One heap use-after-free is found by AddressSanitizer when building release JDK after JDK-8290833
Here shows the configuration info and the output of AddressSanitizer.
====================================================
A new configuration has been successfully created in
/home/test/build-release
using configure arguments '--with-boot-jdk=/home/jdk/boot-jdk/x86_64/jdk18 --disable-precompiled-headers --with-debug-level=release --with-version-opt=git-e44e3f0c1 --enable-asan --with-gtest=/home/jdk/tools/googletest'.
Configuration summary:
* Name: /home/test/build-release
* Debug level: release
* HS debug level: product
* JVM variants: server
* JVM features: server: 'cds compiler1 compiler2 dtrace epsilongc g1gc jfr jni-check jvmci jvmti management parallelgc serialgc services shenandoahgc vm-structs zgc'
* OpenJDK target: OS: linux, CPU architecture: x86, address length: 64
* Version string: 20-internal-git-e44e3f0c1 (20-internal)
* Source date: 1660683919 (2022-08-16T21:05:19Z)
Tools summary:
* Boot JDK: openjdk version "18-internal" 2022-03-22 OpenJDK Runtime Environment (build 18-internal+0-git-0f2113cee) OpenJDK 64-Bit Server VM (build 18-internal+0-git-0f2113cee, mixed mode, (at /home/jdk/boot-jdk/x86_64/jdk18)
* Toolchain: gcc (GNU Compiler Collection)
* C Compiler: Version 10.3.0 (at /usr/bin/gcc)
* C++ Compiler: Version 10.3.0 (at /usr/bin/g++)
Build performance summary:
* Build jobs: 64
* Memory limit: 128408 MB
=================================================================
==67175==ERROR: AddressSanitizer: heap-use-after-free on address 0x6030000aad50 at pc 0x7f57de7bccff bp 0x7f56cb71d040 sp 0x7f56cb71d030
READ of size 8 at 0x6030000aad50 thread T7 (VM Thread)
#0 0x7f57de7bccfe in SystemDictionaryShared::remove_saved_cpcache_entries_locked(ConstantPoolCache*) (/home/test/build-release/support/interim-image/lib/server/+0x35bdcfe)
#1 0x7f57de7bcfb5 in SystemDictionaryShared::remove_dumptime_info(InstanceKlass*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x35bdfb5)
#2 0x7f57de7bd45f in SystemDictionaryShared::handle_class_unloading(InstanceKlass*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x35be45f)
#3 0x7f57dcf3e805 in InstanceKlass::unload_class(InstanceKlass*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x1d3f805)
#4 0x7f57dc3c9367 in ClassLoaderData::unload() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x11ca367)
#5 0x7f57dc3d573f in ClassLoaderDataGraph::do_unloading() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x11d673f)
#6 0x7f57de78ee81 in SystemDictionary::do_unloading(GCTimer*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x358fe81)
#7 0x7f57dcaf63da in G1FullCollector::phase1_mark_live_objects() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x18f73da)
#8 0x7f57dcaf673d in G1FullCollector::collect() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x18f773d)
#9 0x7f57dca37bf2 in G1CollectedHeap::do_full_collection(bool, bool, bool) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x1838bf2)
#10 0x7f57dc4640b4 in CollectedHeap::collect_as_vm_thread(GCCause::Cause) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x12650b4)
#11 0x7f57dcec80dd in HeapShared::run_full_gc_in_vm_thread() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x1cc90dd)
#12 0x7f57ddd9b103 in VM_PopulateDumpSharedSpace::doit() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2b9c103)
#13 0x7f57dea6006d in VM_Operation::evaluate() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x386106d)
#14 0x7f57dea69eed in VMThread::evaluate_operation(VM_Operation*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x386aeed)
#15 0x7f57dea6cc4a in VMThread::inner_execute(VM_Operation*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x386dc4a)
