tomoaki/hakmem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b51b600e8d626601e1deca96d044cd10674c7cb1
hakmem/docs/archive/BUG_FLOW_DIAGRAM.md

42 lines
1.1 KiB
Markdown
Raw Normal View History

Fix report: P0 batch refill active counter bug documented; add flow diagram and patch excerpt; CLAUDE phase 6-2.3 notes; CURRENT_TASK updated with root cause, fix, and open items.
2025-11-07 12:39:53 +09:00
# Bug Flow Diagram: P0 Batch Refill Active Counter Underflow
Fix: Active counter double-decrement in P0 batch refill (4T crash → stable) ## Problem HAKMEM 4T crashed with "free(): invalid pointer" on startup: - System/mimalloc: 3.3M ops/s ✅ - HAKMEM 1T: 838K ops/s (-75%) ⚠️ - HAKMEM 4T: Crash (Exit 134) ❌ Error: superslab_refill returned NULL (OOM), active=0, bitmap=0x00000000 ## Root Cause (Ultrathink Task Agent Investigation) Active counter double-decrement when re-allocating from freelist: 1. Free → counter-- ✅ 2. Remote drain → add to freelist (no counter change) ✅ 3. P0 batch refill → move to TLS cache (forgot counter++) ❌ BUG! 4. Next free → counter-- ❌ Double decrement! Result: Counter underflow → SuperSlab appears "full" → OOM → crash ## Fix (1 line) File: core/hakmem_tiny_refill_p0.inc.h:103 +ss_active_add(tls->ss, from_freelist); Reason: Freelist re-allocation moves block from "free" to "allocated" state, so active counter MUST increment. ## Verification | Setting | Before | After | Result | |----------------|---------|----------------|--------------| | 4T default | ❌ Crash | ✅ 838,445 ops/s | 🎉 Stable | | Stability (2x) | - | ✅ Same score | Reproducible | ## Remaining Issue ❌ HAKMEM_TINY_REFILL_COUNT_HOT=64 triggers crash (class=4 OOM) - Suspected: TLS cache over-accumulation or memory leak - Next: Investigate HAKMEM_TINY_FAST_CAP interaction 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-07 12:37:23 +09:00
Fix report: P0 batch refill active counter bug documented; add flow diagram and patch excerpt; CLAUDE phase 6-2.3 notes; CURRENT_TASK updated with root cause, fix, and open items.
2025-11-07 12:39:53 +09:00
Legend
- Box 2: Remote Queue (push/drain)
- Box 3: Ownership (owner_tid)
- Box 4: Publish/Adopt + Refill boundary (superslab_refill)
Fix: Active counter double-decrement in P0 batch refill (4T crash → stable) ## Problem HAKMEM 4T crashed with "free(): invalid pointer" on startup: - System/mimalloc: 3.3M ops/s ✅ - HAKMEM 1T: 838K ops/s (-75%) ⚠️ - HAKMEM 4T: Crash (Exit 134) ❌ Error: superslab_refill returned NULL (OOM), active=0, bitmap=0x00000000 ## Root Cause (Ultrathink Task Agent Investigation) Active counter double-decrement when re-allocating from freelist: 1. Free → counter-- ✅ 2. Remote drain → add to freelist (no counter change) ✅ 3. P0 batch refill → move to TLS cache (forgot counter++) ❌ BUG! 4. Next free → counter-- ❌ Double decrement! Result: Counter underflow → SuperSlab appears "full" → OOM → crash ## Fix (1 line) File: core/hakmem_tiny_refill_p0.inc.h:103 +ss_active_add(tls->ss, from_freelist); Reason: Freelist re-allocation moves block from "free" to "allocated" state, so active counter MUST increment. ## Verification | Setting | Before | After | Result | |----------------|---------|----------------|--------------| | 4T default | ❌ Crash | ✅ 838,445 ops/s | 🎉 Stable | | Stability (2x) | - | ✅ Same score | Reproducible | ## Remaining Issue ❌ HAKMEM_TINY_REFILL_COUNT_HOT=64 triggers crash (class=4 OOM) - Suspected: TLS cache over-accumulation or memory leak - Next: Investigate HAKMEM_TINY_FAST_CAP interaction 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-07 12:37:23 +09:00
Fix report: P0 batch refill active counter bug documented; add flow diagram and patch excerpt; CLAUDE phase 6-2.3 notes; CURRENT_TASK updated with root cause, fix, and open items.
2025-11-07 12:39:53 +09:00
Flow (before fix)
Fix: Active counter double-decrement in P0 batch refill (4T crash → stable) ## Problem HAKMEM 4T crashed with "free(): invalid pointer" on startup: - System/mimalloc: 3.3M ops/s ✅ - HAKMEM 1T: 838K ops/s (-75%) ⚠️ - HAKMEM 4T: Crash (Exit 134) ❌ Error: superslab_refill returned NULL (OOM), active=0, bitmap=0x00000000 ## Root Cause (Ultrathink Task Agent Investigation) Active counter double-decrement when re-allocating from freelist: 1. Free → counter-- ✅ 2. Remote drain → add to freelist (no counter change) ✅ 3. P0 batch refill → move to TLS cache (forgot counter++) ❌ BUG! 4. Next free → counter-- ❌ Double decrement! Result: Counter underflow → SuperSlab appears "full" → OOM → crash ## Fix (1 line) File: core/hakmem_tiny_refill_p0.inc.h:103 +ss_active_add(tls->ss, from_freelist); Reason: Freelist re-allocation moves block from "free" to "allocated" state, so active counter MUST increment. ## Verification | Setting | Before | After | Result | |----------------|---------|----------------|--------------| | 4T default | ❌ Crash | ✅ 838,445 ops/s | 🎉 Stable | | Stability (2x) | - | ✅ Same score | Reproducible | ## Remaining Issue ❌ HAKMEM_TINY_REFILL_COUNT_HOT=64 triggers crash (class=4 OOM) - Suspected: TLS cache over-accumulation or memory leak - Next: Investigate HAKMEM_TINY_FAST_CAP interaction 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-07 12:37:23 +09:00
```
Fix report: P0 batch refill active counter bug documented; add flow diagram and patch excerpt; CLAUDE phase 6-2.3 notes; CURRENT_TASK updated with root cause, fix, and open items.
2025-11-07 12:39:53 +09:00
free(ptr)
-> Box 2 remote_push (cross-thread)
- active-- (on free) [OK]
- goes into SS freelist [no active change]
Fix: Active counter double-decrement in P0 batch refill (4T crash → stable) ## Problem HAKMEM 4T crashed with "free(): invalid pointer" on startup: - System/mimalloc: 3.3M ops/s ✅ - HAKMEM 1T: 838K ops/s (-75%) ⚠️ - HAKMEM 4T: Crash (Exit 134) ❌ Error: superslab_refill returned NULL (OOM), active=0, bitmap=0x00000000 ## Root Cause (Ultrathink Task Agent Investigation) Active counter double-decrement when re-allocating from freelist: 1. Free → counter-- ✅ 2. Remote drain → add to freelist (no counter change) ✅ 3. P0 batch refill → move to TLS cache (forgot counter++) ❌ BUG! 4. Next free → counter-- ❌ Double decrement! Result: Counter underflow → SuperSlab appears "full" → OOM → crash ## Fix (1 line) File: core/hakmem_tiny_refill_p0.inc.h:103 +ss_active_add(tls->ss, from_freelist); Reason: Freelist re-allocation moves block from "free" to "allocated" state, so active counter MUST increment. ## Verification | Setting | Before | After | Result | |----------------|---------|----------------|--------------| | 4T default | ❌ Crash | ✅ 838,445 ops/s | 🎉 Stable | | Stability (2x) | - | ✅ Same score | Reproducible | ## Remaining Issue ❌ HAKMEM_TINY_REFILL_COUNT_HOT=64 triggers crash (class=4 OOM) - Suspected: TLS cache over-accumulation or memory leak - Next: Investigate HAKMEM_TINY_FAST_CAP interaction 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-07 12:37:23 +09:00
Fix report: P0 batch refill active counter bug documented; add flow diagram and patch excerpt; CLAUDE phase 6-2.3 notes; CURRENT_TASK updated with root cause, fix, and open items.
