RFR: 8332866: Crash in ImageIO JPEG decoding when MEM_STATS in enabled
Jayathirth D V
jdv at openjdk.org
Fri May 24 08:41:20 UTC 2024
In IJG library's jmemmgr.c file we can define MEM_STATS(by default this flag is disabled and we don't see this issue) to enable printing of memory trace logs when we have OOM. But if we enable it we get crash while disposing IJG stored objects in jmemmgr->free-pool() function.
This is happening because we delete the error handler before we actually start deleting IJG stored objects and while freeing the IJG objects we try to access cinfo->err->trace_level of error handler. This early deletion of error handler is happening in jpegloader.c->imageio_dispose() function.
Moved the logic to delete error handler after we are done with deleting IJG stored objects, after this change there is no crash. There is no regression test because this issue is seen only when we enable MEM_STATS flag in IJG library. Ran jtreg ImageIO tests with code update and i don't see any regressions.
I have verified that this issue doesn't effect SplashScreen code path and disposing of IJG objects is handled differently in SplashScreen.
-------------
Commit messages:
- 8332866: Crash in ImageIO JPEG decoding when MEM_STATS in enabled
Changes: https://git.openjdk.org/jdk/pull/19386/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=19386&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8332866
Stats: 4 lines in 1 file changed: 2 ins; 2 del; 0 mod
Patch: https://git.openjdk.org/jdk/pull/19386.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/19386/head:pull/19386
PR: https://git.openjdk.org/jdk/pull/19386
More information about the client-libs-dev
mailing list