-
Type:
Bug
-
Resolution: Unresolved
-
Priority:
P4
-
Affects Version/s: None
-
Component/s: hotspot
https://github.com/openjdk/jdk/blob/89e77512fd44b6a0299ab36db15142e7544899f3/src/hotspot/share/prims/jvm.cpp#L1214-L1242
class ScopedValueBindingsResolver {
public:
InstanceKlass* Carrier_klass;
ScopedValueBindingsResolver(JavaThread* THREAD) {
Klass *k = SystemDictionary::resolve_or_fail(vmSymbols::java_lang_ScopedValue_Carrier(), true, THREAD);
Carrier_klass = InstanceKlass::cast(k);
}
};
This could fail with an out-of-memory error, etc, and Carrier_klass will end up being null, causing unexpected results with the code that uses it:
JVM_ENTRY(jobject, JVM_FindScopedValueBindings(JNIEnv *env, jclass cls))
[...]
static ScopedValueBindingsResolver resolver(THREAD);
[...]
if (holder == vmClasses::Thread_klass()
|| holder == resolver.Carrier_klass) {
================
Suggested fix:
- Remove ScopedValueBindingsResolver
- Move the ScopedValue$Carrier class into vmClasses so it's resolved during VM boostrap.
class ScopedValueBindingsResolver {
public:
InstanceKlass* Carrier_klass;
ScopedValueBindingsResolver(JavaThread* THREAD) {
Klass *k = SystemDictionary::resolve_or_fail(vmSymbols::java_lang_ScopedValue_Carrier(), true, THREAD);
Carrier_klass = InstanceKlass::cast(k);
}
};
This could fail with an out-of-memory error, etc, and Carrier_klass will end up being null, causing unexpected results with the code that uses it:
JVM_ENTRY(jobject, JVM_FindScopedValueBindings(JNIEnv *env, jclass cls))
[...]
static ScopedValueBindingsResolver resolver(THREAD);
[...]
if (holder == vmClasses::Thread_klass()
|| holder == resolver.Carrier_klass) {
================
Suggested fix:
- Remove ScopedValueBindingsResolver
- Move the ScopedValue$Carrier class into vmClasses so it's resolved during VM boostrap.
- links to
-
Review(master)
openjdk/jdk/28849