RFR: JDK-8263558: Possible NULL dereference in fast path arena free if ZapResourceArea is true
Kim Barrett
kim.barrett at oracle.com
Mon Mar 15 06:48:39 UTC 2021
> On Mar 15, 2021, at 1:59 AM, Thomas Stuefe <stuefe at openjdk.java.net> wrote:
>
> On Sun, 14 Mar 2021 06:09:26 GMT, Thomas Stuefe <stuefe at openjdk.org> wrote:
>
>> Sonarcloud reports a possible NULL dereference when zapping the to-be-freed area in fast-path arena free. Possible call stack for this to happen starts in Node::destruct(PhaseValues* phase).
>
> Thanks Kim. I changed the fix to fix the one caller I was sure about passing NULL, and assert in AFree instead.
(The skara bots don’t resend edited comments, so this is missing your update, quoted below.)
> (update: looking at Node::destruct, I believe the coding was correct and there is no way this could have been called with NULL; so I reduce this patch to just the assert in AFree)
I looked at it too, and agree with your assessment.
> I removed the Trivial mark. Before pushing I will put this through tests to check if it triggers. I believe even though the pointer arithmetic below was UB with NULL, the effect would have in general been benign (just refusing to free anything).
I also agree the UB won’t be detected and the effect benign.
Looks good.
More information about the hotspot-runtime-dev
mailing list