-
Enhancement
-
Resolution: Won't Fix
-
P4
-
19
In some internal cases, serialization framework may improperly generate an object of wrong type, which leads JVM randomly crashes during method resolution.
For example:
```
invokevirtual selected method: receiver-class:java.util.ArrayList, resolved-class:com.taobao.forest.domain.util.LongMapSupportArrayList, resolved_method:com.taobao.forest.domain.util.LongMapSupportArrayList.toMap()Ljava/util/Map;, selected_method:0x458, vtable_index:56#
```
The type of receiver is ArrayList, while the resolved method is LongMapSupportArrayList.toMap. VM attempts to select method as if looking up from receiver's vtable via vtable index of resolved method, an invalid method would be selected, thus causing some strange crashes.
It's reasonable to add type compatibility check before method lookup. If such an incompatible call is found, JVM could throw an exception instead.
For example:
```
invokevirtual selected method: receiver-class:java.util.ArrayList, resolved-class:com.taobao.forest.domain.util.LongMapSupportArrayList, resolved_method:com.taobao.forest.domain.util.LongMapSupportArrayList.toMap()Ljava/util/Map;, selected_method:0x458, vtable_index:56#
```
The type of receiver is ArrayList, while the resolved method is LongMapSupportArrayList.toMap. VM attempts to select method as if looking up from receiver's vtable via vtable index of resolved method, an invalid method would be selected, thus causing some strange crashes.
It's reasonable to add type compatibility check before method lookup. If such an incompatible call is found, JVM could throw an exception instead.
- relates to
-
JDK-8283441 C2: segmentation fault in ciMethodBlocks::make_block_at(int)
-
- Resolved
-
- links to
-
Review
openjdk/jdk/8241