-
Bug
-
Resolution: Unresolved
-
P4
-
26
-
None
-
generic
-
generic
When building with gcc static analyzer enabled, we get the following warning.
Seems the warning is correct (but maybe too cautious).
We even have a check for NULL right in front of line 1121 :
https://github.com/openjdk/jdk/blob/02d7281b93296e7700e215804cb9e2f8341cab06/src/java.instrument/share/native/libinstrument/JPLISAgent.c#L1120
But the jplis_assert just prints a warning message.
The function retransformableEnvironment might return NULL in some special cases
https://github.com/openjdk/jdk/blob/02d7281b93296e7700e215804cb9e2f8341cab06/src/java.instrument/share/native/libinstrument/JPLISAgent.c#L1035
and it seems this is not perfectly handled.
GCC static analyzer warning output :
/jdk/src/java.instrument/share/native/libinstrument/JPLISAgent.c:1121:19: warning: dereference of NULL 'retransformerEnv' [CWE-476] [-Wanalyzer-null-dereference]
1121 | jvmtierror = (*retransformerEnv)->SetEventNotificationMode(
| ~^~~~~~~~~~~~~~~~~~
'setHasRetransformableTransformers': events 1-2
|
| 1116 | setHasRetransformableTransformers(JNIEnv * jnienv, JPLISAgent * agent, jboolean has) {
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (1) entry to 'setHasRetransformableTransformers'
| 1117 | jvmtiEnv * retransformerEnv = retransformableEnvironment(agent);
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (2) calling 'retransformableEnvironment' from 'setHasRetransformableTransformers'
|
+--> 'retransformableEnvironment': events 3-6
|
| 1021 | retransformableEnvironment(JPLISAgent * agent) {
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (3) entry to 'retransformableEnvironment'
| 1022 | jvmtiEnv * retransformerEnv = NULL;
| | ~~~~~~~~~~~~~~~~
| | |
| | (4) 'retransformerEnv' is NULL
|......
| 1028 | if (agent->mRetransformEnvironment.mJVMTIEnv != NULL) {
| | ~
| | |
| | (5) following 'false' branch...
|......
| 1031 | jnierror = (*agent->mJVM)->GetEnv( agent->mJVM,
| | ~~~~~~~~
| | |
| | (6) ...to here
|
<------+
|
'setHasRetransformableTransformers': events 7-8
|
| 1117 | jvmtiEnv * retransformerEnv = retransformableEnvironment(agent);
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (7) return of NULL to 'setHasRetransformableTransformers' from 'retransformableEnvironment'
|......
| 1121 | jvmtierror = (*retransformerEnv)->SetEventNotificationMode(
| | ~~~~~~~~~~~~~~~~~~~
| | |
| | (8) dereference of NULL 'retransformerEnv'
|
Seems the warning is correct (but maybe too cautious).
We even have a check for NULL right in front of line 1121 :
https://github.com/openjdk/jdk/blob/02d7281b93296e7700e215804cb9e2f8341cab06/src/java.instrument/share/native/libinstrument/JPLISAgent.c#L1120
But the jplis_assert just prints a warning message.
The function retransformableEnvironment might return NULL in some special cases
https://github.com/openjdk/jdk/blob/02d7281b93296e7700e215804cb9e2f8341cab06/src/java.instrument/share/native/libinstrument/JPLISAgent.c#L1035
and it seems this is not perfectly handled.
GCC static analyzer warning output :
/jdk/src/java.instrument/share/native/libinstrument/JPLISAgent.c:1121:19: warning: dereference of NULL 'retransformerEnv' [CWE-476] [-Wanalyzer-null-dereference]
1121 | jvmtierror = (*retransformerEnv)->SetEventNotificationMode(
| ~^~~~~~~~~~~~~~~~~~
'setHasRetransformableTransformers': events 1-2
|
| 1116 | setHasRetransformableTransformers(JNIEnv * jnienv, JPLISAgent * agent, jboolean has) {
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (1) entry to 'setHasRetransformableTransformers'
| 1117 | jvmtiEnv * retransformerEnv = retransformableEnvironment(agent);
| | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (2) calling 'retransformableEnvironment' from 'setHasRetransformableTransformers'
|
+--> 'retransformableEnvironment': events 3-6
|
| 1021 | retransformableEnvironment(JPLISAgent * agent) {
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (3) entry to 'retransformableEnvironment'
| 1022 | jvmtiEnv * retransformerEnv = NULL;
| | ~~~~~~~~~~~~~~~~
| | |
| | (4) 'retransformerEnv' is NULL
|......
| 1028 | if (agent->mRetransformEnvironment.mJVMTIEnv != NULL) {
| | ~
| | |
| | (5) following 'false' branch...
|......
| 1031 | jnierror = (*agent->mJVM)->GetEnv( agent->mJVM,
| | ~~~~~~~~
| | |
| | (6) ...to here
|
<------+
|
'setHasRetransformableTransformers': events 7-8
|
| 1117 | jvmtiEnv * retransformerEnv = retransformableEnvironment(agent);
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | |
| | (7) return of NULL to 'setHasRetransformableTransformers' from 'retransformableEnvironment'
|......
| 1121 | jvmtierror = (*retransformerEnv)->SetEventNotificationMode(
| | ~~~~~~~~~~~~~~~~~~~
| | |
| | (8) dereference of NULL 'retransformerEnv'
|
- relates to
-
JDK-8362516 Support of GCC static analyzer (-fanalyzer)
-
- Resolved
-