openjdk6
  1. openjdk6
  2. OPENJDK6-29

JDK fails to zero jdk_version_info correctly

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: b28, b29, b30
    • Fix Version/s: b31
    • Labels:
      None

      Description

      Function JDK_GetVersionInfo0 is suppose to memset the incoming jdk_version_info struct, info, using the supplied size_t value, info_size, as the byte count. The current code calls

      memset(info, 0, sizeof(info_size));

      i.e. it only zeroes 8 bytes. It should be

      memset(info, 0, info_size);

      This can cause mayhem in the JVM because the flag fields at the end of the struct end up taking values determined by the contents of the stack frame where info is allocated. In particular, it can cause the post-jdk6-b28 GC to enqueue discovered References using the wrong link field which means that no reference processing (including finalization) occurs.

        Activity

        Show
        gnu_andrew added a comment - Fixed in http://hg.openjdk.java.net/jdk6/jdk6/jdk/rev/04e4c3ec6516
        Hide
        omajid added a comment -

        The (proprietary) JDK 6 bug was: https://bugs.openjdk.java.net/browse/JDK-6989972

        That bug contains the exact same patch.

        Show
        omajid added a comment - The (proprietary) JDK 6 bug was: https://bugs.openjdk.java.net/browse/JDK-6989972 That bug contains the exact same patch.
        Hide
        gnu_andrew added a comment -

        b31 is the next release.

        Show
        gnu_andrew added a comment - b31 is the next release.
        Hide
        gnu_andrew added a comment -

        6989466 is the JDK changeset in 7 which also contains this same fix and the reason why this issue is only seen with hs23 on 6.

        Show
        gnu_andrew added a comment - 6989466 is the JDK changeset in 7 which also contains this same fix and the reason why this issue is only seen with hs23 on 6.
        Hide
        andrewdinn added a comment - - edited

        n.b. the hotspot GC change set which this bug runs afoul of is the fix with id 6989466

        Show
        andrewdinn added a comment - - edited n.b. the hotspot GC change set which this bug runs afoul of is the fix with id 6989466

          People

          • Assignee:
            andrewhaley
            Reporter:
            andrewdinn
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: