JDK-6178847 : Buffer Overflow / SIG_SEGV hot spot error in Graphics2D.draw(GeneralPath)
  • Type: Bug
  • Component: client-libs
  • Sub-Component: 2d
  • Affected Version: 5.0
  • Priority: P4
  • Status: Closed
  • Resolution: Duplicate
  • OS: windows_xp
  • CPU: x86
  • Submitted: 2004-10-13
  • Updated: 2011-01-19
  • Resolved: 2005-02-09
Related Reports
Duplicate :  
JDK-5089985 - Drawing GeneralPath crashes JVM if antialias is on
Relates :  
JDK-2122636 - Drawing GeneralPath crashes JVM if antialias is on
Description
FULL PRODUCT VERSION :
java version "1.5.0"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0-b64)
Java HotSpot(TM) Client VM (build 1.5.0-b64, mixed mode, sharing)
and
jdk1.4.2-b28 on windows

FULL OS VERSION :
OS:Fedora Core release 1 (Yarrow)
uname:Linux 2.4.22-1.2115.nptlsmp #1 SMP Wed Oct 29 15:30:09 EST 2003 i686
libc:glibc 2.3.2 NPTL 0.60
and
Windows XP Home Edition

A DESCRIPTION OF THE PROBLEM :
When running the programm (drawing the GeneralPath) a segmentation fault on linux happens.

on windows a strange application error occurs (possibly due to a buffer overflow: windows opens up a dialog, claiming titled "java.exe" and something like there is no media in drive "/device/harddisk1/DR5" after pressing cancel and or retry multiple times - the jvm crashes.

attached is the logfile from the linux box

STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
run the attached program - on linux it will crash immediately, on windows you might be presented a strange dialog - after multiple clicks on retry or cancel the program crashes too.

EXPECTED VERSUS ACTUAL BEHAVIOR :
expected: a nice GeneralPath
actual: a hot spot error

ERROR MESSAGES/STACK TRACES THAT OCCUR :
#
# An unexpected error has been detected by HotSpot Virtual Machine:
#
#  SIGSEGV (0xb) at pc=0x462b56a0, pid=23894, tid=1177074608
#
# Java VM: Java HotSpot(TM) Client VM (1.5.0-b64 mixed mode, sharing)
# Problematic frame:
# C  [libdcpr.so+0xb6a0]
#


REPRODUCIBILITY :
This bug can be reproduced always.

---------- BEGIN SOURCE ----------
import java.awt.Dimension;
import java.awt.Graphics;
import java.awt.Graphics2D;
import java.awt.RenderingHints;
import java.awt.geom.GeneralPath;
import javax.swing.JComponent;
import javax.swing.JFrame;


public class CrashTest2 extends JComponent
{
  private GeneralPath gp;
  public CrashTest2(GeneralPath gp)
  {
    this.gp = gp;
    setPreferredSize(new Dimension(800, 700));
    setMinimumSize(new Dimension(800, 700));
  }
  
  public static void main(String[] args) {
    GeneralPath gp = new GeneralPath();
    gp.moveTo(288.0f, 233.0f);
    gp.lineTo(288.0f, 298.0f);
    gp.quadTo(288.0f, 308.0f, 296.76578f, 312.8126f);
    gp.lineTo(789.2342f, 583.18744f);
    gp.quadTo(798.0f, 588.0f, 798.0f, 578.0f);
    gp.lineTo(798.0f, 228.0f);
    gp.quadTo(798.0f, 218.0f, 788.0812f, 219.27164f);
    gp.lineTo(417.91882f, 266.72836f);
    gp.quadTo(408.0f, 268.0f, 408.0f, 278.0f);
    gp.lineTo(408.0f, 323.0f);
    JFrame frame = new JFrame();
    frame.setContentPane(new CrashTest2(gp));
    frame.pack();
    frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
    frame.setVisible(true);
  }

  public void paintComponent(Graphics graphics)
  {
    super.paintComponent(graphics);
    Graphics2D g2d = (Graphics2D) graphics;
    Object hint = g2d.getRenderingHint(RenderingHints.KEY_ANTIALIASING);
    g2d.setRenderingHint(RenderingHints.KEY_ANTIALIASING, RenderingHints.VALUE_ANTIALIAS_ON);
    g2d.draw(gp);
    g2d.setRenderingHint(RenderingHints.KEY_ANTIALIASING, hint);
  }
}
---------- END SOURCE ----------

CUSTOMER SUBMITTED WORKAROUND :
this does not seem to happen if anti aliasing is turned off - at least not on my machine with the given GeneralPath, also slight changes in the coordinates of the GeneralPath object seem to avoid the crash
###@###.### 10/13/04 22:45 GMT
Comments
EVALUATION This is duplicate of the 5089985 and 2122636. The problem is not reproducible with fix of those bugs. ###@###.### 2005-2-09 12:29:23 GMT
09-02-2005