-
Bug
-
Resolution: Fixed
-
P2
-
8u40
-
b01
-
Not verified
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8183637 | 8u161 | Coleen Phillimore | P2 | Resolved | Fixed | b01 |
JDK-8192202 | emb-8u161 | Coleen Phillimore | P2 | Resolved | Fixed | b01 |
JDK-8167507 | 7 | Kevin Walls | P2 | Closed | Not an Issue |
The problem is that get_class_loader resolves handles while in native.
If line 989 gets executed while GC is moving cls then we may get an incorrect value or even a crash if we are unlucky.
The same goes for line 992.
At line 993 and 994 we may read a stale value for k->class_loader() and return a JNI handle to an invalid object.
988 static jobject get_class_loader(JNIEnv* env, jclass cls) {
989 if (java_lang_Class::is_primitive(JNIHandles::resolve_non_null(cls))) {
990 return NULL;
991 }
992 Klass* k = java_lang_Class::as_Klass(JNIHandles::resolve_non_null(cls));
993 oop loader = k->class_loader();
994 return JNIHandles::make_local(env, loader);
995 }
Suggested fix is to call get_class_loader before transitioning to native in Unsafe_DefineClass0
See email trail at:
http://mail.openjdk.java.net/pipermail/hotspot-dev/2016-July/024022.html
If line 989 gets executed while GC is moving cls then we may get an incorrect value or even a crash if we are unlucky.
The same goes for line 992.
At line 993 and 994 we may read a stale value for k->class_loader() and return a JNI handle to an invalid object.
988 static jobject get_class_loader(JNIEnv* env, jclass cls) {
989 if (java_lang_Class::is_primitive(JNIHandles::resolve_non_null(cls))) {
990 return NULL;
991 }
992 Klass* k = java_lang_Class::as_Klass(JNIHandles::resolve_non_null(cls));
993 oop loader = k->class_loader();
994 return JNIHandles::make_local(env, loader);
995 }
Suggested fix is to call get_class_loader before transitioning to native in Unsafe_DefineClass0
See email trail at:
http://mail.openjdk.java.net/pipermail/hotspot-dev/2016-July/024022.html
- backported by
-
JDK-8183637 Unsafe_DefineClass0 accesses raw oops while in _thread_in_native
-
- Resolved
-
-
JDK-8192202 Unsafe_DefineClass0 accesses raw oops while in _thread_in_native
-
- Resolved
-
-
JDK-8167507 Unsafe_DefineClass0 accesses raw oops while in _thread_in_native
-
- Closed
-
- relates to
-
JDK-8167372 Add code to check for getting oops while thread is in native
-
- Resolved
-