RFR: 8360664: Null pointer dereference in src/hotspot/share/prims/jvmtiTagMap.cpp in IterateOverHeapObjectClosure::do_object() [v3]
David Holmes
dholmes at openjdk.org
Tue Jul 1 03:15:40 UTC 2025
On Mon, 30 Jun 2025 13:03:23 GMT, Artem Semenov <asemenov at openjdk.org> wrote:
>> The defect has been detected and confirmed in the function ```IterateOverHeapObjectClosure::do_object()``` located in the file ```src/hotspot/share/prims/jvmtiTagMap.cpp``` with static code analysis. This defect can potentially lead to a null pointer dereference.
>>
>> The pointer ```oop o``` is passed to the constructor of the CallbackWrapper class, where it is dereferenced without a null check.
>
> Artem Semenov has updated the pull request incrementally with one additional commit since the last revision:
>
> changed if tu assert
src/hotspot/share/prims/jvmtiTagMap.cpp line 947:
> 945: // invoked for each object in the heap
> 946: void IterateOverHeapObjectClosure::do_object(oop o) {
> 947: assert(o != nullptr, "Parameter 'o' must not be null!");
Suggestion:
assert(o != nullptr, "Heap iteration should never produce null");
Same with the other assertion please. Though as @plummercj states I don't see how this will help with the static analysis tool.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/26002#discussion_r2176326686
More information about the serviceability-dev
mailing list