2025-11-07 12:39:53 +09:00
refill (P0 batch)
-> trc_pop_from_freelist(meta, want)
- splice to TLS SLL [OK]
- MISSING: active += taken [BUG]
Fix: Active counter double-decrement in P0 batch refill (4T crash → stable) ## Problem HAKMEM 4T crashed with "free(): invalid pointer" on startup: - System/mimalloc: 3.3M ops/s ✅ - HAKMEM 1T: 838K ops/s (-75%) ⚠️ - HAKMEM 4T: Crash (Exit 134) ❌ Error: superslab_refill returned NULL (OOM), active=0, bitmap=0x00000000 ## Root Cause (Ultrathink Task Agent Investigation) Active counter double-decrement when re-allocating from freelist: 1. Free → counter-- ✅ 2. Remote drain → add to freelist (no counter change) ✅ 3. P0 batch refill → move to TLS cache (forgot counter++) ❌ BUG! 4. Next free → counter-- ❌ Double decrement! Result: Counter underflow → SuperSlab appears "full" → OOM → crash ## Fix (1 line) File: core/hakmem_tiny_refill_p0.inc.h:103 +ss_active_add(tls->ss, from_freelist); Reason: Freelist re-allocation moves block from "free" to "allocated" state, so active counter MUST increment. ## Verification | Setting | Before | After | Result | |----------------|---------|----------------|--------------| | 4T default | ❌ Crash | ✅ 838,445 ops/s | 🎉 Stable | | Stability (2x) | - | ✅ Same score | Reproducible | ## Remaining Issue ❌ HAKMEM_TINY_REFILL_COUNT_HOT=64 triggers crash (class=4 OOM) - Suspected: TLS cache over-accumulation or memory leak - Next: Investigate HAKMEM_TINY_FAST_CAP interaction 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-07 12:37:23 +09:00
Fix report: P0 batch refill active counter bug documented; add flow diagram and patch excerpt; CLAUDE phase 6-2.3 notes; CURRENT_TASK updated with root cause, fix, and open items.
2025-11-07 12:39:53 +09:00
alloc() uses SLL
Fix: Active counter double-decrement in P0 batch refill (4T crash → stable) ## Problem HAKMEM 4T crashed with "free(): invalid pointer" on startup: - System/mimalloc: 3.3M ops/s ✅ - HAKMEM 1T: 838K ops/s (-75%) ⚠️ - HAKMEM 4T: Crash (Exit 134) ❌ Error: superslab_refill returned NULL (OOM), active=0, bitmap=0x00000000 ## Root Cause (Ultrathink Task Agent Investigation) Active counter double-decrement when re-allocating from freelist: 1. Free → counter-- ✅ 2. Remote drain → add to freelist (no counter change) ✅ 3. P0 batch refill → move to TLS cache (forgot counter++) ❌ BUG! 4. Next free → counter-- ❌ Double decrement! Result: Counter underflow → SuperSlab appears "full" → OOM → crash ## Fix (1 line) File: core/hakmem_tiny_refill_p0.inc.h:103 +ss_active_add(tls->ss, from_freelist); Reason: Freelist re-allocation moves block from "free" to "allocated" state, so active counter MUST increment. ## Verification | Setting | Before | After | Result | |----------------|---------|----------------|--------------| | 4T default | ❌ Crash | ✅ 838,445 ops/s | 🎉 Stable | | Stability (2x) | - | ✅ Same score | Reproducible | ## Remaining Issue ❌ HAKMEM_TINY_REFILL_COUNT_HOT=64 triggers crash (class=4 OOM) - Suspected: TLS cache over-accumulation or memory leak - Next: Investigate HAKMEM_TINY_FAST_CAP interaction 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-07 12:37:23 +09:00
Fix report: P0 batch refill active counter bug documented; add flow diagram and patch excerpt; CLAUDE phase 6-2.3 notes; CURRENT_TASK updated with root cause, fix, and open items.
