8258077: Using -Xcheck:jni can lead to a double-free after JDK-8193234 #1816
Conversation
Step 1: added a regression test
…t can trigger a secondary crash.
…imitiveArrayCritical
|
|
|
@dholmes-ora The following label will be automatically applied to this pull request:
When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command. |
|
/label remove hotspot |
|
@dholmes-ora |
|
@dholmes-ora |
Webrevs
|
|
/help |
|
@dholmes-ora Available commands:
|
|
Mailing list message from David Holmes on hotspot-runtime-dev: Ping! Thanks, On 17/12/2020 9:54 pm, David Holmes wrote: |
| i + " but got " + source[i]); | ||
| } | ||
| } | ||
| for (int i = count; i <source.length; i++) { |
There was a problem hiding this comment.
nit - need space after '<'.
| int start = i * sliceLength; | ||
| fill(arr, start, sliceLength); | ||
| System.out.println("Array during: " + Arrays.toString(arr)); | ||
| check(arr, (i+1) * sliceLength); |
There was a problem hiding this comment.
nit - need spaces around '+'.
| // write-back using JNI_COMMIT to test for memory leak | ||
| (*env)->ReleasePrimitiveArrayCritical(env, iarr, arr, JNI_COMMIT); | ||
| } | ||
| // we skip the test is the VM makes a copy - as it will definitely leak |
|
@dholmes-ora This change now passes all automated pre-integration checks. After integration, the commit message for the final commit will be: You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed. At the time when this comment was updated there had been no new commits pushed to the
|
|
Mailing list message from David Holmes on hotspot-runtime-dev: Hi Dan, Thanks for the Review. On 25/12/2020 4:08 am, Daniel D.Daugherty wrote:
All nits fixed.
TestCheckedReleaseCriticalArray won't execute in any tier as it is a TestCheckedReleaseArrayElements runs in tier1 like the majority of Thanks, |
|
Mailing list message from David Holmes on hotspot-runtime-dev: Ping! Can I get a second review please. Thanks, On 29/12/2020 5:10 pm, David Holmes wrote: |
|
Mailing list message from David Holmes on hotspot-runtime-dev: On 6/01/2021 2:49 am, Harold Seigel wrote:
Thanks for the review Harold. These changes don't impact the JNI spec, https://bugs.openjdk.java.net/browse/JDK-8258185 to examine what the spec says in relation to these modes. David |
|
/integrate |
openjdk
bot
added
integrated
|
@dholmes-ora Pushed as commit 712014c. |
The fix in JDK-8193234 had an unintended consequence for the ReleaseArrayElements API, which is now fixed in this issue.
I'd like to thank Mauro Lacy and Dmitry Timofeev for raising, analysing and discussing this issue. You can follow the thread here:
http://mail.openjdk.java.net/pipermail/hotspot-dev/2020-December/047248.html
Although the fix itself is very basic I found a couple of other issues along the way, so I have staged the commits as follows for ease of understanding:
Step 1: added a regression test for the current double-free problem
Step 2: Only try to print the GuardedMemory info in debug builds as it can lead to secondary crashes
Step 3: Fix incorrect function names in the error messages and cleanup formatting
Step 4: Revert the change from JDK-8193234
Step 5: Add the memory-leak test from JDK-8193234 as a manual test
Step 6: Fix the JNI_COMMIT memory leak only for the case of ReleasePrimitiveArrayCritical
Finally I had to tweak the test to fix a nativepath problem.
Testing:
Thanks,
David
Progress
Issue
Reviewers
Download
$ git fetch https://git.openjdk.java.net/jdk pull/1816/head:pull/1816$ git checkout pull/1816