Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8303027

[Lilliput/JDK17] Correctly resolve forwarded objects in G1 heap iteration

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • P2
    • repo-lilliput
    • repo-lilliput
    • hotspot
    • gc
    • generic
    • generic

    Description

      A user provided a (pretty simple) test case that makes the VM crash with Lilliput, when it should exit (somewhat more) gracefully with an OOME. The reason for the crash is that in G1, object_iterate() (or rather, the block_size() method that it calls) does not correctly resolve possibly forwarded objects, and then crashes because it accesses the Klass*, which is overridden by the forwarding pointer.

      The trouble is that, we don't need (or even can't) resolve forwarded objects during full-GC, because there we are using sliding-forwarding which is designed precisely to preserve the object's Klass* while being forwarded. Outside of full-GC we don't need to preserve the Klass* because the Klass* is preserved in the forwarded copy.

      This bug only exists in Lilliput/JDK17, the code path that leads to object_iterate() (restoring self-forwarded objects at evac failure) doesn't exist anymore in later versions - it uses a better way to iterate over the relevant self-forwarded objects.

      Attachments

        Issue Links

          Activity

            People

              rkennke Roman Kennke
              rkennke Roman Kennke
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: