Bug ID: JDK-6948538 CMS: BOT walkers can fall into object allocation and initialization cracks

JDK-6948538 : CMS: BOT walkers can fall into object allocation and initialization cracks

Type: Bug
Component: hotspot
Sub-Component: gc
Affected Version:
hs16,hs17,1.4.2,1.4.2_12,5.0u7,5.0u17,5.0u19,6u13,6u14,6u15,6u16,6u18,6u19,6u20,6u21 hs16,hs17,1.4.2,1.4.2_12,5.0u7,5.0u17,5.0u19,6u13,6u14,6u15,6u16,6u18,6u19,6u20,6u21

Priority: P3
Status: Closed
Resolution: Fixed
OS: generic,solaris,solaris_10
CPU: generic,x86,sparc

Submitted: 2010-04-29
Updated: 2013-09-12
Resolved: 2011-04-23

Versions (Unresolved/Resolved/Fixed)

The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.

Other	JDK 6	JDK 7	Other
1.4.2_31,hs19Fixed	6u21pFixed	7Fixed	hs19Fixed

Related Reports

Duplicate :	JDK-6872049 - CMS: Failure in CompactibleFreeListSpace::block_size from ::block_start_unsafe()
Duplicate :	JDK-2187366 - CMS: Failure in CompactibleFreeListSpace::block_size from ::block_start_unsafe()
Duplicate :	JDK-6996061 - CMS: Crash at CompactibleFreeListSpace::forward
Duplicate :	JDK-6858243 - CMS: Fencing needed for hw with weak memory model
Duplicate :	JDK-2186462 - CMS: Failure in CompactibleFreeListSpace::block_size from ::block_start_unsafe()
Relates :	JDK-2197146 - CMS: concurrentMarkSweepGeneration.cpp:7947 assert(addr <= _limit) failed: sweep invariant
Relates :	JDK-6565513 - CMS: assert at blockOffsetTable.cpp:39: assert(left_blk_size > 0,"Should be positive")
Relates :	JDK-6978533 - CMS: Elide BOT update asserts until 6977974 is fixed correctly
Relates :	JDK-6973570 - OrderAccess::storestore() scales poorly on multi-socket x64 and sparc: cache-line ping-ponging
Relates :	JDK-6977970 - CMS: concurrentMarkSweepGeneration.cpp:7947 assert(addr <= _limit) failed: sweep invariant
Relates :	JDK-6977974 - CMS: blockOffsetTable.hpp:187 assert(!reducing \|\| _offset_array[i] >= offset) failed: Not reducing
Relates :	JDK-6912621 - iCMS: Error: assert(_markBitMap.isMarked(addr + 1),"Missing Printezis bit?")

Description

BOT walkers can sometimes observe allocated-but-not-yet-fully initialized
objects, which can cause crashes during GC (both the concurrent as well
as the stop-world phases, with the latter much more likely).

Comments

EVALUATION http://hg.openjdk.java.net/jdk7/hotspot-gc/hotspot/rev/be3f9c242c9d
17-08-2010
EVALUATION The introduction of necessary OrderAccess::storestore for this fix revealed a scaling issue which will be fixed in 6973570. Backports of this CR to older releases should make sure that such backports happen together with that of 6973570 to aovid any performance regressions that would be seen if only the fix for this CR is backported.
30-07-2010
WORK AROUND Since the bug depends on concurrent ccard-scanning with promotion into CMS, which can only happen when using ParNew+CMS, either of the following constitutes a workaround:- (a) switch off CMS, OR (b) switch off ParNew of course, depending on platform, at potentially considerable loss in performance.
29-04-2010
EVALUATION See 6872049 for some more background, the relevant portion of which will be copied into this CR (by and by).
29-04-2010