When CDS dumping is enabled, some special initialization happens during VM init. However, many of these calls do not properly check for exception. Instead, they rely on the implicit knowledge that metaspace::allocate() will exit the VM when allocation fails. This makes the code hard to understand and tightly coupled to metaspace::allocate().

Example:

#0 SharedClassPathEntry::set_name ()
#1 SharedClassPathEntry::init ()
#2 FileMapInfo::add_shared_classpaths ()
#3 FileMapInfo::allocate_shared_path_table ()
#4 ClassLoader::initialize_module_path ()
#5 Threads::create_vm ()

void SharedClassPathEntry::set_name(const char* name, TRAPS) {
  size_t len = strlen(name) + 1;
  _name = MetadataFactory::new_array<char>(ClassLoaderData::the_null_class_loader_data(), (int)len, THREAD);
  strcpy(_name->data(), name);
}

We could apply strcpy to NULL.

 if (ent->is_jar() && !ent->is_signed() && ent->manifest() != NULL) {
    Array<u1>* buf = MetadataFactory::new_array<u1>(loader_data,
                                                    ent->manifest_size(),
                                                    THREAD);
    char* p = (char*)(buf->data());
 
We could access NULL->data

=================
Proposed fix -- all code that makes allocation should be using CHECK macros, so each block of code can be individually understood without considering the behavior of metaspace::allocate().