From 0199fee431e0dccdd570b38595ea29c760dbed44 Mon Sep 17 00:00:00 2001 From: Martin Doerr Date: Tue, 18 Jun 2024 06:48:26 +0000 Subject: [PATCH] 8333639: ubsan: cppVtables.cpp:81:55: runtime error: index 14 out of bounds for type 'long int [1]' Reviewed-by: aboldtch, mbaesken, kbarrett --- src/hotspot/share/cds/cppVtables.cpp | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/src/hotspot/share/cds/cppVtables.cpp b/src/hotspot/share/cds/cppVtables.cpp index f17d94a82fd..6dd5e65ae43 100644 --- a/src/hotspot/share/cds/cppVtables.cpp +++ b/src/hotspot/share/cds/cppVtables.cpp @@ -66,19 +66,17 @@ class CppVtableInfo { intptr_t _vtable_size; - intptr_t _cloned_vtable[1]; + intptr_t _cloned_vtable[1]; // Pseudo flexible array member. + static size_t cloned_vtable_offset() { return offset_of(CppVtableInfo, _cloned_vtable); } public: - static int num_slots(int vtable_size) { - return 1 + vtable_size; // Need to add the space occupied by _vtable_size; - } int vtable_size() { return int(uintx(_vtable_size)); } void set_vtable_size(int n) { _vtable_size = intptr_t(n); } - intptr_t* cloned_vtable() { return &_cloned_vtable[0]; } - void zero() { memset(_cloned_vtable, 0, sizeof(intptr_t) * vtable_size()); } + // Using _cloned_vtable[i] for i > 0 causes undefined behavior. We use address calculation instead. + intptr_t* cloned_vtable() { return (intptr_t*)((char*)this + cloned_vtable_offset()); } + void zero() { memset(cloned_vtable(), 0, sizeof(intptr_t) * vtable_size()); } // Returns the address of the next CppVtableInfo that can be placed immediately after this CppVtableInfo static size_t byte_size(int vtable_size) { - CppVtableInfo i; - return pointer_delta(&i._cloned_vtable[vtable_size], &i, sizeof(u1)); + return cloned_vtable_offset() + (sizeof(intptr_t) * vtable_size); } };