RFR: 8325153: SEGV in stackChunkOopDesc::derelativize_address(int)
Fredrik Bredberg
fbredberg at openjdk.org
Wed Feb 21 12:16:05 UTC 2024
The JVM used to SEGV when running jdk/internal/vm/Continuation/Fuzz.java with '-Xlog:all=trace:file=hotspot.%p.log'
The problem was this line in StackWalk::fetchNextBatch() at src/hotspot/share/prims/stackwalk.cpp:547:
log_debug(stackwalk)("advanced past %s", stream.method()->external_name());
It is not always safe to dig out the name of the last frame here. The second batch is resource allocated on top of the first batch, so there is no crash when we dig out the last name from the first batch. However the third batch, is resource allocated on the same stack level as the second, which means that the second batch has been reclaimed. Thus trying to reach into the second batch when processing the third will cause a segmentation violation.
Now passes:
jdk/internal/vm/Continuation/Fuzz.java with '-Xlog:all=trace:file=hotspot.%p.log'
As well as tier1-tier5
-------------
Commit messages:
- 8325153_segv_in_derelativize_address
Changes: https://git.openjdk.org/jdk/pull/17942/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=17942&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8325153
Stats: 6 lines in 1 file changed: 4 ins; 0 del; 2 mod
Patch: https://git.openjdk.org/jdk/pull/17942.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/17942/head:pull/17942
PR: https://git.openjdk.org/jdk/pull/17942
More information about the hotspot-dev
mailing list