2025-11-07 12:39:53 +09:00
free(ptr) (again)
-> active-- (but not incremented before) → double-decrement
-> active underflow → OOM perceived
-> superslab_refill returns NULL → crash path (free(): invalid pointer)
Fix: Active counter double-decrement in P0 batch refill (4T crash → stable) ## Problem HAKMEM 4T crashed with "free(): invalid pointer" on startup: - System/mimalloc: 3.3M ops/s ✅ - HAKMEM 1T: 838K ops/s (-75%) ⚠️ - HAKMEM 4T: Crash (Exit 134) ❌ Error: superslab_refill returned NULL (OOM), active=0, bitmap=0x00000000 ## Root Cause (Ultrathink Task Agent Investigation) Active counter double-decrement when re-allocating from freelist: 1. Free → counter-- ✅ 2. Remote drain → add to freelist (no counter change) ✅ 3. P0 batch refill → move to TLS cache (forgot counter++) ❌ BUG! 4. Next free → counter-- ❌ Double decrement! Result: Counter underflow → SuperSlab appears "full" → OOM → crash ## Fix (1 line) File: core/hakmem_tiny_refill_p0.inc.h:103 +ss_active_add(tls->ss, from_freelist); Reason: Freelist re-allocation moves block from "free" to "allocated" state, so active counter MUST increment. ## Verification | Setting | Before | After | Result | |----------------|---------|----------------|--------------| | 4T default | ❌ Crash | ✅ 838,445 ops/s | 🎉 Stable | | Stability (2x) | - | ✅ Same score | Reproducible | ## Remaining Issue ❌ HAKMEM_TINY_REFILL_COUNT_HOT=64 triggers crash (class=4 OOM) - Suspected: TLS cache over-accumulation or memory leak - Next: Investigate HAKMEM_TINY_FAST_CAP interaction 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-07 12:37:23 +09:00
```
Fix report: P0 batch refill active counter bug documented; add flow diagram and patch excerpt; CLAUDE phase 6-2.3 notes; CURRENT_TASK updated with root cause, fix, and open items.
2025-11-07 12:39:53 +09:00
After fix
Fix: Active counter double-decrement in P0 batch refill (4T crash → stable) ## Problem HAKMEM 4T crashed with "free(): invalid pointer" on startup: - System/mimalloc: 3.3M ops/s ✅ - HAKMEM 1T: 838K ops/s (-75%) ⚠️ - HAKMEM 4T: Crash (Exit 134) ❌ Error: superslab_refill returned NULL (OOM), active=0, bitmap=0x00000000 ## Root Cause (Ultrathink Task Agent Investigation) Active counter double-decrement when re-allocating from freelist: 1. Free → counter-- ✅ 2. Remote drain → add to freelist (no counter change) ✅ 3. P0 batch refill → move to TLS cache (forgot counter++) ❌ BUG! 4. Next free → counter-- ❌ Double decrement! Result: Counter underflow → SuperSlab appears "full" → OOM → crash ## Fix (1 line) File: core/hakmem_tiny_refill_p0.inc.h:103 +ss_active_add(tls->ss, from_freelist); Reason: Freelist re-allocation moves block from "free" to "allocated" state, so active counter MUST increment. ## Verification | Setting | Before | After | Result | |----------------|---------|----------------|--------------| | 4T default | ❌ Crash | ✅ 838,445 ops/s | 🎉 Stable | | Stability (2x) | - | ✅ Same score | Reproducible | ## Remaining Issue ❌ HAKMEM_TINY_REFILL_COUNT_HOT=64 triggers crash (class=4 OOM) - Suspected: TLS cache over-accumulation or memory leak - Next: Investigate HAKMEM_TINY_FAST_CAP interaction 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-07 12:37:23 +09:00
```
Fix report: P0 batch refill active counter bug documented; add flow diagram and patch excerpt; CLAUDE phase 6-2.3 notes; CURRENT_TASK updated with root cause, fix, and open items.
