Integrated: 8332863: Crash in JPEG decoder if we enable MEM_STATS
Jayathirth D V
jdv at openjdk.org
Fri May 31 11:43:08 UTC 2024
On Fri, 24 May 2024 06:48:50 GMT, Jayathirth D V <jdv at openjdk.org> wrote:
> In IJG library's jmemmgr.c file we can define MEM_STATS(by default this flag is not defined and we don't see any issue) to enable printing of memory statistics log. But if we enable it, we get crash while disposing IJG stored objects in jmemmgr->free-pool() function.
>
>
> #
> # A fatal error has been detected by the Java Runtime Environment:
> #
> # SIGSEGV (0xb) at pc=0x00000001269d5164, pid=47784, tid=259
> #
> # JRE version: Java(TM) SE Runtime Environment (21.0+35) (build 21+35-LTS-2513)
> # Java VM: Java HotSpot(TM) 64-Bit Server VM (21+35-LTS-2513, mixed mode, sharing, tiered, compressed oops, compressed class ptrs, g1 gc, bsd-aarch64)
> # Problematic frame:
> # C [libjavafx_iio.dylib+0x49164] free_pool+0x88
> #
> # No core dump will be written. Core dumps have been disabled. To enable core dumping, try "ulimit -c unlimited" before starting Java again
> #
> # If you would like to submit a bug report, please visit:
> # https://bugreport.java.com/bugreport/crash.jsp
> # The crash happened outside the Java Virtual Machine in native code.
> # See problematic frame for where to report the bug.
>
> --------------- T H R E A D ---------------
>
> Current thread (0x0000000121a42c00): JavaThread "JavaFX Application Thread" [_thread_in_native, id=259, stack(0x000000016d11c000,0x000000016d918000) (8176K)]
>
> Stack: [0x000000016d11c000,0x000000016d918000], sp=0x000000016d912780, free space=8153k
> Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
> C [libjavafx_iio.dylib+0x49164] free_pool+0x88
> C [libjavafx_iio.dylib+0x49410] self_destruct+0x3c
> C [libjavafx_iio.dylib+0xe888] jpeg_destroy+0x3c
> C [libjavafx_iio.dylib+0x4bb1c] imageio_dispose+0x98
> C [libjavafx_iio.dylib+0x4b178] disposeIIO+0x2c
> C [libjavafx_iio.dylib+0x4b140] Java_com_sun_javafx_iio_jpeg_JPEGImageLoader_disposeNative+0x2c
>
>
> This is happening because we delete the error handler before we actually start deleting IJG stored objects and while freeing the IJG objects we try to access cinfo->err->trace_level of error handler. This early deletion of error handler is happening in jpegloader.c->imageio_dispose() function.
>
> I have moved deletion of error handler logic after we destroy IJG stored objects in jpegloader.c->imageio_dispose(). This resolves this issue.
> There is no regression test case because we need to enable MEM_STATS flag to see this issue.
> Ran graphics unit tests also and i don't see any issues with this change.
This pull request has now been integrated.
Changeset: cf09d6f1
Author: Jayathirth D V <jdv at openjdk.org>
Committer: Michael Strauß <mstrauss at openjdk.org>
URL: https://git.openjdk.org/jfx/commit/cf09d6f1b8e479e77683c91e271fac8716fe0791
Stats: 4 lines in 1 file changed: 2 ins; 2 del; 0 mod
8332863: Crash in JPEG decoder if we enable MEM_STATS
Reviewed-by: mstrauss, aghaisas
-------------
PR: https://git.openjdk.org/jfx/pull/1463
More information about the openjfx-dev
mailing list