#16 0x7f57dea6d306 in VMThread::run() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x386e306)
#17 0x7f57de87c412 in Thread::call_run() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x367d412)
#18 0x7f57ddf7f1b5 in thread_native_entry(Thread*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2d801b5)
#19 0x7f57e2545608 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x8608)
#20 0x7f57e2462132 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x11f132)
0x6030000aad50 is located 16 bytes inside of 32-byte region [0x6030000aad40,0x6030000aad60)
freed by thread T7 (VM Thread) here:
#0 0x7f57e265c1c7 in __interceptor_free ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:123
#1 0x7f57de7bcc67 in SystemDictionaryShared::remove_saved_cpcache_entries_locked(ConstantPoolCache*) (/home/test/build-release/support/interim-image/lib/server/+0x35bdc67)
#2 0x7f57de7bcfb5 in SystemDictionaryShared::remove_dumptime_info(InstanceKlass*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x35bdfb5)
#3 0x7f57de7bd45f in SystemDictionaryShared::handle_class_unloading(InstanceKlass*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x35be45f)
#4 0x7f57dcf3e805 in InstanceKlass::unload_class(InstanceKlass*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x1d3f805)
#5 0x7f57dc3c9367 in ClassLoaderData::unload() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x11ca367)
#6 0x7f57dc3d573f in ClassLoaderDataGraph::do_unloading() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x11d673f)
#7 0x7f57de78ee81 in SystemDictionary::do_unloading(GCTimer*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x358fe81)
#8 0x7f57dcaf63da in G1FullCollector::phase1_mark_live_objects() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x18f73da)
#9 0x7f57dcaf673d in G1FullCollector::collect() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x18f773d)
#10 0x7f57dca37bf2 in G1CollectedHeap::do_full_collection(bool, bool, bool) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x1838bf2)
#11 0x7f57dc4640b4 in CollectedHeap::collect_as_vm_thread(GCCause::Cause) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x12650b4)
#12 0x7f57dcec80dd in HeapShared::run_full_gc_in_vm_thread() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x1cc90dd)
#13 0x7f57ddd9b103 in VM_PopulateDumpSharedSpace::doit() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2b9c103)
#14 0x7f57dea6006d in VM_Operation::evaluate() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x386106d)
#15 0x7f57dea69eed in VMThread::evaluate_operation(VM_Operation*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x386aeed)
#16 0x7f57dea6cc4a in VMThread::inner_execute(VM_Operation*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x386dc4a)
#17 0x7f57dea6d306 in VMThread::run() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x386e306)
#18 0x7f57de87c412 in Thread::call_run() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x367d412)
#19 0x7f57ddf7f1b5 in thread_native_entry(Thread*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2d801b5)
#20 0x7f57e2545608 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x8608)
previously allocated by thread T1 here:
#0 0x7f57e265c527 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
#1 0x7f57ddf661fa in os::malloc(unsigned long, MEMFLAGS, NativeCallStack const&) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2d671fa)
#2 0x7f57dbc0ec3c in ResourceObj::operator new(unsigned long, ResourceObj::allocation_type, MEMFLAGS) (/home/test/build-release/support/interim-image/lib/server/+0xa0fc3c)
