7106751: G1: gc/gctests/nativeGC03 crashes VM with SIGSEGV
Summary: _cset_rs_update_cl[] was indexed with values beyond what it is set up to handle.
Reviewed-by: ysr, jmasa, johnc
--- a/hotspot/src/share/vm/gc_implementation/g1/g1RemSet.cpp Mon Oct 31 08:01:20 2011 +0100
+++ b/hotspot/src/share/vm/gc_implementation/g1/g1RemSet.cpp Wed Nov 02 08:04:23 2011 +0100
@@ -635,10 +635,18 @@
ct_freq_note_card(_ct_bs->index_for(start));
#endif
- assert(!check_for_refs_into_cset || _cset_rs_update_cl[worker_i] != NULL, "sanity");
+ OopsInHeapRegionClosure* oops_in_heap_closure = NULL;
+ if (check_for_refs_into_cset) {
+ // ConcurrentG1RefineThreads have worker numbers larger than what
+ // _cset_rs_update_cl[] is set up to handle. But those threads should
+ // only be active outside of a collection which means that when they
+ // reach here they should have check_for_refs_into_cset == false.
+ assert((size_t)worker_i < n_workers(), "index of worker larger than _cset_rs_update_cl[].length");
+ oops_in_heap_closure = _cset_rs_update_cl[worker_i];
+ }
UpdateRSOrPushRefOopClosure update_rs_oop_cl(_g1,
_g1->g1_rem_set(),
- _cset_rs_update_cl[worker_i],
+ oops_in_heap_closure,
check_for_refs_into_cset,
worker_i);
update_rs_oop_cl.set_from(r);