2025-11-07 12:39:53 +09:00
refill (P0 batch)
-> trc_pop_from_freelist(...)
- splice to TLS SLL
- active += from_freelist [FIX]
-> trc_linear_carve(...)
- active += batch [asserted]
Fix: Active counter double-decrement in P0 batch refill (4T crash → stable) ## Problem HAKMEM 4T crashed with "free(): invalid pointer" on startup: - System/mimalloc: 3.3M ops/s ✅ - HAKMEM 1T: 838K ops/s (-75%) ⚠️ - HAKMEM 4T: Crash (Exit 134) ❌ Error: superslab_refill returned NULL (OOM), active=0, bitmap=0x00000000 ## Root Cause (Ultrathink Task Agent Investigation) Active counter double-decrement when re-allocating from freelist: 1. Free → counter-- ✅ 2. Remote drain → add to freelist (no counter change) ✅ 3. P0 batch refill → move to TLS cache (forgot counter++) ❌ BUG! 4. Next free → counter-- ❌ Double decrement! Result: Counter underflow → SuperSlab appears "full" → OOM → crash ## Fix (1 line) File: core/hakmem_tiny_refill_p0.inc.h:103 +ss_active_add(tls->ss, from_freelist); Reason: Freelist re-allocation moves block from "free" to "allocated" state, so active counter MUST increment. ## Verification | Setting | Before | After | Result | |----------------|---------|----------------|--------------| | 4T default | ❌ Crash | ✅ 838,445 ops/s | 🎉 Stable | | Stability (2x) | - | ✅ Same score | Reproducible | ## Remaining Issue ❌ HAKMEM_TINY_REFILL_COUNT_HOT=64 triggers crash (class=4 OOM) - Suspected: TLS cache over-accumulation or memory leak - Next: Investigate HAKMEM_TINY_FAST_CAP interaction 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-07 12:37:23 +09:00
```
Fix report: P0 batch refill active counter bug documented; add flow diagram and patch excerpt; CLAUDE phase 6-2.3 notes; CURRENT_TASK updated with root cause, fix, and open items.
2025-11-07 12:39:53 +09:00
Verification Hooks
- One-shot OOM prints from superslab_refill
- Optional: `HAKMEM_TINY_DEBUG_REMOTE_GUARD=1` and `HAKMEM_TINY_TRACE_RING=1`
Fix: Active counter double-decrement in P0 batch refill (4T crash → stable) ## Problem HAKMEM 4T crashed with "free(): invalid pointer" on startup: - System/mimalloc: 3.3M ops/s ✅ - HAKMEM 1T: 838K ops/s (-75%) ⚠️ - HAKMEM 4T: Crash (Exit 134) ❌ Error: superslab_refill returned NULL (OOM), active=0, bitmap=0x00000000 ## Root Cause (Ultrathink Task Agent Investigation) Active counter double-decrement when re-allocating from freelist: 1. Free → counter-- ✅ 2. Remote drain → add to freelist (no counter change) ✅ 3. P0 batch refill → move to TLS cache (forgot counter++) ❌ BUG! 4. Next free → counter-- ❌ Double decrement! Result: Counter underflow → SuperSlab appears "full" → OOM → crash ## Fix (1 line) File: core/hakmem_tiny_refill_p0.inc.h:103 +ss_active_add(tls->ss, from_freelist); Reason: Freelist re-allocation moves block from "free" to "allocated" state, so active counter MUST increment. ## Verification | Setting | Before | After | Result | |----------------|---------|----------------|--------------| | 4T default | ❌ Crash | ✅ 838,445 ops/s | 🎉 Stable | | Stability (2x) | - | ✅ Same score | Reproducible | ## Remaining Issue ❌ HAKMEM_TINY_REFILL_COUNT_HOT=64 triggers crash (class=4 OOM) - Suspected: TLS cache over-accumulation or memory leak - Next: Investigate HAKMEM_TINY_FAST_CAP interaction 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-07 12:37:23 +09:00
Reference in New Issue Copy Permalink