#3 0x7f57de7bc889 in SystemDictionaryShared::set_saved_cpcache_entries(ConstantPoolCache*, ConstantPoolCacheEntry*) (/home/test/build-release/support/interim-image/lib/server/+0x35bd889)
#4 0x7f57de1c3067 in Rewriter::make_constant_pool_cache(JavaThread*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2fc4067)
#5 0x7f57de1caab2 in Rewriter::Rewriter(InstanceKlass*, constantPoolHandle const&, Array<Method*>*, JavaThread*) (/home/test/build-release/support/interim-image/lib/server/+0x2fcbab2)
#6 0x7f57de1cb733 in Rewriter::rewrite(InstanceKlass*, JavaThread*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2fcc733)
#7 0x7f57dcf44d2e in InstanceKlass::link_class_impl(JavaThread*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x1d45d2e)
#8 0x7f57dcf452df in InstanceKlass::link_class(JavaThread*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x1d462df)
#9 0x7f57de79ce49 in SystemDictionary::resolve_hidden_class_from_stream(ClassFileStream*, Symbol*, Handle, ClassLoadInfo const&, JavaThread*) (/home/test/build-release/support/mage/lib/server/libjvm.so+0x359de49)
#10 0x7f57dd3f8c86 in jvm_lookup_define_class(_jclass*, char const*, signed char const*, int, _jobject*, unsigned char, int, _jobject*, JavaThread*) (/home/test/build-release/nterim-image/lib/server/libjvm.so+0x21f9c86)
#11 0x7f57dd3f9d0d in JVM_LookupDefineClass (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x21fad0d)
#12 0x7f57d9576932 in Java_java_lang_ClassLoader_defineClass0 (/home/test/build-release/support/interim-image/lib/libjava.so+0x1c932)
#13 0x7f57d6578e10 (<unknown module>)
#14 0x7f57d6574d8e (<unknown module>)
#15 0x7f57d65751ea (<unknown module>)
#16 0x7f57d6574d8e (<unknown module>)
#17 0x7f57d6574d8e (<unknown module>)
#18 0x7f57d6574d8e (<unknown module>)
#19 0x7f57d6574c35 (<unknown module>)
#20 0x7f57d6574d8e (<unknown module>)
#21 0x7f57d6574d8e (<unknown module>)
#22 0x7f57d6574d8e (<unknown module>)
#23 0x7f57d6574d8e (<unknown module>)
#24 0x7f57d65751ea (<unknown module>)
#25 0x7f57d655acc5 (<unknown module>)
#26 0x7f57dcff644d in JavaCalls::call_helper(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*) (/home/test/build-release/support/interim-image/lib/server/+0x1df744d)
#27 0x7f57dcffb81c in JavaCalls::call_static(JavaValue*, Klass*, Symbol*, Symbol*, Handle, JavaThread*) (/home/test/build-release/support/interim-image/lib/server/+0x1dfc81c)
#28 0x7f57dd8f490b in LambdaFormInvokers::regenerate_holder_classes(JavaThread*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x26f590b)
#29 0x7f57ddd932d4 in MetaspaceShared::link_shared_classes(bool, JavaThread*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2b942d4)
Thread T7 (VM Thread) created by T1 here:
#0 0x7f57e2603a65 in __interceptor_pthread_create ../../../../src/libsanitizer/asan/asan_interceptors.cpp:216
#1 0x7f57ddf80afa in os::create_thread(Thread*, os::ThreadType, unsigned long) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2d81afa)
#2 0x7f57de8ad826 in Threads::create_vm(JavaVMInitArgs*, bool*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x36ae826)
#3 0x7f57dd30dbb4 in JNI_CreateJavaVM (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x210ebb4)
#4 0x7f57e256d653 in JavaMain (/home/test/build-release/support/interim-image/bin/../lib/libjli.so+0xd653)
#5 0x7f57e257609c in ThreadJavaMain (/home/test/build-release/support/interim-image/bin/../lib/libjli.so+0x1609c)
#6 0x7f57e2545608 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x8608)
Thread T1 created by T0 here:
#0 0x7f57e2603a65 in __interceptor_pthread_create ../../../../src/libsanitizer/asan/asan_interceptors.cpp:216
#1 0x7f57e2577ad5 in CallJavaMainInNewThread (/home/test/build-release/support/interim-image/bin/../lib/libjli.so+0x17ad5)
