Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8312456

Potential null pointer access in LoadNode::split_through_phi after JDK-8287061

XMLWordPrintable

      SonarCloud reports "base" can be null on this path after JDK-8287061:

      ```
        Node* phi = nullptr;
        const Type* this_type = this->bottom_type();
        PhaseIterGVN* igvn = phase->is_IterGVN();
        if (t_oop != nullptr && (t_oop->is_known_instance_field() || load_boxed_values)) {
          int this_index = C->get_alias_index(t_oop);
          int this_offset = t_oop->offset();
          int this_iid = t_oop->is_known_instance_field() ? t_oop->instance_id() : base->_idx; // <------ HERE
          phi = new PhiNode(region, this_type, nullptr, mem->_idx, this_iid, this_index, this_offset);
        } else if (ignore_missing_instance_id) {
          phi = new PhiNode(region, this_type, nullptr, mem->_idx);
        } else {
          return nullptr;
        }
      ```

      This might be a false positive, but I don't clearly see what guarantees `base` not to be `nullptr` on that path. Previous code checks for `base_is_phi` (which does the nullcheck for `base`) before accessing `base` fields.

      Is this a bug, Cesar? Feel free to close as "Not an Issue" if this is a false positive.

            cslucas Cesar Soares
            shade Aleksey Shipilev
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: