RFR: 8354428: [ubsan] g1BiasedArray.hpp: pointer overflow in address calculation
Kim Barrett
kbarrett at openjdk.org
Tue May 27 09:03:55 UTC 2025
On Mon, 26 May 2025 10:15:01 GMT, Thomas Schatzl <tschatzl at openjdk.org> wrote:
> Hi all,
>
> please review this fix for an ubsan error related to pointer under- or overflows when using the biased array helper.
>
> The fix is, instead of using direct address calculations that can cause these errors, use `uintptr_t` where the overflow behavior is defined in C++. Only convert to pointer at the actual access.
>
> Testing: gha, tier1
src/hotspot/share/gc/g1/g1BiasedArray.hpp line 107:
> 105: T* base() const { return (T*)G1BiasedMappedArrayBase::_base; }
> 106:
> 107: T* biased_base_at(idx_t index) const { return (T*)(G1BiasedMappedArrayBase::_biased_base + index * sizeof(T)); }
[pre-existing] Here and elsewhere, I think `this->_biased_base` is the more usual idiom for accessing
a member of a base class from a class template. The reason just `_biased_base` doesn't work has to
do with the name lookup rules in templates. Your choice on this.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/25447#discussion_r2108637668
More information about the hotspot-gc-dev
mailing list