#2 0x7f57e2572b51 in ContinueInNewThread (/home/test/build-release/support/interim-image/bin/../lib/libjli.so+0x12b51)
#3 0x7f57e2574ebc in JLI_Launch (/home/test/build-release/support/interim-image/bin/../lib/libjli.so+0x14ebc)
#4 0x559b61986426 in main (/home/test/build-release/support/interim-image/bin/java+0x1426)
#5 0x7f57e2367082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082)
SUMMARY: AddressSanitizer: heap-use-after-free (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x35bdcfe) in tionaryShared::remove_saved_cpcache_entries_locked(ConstantPoolCache*)
Shadow bytes around the buggy address:
0x0c068000d550: 00 00 fa fa 00 00 00 01 fa fa 00 00 00 00 fa fa
0x0c068000d560: fd fd fd fa fa fa 00 00 00 06 fa fa 00 00 00 00
0x0c068000d570: fa fa 00 00 00 01 fa fa 00 00 00 00 fa fa fd fd
0x0c068000d580: fd fa fa fa 00 00 00 06 fa fa 00 00 00 00 fa fa
0x0c068000d590: 00 00 00 01 fa fa 00 00 00 00 fa fa fd fd fd fa
=>0x0c068000d5a0: fa fa 00 00 00 06 fa fa fd fd[fd]fd fa fa 00 00
0x0c068000d5b0: 00 01 fa fa 00 00 00 00 fa fa fd fd fd fa fa fa
0x0c068000d5c0: 00 00 00 06 fa fa 00 00 00 00 fa fa 00 00 00 01
0x0c068000d5d0: fa fa 00 00 00 00 fa fa fd fd fd fa fa fa 00 00
0x0c068000d5e0: 00 06 fa fa 00 00 00 00 fa fa 00 00 00 01 fa fa
0x0c068000d5f0: 00 00 00 00 fa fa fd fd fd fa fa fa 00 00 00 06
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==67175==ABORTING
make[3]: *** [GenerateLinkOptData.gmk:70: /home/test/build-release/support/link_opt/classlist] Error 1
make[2]: *** [make/Main.gmk:594: generate-link-opt-data] Error 2
ERROR: Build failed for target 'images' in configuration '/home/test/build-release' (exit code 2)
Stopping sjavac server
No indication of failed target found.
HELP: Try searching the build log for '] Error'.
HELP: Run 'make doctor' to diagnose build problems.
Here shows the configuration info and the output of AddressSanitizer.
====================================================
A new configuration has been successfully created in
/home/test/build-release
using configure arguments '--with-boot-jdk=/home/jdk/boot-jdk/x86_64/jdk18 --disable-precompiled-headers --with-debug-level=release --with-version-opt=git-e44e3f0c1 --enable-asan --with-gtest=/home/jdk/tools/googletest'.
Configuration summary:
* Name: /home/test/build-release
* Debug level: release
* HS debug level: product
* JVM variants: server
* JVM features: server: 'cds compiler1 compiler2 dtrace epsilongc g1gc jfr jni-check jvmci jvmti management parallelgc serialgc services shenandoahgc vm-structs zgc'
* OpenJDK target: OS: linux, CPU architecture: x86, address length: 64
* Version string: 20-internal-git-e44e3f0c1 (20-internal)
* Source date: 1660683919 (2022-08-16T21:05:19Z)
Tools summary:
* Boot JDK: openjdk version "18-internal" 2022-03-22 OpenJDK Runtime Environment (build 18-internal+0-git-0f2113cee) OpenJDK 64-Bit Server VM (build 18-internal+0-git-0f2113cee, mixed mode, (at /home/jdk/boot-jdk/x86_64/jdk18)
* Toolchain: gcc (GNU Compiler Collection)
* C Compiler: Version 10.3.0 (at /usr/bin/gcc)
* C++ Compiler: Version 10.3.0 (at /usr/bin/g++)
Build performance summary:
* Build jobs: 64
* Memory limit: 128408 MB
=================================================================
==67175==ERROR: AddressSanitizer: heap-use-after-free on address 0x6030000aad50 at pc 0x7f57de7bccff bp 0x7f56cb71d040 sp 0x7f56cb71d030
READ of size 8 at 0x6030000aad50 thread T7 (VM Thread)
#0 0x7f57de7bccfe in SystemDictionaryShared::remove_saved_cpcache_entries_locked(ConstantPoolCache*) (/home/test/build-release/support/interim-image/lib/server/+0x35bdcfe)
#1 0x7f57de7bcfb5 in SystemDictionaryShared::remove_dumptime_info(InstanceKlass*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x35bdfb5)
