JDK-8317600 : VtableStubs::stub_containing() table load not ordered wrt to stores
  • Type: Bug
  • Component: hotspot
  • Sub-Component: compiler
  • Affected Version: 21,22
  • Priority: P4
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2023-10-05
  • Updated: 2024-04-19
  • Resolved: 2023-10-17
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 21 JDK 22
21.0.4-oracleFixed 22 b20Fixed
Related Reports
Relates :  
JDK-8317527 - Make VtableStubs::entry_point() lock free
Relates :  
JDK-8326092 - Pause Remark sometimes has extremely long pause times on class unloading
Description
VtableStubs::stub_containing() loops over the hash table buckets to see if the given address is a i/vtable stub.

For every bucket, it loads the head and the next pointers with unordered loads; the store to the head pointer in enter() is also unordered wrt to the next pointer and that load, so stub_containing() could read garbage for the next field and return a wrong result.

Found by code inspection for JDK-8317527.

It's very unlikely to do so (and there may be some proof like "between the store and the load there almost likely is some intervening synchronization"), and probably never happened so far.

The simplest thing is to make this ordering explicit (and remove the 

  // Note: No locking needed since any change to the data structure
  //       happens with an atomic store into it (we don't care about
  //       consistency with the _number_of_vtable_stubs counter).

comment which is wrong about the "no synchronization" needed.)
Comments
Fix request [21u] I backport this for parity with 21.0.4-oracle. Medium risk. As it adds ordering, it should improve. I think we should go along here. Clean backport. Unfortunately no tests. SAP nightly testing passed.
05-04-2024
A pull request was submitted for review. URL: https://git.openjdk.org/jdk21u-dev/pull/446 Date: 2024-04-03 19:35:34 +0000
03-04-2024
Changeset: c566dfcc Author: Thomas Schatzl <tschatzl@openjdk.org> Date: 2023-10-17 19:01:03 +0000 URL: https://git.openjdk.org/jdk/commit/c566dfccf8aa0d5cd53a6e4de61a1bca9f1367b5
17-10-2023
ILW = Missing memory fences (most likely not an issue in current code), never observed, no workaround = MLH = P4
06-10-2023
A pull request was submitted for review. URL: https://git.openjdk.org/jdk/pull/16056 Date: 2023-10-05 14:20:41 +0000
05-10-2023