RFR: 8365526: Crash with null Symbol passed to SystemDictionary::resolve_or_null [v6]

Coleen Phillimore coleenp at openjdk.org
Wed Nov 26 23:28:10 UTC 2025 

> The vm was crashing because the constant pool couldn't find the resolution error in the ResolutionErrorEntry error field.
> 
> There are two uses of ResolutionErrorEntry in the ResolutionErrorTable.  The key to this table is {ConstantPool, cp-index}.   In this crash, multiple threads were racing to record nest_host_errors in the case where resolution failed.  In this case, there was already a ResolutionErrorEntry in the table for the constant pool resolution failure.  In the 'if' case of add_nest_host_error we check to see if there's already a nest_host_error assuming it's the same error, then the 'else' case was unconditionally adding a ResolutionErrorEntry with just the nest host message.  Calling HashTable::put() with this entry with just the nest host message, was overwriting the entry with the constant pool resolution error, ie. the other fields.  The crash happened in ConstantPool::throw_resolution_error() because the error field was overwritten (and leaked too).
> 
> Add a null check before calling ResolutionErrorEntry add entry.  Also added an assert that we only add a resolution error for nest host errors in the case of success since in the case of failure there will always already be a ResolutionErrorEntry for the failing constant pool and cp index and we don't want to overwrite that again.
> 
> Tested with submitted reproducer and tier1-4.

Coleen Phillimore has updated the pull request incrementally with one additional commit since the last revision:

  Update src/hotspot/share/classfile/systemDictionary.cpp
  
  Co-authored-by: David Holmes <62092539+dholmes-ora at users.noreply.github.com>

-------------

Changes:
  - all: https://git.openjdk.org/jdk/pull/28438/files
  - new: https://git.openjdk.org/jdk/pull/28438/files/a0c53929..a9f4e7f0

Webrevs:
 - full: https://webrevs.openjdk.org/?repo=jdk&pr=28438&range=05
 - incr: https://webrevs.openjdk.org/?repo=jdk&pr=28438&range=04-05

  Stats: 3 lines in 1 file changed: 1 ins; 0 del; 2 mod
  Patch: https://git.openjdk.org/jdk/pull/28438.diff
  Fetch: git fetch https://git.openjdk.org/jdk.git pull/28438/head:pull/28438

PR: https://git.openjdk.org/jdk/pull/28438

More information about the hotspot-runtime-dev mailing list