RFC (round 1), JEP draft: Low-level Object layout introspection methods

Aleksey Shipilev shade at redhat.com
Mon Aug 17 16:27:51 UTC 2020

On 8/17/20 2:43 PM, Roman Kennke wrote:
> Maybe I'm missing something, but it may not actually have to be 'some
> secret offset' but could be just the location of the object relative to
> heap start?

Ha! I thought about the same initially, but then shrugged it off.

At the first glance, subtracting the heap base does appear simpler than other approaches. But after
tinkering with the prototype I thought that doing the full-random cookie is just as simple. (Some
implementation trivia: without CompressedOops enabled, only CollectedHeap seems to know what the
heap base is, whoops. So you either end up extending the CollectedHeap interface, or add the
auxiliary field in Universe -- which is what you would do anyway for a random cookie).

Conceptually, heap bases are usually high power-of-two's, so demangling the address would seem
trivial, and that triviality would somewhat defeat the purpose of mangling it in the first place.
Plus, heap bases are quite stable run-to-run, which makes the demangling code appear more stable
than it actually is. Also, I can imagine the compressed oops mode where heap base is effectively
zero (with some GC handling to "block out" zero pages and whatnot). This turns mangling into identity :)

Full random cookies would make unintended use failures more systematic.


More information about the jdk-dev mailing list