Mon, 04 Jun 2012 10:22:37 -0400
7166498: JVM crash in ClassVerifier
Summary: Fixed raw pointer being used after potential safepoint/GC
Reviewed-by: acorn, fparain, dholmes
src/share/vm/classfile/verifier.cpp | file | annotate | diff | comparison | revisions |
1.1 --- a/src/share/vm/classfile/verifier.cpp Sat Jun 02 07:32:21 2012 -0400 1.2 +++ b/src/share/vm/classfile/verifier.cpp Mon Jun 04 10:22:37 2012 -0400 1.3 @@ -1738,10 +1738,14 @@ 1.4 int target = bci + default_offset; 1.5 stackmap_table->check_jump_target(current_frame, target, CHECK_VERIFY(this)); 1.6 for (int i = 0; i < keys; i++) { 1.7 + // Because check_jump_target() may safepoint, the bytecode could have 1.8 + // moved, which means 'aligned_bcp' is no good and needs to be recalculated. 1.9 + aligned_bcp = (address)round_to((intptr_t)(bcs->bcp() + 1), jintSize); 1.10 target = bci + (jint)Bytes::get_Java_u4(aligned_bcp+(3+i*delta)*jintSize); 1.11 stackmap_table->check_jump_target( 1.12 current_frame, target, CHECK_VERIFY(this)); 1.13 } 1.14 + NOT_PRODUCT(aligned_bcp = NULL); // no longer valid at this point 1.15 } 1.16 1.17 bool ClassVerifier::name_in_supers(