Integrated: 8351081: Off-by-one error in ShenandoahCardCluster
Cesar Soares Lucas
cslucas at openjdk.org
Tue Mar 4 21:47:57 UTC 2025
On Tue, 4 Mar 2025 04:06:00 GMT, Cesar Soares Lucas <cslucas at openjdk.org> wrote:
> Given certain values for the variables in [this expression](https://github.com/openjdk/jdk/blob/a87dd1a75f78cf872df49bea83ba48af8acfa2fd/src/hotspot/share/gc/shenandoah/shenandoahScanRemembered.cpp#L173) the result of the computation can be equal to `_ rs->total_cards()` which will lead to segmentation fault, for instance in [starts_object(card_at_end)](https://github.com/openjdk/jdk/blob/a87dd1a75f78cf872df49bea83ba48af8acfa2fd/src/hotspot/share/gc/shenandoah/shenandoahScanRemembered.hpp#L393). The problem happens, though, because the `_object_starts` array doesn't have a [guarding entry](https://github.com/openjdk/jdk/blob/a87dd1a75f78cf872df49bea83ba48af8acfa2fd/src/hotspot/share/gc/shenandoah/shenandoahCardTable.cpp#L37) at the end. This pull request adjusts the allocation of `_object_starts` to include an additional entry at the end to account for this situation.
>
> Tested with JTREG tier 1-4, x86_64 & AArch64 on Linux.
This pull request has now been integrated.
Changeset: 38b4d46c
Author: Cesar Soares Lucas <cslucas at openjdk.org>
Committer: William Kemper <wkemper at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/38b4d46c1ff3701d75ff8347e5edbb01acd9b512
Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod
8351081: Off-by-one error in ShenandoahCardCluster
Reviewed-by: wkemper
-------------
PR: https://git.openjdk.org/jdk/pull/23882
More information about the shenandoah-dev
mailing list