RFR: 8170812: Metaspace corruption caused by incorrect memory size for MethodCounters
coleen.phillimore at oracle.com
coleen.phillimore at oracle.com
Thu Apr 6 12:56:18 UTC 2017
On 4/6/17 8:50 AM, Ioi Lam wrote:
> On 4/6/17 8:33 PM, coleen.phillimore at oracle.com wrote:
>>
>> I'm confused. Metaspace is allocated in granularity of 3 pointer
>> sized words.
>>
> But sizeof(MethodCounters) is pretty big (72 bytes on
> linux/x86/debug). If it becomes, say 76 bytes, due to some build
> config options,
>
> sizeof(MethodCounters) / wordSize
>
> will cause the last 4 bytes to be chopped.
I see. It isn't that it's too small. I think all of the allocation
functions might have this, except the last thing in these classes is
typically a pointer so they aren't unaligned.
I will sponsor this, Andrew. Can you check the other ones?
Thanks!
Coleen
>
> - Ioi
>> Coleen
>>
>> On 4/5/17 11:13 AM, Andrew Haley wrote:
>>> If sizeof (MethodCounters) is not a multiple of wordSize, memory
>>> allocator metadata is corrupted, causing the VM to become unstable and
>>> eventually crash.
>>>
>>> The fix is very simple:
>>>
>>> diff -r 85b6ca9458ed src/share/vm/oops/methodCounters.hpp
>>> --- a/src/share/vm/oops/methodCounters.hpp Wed Mar 29 15:44:34
>>> 2017 +0000
>>> +++ b/src/share/vm/oops/methodCounters.hpp Wed Apr 05 15:42:18
>>> 2017 +0100
>>> @@ -116,7 +116,7 @@
>>>
>>> AOT_ONLY(Method* method() const { return _method; })
>>>
>>> - static int size() { return sizeof(MethodCounters) / wordSize; }
>>> + static int size() { return align_size_up(sizeof(MethodCounters),
>>> wordSize) / wordSize; }
>>>
>>> bool is_klass() const { return false; }
>>>
>>> This is very low risk because if the size is already a multiple of
>>> wordSize, this patch will have no effect. If the size is not a
>>> multiple of wordSize, this patch will prevent an inevitable crash.
>>>
>>> I've applied for a JDK9 fix request. I'll need a sponsor.
>>>
>>> Andrew.
>>
>
More information about the hotspot-dev
mailing list