#2 0x7f57de7bd45f in SystemDictionaryShared::handle_class_unloading(InstanceKlass*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x35be45f)
#3 0x7f57dcf3e805 in InstanceKlass::unload_class(InstanceKlass*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x1d3f805)
#4 0x7f57dc3c9367 in ClassLoaderData::unload() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x11ca367)
#5 0x7f57dc3d573f in ClassLoaderDataGraph::do_unloading() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x11d673f)
#6 0x7f57de78ee81 in SystemDictionary::do_unloading(GCTimer*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x358fe81)
#7 0x7f57dcaf63da in G1FullCollector::phase1_mark_live_objects() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x18f73da)
#8 0x7f57dcaf673d in G1FullCollector::collect() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x18f773d)
#9 0x7f57dca37bf2 in G1CollectedHeap::do_full_collection(bool, bool, bool) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x1838bf2)
#10 0x7f57dc4640b4 in CollectedHeap::collect_as_vm_thread(GCCause::Cause) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x12650b4)
#11 0x7f57dcec80dd in HeapShared::run_full_gc_in_vm_thread() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x1cc90dd)
#12 0x7f57ddd9b103 in VM_PopulateDumpSharedSpace::doit() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2b9c103)
#13 0x7f57dea6006d in VM_Operation::evaluate() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x386106d)
#14 0x7f57dea69eed in VMThread::evaluate_operation(VM_Operation*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x386aeed)
#15 0x7f57dea6cc4a in VMThread::inner_execute(VM_Operation*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x386dc4a)
#16 0x7f57dea6d306 in VMThread::run() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x386e306)
#17 0x7f57de87c412 in Thread::call_run() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x367d412)
#18 0x7f57ddf7f1b5 in thread_native_entry(Thread*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2d801b5)
#19 0x7f57e2545608 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x8608)
#20 0x7f57e2462132 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x11f132)
0x6030000aad50 is located 16 bytes inside of 32-byte region [0x6030000aad40,0x6030000aad60)
freed by thread T7 (VM Thread) here:
#0 0x7f57e265c1c7 in __interceptor_free ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:123
#1 0x7f57de7bcc67 in SystemDictionaryShared::remove_saved_cpcache_entries_locked(ConstantPoolCache*) (/home/test/build-release/support/interim-image/lib/server/+0x35bdc67)
#2 0x7f57de7bcfb5 in SystemDictionaryShared::remove_dumptime_info(InstanceKlass*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x35bdfb5)
#3 0x7f57de7bd45f in SystemDictionaryShared::handle_class_unloading(InstanceKlass*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x35be45f)
#4 0x7f57dcf3e805 in InstanceKlass::unload_class(InstanceKlass*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x1d3f805)
#5 0x7f57dc3c9367 in ClassLoaderData::unload() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x11ca367)
#6 0x7f57dc3d573f in ClassLoaderDataGraph::do_unloading() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x11d673f)
#7 0x7f57de78ee81 in SystemDictionary::do_unloading(GCTimer*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x358fe81)
#8 0x7f57dcaf63da in G1FullCollector::phase1_mark_live_objects() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x18f73da)
#9 0x7f57dcaf673d in G1FullCollector::collect() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x18f773d)
#10 0x7f57dca37bf2 in G1CollectedHeap::do_full_collection(bool, bool, bool) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x1838bf2)
