Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8295865

Several issues with os::realloc

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: P3 P3
    • 20
    • 17, 19, 20
    • hotspot
    • b24

      There are several issues with os::realloc():

      1) If realloc(3) fails, the original block will be left untouched. That is fine, and the caller may expect this continue to use it, and later hand it to os::free(). But NMT has marked the original block as dead already. This will cause a subsequent os::free() or os::realloc() to trigger a false block integrity error. So, if realloc(3) fails, we need to revive the NMT header and re-account the original block.

      2) If handed in very large sizes, the size may overflow if the NMT header is added. The result would be that the VM reallocates to a much smaller buffer which would cause subsequent memory corruption if the caller were to use the buffer (same as JDK-8286519, but for realloc).

      3) If os::realloc() enlarges a buffer, the newly added memory should be zapped with uinitBlockPad as we do for os::malloc(). Of course we only can do this if NMT is enabled, otherwise we won't know the original block size.

            stuefe Thomas Stuefe
            stuefe Thomas Stuefe
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: