RFR: 8206267: Unsafe publication of StubCodeDesc leads to crashes

Andrew Haley aph at redhat.com
Tue Jul 3 15:16:04 UTC 2018

On 07/03/2018 03:57 PM, Aleksey Shipilev wrote:
> On 07/03/2018 04:31 PM, aph wrote:
>> The StubCodeDesc constructor is unsychronized. However, it runs when
>> the C2 compiler thread is initializing. The compiler thread reads the
>> StubCodeDesc list while it is in an unstable state, resulting in a
>> read from an uninitialized pointer field and it then segfaults,
>> causing the VM to abort.
>> http://cr.openjdk.java.net/~aph/8206267/
>> OK for 11 and 12?
> Looks good for 12.
> Looks simple enough for 11.
> Star formatting is a bit awkward:
>    37 StubCodeDesc *volatile StubCodeDesc::_list = NULL;
>    ...
>    42   static StubCodeDesc *volatile _list;         // the list of all descriptors
> ...should probably be:
>    37 StubCodeDesc* volatile StubCodeDesc::_list = NULL;
>    ...
>    42   static StubCodeDesc* volatile _list;         // the list of all descriptors

That's incorrect.  Indirection binds to the right.

You need to get it right for:

   int *a, b;

which would be highly misleading as

   int *a, b;

But anyway, I have withdrawn the bug report: it's been fixed a
different way in current sources.

Andrew Haley
Java Platform Lead Engineer
Red Hat UK Ltd. <https://www.redhat.com>
EAC8 43EB D3EF DB98 CC77 2FAD A5CD 6035 332F A671

More information about the hotspot-runtime-dev mailing list