JDK-8352001 : AOT cache should not contain classes injected into built-in class loaders
  • Type: Bug
  • Component: hotspot
  • Sub-Component: runtime
  • Affected Version: 25
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2025-03-14
  • Updated: 2025-04-24
  • Resolved: 2025-04-16
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 25
25 b19Fixed
Related Reports
Relates :  
JDK-8335735 - jruby -J-XX:CacheDataStore=jruby.cds crashes due to lack of module support
Description
During an application's training run, it's possible to inject classes into the built-in platform/app class loaders with reflection calls. Previously, only the names of these classes were recorded in the AOT config file. When the AOT cache is generated, these classes are automatically filtered out.

However, since JDK-8348426, these classes are stored as parsed InstanceKlasses in the AOT config file, and will be transferred into the AOT cache.

The new behavior may cause some applications to fail, as they may inject bytecodes that have environment dependencies. For safety, it's better to filter out such injected classes,

Example:

========================
Method m = ClassLoader.class.getDeclaredMethod("defineClass", String.class,
     byte[].class, int.class, int.class, ProtectionDomain.class);
m.setAccessible(true);
ProtectionDomain pd = MyApp.class.getProtectionDomain();
ClassLoader appLoader = MyApp.class.getClassLoader();
byte[] data = Files.readAllBytes(Paths.get("ClassNotInJar2.class"));
Class c = (Class)m.invoke(appLoader, "ClassNotInJar2", data, 0, data.length, pd);
==========================
Comments
Changeset: e433fa27 Branch: master Author: Ioi Lam <iklam@openjdk.org> Date: 2025-04-16 17:52:53 +0000 URL: https://git.openjdk.org/jdk/commit/e433fa2719917cff6cb373e9a60981a7418e2f4f
16-04-2025
A pull request was submitted for review. Branch: master URL: https://git.openjdk.org/jdk/pull/24046 Date: 2025-03-14 05:28:47 +0000
14-03-2025