RFR: 8355915: [leyden] Crash in MDO clearing the unloaded array type
Aleksey Shipilev
shade at openjdk.org
Wed Apr 30 09:18:43 UTC 2025
On Tue, 29 Apr 2025 14:57:23 GMT, Aleksey Shipilev <shade at openjdk.org> wrote:
> Caught this when doing benchmarks with Spring Boot. See the bug for reproducer.
>
> The lifecycle of array types of `T` is bound to the lifecycle of `T` themselves. So the fix does similar thing to `is_excluded` and other code: when we encounter the `T[]`, we ask if its bottom component classes is not yet initialized. This fits nicely with our current uses, which skip such classes, and ever touch their (potentially nullptr) CLDs.
>
> Additional testing:
> - [x] Ad-hoc testing with most recent spring-boot-petclinic
> - [x] Linux x86_64 server fastdebug, `runtime/cds`
Testing shows the fix is incomplete.
Looks like when `T[]` is unloaded, we cannot trust its `bottom_klass` is not garbage. I also notice that in several other places, e.g. in `ciReceiverTypeData::translate_receiver_data_from`, we do check if CLD is null. So the more robust fix is to do CLD checks in MDO clearing as well. `is_excluded` is now also protected by these CLD checks.
See new commit. This one seems to pass the tests locally.
-------------
PR Comment: https://git.openjdk.org/leyden/pull/64#issuecomment-2841330187
More information about the leyden-dev
mailing list