RFR: 8332699: ubsan: jfrEventSetting.inline.hpp:31:43: runtime error: index 163 out of bounds for type 'jfrNativeEventSetting [162]'

[Matthias Baesken]

On Mon, 10 Jun 2024 12:30:59 GMT, Matthias Baesken <mbaesken at openjdk.org> wrote:

> When running hs :tier1 tests or jdk/jfr tests, with ubsan enabled (configure flag --enable-ubsan), in a lot of jfr related tests like
> compiler/intrinsics/klass/CastNullCheckDroppingsTest.jtr
> serviceability/jvmti/RedefineClasses/RedefineSharedClassJFR.jtr
> this oob error can be seen :
> 
> /jdk/src/hotspot/share/jfr/recorder/jfrEventSetting.inline.hpp:31:43: runtime error: index 163 out of bounds for type 'jfrNativeEventSetting [162]'
>     #0 0x7f6b75a8634b in JfrEventSetting::setting(JfrEventId) /jdk/src/hotspot/share/jfr/recorder/jfrEventSetting.inline.hpp:31
>     #1 0x7f6b75a8634b in JfrEventSetting::set_stacktrace(long, bool) /jdk/src/hotspot/share/jfr/recorder/jfrEventSetting.cpp:47
> 
> Looks like the array in generated code is too small.
> With
> `jfrNativeEventSetting bits[NUMBER_OF_EVENTS];`
> and
> 
> static const int NUMBER_OF_EVENTS = 162;
> static const int NUMBER_OF_RESERVED_EVENTS = 2;
> 
> 
> Access at index 163 cannot work.
> But it looks like there is always enough memory after the array so we do not crash and it was not noticed before.

My maximum JfrEventId  is 163 , see the generated  hotspot/variant-server/gensrc/jfrfiles/jfrEventIds.hpp



enum JfrEventId {
  JfrMetadataEvent = 0,
  JfrCheckpointEvent = 1,
  JfrDurationEvent = 2,
  JfrInstantEvent = 3,
  JfrValueEvent = 4,
  JfrTextEvent = 5,
  JfrZThreadDebugEvent = 6,
   .....
  JfrJavaAgentEvent = 161,
  JfrNativeAgentEvent = 162,
  JfrDeprecatedInvocationEvent = 163,
};

so NUMBER_OF_EVENTS + NUMBER_OF_RESERVED_EVENTS looks fine to me.
163 is the highest I could see while testing.

-------------

PR Comment: https://git.openjdk.org/jdk/pull/19628#issuecomment-2160953294