JDK-6280967 : (coll) Exception thrown while deserializing HashMap
  • Type: Bug
  • Component: core-libs
  • Sub-Component: java.util:collections
  • Affected Version: 1.4.2_08
  • Priority: P4
  • Status: Resolved
  • Resolution: Fixed
  • OS: windows_xp
  • CPU: other
  • Submitted: 2005-06-06
  • Updated: 2017-05-19
  • Resolved: 2005-10-21
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other JDK 6
1.4.2_11 b01Fixed 6Fixed
Related Reports
Relates :  
JDK-6352908 - Regression:HashMap threw Exception CORBA MARSHAL for 142_11-b01 but passes for 142_10-b03 for all OS
Relates :  
JDK-6351146 - Regression : 4901731 encoder test passing with 142_10-b03 but failing with 142_11-b01
Relates :  
JDK-6345452 - JCK14a api/java_util HashMap serial constructor test throws IllegalArgumentException for 1.4.2_11 b1
Relates :  
JDK-6383088 - (coll) The writeObject() specification in HashMap.java was changed in 1.4.2_11
Description
FULL JDK VERSION(S):
java version "1.4.2_08"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2_08-b03)
Java HotSpot(TM) Client VM (build 1.4.2_08-b03, mixed mode)

DESCRIPTION :
The FastHashMap class is available in the commons.collections package of jakarta. While deSerializing this HashMap, FastIndirection Exception is thrown. The FastHashMap extends from HashMap and also includes a HashMap member variable. FastHashMap also overrides all the methods for HashMap. Any values added to FastHashMap will actually be added to the HashMap which is included as a member. The FastHashMap will be serialized in the below order HashMap (Super class) FastHashMap data members (including the HashMap which is a member). When we try to invoke FastHashMap using writeObject the folllowing happens :
                                    
The HashMap writeObject method looks as below :             
                                    
*********************************************************************************************************************************************
private void writeObject(java.io.ObjectOutputStream s)throws IOException 
  {                                                     
 // Write out the threshold, loadfactor, and any hidden stuff           
 s.defaultWriteObject();                                                
                                                                        
 // Write out number of buckets                                         
 s.writeInt(table.length);                                              
 // Write out size (number of Mappings)                                 
 s.writeInt(size);                                                      
        // Write out keys and values (alternating)                      
        for (Iterator i = entrySet().iterator(); i.hasNext(); ) {       
            Map.Entry e = (Map.Entry) i.next();                         
            s.writeObject(e.getKey());                                  
            s.writeObject(e.getValue());                                
        }                                                               
    }                                                                   

*********************************************************************************************************************************************
                                                                        
When the superclass HashMap is serialized the size is serialized as 0 and when the entrySet() is invoked the FastHashMap returns the entrySet() of the embedded HashMap. This results in the values within the member HashMap being written to the stream. When the Member HashMap gets serialized, the values get serialized as Value indirections to the above marshalled values of the superclass HashMap. The readObject method of HashMap reads the values based on the size which is serialized. While reading the superclass HashMap it reads the size as 0 and does not read the following values. This results in these values being skipped (hence not being added to the valuecCache) by the CDRInputStream logic. While reading the member HashMap (size is not 0) we read indirections to the superclass HashMap (values been skipped) and we throw up with a FastIndirectionException. 

STEPS TO REPRODUCE THE ISSUE :
Attached is the testcase. Follow the steps below to reproduce the issue :

1. Extract the zip file. 

2. The customer is using jakarta commons-collections-3.0.jar. Hence set the path for the same in the compile.bat file inside the folder server and client. 

3. Also set the path for the same in the server.bat and client.bat file in the folder server and client respectively. 

4. Run the compile.bat to for both server and client. 

5. Start the tnameservice. 

6. To start the server, run server.bat. 

7. To run the client run client.bat. 

TRACE INFORMATION :
Attached is the server trace file that shows the FastIndirectionException. 




###@###.### 2005-06-06 16:40:37 GMT
Comments
SUGGESTED FIX Webrev: http://sa.sfbay.sun.com/projects/langtools_data/mustang/6346453.1 [sic]
11-03-2006
EVALUATION HashMap's current writeObject method obtains the size from private/class-specific state, but it obtains the entry iterator from an overridable method. This inconsistency seems like a bug.
23-08-2005