-
Type:
Bug
-
Resolution: Duplicate
-
Priority:
P4
-
None
-
Affects Version/s: None
-
Component/s: core-libs
-
arm
-
os_x
Using ASAN build of JDK on macosx-aarch64, the test raises the heap-use-after-free error caught by ASAN:
----------System.err:(685/50248)----------
[22:34:49.286] STARTED TestSharedCloseJvmti::eventDuringScopedAccess 'eventDuringScopedAccess()'
[fork] Exception in thread "Trigger" jdk.internal.misc.ScopedMemoryAccess$ScopedAccessError: Invalid memory access
[fork] =================================================================
[fork] ==74804==ERROR: AddressSanitizer: heap-use-after-free on address 0x00013f289a50 at pc 0x0001187552dc bp 0x00016dde14f0 sp 0x00016dde14e8
[fork] READ of size 4 at 0x00013f289a50 thread T23
[fork] #0 0x1187552d8 in MemoryAccess<int>::get()+0x14c (libjvm.dylib:arm64+0x33852d8)
[fork] #1 0x1187466b4 in Unsafe_GetInt(JNIEnv_*, _jobject*, _jobject*, long)+0x254 (libjvm.dylib:arm64+0x33766b4)
[fork] #2 0x12d909f04 (<unknown module>)
[fork] #3 0x12d904d5c (<unknown module>)
[fork] #4 0x12d904d5c (<unknown module>)
[fork] #5 0x12d904d5c (<unknown module>)
[fork] #6 0x12d904d5c (<unknown module>)
[fork] #7 0x12d904d5c (<unknown module>)
[fork] #8 0x12d904d5c (<unknown module>)
[fork] #9 0x12d904d5c (<unknown module>)
[fork] #10 0x12d904d5c (<unknown module>)
[fork] #11 0x12d9053f4 (<unknown module>)
[fork] #12 0x12d904f2c (<unknown module>)
[fork] #13 0x12d9055c4 (<unknown module>)
[fork] #14 0x12d904f2c (<unknown module>)
[fork] #15 0x12d900498 (<unknown module>)
[fork] #16 0x1170d8944 in JavaCalls::call_helper(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x8ac (libjvm.dylib:arm64+0x1d08944)
[fork] #17 0x117e9e7cc in os::os_exception_wrapper(void (*)(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*), JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x34 (libjvm.dylib:arm64+0x2ace7cc)
[fork] #18 0x1170d4d98 in JavaCalls::call(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x34 (libjvm.dylib:arm64+0x1d04d98)
[fork] #19 0x1170d46c4 in JavaCalls::call_virtual(JavaValue*, Klass*, Symbol*, Symbol*, JavaCallArguments*, JavaThread*)+0x370 (libjvm.dylib:arm64+0x1d046c4)
[fork] #20 0x1170d4f80 in JavaCalls::call_virtual(JavaValue*, Handle, Klass*, Symbol*, Symbol*, JavaThread*)+0x1d8 (libjvm.dylib:arm64+0x1d04f80)
[fork] #21 0x1173e6660 in thread_entry(JavaThread*, JavaThread*)+0x22c (libjvm.dylib:arm64+0x2016660)
[fork] #22 0x117118ab4 in JavaThread::thread_main_inner()+0x34c (libjvm.dylib:arm64+0x1d48ab4)
[fork] #23 0x1171183a4 in JavaThread::run()+0x464 (libjvm.dylib:arm64+0x1d483a4)
[fork] #24 0x1186781cc in Thread::call_run()+0x384 (libjvm.dylib:arm64+0x32a81cc)
[fork] #25 0x117e9644c in thread_native_entry(Thread*)+0x1f4 (libjvm.dylib:arm64+0x2ac644c)
[fork] #26 0x18d2b1c04 in _pthread_start+0x84 (libsystem_pthread.dylib:arm64e+0x6c04)
[fork] #27 0x18d2acba4 in thread_start+0x4 (libsystem_pthread.dylib:arm64e+0x1ba4)
[fork] 0x00013f289a50 is located 16 bytes inside of 26-byte region [0x00013f289a40,0x00013f289a5a)
[fork] freed by thread T2 here:
[fork] #0 0x104ecb260 in wrap_free+0x98 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x53260)
[fork] #1 0x1164e42d4 in permit_forbidden_function::free(void*)+0x14 (libjvm.dylib:arm64+0x11142d4)
[fork] #2 0x117e848c8 in os::free(void*)+0x5c (libjvm.dylib:arm64+0x2ab48c8)
[fork] #3 0x118749e58 in Unsafe_FreeMemory0(JNIEnv_*, _jobject*, long)+0xe8 (libjvm.dylib:arm64+0x3379e58)
[fork] #4 0x12d909f04 (<unknown module>)
[fork] #5 0x12d904f2c (<unknown module>)
[fork] #6 0x12d904f2c (<unknown module>)
[fork] #7 0x12d904f2c (<unknown module>)
[fork] #8 0x12d904c54 (<unknown module>)
[fork] #9 0x12d904f2c (<unknown module>)
[fork] #10 0x12d904f2c (<unknown module>)
[fork] #11 0x12d904f2c (<unknown module>)
[fork] #12 0x12d904f2c (<unknown module>)
[fork] #13 0x12d9055c4 (<unknown module>)
[fork] #14 0x12d900498 (<unknown module>)
[fork] #15 0x1170d8944 in JavaCalls::call_helper(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x8ac (libjvm.dylib:arm64+0x1d08944)
[fork] #16 0x117e9e7cc in os::os_exception_wrapper(void (*)(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*), JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x34 (libjvm.dylib:arm64+0x2ace7cc)
[fork] #17 0x1170d4d98 in JavaCalls::call(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x34 (libjvm.dylib:arm64+0x1d04d98)
[fork] #18 0x1173254e4 in jni_invoke_static(JNIEnv_*, JavaValue*, _jobject*, JNICallType, _jmethodID*, JNI_ArgumentPusher*, JavaThread*)+0x2cc (libjvm.dylib:arm64+0x1f554e4)
[fork] #19 0x117330f18 in jni_CallStaticVoidMethodV+0x38c (libjvm.dylib:arm64+0x1f60f18)
[fork] #20 0x117393030 in checked_jni_CallStaticVoidMethod+0x428 (libjvm.dylib:arm64+0x1fc3030)
[fork] #21 0x1049542a4 in invokeStaticMainWithArgs+0x188 (libjli.dylib:arm64+0x242a4)
[fork] #22 0x104959050 in JavaMain+0x44ec (libjli.dylib:arm64+0x29050)
[fork] #23 0x104966b28 in ThreadJavaMain+0x24 (libjli.dylib:arm64+0x36b28)
[fork] #24 0x18d2b1c04 in _pthread_start+0x84 (libsystem_pthread.dylib:arm64e+0x6c04)
[fork] #25 0x18d2acba4 in thread_start+0x4 (libsystem_pthread.dylib:arm64e+0x1ba4)
[fork] previously allocated by thread T2 here:
[fork] #0 0x104ecb124 in wrap_malloc+0x94 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x53124)
[fork] #1 0x1179a30ec in permit_forbidden_function::malloc(unsigned long)+0x14 (libjvm.dylib:arm64+0x25d30ec)
[fork] #2 0x117e83340 in os::malloc(unsigned long, MemTag, NativeCallStack const&)+0x1d0 (libjvm.dylib:arm64+0x2ab3340)
[fork] #3 0x117e8307c in os::malloc(unsigned long, MemTag)+0xf8 (libjvm.dylib:arm64+0x2ab307c)
[fork] #4 0x118749b18 in Unsafe_AllocateMemory0(JNIEnv_*, _jobject*, long)+0x148 (libjvm.dylib:arm64+0x3379b18)
[fork] #5 0x12d909f04 (<unknown module>)
[fork] #6 0x12d904dd0 (<unknown module>)
[fork] #7 0x12d904dd0 (<unknown module>)
[fork] #8 0x12d904dd0 (<unknown module>)
[fork] #9 0x12d904dd0 (<unknown module>)
[fork] #10 0x12d904c54 (<unknown module>)
[fork] #11 0x12d904c54 (<unknown module>)
[fork] #12 0x12d9052ec (<unknown module>)
[fork] #13 0x12d9052ec (<unknown module>)
[fork] #14 0x12d900498 (<unknown module>)
[fork] #15 0x1170d8944 in JavaCalls::call_helper(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x8ac (libjvm.dylib:arm64+0x1d08944)
[fork] #16 0x117e9e7cc in os::os_exception_wrapper(void (*)(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*), JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x34 (libjvm.dylib:arm64+0x2ace7cc)
[fork] #17 0x1170d4d98 in JavaCalls::call(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x34 (libjvm.dylib:arm64+0x1d04d98)
[fork] #18 0x1173254e4 in jni_invoke_static(JNIEnv_*, JavaValue*, _jobject*, JNICallType, _jmethodID*, JNI_ArgumentPusher*, JavaThread*)+0x2cc (libjvm.dylib:arm64+0x1f554e4)
[fork] #19 0x117330f18 in jni_CallStaticVoidMethodV+0x38c (libjvm.dylib:arm64+0x1f60f18)
[fork] #20 0x117393030 in checked_jni_CallStaticVoidMethod+0x428 (libjvm.dylib:arm64+0x1fc3030)
[fork] #21 0x1049542a4 in invokeStaticMainWithArgs+0x188 (libjli.dylib:arm64+0x242a4)
[fork] #22 0x104959050 in JavaMain+0x44ec (libjli.dylib:arm64+0x29050)
[fork] #23 0x104966b28 in ThreadJavaMain+0x24 (libjli.dylib:arm64+0x36b28)
[fork] #24 0x18d2b1c04 in _pthread_start+0x84 (libsystem_pthread.dylib:arm64e+0x6c04)
[fork] #25 0x18d2acba4 in thread_start+0x4 (libsystem_pthread.dylib:arm64e+0x1ba4)
[fork] Thread T23 created by T2 here:
[fork] #0 0x104ec3d6c in wrap_pthread_create+0x54 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x4bd6c)
[fork] #1 0x117e95b8c in os::create_thread(Thread*, os::ThreadType, unsigned long)+0x4d4 (libjvm.dylib:arm64+0x2ac5b8c)
[fork] #2 0x117117660 in JavaThread::JavaThread(void (*)(JavaThread*, JavaThread*), unsigned long, MemTag)+0x7c (libjvm.dylib:arm64+0x1d47660)
[fork] #3 0x1173e6134 in JVM_StartThread+0x534 (libjvm.dylib:arm64+0x2016134)
[fork] #4 0x12d909f04 (<unknown module>)
[fork] #5 0x12d904f2c (<unknown module>)
[fork] #6 0x12d904f2c (<unknown module>)
[fork] #7 0x12d9052ec (<unknown module>)
[fork] #8 0x12d900498 (<unknown module>)
[fork] #9 0x1170d8944 in JavaCalls::call_helper(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x8ac (libjvm.dylib:arm64+0x1d08944)
[fork] #10 0x117e9e7cc in os::os_exception_wrapper(void (*)(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*), JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x34 (libjvm.dylib:arm64+0x2ace7cc)
[fork] #11 0x1170d4d98 in JavaCalls::call(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x34 (libjvm.dylib:arm64+0x1d04d98)
[fork] #12 0x1173254e4 in jni_invoke_static(JNIEnv_*, JavaValue*, _jobject*, JNICallType, _jmethodID*, JNI_ArgumentPusher*, JavaThread*)+0x2cc (libjvm.dylib:arm64+0x1f554e4)
[fork] #13 0x117330f18 in jni_CallStaticVoidMethodV+0x38c (libjvm.dylib:arm64+0x1f60f18)
[fork] #14 0x117393030 in checked_jni_CallStaticVoidMethod+0x428 (libjvm.dylib:arm64+0x1fc3030)
[fork] #15 0x1049542a4 in invokeStaticMainWithArgs+0x188 (libjli.dylib:arm64+0x242a4)
[fork] #16 0x104959050 in JavaMain+0x44ec (libjli.dylib:arm64+0x29050)
[fork] #17 0x104966b28 in ThreadJavaMain+0x24 (libjli.dylib:arm64+0x36b28)
[fork] #18 0x18d2b1c04 in _pthread_start+0x84 (libsystem_pthread.dylib:arm64e+0x6c04)
[fork] #19 0x18d2acba4 in thread_start+0x4 (libsystem_pthread.dylib:arm64e+0x1ba4)
[fork] Thread T2 created by T1 here:
[fork] #0 0x104ec3d6c in wrap_pthread_create+0x54 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x4bd6c)
[fork] #1 0x104966878 in CallJavaMainInNewThread+0x194 (libjli.dylib:arm64+0x36878)
[fork] #2 0x104960028 in ContinueInNewThread+0x4b0 (libjli.dylib:arm64+0x30028)
[fork] #3 0x104967648 in JVMInit+0x874 (libjli.dylib:arm64+0x37648)
[fork] #4 0x10495021c in JLI_Launch+0xd88 (libjli.dylib:arm64+0x2021c)
[fork] #5 0x10489f558 in main+0x50c (java:arm64+0x100003558)
[fork] #6 0x1049698ec in apple_main+0x14c (libjli.dylib:arm64+0x398ec)
[fork] #7 0x18d2b1c04 in _pthread_start+0x84 (libsystem_pthread.dylib:arm64e+0x6c04)
[fork] #8 0x18d2acba4 in thread_start+0x4 (libsystem_pthread.dylib:arm64e+0x1ba4)
[fork] Thread T1 created by T0 here:
[fork] #0 0x104ec3d6c in wrap_pthread_create+0x54 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x4bd6c)
[fork] #1 0x104965e48 in MacOSXStartup+0x20c (libjli.dylib:arm64+0x35e48)
[fork] #2 0x104964ca4 in CreateExecutionEnvironment+0x308 (libjli.dylib:arm64+0x34ca4)
[fork] #3 0x10494fc1c in JLI_Launch+0x788 (libjli.dylib:arm64+0x1fc1c)
[fork] #4 0x10489f558 in main+0x50c (java:arm64+0x100003558)
[fork] #5 0x18cee9d50 (<unknown module>)
[fork] SUMMARY: AddressSanitizer: heap-use-after-free (libjvm.dylib:arm64+0x33852d8) in MemoryAccess<int>::get()+0x14c
[fork] Shadow bytes around the buggy address:
[fork] 0x00013f289780: fd fd fa fa fd fd fd fd fa fa fd fd fd fd fa fa
[fork] 0x00013f289800: fd fd fd fd fa fa fd fd fd fd fa fa fd fd fd fd
[fork] 0x00013f289880: fa fa fd fd fd fd fa fa fd fd fd fd fa fa 00 00
[fork] 0x00013f289900: 00 06 fa fa 00 00 00 06 fa fa 00 00 00 02 fa fa
[fork] 0x00013f289980: fd fd fd fd fa fa fd fd fd fd fa fa fd fd fd fd
[fork] =>0x00013f289a00: fa fa fd fd fd fa fa fa fd fd[fd]fd fa fa fd fd
[fork] 0x00013f289a80: fd fd fa fa fd fd fd fd fa fa fd fd fd fa fa fa
[fork] 0x00013f289b00: fd fd fd fa fa fa fd fd fd fd fa fa fd fd fd fd
[fork] 0x00013f289b80: fa fa fd fd fd fd fa fa fd fd fd fd fa fa fd fd
[fork] 0x00013f289c00: fd fd fa fa fd fd fd fa fa fa fd fd fd fa fa fa
[fork] 0x00013f289c80: fd fd fd fd fa fa fd fd fd fa fa fa fd fd fd fd
[fork] Shadow byte legend (one shadow byte represents 8 application bytes):
[fork] Addressable: 00
[fork] Partially addressable: 01 02 03 04 05 06 07
[fork] Heap left redzone: fa
[fork] Freed heap region: fd
[fork] Stack left redzone: f1
[fork] Stack mid redzone: f2
[fork] Stack right redzone: f3
[fork] Stack after return: f5
[fork] Stack use after scope: f8
[fork] Global redzone: f9
[fork] Global init order: f6
[fork] Poisoned by user: f7
[fork] Container overflow: fc
[fork] Array cookie: ac
[fork] Intra object redzone: bb
[fork] ASan internal: fe
[fork] Left alloca redzone: ca
[fork] Right alloca redzone: cb
[fork] JVM caught ASAN Error
----------System.err:(685/50248)----------
[22:34:49.286] STARTED TestSharedCloseJvmti::eventDuringScopedAccess 'eventDuringScopedAccess()'
[fork] Exception in thread "Trigger" jdk.internal.misc.ScopedMemoryAccess$ScopedAccessError: Invalid memory access
[fork] =================================================================
[fork] ==74804==ERROR: AddressSanitizer: heap-use-after-free on address 0x00013f289a50 at pc 0x0001187552dc bp 0x00016dde14f0 sp 0x00016dde14e8
[fork] READ of size 4 at 0x00013f289a50 thread T23
[fork] #0 0x1187552d8 in MemoryAccess<int>::get()+0x14c (libjvm.dylib:arm64+0x33852d8)
[fork] #1 0x1187466b4 in Unsafe_GetInt(JNIEnv_*, _jobject*, _jobject*, long)+0x254 (libjvm.dylib:arm64+0x33766b4)
[fork] #2 0x12d909f04 (<unknown module>)
[fork] #3 0x12d904d5c (<unknown module>)
[fork] #4 0x12d904d5c (<unknown module>)
[fork] #5 0x12d904d5c (<unknown module>)
[fork] #6 0x12d904d5c (<unknown module>)
[fork] #7 0x12d904d5c (<unknown module>)
[fork] #8 0x12d904d5c (<unknown module>)
[fork] #9 0x12d904d5c (<unknown module>)
[fork] #10 0x12d904d5c (<unknown module>)
[fork] #11 0x12d9053f4 (<unknown module>)
[fork] #12 0x12d904f2c (<unknown module>)
[fork] #13 0x12d9055c4 (<unknown module>)
[fork] #14 0x12d904f2c (<unknown module>)
[fork] #15 0x12d900498 (<unknown module>)
[fork] #16 0x1170d8944 in JavaCalls::call_helper(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x8ac (libjvm.dylib:arm64+0x1d08944)
[fork] #17 0x117e9e7cc in os::os_exception_wrapper(void (*)(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*), JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x34 (libjvm.dylib:arm64+0x2ace7cc)
[fork] #18 0x1170d4d98 in JavaCalls::call(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x34 (libjvm.dylib:arm64+0x1d04d98)
[fork] #19 0x1170d46c4 in JavaCalls::call_virtual(JavaValue*, Klass*, Symbol*, Symbol*, JavaCallArguments*, JavaThread*)+0x370 (libjvm.dylib:arm64+0x1d046c4)
[fork] #20 0x1170d4f80 in JavaCalls::call_virtual(JavaValue*, Handle, Klass*, Symbol*, Symbol*, JavaThread*)+0x1d8 (libjvm.dylib:arm64+0x1d04f80)
[fork] #21 0x1173e6660 in thread_entry(JavaThread*, JavaThread*)+0x22c (libjvm.dylib:arm64+0x2016660)
[fork] #22 0x117118ab4 in JavaThread::thread_main_inner()+0x34c (libjvm.dylib:arm64+0x1d48ab4)
[fork] #23 0x1171183a4 in JavaThread::run()+0x464 (libjvm.dylib:arm64+0x1d483a4)
[fork] #24 0x1186781cc in Thread::call_run()+0x384 (libjvm.dylib:arm64+0x32a81cc)
[fork] #25 0x117e9644c in thread_native_entry(Thread*)+0x1f4 (libjvm.dylib:arm64+0x2ac644c)
[fork] #26 0x18d2b1c04 in _pthread_start+0x84 (libsystem_pthread.dylib:arm64e+0x6c04)
[fork] #27 0x18d2acba4 in thread_start+0x4 (libsystem_pthread.dylib:arm64e+0x1ba4)
[fork] 0x00013f289a50 is located 16 bytes inside of 26-byte region [0x00013f289a40,0x00013f289a5a)
[fork] freed by thread T2 here:
[fork] #0 0x104ecb260 in wrap_free+0x98 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x53260)
[fork] #1 0x1164e42d4 in permit_forbidden_function::free(void*)+0x14 (libjvm.dylib:arm64+0x11142d4)
[fork] #2 0x117e848c8 in os::free(void*)+0x5c (libjvm.dylib:arm64+0x2ab48c8)
[fork] #3 0x118749e58 in Unsafe_FreeMemory0(JNIEnv_*, _jobject*, long)+0xe8 (libjvm.dylib:arm64+0x3379e58)
[fork] #4 0x12d909f04 (<unknown module>)
[fork] #5 0x12d904f2c (<unknown module>)
[fork] #6 0x12d904f2c (<unknown module>)
[fork] #7 0x12d904f2c (<unknown module>)
[fork] #8 0x12d904c54 (<unknown module>)
[fork] #9 0x12d904f2c (<unknown module>)
[fork] #10 0x12d904f2c (<unknown module>)
[fork] #11 0x12d904f2c (<unknown module>)
[fork] #12 0x12d904f2c (<unknown module>)
[fork] #13 0x12d9055c4 (<unknown module>)
[fork] #14 0x12d900498 (<unknown module>)
[fork] #15 0x1170d8944 in JavaCalls::call_helper(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x8ac (libjvm.dylib:arm64+0x1d08944)
[fork] #16 0x117e9e7cc in os::os_exception_wrapper(void (*)(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*), JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x34 (libjvm.dylib:arm64+0x2ace7cc)
[fork] #17 0x1170d4d98 in JavaCalls::call(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x34 (libjvm.dylib:arm64+0x1d04d98)
[fork] #18 0x1173254e4 in jni_invoke_static(JNIEnv_*, JavaValue*, _jobject*, JNICallType, _jmethodID*, JNI_ArgumentPusher*, JavaThread*)+0x2cc (libjvm.dylib:arm64+0x1f554e4)
[fork] #19 0x117330f18 in jni_CallStaticVoidMethodV+0x38c (libjvm.dylib:arm64+0x1f60f18)
[fork] #20 0x117393030 in checked_jni_CallStaticVoidMethod+0x428 (libjvm.dylib:arm64+0x1fc3030)
[fork] #21 0x1049542a4 in invokeStaticMainWithArgs+0x188 (libjli.dylib:arm64+0x242a4)
[fork] #22 0x104959050 in JavaMain+0x44ec (libjli.dylib:arm64+0x29050)
[fork] #23 0x104966b28 in ThreadJavaMain+0x24 (libjli.dylib:arm64+0x36b28)
[fork] #24 0x18d2b1c04 in _pthread_start+0x84 (libsystem_pthread.dylib:arm64e+0x6c04)
[fork] #25 0x18d2acba4 in thread_start+0x4 (libsystem_pthread.dylib:arm64e+0x1ba4)
[fork] previously allocated by thread T2 here:
[fork] #0 0x104ecb124 in wrap_malloc+0x94 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x53124)
[fork] #1 0x1179a30ec in permit_forbidden_function::malloc(unsigned long)+0x14 (libjvm.dylib:arm64+0x25d30ec)
[fork] #2 0x117e83340 in os::malloc(unsigned long, MemTag, NativeCallStack const&)+0x1d0 (libjvm.dylib:arm64+0x2ab3340)
[fork] #3 0x117e8307c in os::malloc(unsigned long, MemTag)+0xf8 (libjvm.dylib:arm64+0x2ab307c)
[fork] #4 0x118749b18 in Unsafe_AllocateMemory0(JNIEnv_*, _jobject*, long)+0x148 (libjvm.dylib:arm64+0x3379b18)
[fork] #5 0x12d909f04 (<unknown module>)
[fork] #6 0x12d904dd0 (<unknown module>)
[fork] #7 0x12d904dd0 (<unknown module>)
[fork] #8 0x12d904dd0 (<unknown module>)
[fork] #9 0x12d904dd0 (<unknown module>)
[fork] #10 0x12d904c54 (<unknown module>)
[fork] #11 0x12d904c54 (<unknown module>)
[fork] #12 0x12d9052ec (<unknown module>)
[fork] #13 0x12d9052ec (<unknown module>)
[fork] #14 0x12d900498 (<unknown module>)
[fork] #15 0x1170d8944 in JavaCalls::call_helper(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x8ac (libjvm.dylib:arm64+0x1d08944)
[fork] #16 0x117e9e7cc in os::os_exception_wrapper(void (*)(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*), JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x34 (libjvm.dylib:arm64+0x2ace7cc)
[fork] #17 0x1170d4d98 in JavaCalls::call(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x34 (libjvm.dylib:arm64+0x1d04d98)
[fork] #18 0x1173254e4 in jni_invoke_static(JNIEnv_*, JavaValue*, _jobject*, JNICallType, _jmethodID*, JNI_ArgumentPusher*, JavaThread*)+0x2cc (libjvm.dylib:arm64+0x1f554e4)
[fork] #19 0x117330f18 in jni_CallStaticVoidMethodV+0x38c (libjvm.dylib:arm64+0x1f60f18)
[fork] #20 0x117393030 in checked_jni_CallStaticVoidMethod+0x428 (libjvm.dylib:arm64+0x1fc3030)
[fork] #21 0x1049542a4 in invokeStaticMainWithArgs+0x188 (libjli.dylib:arm64+0x242a4)
[fork] #22 0x104959050 in JavaMain+0x44ec (libjli.dylib:arm64+0x29050)
[fork] #23 0x104966b28 in ThreadJavaMain+0x24 (libjli.dylib:arm64+0x36b28)
[fork] #24 0x18d2b1c04 in _pthread_start+0x84 (libsystem_pthread.dylib:arm64e+0x6c04)
[fork] #25 0x18d2acba4 in thread_start+0x4 (libsystem_pthread.dylib:arm64e+0x1ba4)
[fork] Thread T23 created by T2 here:
[fork] #0 0x104ec3d6c in wrap_pthread_create+0x54 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x4bd6c)
[fork] #1 0x117e95b8c in os::create_thread(Thread*, os::ThreadType, unsigned long)+0x4d4 (libjvm.dylib:arm64+0x2ac5b8c)
[fork] #2 0x117117660 in JavaThread::JavaThread(void (*)(JavaThread*, JavaThread*), unsigned long, MemTag)+0x7c (libjvm.dylib:arm64+0x1d47660)
[fork] #3 0x1173e6134 in JVM_StartThread+0x534 (libjvm.dylib:arm64+0x2016134)
[fork] #4 0x12d909f04 (<unknown module>)
[fork] #5 0x12d904f2c (<unknown module>)
[fork] #6 0x12d904f2c (<unknown module>)
[fork] #7 0x12d9052ec (<unknown module>)
[fork] #8 0x12d900498 (<unknown module>)
[fork] #9 0x1170d8944 in JavaCalls::call_helper(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x8ac (libjvm.dylib:arm64+0x1d08944)
[fork] #10 0x117e9e7cc in os::os_exception_wrapper(void (*)(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*), JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x34 (libjvm.dylib:arm64+0x2ace7cc)
[fork] #11 0x1170d4d98 in JavaCalls::call(JavaValue*, methodHandle const&, JavaCallArguments*, JavaThread*)+0x34 (libjvm.dylib:arm64+0x1d04d98)
[fork] #12 0x1173254e4 in jni_invoke_static(JNIEnv_*, JavaValue*, _jobject*, JNICallType, _jmethodID*, JNI_ArgumentPusher*, JavaThread*)+0x2cc (libjvm.dylib:arm64+0x1f554e4)
[fork] #13 0x117330f18 in jni_CallStaticVoidMethodV+0x38c (libjvm.dylib:arm64+0x1f60f18)
[fork] #14 0x117393030 in checked_jni_CallStaticVoidMethod+0x428 (libjvm.dylib:arm64+0x1fc3030)
[fork] #15 0x1049542a4 in invokeStaticMainWithArgs+0x188 (libjli.dylib:arm64+0x242a4)
[fork] #16 0x104959050 in JavaMain+0x44ec (libjli.dylib:arm64+0x29050)
[fork] #17 0x104966b28 in ThreadJavaMain+0x24 (libjli.dylib:arm64+0x36b28)
