RFR: 8364655: Loading class with nested annotations causes stack overflow in VM [v2]
Johan Sjölen
jsjolen at openjdk.org
Thu Jan 8 18:10:19 UTC 2026
> Hi,
>
> `skip_annotation` and `skip_annotation_value` are two mutually recursive functions calling each other in order to skip over classfile annotations. If a classfile contains a highly nested annotation, then this will lead to a stack overflow and a subsequent crash of the JVM. I propose that we insert a recursion limit to prevent this from happening.
>
> This recursion limit will make the annotation parsing to bail out on the JVM side, skipping the rest of the annotations present. This is fine! The reason that the JVM parses these annotations is to gain access to a select few JDK-internal annotations, and we trust our own code to construct classfiles without egregious nesting. All classfile annotations are also parsed by Java-code, so we're not skipping general annotation parsing.
>
> A regression test has been added.
>
> Thanks!
Johan Sjölen has updated the pull request incrementally with one additional commit since the last revision:
Fix character
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/28674/files
- new: https://git.openjdk.org/jdk/pull/28674/files/c72c87d0..5cceb010
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=28674&range=01
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=28674&range=00-01
Stats: 1 line in 1 file changed: 0 ins; 0 del; 1 mod
Patch: https://git.openjdk.org/jdk/pull/28674.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/28674/head:pull/28674
PR: https://git.openjdk.org/jdk/pull/28674
More information about the hotspot-runtime-dev
mailing list