JDK-4765517 : Intermittant SEGV in methodDataOopDesc:data_before
  • Type: Bug
  • Component: hotspot
  • Sub-Component: compiler
  • Affected Version: 1.4.1,1.4.1_02,1.4.2
  • Priority: P1
  • Status: Resolved
  • Resolution: Fixed
  • OS: generic,windows_2000
  • CPU: generic,x86
  • Submitted: 2002-10-18
  • Updated: 2003-02-24
  • Resolved: 2002-11-13
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other Other
1.4.1_03 03Fixed 1.4.2Fixed
Related Reports
Relates :  
Description
data_before() will SEGV if the methodDataOop data_size() is 0 and and the object
is at the end of committed heap space.

Fails rarely and inconsistently on a variety of platforms. No reliable means of reproduction.

This bug was previosuly reported in 4509816, which was inadvertantly closed as a duplicate of a different bug.


###@###.### 2003-02-11

BEA started to see this bug with jdk 1.4.1_02 EA with addition of fix for
bug# 4799414. See below for problem description:

The fix you sent for libjvm.dll with the patch gets us a new problem.

Unexpected Signal : EXCEPTION_ACCESS_VIOLATION occurred at PC=0x814217B
Function=methodDataOopDesc::bci_to_dp+0x2B
Library=d:\java\j2sdk1.4.1_02\jre\bin\server\jvm.dll
Source file = c:\buildbin\ws\141\src\share\vm\oops\methodDataOop.cpp : 581


Current Java thread:
	at java.lang.ref.Reference.access$200(Reference.java:22)
	at java.lang.ref.Reference$ReferenceHandler.run(Reference.java:106)
	- locked <0C3702C0> (a java.lang.ref.Reference$Lock)

#
# HotSpot Virtual Machine Error : EXCEPTION_ACCESS_VIOLATION
# Error ID : 4D4554484F44244154412F4F500E4350500245
# Please report this error at
# http://java.sun.com/cgi-bin/bugreport.cgi
#
# Java VM: Java HotSpot(TM) Server VM (1.4.1-internal mixed mode)
#


Comments
CONVERTED DATA BugTraq+ Release Management Values COMMIT TO FIX: 1.4.1_03 mantis FIXED IN: 1.4.1_03 mantis INTEGRATED IN: 1.4.1_03 mantis
14-06-2004

SUGGESTED FIX In methodDataOop.hpp, change data_before to look like this: ProfileData* data_before(int bci) { int hint = hint_di(); // avoid SEGV on this edge case if (data_size() == 0) return NULL; if (data_layout_at(hint)->bci() <= bci) return data_at(hint); return first_data(); } One can also tweak the similar method in ciMethodDataOop.hpp to do the same. ###@###.### 2002-10-18
18-10-2002

EVALUATION The interpreter requests the construction of a methodDataOop for a method. The method is a straight line leaf method, i.e., it requires no bytecode specific methodData. This causes the data_size() to be zero and the _data field to be zero length. Then, the call to bci_to_di() in InterpreterRuntime:profile_method() will cause data_before() to be invoked. Data_before then accesses memory PAST the end of the mdo when it fetches data_layout_at(0)->bci(). Normally, this unintended memory reference is benign and the "right thing" happens. But in the rare case that the mdo happens to be at the very end of committed heap space, the load will access an unmapped page, and a SEGV will occur. ###@###.### 2002-10-18
18-10-2002