Do not reset SirtRef pointing to a live object ClassLinker::FindClass reset the klass SirtRef to point to the existing Class value. However, the old value was still referenced by the ObjectLock. In the rare case of a two thread resolving the same class at the same time and a garbage collection happening, the ObjectLock would point to freed memory. Change-Id: I93dbbfe3e5d7a8922464242270ac90c71a125e47

commit: 01e076ec18143f4d46775b53c109e1b5e53d96e1 [log] [tgz]
author: Brian Carlstrom <bdc@google.com> Fri Mar 30 11:54:16 2012 -0700
committer: Brian Carlstrom <bdc@google.com> Fri Mar 30 11:54:38 2012 -0700
tree: 75cfd810bf53c66961e477abe3d0ffcd14384211
parent: e77be401064117032b7c4bbad3f897f5c0b23a26 [diff] [blame]
diff --git a/src/class_linker.cc b/src/class_linker.cc
index e8700be..80dd7eb 100644
--- a/src/class_linker.cc
+++ b/src/class_linker.cc

@@ -1251,12 +1251,10 @@
   ObjectLock lock(klass.get());
   klass->SetClinitThreadId(self->GetTid());
   // Add the newly loaded class to the loaded classes table.
-  Class* existing = InsertClass(descriptor, klass.get(), false);
-  if (existing != NULL) {
+  SirtRef<Class> existing(InsertClass(descriptor, klass.get(), false));
+  if (existing.get() != NULL) {
     // We failed to insert because we raced with another thread.
-    klass->SetClinitThreadId(0);
-    klass.reset(existing);
-    return EnsureResolved(klass.get());
+    return EnsureResolved(existing.get());
   }
   // Finish loading (if necessary) by finding parents
   CHECK(!klass->IsLoaded());
commit	01e076ec18143f4d46775b53c109e1b5e53d96e1	[log] [tgz]
author	Brian Carlstrom <bdc@google.com>	Fri Mar 30 11:54:16 2012 -0700
committer	Brian Carlstrom <bdc@google.com>	Fri Mar 30 11:54:38 2012 -0700
tree	75cfd810bf53c66961e477abe3d0ffcd14384211
parent	e77be401064117032b7c4bbad3f897f5c0b23a26 [diff] [blame]