[fork] #18 0x18d2b1c04 in _pthread_start+0x84 (libsystem_pthread.dylib:arm64e+0x6c04)
[fork] #19 0x18d2acba4 in thread_start+0x4 (libsystem_pthread.dylib:arm64e+0x1ba4)
[fork] Thread T2 created by T1 here:
[fork] #0 0x104ec3d6c in wrap_pthread_create+0x54 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x4bd6c)
[fork] #1 0x104966878 in CallJavaMainInNewThread+0x194 (libjli.dylib:arm64+0x36878)
[fork] #2 0x104960028 in ContinueInNewThread+0x4b0 (libjli.dylib:arm64+0x30028)
[fork] #3 0x104967648 in JVMInit+0x874 (libjli.dylib:arm64+0x37648)
[fork] #4 0x10495021c in JLI_Launch+0xd88 (libjli.dylib:arm64+0x2021c)
[fork] #5 0x10489f558 in main+0x50c (java:arm64+0x100003558)
[fork] #6 0x1049698ec in apple_main+0x14c (libjli.dylib:arm64+0x398ec)
[fork] #7 0x18d2b1c04 in _pthread_start+0x84 (libsystem_pthread.dylib:arm64e+0x6c04)
[fork] #8 0x18d2acba4 in thread_start+0x4 (libsystem_pthread.dylib:arm64e+0x1ba4)
[fork] Thread T1 created by T0 here:
[fork] #0 0x104ec3d6c in wrap_pthread_create+0x54 (libclang_rt.asan_osx_dynamic.dylib:arm64e+0x4bd6c)
[fork] #1 0x104965e48 in MacOSXStartup+0x20c (libjli.dylib:arm64+0x35e48)
[fork] #2 0x104964ca4 in CreateExecutionEnvironment+0x308 (libjli.dylib:arm64+0x34ca4)
[fork] #3 0x10494fc1c in JLI_Launch+0x788 (libjli.dylib:arm64+0x1fc1c)
[fork] #4 0x10489f558 in main+0x50c (java:arm64+0x100003558)
[fork] #5 0x18cee9d50 (<unknown module>)
[fork] SUMMARY: AddressSanitizer: heap-use-after-free (libjvm.dylib:arm64+0x33852d8) in MemoryAccess<int>::get()+0x14c
[fork] Shadow bytes around the buggy address:
[fork] 0x00013f289780: fd fd fa fa fd fd fd fd fa fa fd fd fd fd fa fa
[fork] 0x00013f289800: fd fd fd fd fa fa fd fd fd fd fa fa fd fd fd fd
[fork] 0x00013f289880: fa fa fd fd fd fd fa fa fd fd fd fd fa fa 00 00
[fork] 0x00013f289900: 00 06 fa fa 00 00 00 06 fa fa 00 00 00 02 fa fa
[fork] 0x00013f289980: fd fd fd fd fa fa fd fd fd fd fa fa fd fd fd fd
[fork] =>0x00013f289a00: fa fa fd fd fd fa fa fa fd fd[fd]fd fa fa fd fd
[fork] 0x00013f289a80: fd fd fa fa fd fd fd fd fa fa fd fd fd fa fa fa
[fork] 0x00013f289b00: fd fd fd fa fa fa fd fd fd fd fa fa fd fd fd fd
[fork] 0x00013f289b80: fa fa fd fd fd fd fa fa fd fd fd fd fa fa fd fd
[fork] 0x00013f289c00: fd fd fa fa fd fd fd fa fa fa fd fd fd fa fa fa
[fork] 0x00013f289c80: fd fd fd fd fa fa fd fd fd fa fa fa fd fd fd fd
[fork] Shadow byte legend (one shadow byte represents 8 application bytes):
[fork] Addressable: 00
[fork] Partially addressable: 01 02 03 04 05 06 07
[fork] Heap left redzone: fa
[fork] Freed heap region: fd
[fork] Stack left redzone: f1
[fork] Stack mid redzone: f2
[fork] Stack right redzone: f3
[fork] Stack after return: f5
[fork] Stack use after scope: f8
[fork] Global redzone: f9
[fork] Global init order: f6
[fork] Poisoned by user: f7
[fork] Container overflow: fc
[fork] Array cookie: ac
[fork] Intra object redzone: bb
[fork] ASan internal: fe
[fork] Left alloca redzone: ca
[fork] Right alloca redzone: cb
[fork] JVM caught ASAN Error
- duplicates
-
-
- In Progress
-