RFR: 8330027: Identity hashes of archived objects must be based on a reproducible random seed [v3]
Thomas Stuefe
stuefe at openjdk.org
Mon Apr 22 05:27:28 UTC 2024
On Mon, 22 Apr 2024 00:23:18 GMT, Ioi Lam <iklam at openjdk.org> wrote:
> > I get that the chance for this happening is remote, but hunting sources of entropy is frustrating work, and the patch is really very simple. So, why not fix it? I don't share the opinion that this is added complexity.
>
> Why not do it inside `Thread::Thread()`
>
> ```
> // thread-specific hashCode stream generator state - Marsaglia shift-xor form
> if (CDSConfig::is_dumping_static_archive()) {
> _hashStateX = 0;
> } else {
> _hashStateX = os::random();
> }
> ```
Because then it would inject `os::random` into the startup of every thread, not just of every thread that generates iHashes. So it would also fire for GC threads and other thread started before "our" threads. That would make our random sequence vulnerable against order and number of threads started.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/18735#issuecomment-2068515287
More information about the hotspot-runtime-dev
mailing list