Name: akC45999 Date: 03/26/97



If the value of the attribute_name_index item of the Exceptions
attribute (other attributes may be used) equals to zero in some class
file then JVM crashes while loading this class by Class.forName method call.

The test example below consists of two files: jcod-file describes "bad"
class file (the wrong code is marked with the "wrong:" comment) and
java-file describes java code loading this bad class file.

File attr_Exceptions00201n.jcod:
======================================================================
class attr_Exceptions00201n {
  0xCAFEBABE;
  3; // minor version
  45; // version
  [] { // Constant Pool
    ; // first element is empty
    class #13; // #1 at 0x0A
    class #16; // #2 at 0x0D
    class #17; // #3 at 0x10
    Method #2 #5; // #4 at 0x13
    NameAndType #7 #6; // #5 at 0x18
    Utf8 "()V"; // #6 at 0x1D
    Utf8 "<init>"; // #7 at 0x23
    Utf8 "Code"; // #8 at 0x2C
    Utf8 "ConstantValue"; // #9 at 0x33
    Utf8 "Exceptions"; // #10 at 0x43
    Utf8 "LineNumberTable"; // #11 at 0x50
    Utf8 "LocalVariables"; // #12 at 0x62
    Utf8 "attr_Exceptions00201n"; // #13 at 0x73
    Utf8 "SourceFile"; // #14 at 0x79
    Utf8 "f.java"; // #15 at 0x86
    Utf8 "java/lang/Object"; // #16 at 0x8F
    Utf8 "java/lang/Throwable"; // #17 at 0xA2
    Utf8 "m"; // #18 at 0xB8
  } // Constant Pool

  0x0020; // access
  #1;// this_cpx
  #2;// super_cpx

  [] { // Interfaces
  } // Interfaces

  [] { // fields
  } // fields

  [] { // methods
    { // Member at 0xC8
      0x0000; // access
      #18; // name_cpx
      #6; // sig_cpx
      [2] { // Attributes
        Attr(#8, 13) { // Code at 0xD0
          0; // max_stack
          1; // max_locals
          Bytes[1] {
            0xB1;
          };
          [] { // Traps
          } // end Traps
          [] { // Attributes
          } // Attributes
        } // end Code
        ;
/* right:
        Attr(#10, 4) { // Exceptions at 0xEF
end right */
// wrong:
        Attr(#0, 4) { // Exceptions at 0xEF
// end wrong
          [] { // Exceptions
            #3; // at 0xF7
          }
        } // end Exceptions
      } // Attributes
    } // Member
    ;
    { // Member at 0xF9
      0x0000; // access
      #7; // name_cpx
      #6; // sig_cpx
      [1] { // Attributes
        Attr(#8, 17) { // Code at 0x0101
          1; // max_stack
          1; // max_locals
          Bytes[5] {
            0x2AB70004B1;
          };
          [] { // Traps
          } // end Traps
          [] { // Attributes
          } // Attributes
        } // end Code
      } // Attributes
    } // Member
  } // methods

  [] { // Attributes
  } // Attributes
} // end class
======================================================================


File attr_Exceptions00201.java:
======================================================================

public class attr_Exceptions00201 {

  public static void main(String[] args) {
try {
Class badClass = Class.forName("attr_Exceptions00201n");
System.out.println("failed to reject bad classfile");
} catch (ClassNotFoundException e) {
} catch (LinkageError e) {
} catch (Throwable e) {
System.out.println("wrong exception:"+e);
    }
  }
}
======================================================================
To run the test, set environment variables JH (Java home), HH (harness classes),
and CLASSDIR (where compiled test should reside),
and run "run" script.

run script:
======================================================================
#!/usr/bin/csh

# adjust these settings to fit your environment:
setenv JH /export/ld32/jdk_1.1
setenv HH /export/ld32/sqe/harness/classes
setenv CLASSDIR .

setenv CLASSPATH $HH $CLASSDIR
$JH/bin/java javasoft.sqe.jcoder.Main -d $CLASSDIR *.jcod
$JH/bin/javac -d $CLASSDIR *.java

$JH/bin/java -verify attr_Exceptions00201
======================================================================
The result of the execution is:

SIGSEGV 11* segmentation violation
    si_signo [11]: SIGSEGV 11* segmentation violation
    si_errno [0]: Error 0
    si_code [1]: SEGV_ACCERR [addr: 0x0]

stackbase=EFFFF9F4, stackpointer=EFFFF5D8

Full thread dump:
    "Finalizer thread" (TID:0xee3002b0, sys_thread_t:0xef310de0, state:R) prio=1
    "Async Garbage Collector" (TID:0xee300268, sys_thread_t:0xef340de0, state:R) prio=1
    "Idle thread" (TID:0xee300220, sys_thread_t:0xef370de0, state:R) prio=0
    "Clock" (TID:0xee300110, sys_thread_t:0xef430de0, state:CW) prio=12
    "main" (TID:0xee3000e0, sys_thread_t:0x37fd0, state:R) prio=5 *current thread*
attr_Exceptions00201.main(attr_Exceptions00201.java:5)
Monitor Cache Dump:
Registered Monitor Dump:
    Thread queue lock: unowned
    Verifier lock: unowned
    Name and type hash table lock: unowned
    String intern lock: unowned
    JNI global reference lock: unowned
    BinClass lock: unowned
    Class loading lock: monitor owner 37fd0: "main"
    Java stack lock: unowned
    Code rewrite lock: unowned
    Heap lock: unowned
    Has finalization queue lock: unowned
    Finalize me queue lock: unowned
    Monitor IO lock: unowned
    Child death monitor: unowned
    Event monitor: unowned
    I/O monitor: unowned
    Alarm monitor: unowned
Waiting to be notified:
"Clock"
    Sbrk lock: unowned
    Monitor cache expansion lock: unowned
    Monitor registry: monitor owner 37fd0: "main"
Thread Alarm Q:
Abort (core dumped)


======================================================================