# HG changeset patch
# User brutisso
# Date 1320217463 -3600
# Node ID ed80554efa25daff2ee919c6a69cdae3c4d8c112
# Parent  6fd81579526f55a6d5f997de1061f2e40dadfa56
7106751: G1: gc/gctests/nativeGC03 crashes VM with SIGSEGV
Summary: _cset_rs_update_cl[] was indexed with values beyond what it is set up to handle.
Reviewed-by: ysr, jmasa, johnc

diff -r 6fd81579526f -r ed80554efa25 src/share/vm/gc_implementation/g1/g1RemSet.cpp
--- a/src/share/vm/gc_implementation/g1/g1RemSet.cpp	Mon Oct 31 08:01:20 2011 +0100
+++ b/src/share/vm/gc_implementation/g1/g1RemSet.cpp	Wed Nov 02 08:04:23 2011 +0100
@@ -635,10 +635,18 @@
   ct_freq_note_card(_ct_bs->index_for(start));
 #endif
 
-  assert(!check_for_refs_into_cset || _cset_rs_update_cl[worker_i] != NULL, "sanity");
+  OopsInHeapRegionClosure* oops_in_heap_closure = NULL;
+  if (check_for_refs_into_cset) {
+    // ConcurrentG1RefineThreads have worker numbers larger than what
+    // _cset_rs_update_cl[] is set up to handle. But those threads should
+    // only be active outside of a collection which means that when they
+    // reach here they should have check_for_refs_into_cset == false.
+    assert((size_t)worker_i < n_workers(), "index of worker larger than _cset_rs_update_cl[].length");
+    oops_in_heap_closure = _cset_rs_update_cl[worker_i];
+  }
   UpdateRSOrPushRefOopClosure update_rs_oop_cl(_g1,
                                                _g1->g1_rem_set(),
-                                               _cset_rs_update_cl[worker_i],
+                                               oops_in_heap_closure,
                                                check_for_refs_into_cset,
                                                worker_i);
   update_rs_oop_cl.set_from(r);