RFR: 8278602: CDS dynamic dump may access unloaded classes [v5]

Ioi Lam iklam at openjdk.java.net
Tue Jan 4 04:51:41 UTC 2022 

> Cause of crash:
> 
> When dumping a CDS archive,  while iterating over entries of the `SystemDictionaryShared::_dumptime_table`, we do not check whether the classes are already unloaded. In the crash, we are trying to call `InstanceKlass::signer()` but the class has already been unloaded.
> 
> Fix:
> 
> Override the  template function `DumpTimeSharedClassTable::iterate` to ensure iteration safety.  Do not iterate over a class if its `class_loader_data` is no longer alive.
> 
> The assert in `DumpTimeSharedClassTable::IterationHelper` found another existing bug -- we were calling `SystemDictionaryShared::is_dumptime_table_empty()` without holding the `DumpTimeTable_lock`. I delayed the call until we have grabbed the lock.
> 
> Testing:
> 
> I have attached a test case into the bug report. Without the fix, it would reproduce the same crash in less than a minute. With the fix, the crash is no longer reproducible.
> 
> Unfortunately, the test case requires a ZGC patch (thanks to @stefank) that adds delays to  increase the likelihood of seeing unloaded classes inside the `_dumptime_table`. Therefore, I cannot integrate the test as a jtreg test. I'll mark the bug as **noreg-hard**

Ioi Lam has updated the pull request with a new target base due to a merge or a rebase. The pull request now contains 11 commits:

 - Merge branch 'master' into 8278602-cds-zgc-class-unload-bug
 - @calvinccheung comments -- removed unused code
 - Merge branch 'master' into 8278602-cds-zgc-class-unload-bug
 - added test case
 - @coleenp and @stefank review comments
 - cleaned up code
 - add #if INCLUDE_CDS
 - Merge branch 'master' into 8278602-cds-zgc-class-unload-bug
 - using k->is_loader_alive() is enough
 - Added DumpTimeSharedClassTable::iterate() to make sure every iteration goes through EligibleClassIterationHelper
 - ... and 1 more: https://git.openjdk.java.net/jdk/compare/2a59ebbb...41e0b8ed

-------------

Changes: https://git.openjdk.java.net/jdk/pull/6859/files
 Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=6859&range=04
  Stats: 269 lines in 8 files changed: 261 ins; 4 del; 4 mod
  Patch: https://git.openjdk.java.net/jdk/pull/6859.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/6859/head:pull/6859

PR: https://git.openjdk.java.net/jdk/pull/6859

More information about the hotspot-dev mailing list