#11 0x7f57dc4640b4 in CollectedHeap::collect_as_vm_thread(GCCause::Cause) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x12650b4)
#12 0x7f57dcec80dd in HeapShared::run_full_gc_in_vm_thread() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x1cc90dd)
#13 0x7f57ddd9b103 in VM_PopulateDumpSharedSpace::doit() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2b9c103)
#14 0x7f57dea6006d in VM_Operation::evaluate() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x386106d)
#15 0x7f57dea69eed in VMThread::evaluate_operation(VM_Operation*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x386aeed)
#16 0x7f57dea6cc4a in VMThread::inner_execute(VM_Operation*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x386dc4a)
#17 0x7f57dea6d306 in VMThread::run() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x386e306)
#18 0x7f57de87c412 in Thread::call_run() (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x367d412)
#19 0x7f57ddf7f1b5 in thread_native_entry(Thread*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2d801b5)
#20 0x7f57e2545608 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x8608)
previously allocated by thread T1 here:
#0 0x7f57e265c527 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
#1 0x7f57ddf661fa in os::malloc(unsigned long, MEMFLAGS, NativeCallStack const&) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2d671fa)
#2 0x7f57dbc0ec3c in ResourceObj::operator new(unsigned long, ResourceObj::allocation_type, MEMFLAGS) (/home/test/build-release/support/interim-image/lib/server/+0xa0fc3c)
#3 0x7f57de7bc889 in SystemDictionaryShared::set_saved_cpcache_entries(ConstantPoolCache*, ConstantPoolCacheEntry*) (/home/test/build-release/support/interim-image/lib/server/+0x35bd889)
#4 0x7f57de1c3067 in Rewriter::make_constant_pool_cache(JavaThread*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2fc4067)
#5 0x7f57de1caab2 in Rewriter::Rewriter(InstanceKlass*, constantPoolHandle const&, Array<Method*>*, JavaThread*) (/home/test/build-release/support/interim-image/lib/server/+0x2fcbab2)
#6 0x7f57de1cb733 in Rewriter::rewrite(InstanceKlass*, JavaThread*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2fcc733)
#7 0x7f57dcf44d2e in InstanceKlass::link_class_impl(JavaThread*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x1d45d2e)
#8 0x7f57dcf452df in InstanceKlass::link_class(JavaThread*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x1d462df)
#9 0x7f57de79ce49 in SystemDictionary::resolve_hidden_class_from_stream(ClassFileStream*, Symbol*, Handle, ClassLoadInfo const&, JavaThread*) (/home/test/build-release/support/mage/lib/server/libjvm.so+0x359de49)
#10 0x7f57dd3f8c86 in jvm_lookup_define_class(_jclass*, char const*, signed char const*, int, _jobject*, unsigned char, int, _jobject*, JavaThread*) (/home/test/build-release/nterim-image/lib/server/libjvm.so+0x21f9c86)
#11 0x7f57dd3f9d0d in JVM_LookupDefineClass (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x21fad0d)
#12 0x7f57d9576932 in Java_java_lang_ClassLoader_defineClass0 (/home/test/build-release/support/interim-image/lib/libjava.so+0x1c932)
#13 0x7f57d6578e10 (<unknown module>)
#14 0x7f57d6574d8e (<unknown module>)
#15 0x7f57d65751ea (<unknown module>)
#16 0x7f57d6574d8e (<unknown module>)
#17 0x7f57d6574d8e (<unknown module>)
#18 0x7f57d6574d8e (<unknown module>)
#19 0x7f57d6574c35 (<unknown module>)
#20 0x7f57d6574d8e (<unknown module>)
#21 0x7f57d6574d8e (<unknown module>)
#22 0x7f57d6574d8e (<unknown module>)
#23 0x7f57d6574d8e (<unknown module>)
#24 0x7f57d65751ea (<unknown module>)
#25 0x7f57d655acc5 (<unknown module>)
