RFR: 8231356: Fix broken ResourceObj::operator new[] in debug builds

Ioi Lam iklam at openjdk.java.net
Mon Aug 9 17:08:31 UTC 2021 

On Mon, 9 Aug 2021 14:31:22 GMT, Leo Korinth <lkorinth at openjdk.org> wrote:

> ResourceObj::operator new[] calls ResourceObj::operator new (non array version). In debug builds, each resource object (on C_HEAP) will be initialized with set_allocation_type() (which is correct). What is not correct is that the constructor (and thus) set_allocation_type() is called on the array itself (which is not a ResourceObj). This initialization will be partially overwritten by the header that keeps track of the array size. When the array destructor later is called, it will also chain call the non-array destructor. In debug builds the verification of _allocation_t[0] will fail as it has been overwritten by the code that keeps track of the array size.
> 
> The following assert will fail:
> assert(~(_allocation_t[0] | allocation_mask) == (uintptr_t)this, "lost resource object");
> 
> The reason that it has not been detected is that no one uses ResourceObj::operator new[] on resource objects with C_HEAP storage.

Actually none of the `operator delete[]` seem to work:

```--- a/src/hotspot/share/classfile/vmClasses.cpp
+++ b/src/hotspot/share/classfile/vmClasses.cpp
@@ -31,6 +31,7 @@
 #include "classfile/vmClasses.hpp"
 #include "classfile/vmSymbols.hpp"
 #include "memory/metaspaceClosure.hpp"
+#include "memory/resourceArea.hpp"
 #include "memory/universe.hpp"
 #include "oops/instanceKlass.hpp"
 #include "oops/instanceRefKlass.hpp"
@@ -112,7 +113,16 @@ void vmClasses::resolve_until(vmClassID limit_id, vmClassID &start_id, TRAPS) {
   start_id = limit_id;
 }
 
+class Foo : public ResourceObj {
+public:
+  Foo() : ResourceObj() {}  
+};
 void vmClasses::resolve_all(TRAPS) {
+  ResourceMark rm;
+  Foo* foo = new Foo[10];
+  delete[] foo;
   assert(!Object_klass_loaded(), "well-known classes should only be initialized once");
===============
#  Internal Error (src/hotspot/share/memory/allocation.cpp:190), pid=2829, tid=3160
#  assert(~(_allocation_t[0] | allocation_mask) == (uintptr_t)this) failed: lost resource object


In this example, the following operator is used:

  void* operator new [](size_t size) throw() {
      address res = (address)resource_allocate_bytes(size);
      DEBUG_ONLY(set_allocation_type(res, RESOURCE_AREA);)
      return res;
  }

-------------

PR: https://git.openjdk.java.net/jdk/pull/5055

More information about the hotspot-runtime-dev mailing list