RFR: 8377512: AOT cache creation fails with invalid native pointer [v2]

Ioi Lam iklam at openjdk.org
Thu Feb 26 00:56:28 UTC 2026 

> Since JDK 25, we have two bugs that cause a pointer to an excluded class to be referenced by a cached heap object.
> 
> [1] Method references to excluded classes: 
> 
> 
> interface A {
>     Object get();
> }
> ...
> A a = ShouldBeExcluded::new; // line 1
> 
> 
> [2] Invocation of a `MethodHandle` whose `MethodType` includes an excluded class:
> 
> 
> MethodHandle constructorHandle =
>     MethodHandles.lookup().unreflectConstructor(ShouldBeExcluded.class.getConstructor());
> // The JVM rewrites the following invoke() from
> // invokevirtual <java/lang/invoke/MethodHandle.invoke()LShouldBeExcluded;>
> // to
> // invokehandle <java/lang/invoke/MethodHandle.invoke()LShouldBeExcluded;>
> ShouldBeExcluded o = (ShouldBeExcluded)constructorHandle.invoke(); // line 2
> 
> 
> In the above examples, during the training run, the AOT configuration file records the fact that the constant pool entries used by line 1 and line 2 have been resolved. Normally, these references are resolved by AOTConstantPoolResolver during the assembly phase (to improve start-up time).
> 
> However, resolving these 2 entries would cause an invalid `MethodType` that references the `ShouldBeExcluded` class to be add into `MethodType::internTable`. Once this happens, it's very difficult for to recover from.
> 
> Therefore, this PR tries to avoid adding such invalid `MethodType` by avoiding the resolution of such constant pool entries.
> 
> Thanks to folks at Azul from coming up with the reproducer.

Ioi Lam has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains seven additional commits since the last revision:

 - Cannot call is_class_resolution_deterministic() outside of safepoint (to be fixed in JDK-8378726)
 - Merge branch 'master' into 8377512-aot-cache-creation-fails-with-invalid-native-ptrs
 - Removed unused code
 - dummy commit
 - Added test case from Anton Kozlov
 - Handle SignedJarExclusionReproducer.zip test case by Anton Kozlov
 - tmp

-------------

Changes:
  - all: https://git.openjdk.org/jdk/pull/29825/files
  - new: https://git.openjdk.org/jdk/pull/29825/files/d618f754..3f12ba5e

Webrevs:
 - full: https://webrevs.openjdk.org/?repo=jdk&pr=29825&range=01
 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=29825&range=00-01

  Stats: 96151 lines in 714 files changed: 40557 ins; 37896 del; 17698 mod
  Patch: https://git.openjdk.org/jdk/pull/29825.diff
  Fetch: git fetch https://git.openjdk.org/jdk.git pull/29825/head:pull/29825

PR: https://git.openjdk.org/jdk/pull/29825

More information about the hotspot-dev mailing list