#26 0x7f57dcff644d in JavaCalls::call_helper(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*) (/home/test/build-release/support/interim-image/lib/server/+0x1df744d)
#27 0x7f57dcffb81c in JavaCalls::call_static(JavaValue*, Klass*, Symbol*, Symbol*, Handle, JavaThread*) (/home/test/build-release/support/interim-image/lib/server/+0x1dfc81c)
#28 0x7f57dd8f490b in LambdaFormInvokers::regenerate_holder_classes(JavaThread*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x26f590b)
#29 0x7f57ddd932d4 in MetaspaceShared::link_shared_classes(bool, JavaThread*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2b942d4)
Thread T7 (VM Thread) created by T1 here:
#0 0x7f57e2603a65 in __interceptor_pthread_create ../../../../src/libsanitizer/asan/asan_interceptors.cpp:216
#1 0x7f57ddf80afa in os::create_thread(Thread*, os::ThreadType, unsigned long) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x2d81afa)
#2 0x7f57de8ad826 in Threads::create_vm(JavaVMInitArgs*, bool*) (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x36ae826)
#3 0x7f57dd30dbb4 in JNI_CreateJavaVM (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x210ebb4)
#4 0x7f57e256d653 in JavaMain (/home/test/build-release/support/interim-image/bin/../lib/libjli.so+0xd653)
#5 0x7f57e257609c in ThreadJavaMain (/home/test/build-release/support/interim-image/bin/../lib/libjli.so+0x1609c)
#6 0x7f57e2545608 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x8608)
Thread T1 created by T0 here:
#0 0x7f57e2603a65 in __interceptor_pthread_create ../../../../src/libsanitizer/asan/asan_interceptors.cpp:216
#1 0x7f57e2577ad5 in CallJavaMainInNewThread (/home/test/build-release/support/interim-image/bin/../lib/libjli.so+0x17ad5)
#2 0x7f57e2572b51 in ContinueInNewThread (/home/test/build-release/support/interim-image/bin/../lib/libjli.so+0x12b51)
#3 0x7f57e2574ebc in JLI_Launch (/home/test/build-release/support/interim-image/bin/../lib/libjli.so+0x14ebc)
#4 0x559b61986426 in main (/home/test/build-release/support/interim-image/bin/java+0x1426)
#5 0x7f57e2367082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082)
SUMMARY: AddressSanitizer: heap-use-after-free (/home/test/build-release/support/interim-image/lib/server/libjvm.so+0x35bdcfe) in tionaryShared::remove_saved_cpcache_entries_locked(ConstantPoolCache*)
Shadow bytes around the buggy address:
0x0c068000d550: 00 00 fa fa 00 00 00 01 fa fa 00 00 00 00 fa fa
0x0c068000d560: fd fd fd fa fa fa 00 00 00 06 fa fa 00 00 00 00
0x0c068000d570: fa fa 00 00 00 01 fa fa 00 00 00 00 fa fa fd fd
0x0c068000d580: fd fa fa fa 00 00 00 06 fa fa 00 00 00 00 fa fa
0x0c068000d590: 00 00 00 01 fa fa 00 00 00 00 fa fa fd fd fd fa
=>0x0c068000d5a0: fa fa 00 00 00 06 fa fa fd fd[fd]fd fa fa 00 00
0x0c068000d5b0: 00 01 fa fa 00 00 00 00 fa fa fd fd fd fa fa fa
0x0c068000d5c0: 00 00 00 06 fa fa 00 00 00 00 fa fa 00 00 00 01
0x0c068000d5d0: fa fa 00 00 00 00 fa fa fd fd fd fa fa fa 00 00
0x0c068000d5e0: 00 06 fa fa 00 00 00 00 fa fa 00 00 00 01 fa fa
0x0c068000d5f0: 00 00 00 00 fa fa fd fd fd fa fa fa 00 00 00 06
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==67175==ABORTING
make[3]: *** [GenerateLinkOptData.gmk:70: /home/test/build-release/support/link_opt/classlist] Error 1
make[2]: *** [make/Main.gmk:594: generate-link-opt-data] Error 2
ERROR: Build failed for target 'images' in configuration '/home/test/build-release' (exit code 2)
Stopping sjavac server
No indication of failed target found.
HELP: Try searching the build log for '] Error'.
HELP: Run 'make doctor' to diagnose build problems.
- duplicates
-
JDK-8292318 Memory corruption in remove_dumptime_info
-
- Resolved
-
- relates to
-
JDK-8290833 Remove ConstantPoolCache::walk_entries_for_initialization()
-
- Resolved
-