RFR: 8170812: Metaspace corruption caused by incorrect memory size for MethodCounters
Ioi Lam
ioi.lam at oracle.com
Thu Apr 6 12:50:09 UTC 2017
On 4/6/17 8:33 PM, coleen.phillimore at oracle.com wrote:
>
> I'm confused. Metaspace is allocated in granularity of 3 pointer
> sized words.
>
But sizeof(MethodCounters) is pretty big (72 bytes on linux/x86/debug).
If it becomes, say 76 bytes, due to some build config options,
sizeof(MethodCounters) / wordSize
will cause the last 4 bytes to be chopped.
- Ioi
> Coleen
>
> On 4/5/17 11:13 AM, Andrew Haley wrote:
>> If sizeof (MethodCounters) is not a multiple of wordSize, memory
>> allocator metadata is corrupted, causing the VM to become unstable and
>> eventually crash.
>>
>> The fix is very simple:
>>
>> diff -r 85b6ca9458ed src/share/vm/oops/methodCounters.hpp
>> --- a/src/share/vm/oops/methodCounters.hpp Wed Mar 29 15:44:34
>> 2017 +0000
>> +++ b/src/share/vm/oops/methodCounters.hpp Wed Apr 05 15:42:18
>> 2017 +0100
>> @@ -116,7 +116,7 @@
>>
>> AOT_ONLY(Method* method() const { return _method; })
>>
>> - static int size() { return sizeof(MethodCounters) / wordSize; }
>> + static int size() { return align_size_up(sizeof(MethodCounters),
>> wordSize) / wordSize; }
>>
>> bool is_klass() const { return false; }
>>
>> This is very low risk because if the size is already a multiple of
>> wordSize, this patch will have no effect. If the size is not a
>> multiple of wordSize, this patch will prevent an inevitable crash.
>>
>> I've applied for a JDK9 fix request. I'll need a sponsor.
>>
>> Andrew.
>
More information about the hotspot-dev
mailing list