[External] : Re: Disallowing the dynamic loading of agents by default

Ron Pressler ron.pressler at oracle.com
Fri Mar 17 14:29:56 UTC 2023



> On 17 Mar 2023, at 14:11, Thomas Stüfe <thomas.stuefe at gmail.com> wrote:
> 
> Thank you for the clarification.
> 
> Oddly enough, -XX:-EnableDynamicAgentLoading seems to be broken. Tried head (fastdebug, release) and JDK17, even with this switch my sample library loads just fine:
> 
> ```
> thomas at starfish$ ./images/jdk/bin/java -XX:-EnableDynamicAgentLoading -XX:+PrintFlagsFinal  -cp $REPROS_JAR de.stuefe.repros.Simple                                                                                               
> [Global flags]                                                                                                                            
> ...
>      bool EnableDynamicAgentLoading                = false                                     {product} {command line}
> ...
> <press key>
> OnAttach! Loading JVMTI sample agent
> ```
> 
> Investigation shows that there seems to be a bug in attachListener.cpp where we compare AttachOperation::name for "load", but it contains "jcmd": 
> 
> ```
> Thread 22 "Attach Listener" hit Breakpoint 1, attach_listener_thread_entry (thread=0x7fff94000fd0, __the_thread__=0x7fff94000fd0) at /shared/projects/openjdk/jdk-jdk/source/src/hotspot/share/services/attachListener.cpp:404
> 404         } else if (!EnableDynamicAgentLoading && strcmp(op->name(), "load") == 0) {
> (gdb) p op
> $1 = (AttachOperation *) 0x7fff7401b640
> (gdb) p *op
> $2 = {<CHeapObj<(MEMFLAGS)9>> = {<No data fields>}, _vptr.AttachOperation = 0x7ffff7b61210 <vtable for LinuxAttachOperation+16>, _name = "jcmd\000", '\361' <repeats 11 times>, <incomplete sequence \361>, _arg = {
>     "JVMTI.agent_load /shared/projects/jvmti-sample/sample.so\000", '\361' <repeats 967 times>..., "\000", '\361' <repeats 1023 times>..., "\000", '\361' <repeats 1023 times>...}}
> (gdb) p op->name()
> $3 = 0x7fff7401b648 "jcmd"
> ```
> 
> This was on Linux x64.
> 
> So if people have been using -XX:-EnableDynamicAgentLoading to check their code, this may not have worked as intended.
> 
> Cheers, Thomas

There may be a missing check in JVMTIAgentLoadDCmd::execute in diagnosticCommand.cpp.
Thank you for reporting this!

— Ron



More information about the jigsaw-dev mailing list