RFR: JDK-8302594: use-after-free in Node::destruct [v2]
Justin King
jcking at openjdk.org
Wed Feb 15 20:30:17 UTC 2023
> Instrumenting Arena for ASan revealed some `use-after-free` behavior in C2. One of them is in `Node::destruct`, where the storage for `Node` is free'd and then fields are accessed. Thankfully none of the methods called allocate, but they could in the future. To resolve this, we move the calls to `Afree` to the end of `Node::destruct`.
Justin King has updated the pull request incrementally with one additional commit since the last revision:
Update based on review
Signed-off-by: Justin King <jcking at google.com>
-------------
Changes:
- all: https://git.openjdk.org/jdk/pull/12577/files
- new: https://git.openjdk.org/jdk/pull/12577/files/440ebb30..376feb59
Webrevs:
- full: https://webrevs.openjdk.org/?repo=jdk&pr=12577&range=01
- incr: https://webrevs.openjdk.org/?repo=jdk&pr=12577&range=00-01
Stats: 17 lines in 1 file changed: 9 ins; 8 del; 0 mod
Patch: https://git.openjdk.org/jdk/pull/12577.diff
Fetch: git fetch https://git.openjdk.org/jdk pull/12577/head:pull/12577
PR: https://git.openjdk.org/jdk/pull/12577
More information about the hotspot-compiler-dev
mailing list