RFR: JDK-8302594: use-after-free in Node::destruct
Justin King
jcking at openjdk.org
Wed Feb 15 16:37:31 UTC 2023
Instrumenting Arena for ASan revealed some `use-after-free` behavior in C2. One of them is in `Node::destruct`, where the storage for `Node` is free'd and then fields are accessed. Thankfully none of the methods called allocate, but they could in the future. To resolve this, we move the calls to `Afree` to the end of `Node::destruct`.
-------------
Commit messages:
- use-after-free in Node::destruct
Changes: https://git.openjdk.org/jdk/pull/12577/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=12577&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8302594
Stats: 44 lines in 1 file changed: 23 ins; 20 del; 1 mod
Patch: https://git.openjdk.org/jdk/pull/12577.diff
Fetch: git fetch https://git.openjdk.org/jdk pull/12577/head:pull/12577
PR: https://git.openjdk.org/jdk/pull/12577
More information about the hotspot-compiler-dev
mailing list