-
Type:
Bug
-
Resolution: Duplicate
-
Priority:
P2
-
None
-
Affects Version/s: 1.1.4
-
Component/s: core-libs
-
generic
-
solaris_2.5.1
The bug is in native method java_net_PlainSocketImpl_socketAccept, in module
src/solaris/net/socket.c. The method has the following code:
java_net_PlainSocketImpl_socketAccept( ... ) {
...
sptr = (Classjava_net_PlainSocketImpl*)unhand(s);
sptr_fdptr = unhand(sptr->fd);
...
fd = sysAcceptFD(in_fdptr, (struct sockaddr *)&him, &len);
...
if (sysSocketInitializeFD(sptr_fdptr, fd) == -1) {
NET_ERROR(0, JAVAPKG "OutOfMemoryError", 0);
}
...
}
What is happening is that if garbage collection occurs while a thread is
calling sysAcceptFD() from within java_net_PlainSocketImpl_socketAccept(),
then the sptr and sptr_fdptr values may no longer be valid by the time
sysSocketInitializeFD () is eventually called. This causes function
sysSocketInitializeFD() to initialize the wrong fdptr with fd.
src/solaris/net/socket.c. The method has the following code:
java_net_PlainSocketImpl_socketAccept( ... ) {
...
sptr = (Classjava_net_PlainSocketImpl*)unhand(s);
sptr_fdptr = unhand(sptr->fd);
...
fd = sysAcceptFD(in_fdptr, (struct sockaddr *)&him, &len);
...
if (sysSocketInitializeFD(sptr_fdptr, fd) == -1) {
NET_ERROR(0, JAVAPKG "OutOfMemoryError", 0);
}
...
}
What is happening is that if garbage collection occurs while a thread is
calling sysAcceptFD() from within java_net_PlainSocketImpl_socketAccept(),
then the sptr and sptr_fdptr values may no longer be valid by the time
sysSocketInitializeFD () is eventually called. This causes function
sysSocketInitializeFD() to initialize the wrong fdptr with fd.
- duplicates
-
-
- Closed
-
- relates to
-
-
- Closed
-