RFR (S) 8204055: SIGSEGV in java -XX:
David Holmes
david.holmes at oracle.com
Thu May 31 05:55:26 UTC 2018
Bug: https://bugs.openjdk.java.net/browse/JDK-8204055
webrev: http://cr.openjdk.java.net/~dholmes/8204055/webrev/
The SEGV was introduced with the fuzzy matching flag logic refactoring
in JDK-8198554. In:
double StringUtils::similarity(const char* str1, size_t len1, const
char* str2, size_t len2) {
size_t total = len1 + len2;
size_t hit = 0;
for (size_t i = 0; i < len1 - 1; i++) {
for (size_t j = 0; j < len2 - 1; j++) {
if ((str1[i] == str2[j]) && (str1[i+1] == str2[j+1])) {
++hit;
break;
}
}
}
If len2 is zero (which it is in this case) we have passed it as an
unsigned size_t, so len2-1 gives a massive positive value and so we
enter the loop and try to access str2[n] for some n>0 and we get a SEGV.
The original code had:
- for (int j = 0; j < (int) len2 -1; ++j) {
so the huge positive value reverted to a small negative value and we
don't enter the loop.
The fix applied is to check explicitly for lengths of zero.
Added missing testcases to:
test/hotspot/gtest/logging/test_logConfiguration.cpp
test/hotspot/jtreg/runtime/CommandLine/UnrecognizedVMOption.java
verified they both crash before the fix.
Testing (in progress): tier1,2,3 per mach5 CI
Thanks,
David
More information about the hotspot-runtime-dev
mailing list