RFR: 8364735: [asan] heap-use-after-free error detected in defaultStream::writer during VM shutdown [v2]
David Holmes
dholmes at openjdk.org
Thu Sep 4 04:46:42 UTC 2025
On Wed, 3 Sep 2025 19:46:18 GMT, Kim Barrett <kbarrett at openjdk.org> wrote:
> > I still am not sure how the OrderAccess helps. A concurrent thread can see xtty != null and start printing while the terminating thread deletes the defaultStream under xtty? Sorry if I am slow.
>
> I agree with @tstuefe - I'm not seeing how this actually helps. Esp. since the other side of these operations typically (universally?) doesn't have any memory ordering, and where there are null checks they are often of the form `if (global_x != nullptr) { ... use global_x ... }`
As I wrote in the description:
> Due to races during VM shutdown we cannot make use of xtty perfectly safe, but we can certainly narrow the window during which use-after-free is possible.
we have a blatant `free x; x = null` sequence which is wrong. We flip it `x = null; fence; free x;` so that we reduce the chances of accessing `x` after it is null. The `fence` is used to force visibility of the nulling as well as prevent reordering with the freeing.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/26832#issuecomment-3251825291
More information about the hotspot-dev
mailing list