Integrated: JDK-8302594: use-after-free in Node::destruct
Justin King
jcking at openjdk.org
Thu Feb 16 14:17:39 UTC 2023
On Wed, 15 Feb 2023 16:30:16 GMT, Justin King <jcking at openjdk.org> wrote:
> Instrumenting Arena for ASan revealed some `use-after-free` behavior in C2. One of them is in `Node::destruct`, where the storage for `Node` is free'd and then fields are accessed. Thankfully none of the methods called allocate, but they could in the future. To resolve this, we move the calls to `Afree` to the end of `Node::destruct`.
This pull request has now been integrated.
Changeset: 2e3cea01
Author: Justin King <jcking at openjdk.org>
Committer: Tobias Hartmann <thartmann at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/2e3cea01daca594dfa4477439a9849eea19b249e
Stats: 58 lines in 1 file changed: 31 ins; 27 del; 0 mod
8302594: use-after-free in Node::destruct
Reviewed-by: kvn, thartmann
-------------
PR: https://git.openjdk.org/jdk/pull/12577
More information about the hotspot-compiler-dev
mailing list