHEVACOOMHANDLER_HPP
  26 
  27 #include "gc_implementation/shenandoah/shenandoahPadding.hpp"
  28 
  29 /**
  30  * Provides safe handling of out-of-memory situations during evacuation.
  31  *
  32  * When a Java thread encounters out-of-memory while evacuating an object in a
  33  * write-barrier (i.e. it cannot copy the object to to-space), it does not necessarily
  34  * follow we can return immediately from the WB (and store to from-space).
  35  *
  36  * In very basic case, on such failure we may wait until the the evacuation is over,
  37  * and then resolve the forwarded copy, and to the store there. This is possible
  38  * because other threads might still have space in their GCLABs, and successfully
  39  * evacuate the object.
  40  *
  41  * But, there is a race due to non-atomic evac_in_progress transition. Consider
  42  * thread A is stuck waiting for the evacuation to be over -- it cannot leave with
  43  * from-space copy yet. Control thread drops evacuation_in_progress preparing for
  44  * next STW phase that has to recover from OOME. Thread B misses that update, and
  45  * successfully evacuates the object, does the write to to-copy. But, before
  46  * Thread B is able to install the fwdptr, thread A discovers evac_in_progress is
  47  * down, exits from here, reads the fwdptr, discovers old from-copy, and stores there.
  48  * Thread B then wakes up and installs to-copy. This breaks to-space invariant, and
  49  * silently corrupts the heap: we accepted two writes to separate copies of the object.
  50  *
  51  * The way it is solved here is to maintain a counter of threads inside the
  52  * 'evacuation path'. The 'evacuation path' is the part of evacuation that does the actual
  53  * allocation, copying and CASing of the copy object, and is protected by this
  54  * OOM-during-evac-handler. The handler allows multiple threads to enter and exit
  55  * evacuation path, but on OOME it requires all threads that experienced OOME to wait
  56  * for current threads to leave, and blocks other threads from entering.
  57  *
  58  * Detailed state change:
  59  *
  60  * Upon entry of the evac-path, entering thread will attempt to increase the counter,
  61  * using a CAS. Depending on the result of the CAS:
  62  * - success: carry on with evac
  63  * - failure:
  64  *   - if offending value is a valid counter, then try again
  65  *   - if offending value is OOM-during-evac special value: loop until
  66  *     counter drops to 0, then exit with read-barrier
  67  *
  68  * Upon exit, exiting thread will decrease the counter using atomic dec.
  69  *
  70  * Upon OOM-during-evac, any thread will attempt to CAS OOM-during-evac
  71  * special value into the counter. Depending on result:
  72  *   - success: busy-loop until counter drops to zero, then exit with RB
  73  *   - failure:
  74  *     - offender is valid counter update: try again
  75  *     - offender is OOM-during-evac: busy loop until counter drops to
  76  *       zero, then exit with RB
  77  */
  78 class ShenandoahEvacOOMHandler {
  79 private:
  80   static const jint OOM_MARKER_MASK;
  81 
  82   shenandoah_padding(0);
  83   volatile jint _threads_in_evac;
  84   shenandoah_padding(1);
  85 
  86   void wait_for_no_evac_threads();
  87 
  88 public:
  89   ShenandoahEvacOOMHandler();
  90 
  91   /**
  92    * Attempt to enter the protected evacuation path.
  93    *
  94    * When this returns true, it is safe to continue with normal evacuation.
  95    * When this method returns false, evacuation must not be entered, and caller
  96    * may safely continue with a read-barrier (if Java thread).
  97    */
  98   void enter_evacuation();
  99 
 100   /**
 101    * Leave evacuation path.
 102    */
 103   void leave_evacuation();
 104 
 105   /**
 106    * Signal out-of-memory during evacuation. It will prevent any other threads
 107    * from entering the evacuation path, then wait until all threads have left the
 108    * evacuation path, and then return. It is then safe to continue with a read-barrier.
 109    */
 110   void handle_out_of_memory_during_evacuation();
 111 
 112   void clear();
 113 };
 114 
 115 class ShenandoahEvacOOMScope : public StackObj {
 116 public:
 117   ShenandoahEvacOOMScope();
 118   ~ShenandoahEvacOOMScope();
 119 };
 120 
 121 #endif // SHARE_VM_GC_SHENANDOAH_SHENANDOAHEVACOOMHANDLER_HPP