From gdub at openjdk.java.net  Tue Dec  7 11:16:17 2021
From: gdub at openjdk.java.net (Gilles Duboscq)
Date: Tue, 7 Dec 2021 11:16:17 GMT
Subject: jmx-dev RFR: JDK-8277029: JMM GetDiagnosticXXXInfo APIs should
 verify output array sizes [v2]
In-Reply-To: <7BKPwCXf1m9wKd5yOJaWg6ZyCCSvZwgZdOz7Z_tFf9U=.a506a1cf-524a-4e8a-a0fd-145766d3ef34@github.com>
References: <THfykOI9_zZq-f1l_FnpmW2_GVtVm6LCwPwHxmormv8=.1f3f36ed-0bc1-4e2e-8ccf-eae940b98f45@github.com>
 <7BKPwCXf1m9wKd5yOJaWg6ZyCCSvZwgZdOz7Z_tFf9U=.a506a1cf-524a-4e8a-a0fd-145766d3ef34@github.com>
Message-ID: <qjt1x5oCW5R2A-ZiVwSv71KNTZo_ypzq4uq0j7esxMI=.763df120-436a-4a89-93c9-c130608314c1@github.com>

On Tue, 16 Nov 2021 06:26:08 GMT, Thomas Stuefe <stuefe at openjdk.org> wrote:

>> jmm_GetDiagnosticCommandArgumentsInfo and jmm_GetDiagnosticCommandInfo are used to query the hotspot about diagnostic commands. They provide output arrays for the information:
>> 
>> 
>> void jmm_GetDiagnosticCommandArgumentsInfo(JNIEnv *env,
>>           jstring command, dcmdArgInfo* infoArray)
>> 
>> 
>> but array size is implicitly assumed to be known to both caller and callee. Caller and callee negotiate those sizes in prior steps, but things can go wrong. E.g. I recently hunted a bug where `DCmd::number_arguments()` was off - did not reflect the real number of its jcmd parameters - which led to a hidden memory overwriter.
>> 
>> Thankfully, JDK-8264565 rewrote the dcmd framework to deal with this particular issue (The VM I analyzed was older). Still, it would be good if we had additional safety measures here.
>> 
>> -------------
>> 
>> Testing:
>> - manual tests with artificially induced error in one dcmd for debug, release
>> - GHAs (which include tier1 serviceability jcmd tests which use JMX and exercise these APIs)
>
> Thomas Stuefe has updated the pull request incrementally with one additional commit since the last revision:
> 
>   Remove changes to GetDiagnosticCommandInfo

Just out of curiosity, for such changes, should we in principle bump `JMM_VERSION`? Or do we not care because libjvm and libmanagement are always shipped together?

-------------

PR: https://git.openjdk.java.net/jdk/pull/6363

From stuefe at openjdk.java.net  Tue Dec  7 13:11:13 2021
From: stuefe at openjdk.java.net (Thomas Stuefe)
Date: Tue, 7 Dec 2021 13:11:13 GMT
Subject: jmx-dev RFR: JDK-8277029: JMM GetDiagnosticXXXInfo APIs should
 verify output array sizes [v2]
In-Reply-To: <qjt1x5oCW5R2A-ZiVwSv71KNTZo_ypzq4uq0j7esxMI=.763df120-436a-4a89-93c9-c130608314c1@github.com>
References: <THfykOI9_zZq-f1l_FnpmW2_GVtVm6LCwPwHxmormv8=.1f3f36ed-0bc1-4e2e-8ccf-eae940b98f45@github.com>
 <7BKPwCXf1m9wKd5yOJaWg6ZyCCSvZwgZdOz7Z_tFf9U=.a506a1cf-524a-4e8a-a0fd-145766d3ef34@github.com>
 <qjt1x5oCW5R2A-ZiVwSv71KNTZo_ypzq4uq0j7esxMI=.763df120-436a-4a89-93c9-c130608314c1@github.com>
Message-ID: <MEqiuhiJSQ82g-TTz48xcp3ZbFf0mj8GhGVQ1ZWUsRM=.42037e57-6620-47a6-a886-6a41f4eee6f9@github.com>

On Tue, 7 Dec 2021 11:13:01 GMT, Gilles Duboscq <gdub at openjdk.org> wrote:

> Just out of curiosity, for such changes, should we in principle bump `JMM_VERSION`? Or do we not care because libjvm and libmanagement are always shipped together?

Hmm, maybe you are right, though someone from Oracle may answer that better. However, seeing that JMM is an internal interface between two internal components, I am not even sure why this version check is needed.

-------------

PR: https://git.openjdk.java.net/jdk/pull/6363