RFR: 8351081: Off-by-one error in ShenandoahCardCluster
Cesar Soares Lucas
cslucas at openjdk.org
Tue Mar 4 04:10:25 UTC 2025
Given certain values for the variables in [this expression](https://github.com/openjdk/jdk/blob/a87dd1a75f78cf872df49bea83ba48af8acfa2fd/src/hotspot/share/gc/shenandoah/shenandoahScanRemembered.cpp#L173) the result of the computation can be equal to `_ rs->total_cards()` which will lead to segmentation fault, for instance in [starts_object(card_at_end)](https://github.com/openjdk/jdk/blob/a87dd1a75f78cf872df49bea83ba48af8acfa2fd/src/hotspot/share/gc/shenandoah/shenandoahScanRemembered.hpp#L393). The problem happens, though, because the `_object_starts` array doesn't have a [guarding entry](https://github.com/openjdk/jdk/blob/a87dd1a75f78cf872df49bea83ba48af8acfa2fd/src/hotspot/share/gc/shenandoah/shenandoahCardTable.cpp#L37) at the end. This pull request adjusts the allocation of `_object_starts` to include an additional entry at the end to account for this situation.
Tested with JTREG tier 1-4, x86_64 & AArch64 on Linux.
-------------
Commit messages:
- Adjust allocation of object_starts
Changes: https://git.openjdk.org/jdk/pull/23882/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=23882&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8351081
Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod
Patch: https://git.openjdk.org/jdk/pull/23882.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/23882/head:pull/23882
PR: https://git.openjdk.org/jdk/pull/23882
More information about the shenandoah-dev
mailing list