Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: P4
Fix Version/s: 21
Affects Version/s: 11, 17, 21
Component/s: hotspot
Labels:

Subcomponent:
compiler
Resolved In Build:
b11

Issue	Fix Version	Assignee	Priority	Status	Resolution	Resolved In Build
JDK-8307026	20u-cpu	Tobias Hartmann	P4	Resolved	Fixed	master
JDK-8305547	20.0.2	Tobias Hartmann	P4	Resolved	Fixed	b03
JDK-8305129	17.0.8-oracle	Tobias Hartmann	P4	Resolved	Fixed	b01
JDK-8306830	17.0.8	Goetz Lindenmaier	P4	Resolved	Fixed	b01

See the conversion in https://mail.openjdk.org/pipermail/hotspot-compiler-dev/2023-February/062495.html and its related links.

There is a use-after-free bug in Node::destruct. The storage for Node is passed to `Afree` and then subsequently referenced. Currently none of the methods called happen to allocate, which is good, however this is not guaranteed and could change in the future. The call to `Afree` should be moved to the bottom of the method after calling of other methods.

backported by

JDK-8305129 use-after-free in Node::destruct

Resolved

JDK-8305547 use-after-free in Node::destruct

Resolved

JDK-8306830 use-after-free in Node::destruct

Resolved

JDK-8307026 use-after-free in Node::destruct

Resolved

relates to

JDK-8298984 Suspicious logic in C2

Open

JDK-8270028 applications/ctw/modules/java_xml.java failed with SIGSEGV in medium_free_list_remove_ptr_no_clear

Closed

links to

Commit openjdk/jdk17u-dev/24e91c1e

Commit openjdk/jdk20u/fcd422da

Commit openjdk/jdk/2e3cea01

Review openjdk/jdk17u-dev/1286

Review openjdk/jdk20u/28

Review openjdk/jdk/12577

(1 relates to, 6 links to)

Assignee:: Justin King
Reporter:: Justin King
Votes:: 0 Vote for this issue
Watchers:: 6 Start watching this issue

Created:: 2023-02-15 08:24
Updated:: 2023-04-27 07:01
Resolved:: 2023-02-16 06:16

Details

Backports

Description

Attachments

Issue Links

Activity

People

Dates