RFR: 8360664: Null pointer dereference in src/hotspot/share/prims/jvmtiTagMap.cpp in IterateOverHeapObjectClosure::do_object() [v2]

[David Holmes]

On Thu, 26 Jun 2025 14:00:43 GMT, Artem Semenov <asemenov at openjdk.org> wrote:

>> The defect has been detected and confirmed in the function ```IterateOverHeapObjectClosure::do_object()``` located in the file ```src/hotspot/share/prims/jvmtiTagMap.cpp``` with static code analysis. This defect can potentially lead to a null pointer dereference.
>> 
>> The pointer ```oop o``` is passed to the constructor of the CallbackWrapper class, where it is dereferenced without a null check.
>
> Artem Semenov has refreshed the contents of this pull request, and previous commits have been removed. The incremental views will show differences compared to the previous content of the PR. The pull request contains one new commit since the last revision:
> 
>   8360664 Null pointer dereference in src/hotspot/share/prims/jvmtiTagMap.cpp in IterateOverHeapObjectClosure::do_object()
>   
>   Found by Linux Verification Center (linuxtesting.org) with SVACE.
>   signed-off-by: Artem Semenov <savoptik at altlinux.org>

I think this is a false positive from the static code analyzer. If we are iterating over the heap then the closure is only ever passed actual oops, so it can't be null.

At most I would add an assert, but generally my understanding is that the user of any closure has the responsibility of passing it valid input.

-------------

PR Review: https://git.openjdk.org/jdk/pull/26002#pullrequestreview-2964779144