RFR: 8366154: Validate thread type requirements in debug commands [v2]
Volker Simonis
simonis at openjdk.org
Tue Sep 9 15:36:21 UTC 2025
On Tue, 2 Sep 2025 10:08:58 GMT, Kerem Kat <krk at openjdk.org> wrote:
>> Prevents segmentation faults during `gdb` sessions. The crashes were caused by the `ResourceMark` constructor being called on a native thread, which is not supported. This happened when invoking debug commands that require a `Thread` or `JavaThread` context from an incorrect thread type.
>>
>> ### Solution
>>
>> This change introduces `onThread()` and `onJavaThread()` helper methods to the `Command` class. These methods validate the thread context and ensure `ResourceMark` is only created when on a valid VM thread. All thread-dependent debug commands now use these guards to validate the context, printing a clear error and exiting gracefully upon failure.
>>
>> ### Testing
>>
>> Manually verified using `gdb` by calling the modified commands (`ps`, `universe`, `pns`, etc.) from different thread contexts (native, Java, and non-java threads) to ensure they fail gracefully with an error message instead of crashing the debug session.
>
> Kerem Kat has updated the pull request incrementally with two additional commits since the last revision:
>
> - add include for global placement new
> - remove onJavaThread and check JavaThread::active null where needed
Thanks for this change, I like it!
src/hotspot/share/utilities/debug.cpp line 305:
> 303: // ResourceMark is only created if a Thread or a JavaThread is required,
> 304: // and we are actually on a Thread.
> 305: union { ResourceMark _rm; };
The semantics of `union { ResourceMark _rm; }` was not familiar to me and it took me some time to find it in the specification. Maybe make this more obvious by refining the comment to something like:
// Union members of class type are implicitly allocated but not constructed automatically.
// We therefor have to explicitly construct '_rm' with a placement new call (see 'onThread()') and
// clean it up afterwards with an explicit destructor call (see '~Command()').
-------------
PR Review: https://git.openjdk.org/jdk/pull/27033#pullrequestreview-3202179268
PR Review Comment: https://git.openjdk.org/jdk/pull/27033#discussion_r2334025808
More information about the hotspot-dev
mailing list