Integrated: 8325672: C2: allocate PhaseIdealLoop::_loop_or_ctrl from C->comp_arena()
Emanuel Peter
epeter at openjdk.org
Tue Feb 13 16:12:05 UTC 2024
On Mon, 12 Feb 2024 17:54:14 GMT, Emanuel Peter <epeter at openjdk.org> wrote:
> If we don't do that, then this array is ResourceArea allocated. That means we can get in trouble with ResourceMarks inside the PhaseIdealLoop. If the array is updated because of new nodes, and this grows the area in a ResourceMark scope, then the data behind _loop_or_ctrl becomes invalid, and we get use-after-free memory corruption bugs.
>
> The array was added in [JDK-8302670](https://bugs.openjdk.org/browse/JDK-8302670), so we should backport down to JDK21.
>
> I don't yet have a reproducer. But this triggered with my patch for [JDK-8325589](https://bugs.openjdk.org/browse/JDK-8325589). See https://github.com/openjdk/jdk/pull/17800#discussion_r1486534950.
This pull request has now been integrated.
Changeset: 74b90aa8
Author: Emanuel Peter <epeter at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/74b90aa87e7cfa52ac09bf2e57258d792f740f00
Stats: 2 lines in 1 file changed: 2 ins; 0 del; 0 mod
8325672: C2: allocate PhaseIdealLoop::_loop_or_ctrl from C->comp_arena()
Reviewed-by: kvn, chagedorn
-------------
PR: https://git.openjdk.org/jdk/pull/17814
More information about the hotspot-compiler-dev
mailing list