RFR(XXS) 8249087 Symbol constructor unnecessarily initializes _body[0]
Lois Foltan
lois.foltan at oracle.com
Tue Jul 21 15:06:31 UTC 2020
On 7/21/2020 2:24 AM, Ioi Lam wrote:
>
>
> On 7/20/20 11:12 PM, Florian Weimer wrote:
>> * Ioi Lam:
>>
>>> Hi please review this very simple fix:
>>>
>>> diff -r 19f26d72a8d0 src/hotspot/share/oops/symbol.cpp
>>> --- a/src/hotspot/share/oops/symbol.cpp Mon Jul 20 14:24:19 2020
>>> -0700
>>> +++ b/src/hotspot/share/oops/symbol.cpp Mon Jul 20 17:11:57 2020
>>> -0700
>>> @@ -51,8 +51,11 @@
>>> Symbol::Symbol(const u1* name, int length, int refcount) {
>>> _hash_and_refcount = pack_hash_and_refcount((short)os::random(),
>>> refcount);
>>> _length = length;
>>> - _body[0] = 0; // in case length == 0
>>> memcpy(_body, name, length);
>>> + // For symbols of length 0 and 1: _body[0] (and _body[1]) are
>>> uninitialized and may
>>> + // contain random values, which will only be read by
>>> Symbol::identity_hash(),
>>> + // which would tolerate such randomness. These values never change
>>> during the lifetime
>>> + // of the Symbol.
>>> }
>> Won't this still trip memory debuggers? Symbol::identity_hash() implies
>> that the result is eventually used in a conditional operation (a hash
>> comparison perhaps). If it's possible one day to run Hotspot under
>> valgrind, this would result in false positives.
>
> Are you saying that valgrind will modify uninitialized memory
> periodically after the constructor has returned, and thus will cause
> Symbol::identity_hash() to return a different value?
>
> Without my patch, _body[1] is uninitialized for Symbols whose length
> is 0 or 1. We have not heard of any issues related to valgrind and
> Symbol::identity_hash().
>
> In fact, looking at the code history, the setting of "_body[0] = 0" in
> Symbol::Symbol was introduced only recently (Feb 2020):
>
> http://hg.openjdk.java.net/jdk/jdk/annotate/4a4d185098e2/src/hotspot/share/oops/symbol.cpp#l55
>
>
> I'll check with Lois who added the code to see the reason for doing it.
Hi Ioi,
Reviewing this JBS issue, I have concerns over leaving both _body[0] and
now even _body[1] uninitialized. The signature processing frequently
checks the first character of a Symbol via Symbol::char_at(0) to
determine what type it is dealing with. Is there a danger that the
uninitialized memory actually has a valid type indicator in it like an
'[' character for example? The signature processing could potentially
make wrong assumptions about the type it is trying to process.
Thanks,
Lois
>
>
> Thanks
> - Ioi
>
>> Thanks,
>> Florian
>>
>
More information about the hotspot-runtime-dev
mailing list