Invalid JCK test case gcpl00104.c
Martin Buchholz
martinrb at google.com
Tue Nov 11 11:45:52 PST 2008
Executive summary: Invalid test case; please file a JCK bug and add to
the JCK exclude list.
Whiile running the JCK,
we had random crashes due to memory corruption in the JCK test
JCK-runtime-6b/tests/vm/jvmti/GetConstantPool/gcpl001/gcpl00104/gcpl00104.c
The test suffers from multiple memory corruption bugs.
E.g. in this piece of code
size = 5;
.....
cp_info = (gcpl00104_Integer_info*) malloc(sizeof(gcpl00104_Integer_info));
if (cp_info != NULL) {
cp_info->tag = cp_bytes[*offset];
lprintf(env, "0x");
for (i = 1; i < size; i++) {
cp_info->bytes[i] = cp_bytes[*offset + i];
lprintf(env, "%0*X", 2, (int) cp_info->bytes[i]);
}
the test case is writing to cp_info->bytes[4],
but bytes is of type char[4], so that's (possibly)
one past the end of the malloc'ed region.
Other functions in this test have similar bugs.
Whether you actually see a crash is strongly dependent on your malloc
implementation.
valgrind was able to pinpoint the cause; to valgrindise the JDK, you
need the flag
--trace-children
Thanks,
Martin
More information about the serviceability-dev
mailing list