Integrated: 8352185: Shenandoah: Invalid logic for remembered set verification

Xiaolong Peng xpeng at openjdk.org
Mon Mar 31 18:16:29 UTC 2025 

On Tue, 18 Mar 2025 00:19:35 GMT, Xiaolong Peng <xpeng at openjdk.org> wrote:

> There are some scenarios in which GenShen may have improper remembered set verification logic:
> 
> 1. Concurrent young cycles following a Full GC:
> 
> In the end of ShenandoahFullGC, it resets bitmaps for the entire heap w/o resetting marking context to be incomplete, but ShenandoahVerifier has code like below to get a complete old marking context for remembered set verification
> 
> 
> ShenandoahVerifier  
> ShenandoahMarkingContext* ShenandoahVerifier::get_marking_context_for_old() {
>   shenandoah_assert_generations_reconciled();
>   if (_heap->old_generation()->is_mark_complete() || _heap->gc_generation()->is_global()) {
>     return _heap->complete_marking_context();
>   }
>   return nullptr;
> }
> 
> 
> For the concurrent young GC cycles after a full GC, the old marking context used for remembered set verification is stale, and may cause unexpected result. 
> 
> 2. For the impl of `ShenandoahVerifier::get_marking_context_for_old` mentioned above, it always return a marking context for global GC, but marking bitmaps is already reset before before init-mark, `ShenandoahVerifier::help_verify_region_rem_set` always skip verification in this case. 
> 
> 3. ShenandoahConcurrentGC always clean remembered set read table, but only swap read/write table when gc generation is young, this issue causes remembered set verification before init-mark to use a completely clean remembered set, but it is covered by issue 2. 
> 
> 4. After concurrent young cycle evacuates objects from a young region, it update refs using marking bitmaps from marking context, therefore it won't update references of dead old objects(is_marked(obj) is false: obj is not marking strong/weak and it is below tams). In this case, if the next cycle if global concurrent GC, remembered set can't be verified before init-mark because of the dead pointers. 
> 
> ### Solution
> * After a full GC, always set marking completeness flag to false after reseting the marking bitmaps.
> * Because there could be dead pointers in old gen were not updated to point to new address after evacuation and refs update, we should disable rem-set validation before init-mark&update-refs if old marking context is incomplete. 
> 
> ### Test
> - [x] `make test TEST=hotspot_gc_shenandoah`
> - [x] GHA

This pull request has now been integrated.

Changeset: 4d1de46c
Author:    Xiaolong Peng <xpeng at openjdk.org>
URL:       https://git.openjdk.org/jdk/commit/4d1de46cb882bade5781255b646f623b55d7180f
Stats:     51 lines in 4 files changed: 27 ins; 16 del; 8 mod

8352185: Shenandoah: Invalid logic for remembered set verification
8345399: GenShen: Error: Verify init-mark remembered set violation; clean card should be dirty

Reviewed-by: ysr, kdnilsen, wkemper

-------------

PR: https://git.openjdk.org/jdk/pull/24092

More information about the shenandoah-dev mailing list