RFR: JDK-8263558: Possible NULL dereference in fast path arena free if ZapResourceArea is true [v5]

Kim Barrett kbarrett at openjdk.java.net
Thu Mar 18 00:12:48 UTC 2021


On Tue, 16 Mar 2021 07:00:26 GMT, Thomas Stuefe <stuefe at openjdk.org> wrote:

>> Sonarcloud reports a possible NULL dereference when zapping the to-be-freed area in fast-path arena free. Possible call stack for this to happen starts in Node::destruct(PhaseValues* phase).
>
> Thomas Stuefe has updated the pull request incrementally with one additional commit since the last revision:
> 
>   make Arealloc and Afree behave like realloc and free

Changes requested by kbarrett (Reviewer).

src/hotspot/share/memory/arena.cpp line 368:

> 366: // Reallocate storage in Arena.
> 367: void *Arena::Arealloc(void* old_ptr, size_t old_size, size_t new_size, AllocFailType alloc_failmode) {
> 368:   if (new_size == 0) return NULL;

[pre-existing] Isn't this a leak?  Probably just dropping old_ptr.

src/hotspot/share/memory/arena.cpp line 369:

> 367: void *Arena::Arealloc(void* old_ptr, size_t old_size, size_t new_size, AllocFailType alloc_failmode) {
> 368:   if (new_size == 0) return NULL;
> 369:   if (old_ptr == NULL) {

If we're being consistent with realloc, probably should test this first, then for new_size == 0 (-> Afree, see above), then the rest.

-------------

PR: https://git.openjdk.java.net/jdk/pull/2995


More information about the hotspot-runtime-dev mailing list