RFR: 8332866: Crash in ImageIO JPEG decoding when MEM_STATS in enabled
Abhishek Kumar
abhiscxk at openjdk.org
Tue May 28 11:51:02 UTC 2024
On Fri, 24 May 2024 08:37:25 GMT, Jayathirth D V <jdv at openjdk.org> wrote:
> In IJG library's jmemmgr.c file we can define MEM_STATS(by default this flag is disabled and we don't see this issue) to enable printing of memory trace logs when we have OOM. But if we enable it we get crash while disposing IJG stored objects in jmemmgr->free-pool() function.
>
> This is happening because we delete the error handler before we actually start deleting IJG stored objects and while freeing the IJG objects we try to access cinfo->err->trace_level of error handler. This early deletion of error handler is happening in imageioJPEG.c->imageio_dispose() function.
>
> Moved the logic to delete error handler after we are done with deleting IJG stored objects, after this change there is no crash. There is no regression test because this issue is seen only when we enable MEM_STATS flag in IJG library. Ran jtreg ImageIO tests with code update and i don't see any regressions.
>
> I have verified that this issue doesn't effect SplashScreen code path and disposing of IJG objects is handled differently in SplashScreen.
Verified the fix with sample test program. Looks good to me.
-------------
Marked as reviewed by abhiscxk (Committer).
PR Review: https://git.openjdk.org/jdk/pull/19386#pullrequestreview-2082561085
More information about the client-libs-dev
mailing list